last executing test programs:

1.769974457s ago: executing program 3 (id=1531):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{r0}, &(0x7f0000000400), &(0x7f00000004c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
utime(&(0x7f0000000100)='./file0\x00', 0x0)

1.675584515s ago: executing program 3 (id=1533):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x5c, 0x2)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x9, 0x200000bb, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff34, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, 0x0, 0x0)
unshare(0x62040200)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
r3 = syz_open_procfs$pagemap(0x0, &(0x7f0000000240))
ioctl$PAGEMAP_SCAN(r3, 0xc0606610, &(0x7f00000004c0)={0x60, 0x0, &(0x7f000023d000/0x4000)=nil, &(0x7f00004fa000/0x4000)=nil, 0x0, &(0x7f00000021c0), 0x0, 0x1c3, 0x0, 0x4})
bind$vsock_stream(r2, &(0x7f0000000440), 0x10)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
r5 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000640)=ANY=[@ANYBLOB="2800000014001901000000000000000228"], 0x28}}, 0x4080)

1.61513666s ago: executing program 4 (id=1537):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000a40), 0x1, 0x55e, &(0x7f0000000a80)="$eJzs3c1rHOUfAPDvbJK+/35NoRQVkUAPVmo3TeJLBQ/1KFos6L0uyTSUbLoluylNLNge7MWLFEHEgnjXu8fiP+BfUdBCkRL04CUym9k0L7vJNt2ajfP5wITn2Znd5/nuzPfJMzuzbACFNZL9KUW8GBFfJRFHIyLJ1w1GvnJkZbulxzcnsyWJ5eWP/0ia22X11mu1nnc4r7wQEb98EXG6tLnd+sLiTKVaTefy+mhj9tpofWHxzJXZynQ6nV4dn5g49+bE+Dtvv9WzWF+7+Ne3H91//9yXJ5e++enhsbtJnI8j+bq1cTyDW2srIzGSvydDcX7DhmM9aKyfJLvdAXZkIM/zocjGgKMxkGc98N/3eUQsAwWVyH8oqNY8oHVu36Pz4D3j0XsrJ0Cb4x9c+WwkDjTPjQ4tJevOjLLz3eEetJ+18fPv9+5mS2z4HOJAD14foJNbtyPi7ODg5vEvyce/nTvbxTYb2yja/x/YTfez+c/r7eY/pdX5T7SZ/xxuk7s7sX3+lx72oJmOsvnfu23nv6sXrYYH8tr/mnO+oeTylWqajW3/j4hTMbQ/q291Pefc0oPlTuvWzv+yJWu/NRfM+/FwcP/650xVGpVniXmtR7cjXmo7/01W93/SZv9n78fFLts4kd57pdO67eN/vpZ/iHi17f5/ckUr2fr65GjzeBhtHRWb/XnnxK+d2t/t+LP9f2jr+IeTtddr60/fxvcH/k47rVsXf3R//O9LPmmW9+WP3ag0GnNjEfuSDzc/Pv7kua16a/ss/lMntx7/2h3/ByPi0y7jv3P8x5e7in+X9v/UU+3/py88+OCz7zq1393490azdCp/pJvxr9sOPst7BwAAAAAAAP2mFBFHIimVV8ulUrm8cn/H8ThUqtbqjdOXa/NXp6L5XdnhGCq1rnQfXXM/xFh+P2yrPr6hPhERxyLi64GDzXp5slad2u3gAQAAAAAAAAAAAAAAAAAAoE8c7vD9/8xvA7vdO+C585PfUFzb5n8vfukJ6Ev+/0NxyX8oLvkPxSX/objkPxSX/Ifikv9QXPIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeurihQvZsrz0+OZkVp+6vjA/U7t+Ziqtz5Rn5yfLk7W5a+XpWm26mpYna7PbvV61Vrs2Nh7zN0Ybab0xWl9YvDRbm7/auHRltjKdXkqH/pWoAAAAAAAAAAAAAAAAAAAAYG+pLyzOVKrVdE5BYUeFwf7oxp4vZNnYB91Y1x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6A//BAAA//8iuzYD")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r2 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x389b0d52417bb201)
pwritev2(r2, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x6a000}], 0x1, 0x7000, 0x0, 0x3)

1.414414396s ago: executing program 3 (id=1538):
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x0, 0x7fff, 0x0, {0x0, 0x1}, {0x4a, 0x2}, @period={0x5d, 0xa370, 0x0, 0x7f, 0x81, {0x1, 0x3, 0x4, 0xffff}, 0x0, 0x0}})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080", @ANYRESDEC, @ANYRES16, @ANYRES64, @ANYRESHEX, @ANYRES64, @ANYRES64], 0x50)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wg2\x00', <r1=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000f00)=ANY=[@ANYRESOCT=r1, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000090085000000820000009515635444e599f8aeee7456ccb79e1a06b9e8a00219c4bac8583c8081d5e6062c4725b725aa4ab8ae237918924cee76b8fcdb94519da56ad4fd7141b5382cdd854043850ffa1329de7ac6aee7c74da74a2db122d444457cf2d2a5bda974100b8df272dcea19fa9778bf6358f5b1ee8a3f30a232dff123b9592003599bf6faaf34fc30069e45f557cbe642cd07c124c609a92c03e4b69635538782fbeca900edce26bcd76d9c2149abd7def51c71d84572f4bb03fd713dcd7c68bf5307af91b349df32abef72ab1a844d5fff13b0fa7841d4592083d0cdbe84e32bccd5ed29bab00cd069009e7b4297908f24a7c32db55e4c36b7180cf4d8dfcc2e413ecd1d61d61063aaa609cd8fd133a7d366e05e19a83597b3b2fe8f6afc53225c5ef273652c74cfbbef12a7128e32eff6cf1d045bafd632455089d1d3b6433193cb4a058c808ed9c72ba2f97d00c6e04bb8521db832b9b9fa7e0c0dfa7c71955cb43d697177f01c71bc546dc39f932f2a8d03c5822dd85dd53108a1e4a7704043"], &(0x7f0000000200)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x8, '\x00', r1, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_int(r2, 0x0, 0x7, &(0x7f0000000080)=0xefa, 0x4)
syz_emit_ethernet(0x2a, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000008004500001c000000000011907800000001d0a2"], 0x0)
recvmmsg(r2, &(0x7f0000008100)=[{{0x0, 0x0, 0x0}, 0x9}], 0x1, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
r4 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r4, 0x0)
write$selinux_load(r3, &(0x7f0000000000)=ANY=[], 0xffa8)
umount2(&(0x7f0000000580)='./file0\x00', 0x3)
ioprio_get$uid(0x3, 0x0)
ioctl$sock_SIOCGSKNS(r4, 0x894c, &(0x7f0000000100)=0x51)
r5 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000880)=@nat={'nat\x00', 0x1b, 0x5, 0x418, 0x0, 0x230, 0xffffffff, 0x300, 0x300, 0x400, 0x400, 0xffffffff, 0x400, 0x400, 0x5, 0x0, {[{{@ip={@empty, @broadcast, 0xff000000, 0x0, 'tunl0\x00', 'dummy0\x00', {0xff}, {0xff}, 0x6c, 0x1, 0x52}, 0x0, 0xb0, 0xe8, 0x0, {}, [@common=@set={{0x40}, {{0x4, [0x2, 0x7, 0x4, 0xc, 0x0, 0x4], 0x3, 0x7}}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x4, @rand_addr=0x64010101, @multicast1, @icmp_id=0x66, @icmp_id=0x64}}}}, {{@uncond, 0x0, 0xe8, 0x148, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00', 0x0, 0x0, 0x0, 0x2}}, @common=@ttl={{0x28}, {0x2}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @local, 0x7f, 0xc, [0xe, 0x22, 0x3e, 0x11, 0x1b, 0x7, 0x15, 0x31, 0x12, 0xe, 0x27, 0x18, 0x26, 0x38, 0x2a, 0x33], 0x0, 0x7fffffff, 0x81}}}, {{@ip={@loopback, @local, 0xffffffff, 0x0, 'caif0\x00', 'veth1_macvtap\x00', {}, {}, 0x0, 0x1}, 0x0, 0x70, 0xa8}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x2, @multicast2, @loopback, @icmp_id=0x64, @gre_key=0xfffe}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x78195242f88d37ad, @rand_addr=0x64010100, @broadcast, @icmp_id=0x67, @gre_key=0x4}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x478)
write$char_usb(r5, &(0x7f0000000040)="e2", 0x12d8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', 0xffffffffffffffff, 0x0, 0x10000}, 0x18)
r6 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r7 = openat$binfmt(0xffffffffffffff9c, r6, 0x42, 0x1ff)
write$binfmt_script(r7, &(0x7f0000000080)={'#! ', './file1', [{}]}, 0x2)

1.347929491s ago: executing program 2 (id=1540):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r0}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
r1 = gettid()
process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0xfffff000)

1.311641934s ago: executing program 2 (id=1541):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kfree\x00'}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008000000010000000000", @ANYRES32, @ANYBLOB='\x00'/19, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00004620d0f0"], 0x48)

1.286903376s ago: executing program 2 (id=1542):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
r0 = gettid()
process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0xfffff000)

1.285609506s ago: executing program 4 (id=1543):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000001ec0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
geteuid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x14806, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0x0, 0x70a, &(0x7f00000232c0)="$eJzs3V+P21gZBvDnJJkkk0JVAapWVbdzOmWlqRhSJ7NNFRUkjHOSMSRxZHtgRkJaFTqDRs0UaItEc9PODX+k5Qtwtzdc8CFW4oKr/RZwBdIKhIR2BUJGPraTTOJkJm3a2aXPb7Qb5/j18etjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU/Ki2FdyMJm7OW+dKuF5AhP+gWMRbUfFbXxmFXA7/tY6r0berKIYfRQwuXL5098u5TLL8nIRfBBat8PHTwYN7/f7+ozPEZrFw9ecJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJYV3vl41jJr8TiHa0QDKnrVtt9t2t6VjwtlhzB35/g+iAGV2pDw47O9vjeXzLK2Nw6BKSvKZ8eAwqHra5laNarVSqVYrtdv123cMIzdVYISEMYSpiKUftHSeMvHxusAiyzt5E72kjNX4j/FnAbRRRBc72IVM/bHQgAsHnRnzY0n//84tNXe94/1/0suvjGZfge7/r0Xfrs3q/2fkIiH1AmlzxIzyxX5WdEYSj/EUAzzAPfTRxz4eLaFuCbn20jXkjbgll5LPzJ8WFLqw4cGBjQ5MtPBFyLhEoo4aajDwHrbRhAeJJmy0oeBhDx58qPCIyoeZKpjw4cCFxAYs3IREBXXUsQUJhTL24GAHXbTQgIlPgiA4wKFu9604n+cpW40kqDJjIwrIJcfdPqpztnZW///DZ9HScf9vsP9/U0XHQSH6+GheDNFnQBBf/y9o7dVkQ0RERERERESvgtC/fRf6r/JvAwjQtNvKOBFTOLfsiIiIiIiIiGgZBIICrkJEd+XjbYjp638iIiIiIiIi+nwT+hk7AaCkb+oXo8elzvJLgOxrSJGIiIiIiIiIXpJ+8v9aHgj0Xf5rEAtd/xMRERERERHR58Cvx8bYz2XjMXaD5M/6GQBrfymID/9egLsijnu7XxVHZjjHPIpjpu4A8JtXxMV4oF79kQegv1nqqojXJoF/Jb99CH18kD7W//MgIoRwJxLIZ8crmJGACNdcy8Xf8D6uR4tcj8eZvz/IQM+JRhQuNe22KltO+24Fpnkx46td/+cPD38BuMPtPDjs75d/9JP+fZ3LcVh0fBRW+uxEOpn0xhjl8kSPt6CfuUgb3XgVzWSVv+l2SkKv10i2PwvzKDO+onk7oLYKRFv5S6xH+2w9iGJLg+GI+wJY04M/VMp6l53YendFjLKoTG552o6YseVFncWNKObGxo3oI2mTsJ6MKH4tC1TLk/sgTHQsi+p4Fqe3hfjHRPvPzwKiGLbFVpjFH8OKJtri+x9GC2/1dpPhMc6SxdRRQER0Xg5GvZAexHxqjP2ke0hOamfvd5AD4rPcjN59tJYg7j+S3v3J74Koh8oCufhvE+lrSfoVhGf0DaHryUcDuueupJzRjfKnQRCYF4sYP6P/NwiSDTIW6N2OgyCYPKP/YfQOpDjtqSz+HQTB3YruSX470at+EC7wwcz1eu1qFkUU8OTop/gkmb3/4/2H1epWzXjXMG5XsaL/VyH+yIJ9DxERTTn9HTs6IjMnQryL61Ed1+//7Z1o6kSP96X4lgLtFtDHfWwmrxBYS6+1hAN885/RbQib0VUrsF6KPksDefnS3fCqdhh7KHL6DS+bM6/qdGcZxerbG6rD2OS9Q5NXgKPYrVe8F4iIiF6v9Rn9MHCi/8fJ/r94ov/fxEYUsXEl9bq7NHZL4WZydTy8pB9cOE6NrZye/LeW3BhERERvCOV+LEr+r4Tr2r33KvV6xfS3lXQd67vStRstJe2ur1xr2+y2lOy5ju9YTlv2XBTsVeVJb6fXc1xfNh1X9hzP3tVvfpfxq9891TG7vm15vbYyPSUtp+ubli8btmfJ3s6327a3rVy9sNdTlt20LdO3na70nB3XUmUpPaXGAu2G6vp20w4nu7Ln2h3T3ZPfc9o7HSUbyrNcu+c7UYXJuuxu03E7utoygoVfdEhERPT/6PHTwYN7/f7+o8mJ1fDSPCo5xoyY6Yl8SoUcI4iIiOgzZtRdL7BQ8RUmREREREREREREREREREREREREREREREREU05/pG/BiZW0hwWBYcnPLsYleI7RI4ZT9Qi8bD6fun/SA/u9yOKZYYkAcIalkkciBg8+mhO8OixJmn885niRDHEJeOH2+esXgAu6BFFJbokHwPTzo0s/xtImvnEQteisGD0zdVZhuC9yy//PIZx4+PvpWSJs+SAIgvmLF062Yf7sx3MOwKP8nF2wesrx87rPRET0uv0vAAD//ySOL9Y=")
chroot(&(0x7f0000000000)='./file0/../file0\x00')

1.23518231s ago: executing program 2 (id=1545):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000040000e41300050003030000000a0000005dc00000000001080002000500000014"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="48010000100001005d6a98a7db72f2f7da28bd70", @ANYRES32=0x0, @ANYBLOB="6cf2040000000000140003006e657464657673696d3000000000000014011680300001802c000c8014000100ff000000530f00000000000088a8000014"], 0x148}}, 0x40)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=ANY=[@ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
r5 = getpgid(0x0)
r6 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x40, r6, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x43}}, 0x0)
sendmsg$SMC_PNETID_DEL(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r6, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x4000)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r2, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, r4, 0x2, 0x70bd26, 0x25dfdbfd, {}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x200880c0)
ptrace$getenv(0x4201, r5, 0xf538, &(0x7f00000002c0))

1.214695412s ago: executing program 4 (id=1546):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x27}}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x18)
r2 = syz_io_uring_setup(0x3e, &(0x7f0000000640)={0x0, 0xaddb, 0x10100, 0x1, 0x92}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f00000003c0)=<r4=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
syz_io_uring_submit(r3, r4, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r5, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x80002101})
io_uring_enter(r2, 0xd81, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7}, 0x48)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCMIWAIT(r7, 0x545c, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000280), r6)

785.108167ms ago: executing program 1 (id=1548):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000380)='kmem_cache_free\x00', r1}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001740)='cpuset.effective_mems\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x24, &(0x7f0000000140)={0x0, 0x1, 0x5, 0x5})
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f00000000c0)=0x2f5, 0x4)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000002c0)="2e00000010008188040f80ec59acbc0413010048100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480b0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073797a3100000000080041007369770014003300626f6e6430"], 0x38}, 0x1, 0x0, 0x0, 0x8801}, 0x20000000)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a500"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r7}, 0x10)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r8, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x2, &(0x7f0000002400)=<r9=>0x0)
io_submit(r9, 0x1, &(0x7f0000001c00)=[&(0x7f0000000400)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r8, &(0x7f0000000040)="5400ffff0000", 0x6, 0x0, 0x0, 0x2}])

735.412951ms ago: executing program 1 (id=1549):
socket(0x40000000015, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = inotify_init1(0x0)
inotify_add_watch(r2, &(0x7f0000000400)='.\x00', 0xa4000021)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
sendmmsg$inet(r1, &(0x7f0000003cc0)=[{{&(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="14000000000000000000000007"], 0x18}}], 0x1, 0x44008004)

721.605372ms ago: executing program 1 (id=1550):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = socket$key(0xf, 0x3, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x13, 0xc, &(0x7f0000000880)=ANY=[@ANYRES8, @ANYRESHEX=r0, @ANYRES16=r2], 0x0, 0xf82e, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffefc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r3, 0x0, 0x10000}, 0x18)
sendmsg$key(r2, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[@ANYBLOB="020300030f000000000700000000000005000900e000000001d78771b90bd8a3b4914783c587c7ab18285f7a55d53e6e9bfdac550000000003000600000000000200000000000000000000000000000002000100000000000000020d00000000030005000000000002"], 0x78}, 0x1, 0x7}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x8000)
r6 = socket$inet6_icmp(0xa, 0x2, 0x3a)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r6, 0x400c6615, 0x0)
write$P9_ROPEN(r5, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0500000001200000400000000120000041000000280ccf13ef55e7e58272863e77a25d30c86e18cdeb7a9cb860167242f63cc7655f3500b7e4d0ac5d177dbc471e2420a819712f8aad5527c420f21b9d181d8faf90", @ANYRES32, @ANYBLOB="0300"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/25], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000600)='kfree\x00', r4, 0x0, 0xfffffffffffffffb}, 0x18)
r8 = socket(0x10, 0x3, 0x0)
r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/timers\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0xf, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000200000018250000", @ANYRES32=r8, @ANYBLOB="000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70200000000000085000000860000000051e2000500040018410000f8ffffff0000000000000000183500000200000000000000430700002007f8ff000000009500000000000000"], &(0x7f0000000580)='GPL\x00', 0x3, 0x20, &(0x7f00000005c0)=""/32, 0x41000, 0x10, '\x00', 0x0, 0x0, r9, 0x8, &(0x7f00000006c0)={0xa, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000700)=[{0x3, 0x2, 0xe, 0xa}], 0x10, 0x6}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r0, 0x8008f511, &(0x7f0000000800))
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'lo\x00', <r11=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r11, {0x0, 0x10}, {0xffff, 0xffff}, {0x0, 0x7}}, [@TCA_RATE={0x6, 0x5, {0x4}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040800}, 0x2200c000)
syz_io_uring_setup(0x239, &(0x7f0000001080)={0x0, 0x0, 0x2000, 0x4, 0x3}, &(0x7f00000003c0)=<r12=>0x0, &(0x7f00000001c0)=<r13=>0x0)
syz_io_uring_submit(r12, r13, 0x0)
r14 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r14, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r14, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x9, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

702.973723ms ago: executing program 1 (id=1551):
r0 = socket$netlink(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0x8, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x14)
fcntl$setlease(r1, 0x400, 0x0)
utime(&(0x7f0000000100)='./file0\x00', 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2, <r3=>0xffffffffffffffff}, 0x4)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r5, &(0x7f0000004200)='t', 0x1)
sendfile(r5, r4, 0x0, 0x3ffff)
socket$packet(0x11, 0x2, 0x300)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0xa, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x7fffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r6, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r7 = socket(0x10, 0x3, 0x0)
connect$netlink(r7, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route(r7, &(0x7f0000000380)={&(0x7f00000001c0), 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=@bridge_getlink={0x34, 0x12, 0x1, 0x0, 0x0, {}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'wg0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x4c014}, 0x0)
sendfile(r5, r4, 0x0, 0x7ffff000)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_genetlink_get_family_id$devlink(&(0x7f0000000080), r0)

565.230385ms ago: executing program 3 (id=1552):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000049c0)={0x3, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x87}]}, &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
pipe(&(0x7f0000000500)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
splice(r6, 0x0, r4, 0x0, 0xf3a, 0x0)
tee(r3, r7, 0xf3a, 0x4)
write$binfmt_elf64(r5, &(0x7f0000000380)=ANY=[], 0x18c6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000002c0)='GPL\x00'}, 0x94)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x103040, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_buf(r8, 0x6, 0xd, &(0x7f0000000000)="b8", 0x1)
setsockopt$inet6_tcp_TLS_RX(r8, 0x6, 0x2, &(0x7f0000000040)=@ccm_128={{0x304}, "e9b172ecf2655b52", "7712b91180acb093fb6b48dce5ba7c41", "0711e4b2", "e9190a5ace69e884"}, 0x28)
setsockopt$inet6_tcp_int(r8, 0x6, 0x22, 0x0, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='memory.events\x00', 0x26e1, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r10, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000001010101000000000000000002001c002000018006000340000000001400018008c301007f000001080002007f0000010c00198008000100", @ANYRES32=r9], 0x40}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x84, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x5c, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8, 0x3, 0x1, 0x0, 0xb0}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x30}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x24, 0x1, 0x0, 0x1, @redir={{0xa}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_REDIR_REG_PROTO_MIN={0x8, 0x1, 0x1, 0x0, 0x12}, @NFTA_REDIR_REG_PROTO_MAX={0x8, 0x2, 0x1, 0x0, 0x13}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xf8}}, 0x0)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000085000000050000"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r11}, 0x10)
r12 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r12, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
syz_open_dev$tty20(0xc, 0x4, 0x1)

384.543039ms ago: executing program 0 (id=1553):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kfree\x00'}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001000000000000", @ANYRES32, @ANYBLOB='\x00'/19, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00004620d0f0"], 0x48)

383.353799ms ago: executing program 1 (id=1554):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000001a00000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000100000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000002180)='blkio.bfq.io_merged\x00', 0x275a, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r4, 0x0)
ftruncate(r4, 0xc17a)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000080)=0x9, 0x8, 0x0)
mbind(&(0x7f00005f7000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000008f000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000486000/0x1000)=nil)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r1, &(0x7f00000000c0)="04", 0x1, 0x20000845, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x15)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000002c0)={0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x5, r7}, 0x38)
syz_clone(0xe50c1700, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x691, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x8c0}, 0x0)
r8 = openat2(r4, &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)={0x14001, 0x59, 0x20}, 0x18)
fadvise64(r8, 0x7f, 0x0, 0x0)

358.151741ms ago: executing program 4 (id=1555):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x86)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000100)={<r1=>0x0, @multicast2, @remote}, &(0x7f0000000380)=0xc)
setsockopt$MRT6_DEL_MIF(0xffffffffffffffff, 0x29, 0xcb, &(0x7f00000003c0)={0xffffffffffffffff, 0x1, 0xe0, r1, 0x8}, 0xc)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0), 0x44200, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000010000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000a00000012000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000000906010200000c0000000000020000000900020073797a310000000005000100070000002c0007801800018014000240fe8000000000000000000000000000bb060004404e1f00000500070088"], 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
sendmsg$IPSET_CMD_DESTROY(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000580)=ANY=[@ANYBLOB="1c000000030601010000000000000000010000000500010007000000fe2159056aeaa74551cee304b784b4e89b17ff2e6f3e7c937979b9bf39b5d1103222ff530a5f249a05962b59ee2398c1766c21d9a206aa087efd7733665e4df3546fd0f540e90135307d4f803bd42bce0af30f08c24cfae812ae4fa4b153981d5b7e0f6755a9c16a06792cc943a2c5de6c58013c80"], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
r7 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x121000, 0x0)
ioctl$SNAPSHOT_CREATE_IMAGE(r7, 0x40043311, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fcae68da850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r11}, 0x10)
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adffa888000000001c00128009000100626f6e64000000000c000280050001000600000008000a0079"], 0x44}}, 0x0)
sendmsg$NFT_BATCH(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000006c000000160a01020000000000000000010000000900010073797a30000000000900020073797a3000000000400003802c00038004000100766c616e31000000000000000000000014000100776c616e3100000000000000000000000800014000000000080002"], 0xfc}}, 0x0)

352.698992ms ago: executing program 2 (id=1556):
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
r0 = syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
wait4(r0, 0x0, 0x40000000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000a52ecfd7bd58c00bd722fee3719319216217000000000000000000000000000000000000000000469a022b36ebbf6b314ac80fac87ac40b5a5d813fd55"], 0x48)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1, @perf_config_ext={0x7, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
pipe2(&(0x7f00000006c0)={<r2=>0xffffffffffffffff}, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
write$cgroup_int(r4, &(0x7f0000000000), 0xfffffd26)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x401c5820, &(0x7f00000001c0)=0x8)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
ioprio_set$uid(0x3, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f0000000340), 0x1, 0x59b, &(0x7f0000002480)="$eJzs3T1sG2UfAPD/2fGbfuRt+krvK72gDhUgFamqk/QDClO7IipV6oDEUizHjaI4cRQ70EQZ0r1CdECAupQNBkYQAwNiQWJhZQExI1U0AqnpAEb+StvEDk6p6zT+/aSz77nn7P/z3Pl/9nO6kwMYWEdrD6mIZyLiYhIx+kDdUDQrjzbWW19byd9bW8knUa1e+jWJJCLurq3kW+snzeeDEbEaEf+PiG8yEcdTW+OWl5ZncsViYaFZHqvMzo+Vl5ZPTM/mpgpThblTL79y5uzpMxMnJzo3PrOzvl7/6ca7179/7daNTz87spp/P5fEuRhp1j3Yj8epsU0ycW7T8tO9CNZHSb8bwCNJN/O8lkr/i9FIN7O+neroE20a0GPV4YjqTiSrO1od2M2SneU/sGe0fgfUxr9th9Pp3v7+uH2+MQCpxV9vTo2aoca5idhXH5sc+C15aGRSG28e7m3TGACr1yJifGio9vlrTY2apPn5e3Tjj6OB9NTX5xs7auv+T20cf6LN8Wekde70H2od/9a3HP/ux093OP5d7DLGH2/+/FHH+Ncinm0bP9mIn7SJn4qIt7qMf/ONL892qqt+HHEs2sdvSbY/Pzx2ZbpYGG88to3x1bEjr27X/wMd4jfO2e6rf8202/7zXfb/i28/f251m/gvPr/9/m+3/fdHxHtdxv/P3U9e71R3+1pyp/YrYKf7v7bsVpfxXzp39McOVfu7fAsAAAAAAAAAAKCNVP1atiSV3ZhPpbLZxj28/40DqWKpXDl+pbQ4N9m45u1wZFKtK61GG+WkVp5oXo/bKp/cVD7Vuo44vb9ezuZLxck+9x0AAAAAAAAAAAAAAAAAAAB2i4Ob7v//PV2//3/z31UDe1Xnv/wG9jr5D4Pr4fxPIob71hTgCfP9DwOrKv9hcMl/GFzyHwaX/IfBJf9hcMl/GFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAeuLihQu1qXpvbSVfK08OLS3OlN4+MVkoz2RnF/PZfGlhPjtVKk0VC9l8afbv3q9YKs2Px9zi1bFKoVwZKy8tX54tLc5VLk/P5qYKlwuZJ9IrAAAAAAAAAAAAAAAAAAAAeLqM1KcklY2IVH0+lcpmI/4dEYcjk1yZLhbGI+JQRPyQzgzXyhP9bjQAAAAAAAAAAAAAAAAAAADsMeWl5ZlcsVhYGJCZoS1Lvuu8ckSsPt5m1N5xR68anskVM819tVu24dM2c2j7ddLR9xbuxpk+H5gAAAAAAAAAAAAAAAAAAGAA3b/pt9tX/NnbBgEAAAAAAAAAAAAAAAAAAMBASv2SRERtOjb6wsjm2n8l6+n6c0S8c/PSB1dzlcrCRG35nY3llQ+by0/2o/1At1p52spjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4L7y0vJMrlgsLPRwpt99BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgUfwUAAP//H1DQ4Q==")

315.541935ms ago: executing program 0 (id=1557):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f0000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{r0}, &(0x7f0000000400), &(0x7f00000004c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
utime(&(0x7f0000000100)='./file0\x00', 0x0)

314.954635ms ago: executing program 0 (id=1558):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r2, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}], 0x1)

309.945836ms ago: executing program 3 (id=1559):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='.\x00', 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000600000000000000008500000002009500000000000000000000bed95ccbc8d637a794bd443d39865ca329c2bd354ec6795ce982452338cc9b838fce2f067e4325249d149138acab707f7682334deb3689dd3f7bdfde09028f698555305a543420d46597cb4dd9ca957cefb102f18af50b3afba57c659f264740ac6219bcf104ddec034ded2cc1bbc5a72e39e9f82837e2a3f96e80f289d76ea605bdf7bb347cd5a966eadc51d8815ecf76f58e7adfa155ff78782c71090a020b76ea1762ab5ce643e99ea34b2bd83830a01ebb209e01"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='mm_page_free\x00', r0}, 0x15)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x3, 0x8}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newtfilter={0x90, 0x2c, 0xd27, 0x70bd28, 0x6000000, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_fw={{0x7}, {0x5c, 0x2, [@TCA_FW_ACT={0x58, 0x4, [@m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0xfffffc00, 0x8, 0x10000000, 0x200000b, 0xff}, @broadcast, @local, 0xff, 0x1}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x11, 0x8}}]}, 0x90}, 0x1, 0x0, 0x0, 0x4}, 0x4000800)

276.724078ms ago: executing program 0 (id=1560):
socket(0x40000000015, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = inotify_init1(0x0)
inotify_add_watch(r2, &(0x7f0000000400)='.\x00', 0xa4000021)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
sendmmsg$inet(r1, &(0x7f0000003cc0)=[{{&(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="14000000000000000000000007"], 0x18}}], 0x1, 0x44008004)

227.993052ms ago: executing program 0 (id=1561):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000380)='kmem_cache_free\x00', r1}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001740)='cpuset.effective_mems\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x24, &(0x7f0000000140)={0x0, 0x1, 0x5, 0x5})
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
socket$inet_sctp(0x2, 0x1, 0x84)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000002c0)="2e00000010008188040f80ec59acbc0413010048100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480b0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073797a3100000000080041007369770014003300626f6e6430"], 0x38}, 0x1, 0x0, 0x0, 0x8801}, 0x20000000)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a500"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r7}, 0x10)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r8, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x2, &(0x7f0000002400)=<r9=>0x0)
io_submit(r9, 0x1, &(0x7f0000001c00)=[&(0x7f0000000400)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r8, &(0x7f0000000040)="5400ffff0000", 0x6, 0x0, 0x0, 0x2}])

136.874999ms ago: executing program 4 (id=1562):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x2400, &(0x7f0000000000)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x8c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x64, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x34, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_OP={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x100}}, 0x20000000)

136.301169ms ago: executing program 2 (id=1563):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r0, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a9367444a2130e72cd4dabc8854532cca0c32a5b9f844a4610c7525650ce3d3b76b15026d93e6dee896115e9364066aa3d14e33ef732b4681335c576902153114bdb9c74b538a71115fb1d1a63d1b04129661b29aab89d0be999a6b7c9bea755adedbf305a79f70b71d3d4c98577b49db4963ce89b0def5e840f459659cb6f86d56b069a5de11d601d348ff88ca6e5e2cfe40176880b33e9e8dbc32ba2e6a99b1b50276dc4f06166000d7069a3cc76f", 0xb9}, {&(0x7f0000000180)="892950e2405ee8629d9384a91c16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f8444b18345a2c8b178eeeba0cde7319a5a46bfe7f5770e019efd9d52069edcced33a758c4e657f3a792dc193a1911040000000000000003c851a8", 0x73}, {&(0x7f0000000200)="a68cde0d56b170df7710b54f17d9a39c4f98f3547190", 0x16}, {&(0x7f0000000240)="45e04400f2b383517a08c397dd0a76e67ecfc8e74573c24dedd3a48fb62458c1412fdcd15e888cb0f5d02e77bfecefda6b064c0bb2b66a9a522e63873dde02330510255eec7dfa1af708cdab59fb71eca786a359a2c3b0cbad35144ec5b069c53f90e43339845dc7fd140c55b0149ab38eb27c140f374bcc2c95b0b121d1a9302f3a01b888243b3fc0d46f0de0", 0x8d}, {&(0x7f00000025c0)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fcf5adf3e13fdb05b57b748bd14eda042a97fdd84498304a504a0a159b972e8200c2d0f536a3465ec498ed12b924bd134057df36129d3ebe3dd3ce9f0671e5278143e4afa3d43f444681de1b5f9725fca34fa357fe2154981666fb9dc202fc17a0199eb1c25bdd1005e590e84783ee9894c888998dc25a83c14aeee31d114acfa0bcd235d571cd765f4b9259ba43e6fc30291d8a642146c4771898030b736aeee6b247abb0784b154e104e7dcda401f9b1736fea30a41a4153fe6a9a525bd0a3487571f914f05b590e242341ade289d8f5b842c6be4a93c2755dfd47174def782a2f8f61c068b5a012f02c0801601e860def788121e8808c01fed4c920a3698d0d684920918c95b17f76bbcb4f265c931d8f79560ff8114b70f4dd6791e2ed70cfeb89905791b88be26efe1c5c66b7b50b3d2be0dbc066dfc31618f9507f6f340b85a2f76a6dcac9d6ccc289ace5e5fecd25afe22ffa451f5e365ab33cc985f2e9d7f7fb1be4794740a94215d7db14b0ffcec19e5e3c5ae0d8578ef3b65d2a7a77a11e390a6c3a6b391061c886b961e3c2f42d62047bfe1356a44b840d3d956105f4c0fa95db08c4933f00de77cdc057c28b41fecfc8398c442be1ad065954f6c9dfeb2fd7207e8548a00a1d50bdf522d2abfdafd71723616a34830fbfa8fc81e0c2639cc12f363a4919b7a00ac8189dad3e7e54122a2ef430f623658d5e281c9a19442995bb9b0e3f7d13e3016b6f9523be196bf23bbcc5ec802f43ef8b651d688d9d5a44f35c9847e4c32bce3e9ebed2326adadc76f06a195db32c80b3090d7cd65c9d8518ba4e528c5eb5c7a1c5695b21595fa8a8621734bfda8afddd65e1f37a1990220a00fa9bd2c22b0117ceb08ae6af3c944c2eca924abfddad065d1472d0c3f742a49b1e78c669471873706ad157d831d7482b773f07b0673a6ce1e227a7a4d13744bf459434c0ab1c323a38b1a84cbf1ce9741f2b8fdcc2e073e56171603d035aacd83e71d5132831f4f1e8bf517979f132a33fd03783272e9b8c96dfa4e1d320a58d82acfc8d3d53a5a52daafe4dc8be08f4ad53e11cc21374b6ff4ff5ea2ecc5d3f7c057f74f0098e57d990090475cdaffdef0da917653ed10fb70b94b72e5b4d95cbea0fc1dd2579635ad6ab545ba4d7b6d2f5442bdb78beb6c8ed62942a439117025b4566b48d9f3a17fdf4577e8606a4bc4c26557e58312fd2d1a541ebec3e5ae28eef8b2ab0597083716dd12889335570ee7839530eee879d9b137606cd4dd7103991671b4464bb68529eb19fb7a8845e3491bfbac688a87cf0744f429ea112014402915c4c1f6bae08d689d3cb7d641d7befe8fc74a2242310a9a367a39531b4c86da5b39df524e52f33ff9c40b48cb196ffc9ca855b6e698ade8a83e52b9ddc5031ff09e1907e4f8b0d07e64e1fb8e427f8819a7be907aa216bf8e2a4c7cc87ed53bf9490d4cc788b91f3b9f705e984a7e62c7a495e8421b97c39dc954b35468f17c6682334f4e16308448f457faeffff6d1f818522fa441d3a48168bdb12ffebace436a3915b63076cb6a655718647f87eaaf313b5bbd430421eed3a2215e439600a56eac8c65291eb103326a8034662bd337ab51577d9110ec7151be5cc9c54b2a30891acac5ad006ed537dbeb8f16eecbde7cf4e71373faf3c36b772f6d7ea9346875c8cf1049d49d4f8eb01b946c11e8c8e3ab2015f282167acddcc77fff03e1be9134252af0abfe538b4d25fc4ff874b52b9fb0996b5f32b4141dbd30578ff46e13ef6c63fc1620f62cb11a3dce401993976c272a5f62fde3f2a0e654d19e7a39dcdb622b9526d2a15cc18e6f817c916a00775353dd9c8954e66d0445b59bb0f5e6e3b46447232f52a0e398b057d123ef503afcbd48544db6434d2025bfc8dab72262a4fa5426a03061e7f8966e0086ff8ab5a91ab59f19b830394ee8bc76d6fb4816b8f4cde35b7eb9d3811228d51c54828f97fd1e648196c81bc73ed56249a59f318704e84656a6cedd2b8c1e1808d1cc648749abc643131e494c01336d4a14b8609656f2c972dc23c5c2e43fe40119fb88b5ec2aade35c03646e347354c493de8ab3672ccf94af0df333c6678299129d79be0eec281c5b3858ce3995566a390b674635b356692e3e9c53a089638ba0d69e772b7b410a5ae03de12e7de755ee559e1707b7b8003aabc8e2ce03c01e3183ff2d93262f6d5ceaafecdae66bc7cb3952c5a6571d864d502f281db5a228695badca5d022fdb6da56ab15dc377d1c1f8581ff56e28c2b2a84edb629547d28275c2ed571103b4ca7cdeb0776ba9f9dffcd78d21c3d4caa9289ed199672f4e7b912068c49c817114c37d37ea03954bae87d1ddae3da2ad85feb2fbb735b75a51f7bee5c8d88cc7bf64700d1a46ec6b631ae22ac7b06730a86a26bdcb992e1c7b50142de96b14a8468e4514068a30896fc677fddefaebb125c693a8d460469c7fe535f844781940f66d6abd091191c3122d584f5b0f5b0d443713d7d5186124d73de28aca30b719d4a55e09d259bddbf16995aeb1000880890afbd24d4066b0398985a40999de22ce176348e1c1f57eaf75b92a1e4f1482e89a00ac2cc36b20e36af9ec310599c19a5b1d6f8fadba104c58c801c6633315f82ebfa88faddd0b693e2f827f586c1cc5538e93bcf10f81af6dd7ee727df3b5018c0b4e31e40d040a47503b6ace4d29a1162ce487351825255f5584aff7cbd421f85c3d9fbb3784abd9848f16028b68f0d32ed8bb80106e8cc4acb939ff88bd39976d166b2addebf628b3fcd056da2f60e1b90f7a32702954921908ebccb683622a1f574ceba6951bef5e751c338c8279318dc28e36b9fc2bb17c3ad08aceb00fc388e6db112a738f86a4a1eb11526e1b9d73250b326285ed47c4398d93a3933d9a784249b65ad7d78a1f81d96ef36493ed693045a2150a8eb43cecc0c93e7d20b15b39a0646b081c2923b816365b7fbb41683a41732d942c5aa12faf876ec7f036becde8f3295af6dacff38d076d8e06260fee167703bb610745374a2758a6b88e465ca77d1f3105ae8b6b04a1eb509fb178d6249dbbc84d5d1d069278449a89d03e4a9a395d8170c329a296cfc329798cb9b9f1078d098cf3f989fd4ec53e013fbe917df35292d44fb1f3da4da4432a1847d4721514ade8cda5e5c0b51183580fc35266a970ebba74faeda56d4dcb56df51f96ad237452cedbd0cb2bee112713c3d450835811bf3da9745136d428e148fd0932dc77c8d8e61a16c625241fad8425b4ece394eedd5f165bd94923bfa1172be8edc8a4fcaae5f77ee8cc510192b27964da09c3e84efb4bc7154da1a24da8b7e544b42278d2574687ec76143afa6cf193d52a2a7f4c20ee57b6056a1337d5e408117a6cf1ab49c8980f39597f69902085d3e8d374d44e6ab4ed1185a26be2bc7281e9cfbbeb6bed899aa1924d3faa06d95999fbeaf2337494e0c2c39eef5a73fcde84459a9ea48d4e015d9e5bb5839354967ce02f637bc8678d2595b9a918fc36b927d7501f0ac2e3471ce02b5df355689c87f191ef5390900a41deec29984e45a878ece964b0009aad561316fc3b30ce1b49266d32eb17cd30f3e17e1f59014e8c518940dd0a093d1349c1a7c2581963bbe0ba372b6426e81c33c71b2ec8141c5713e52a37fff0a417a5b259e1420d9fb6a731f5baa0cc494221947895aa8fa14745a986a366bff9d0c239a19f85372497565b5b703da16439019df5f3d29f4247fb528854c9648630f03e9dedde5a08a47728ea6a4d42e62eff6fa3bd402325e0f4387b60171c37c180f958ad80955779c899517e7ea76eed00598e01552eaaf08b723daf9d466e8c57af43a15a46528b1119f5074aa3c51f77357ebe158275bc06b89640d7ce3c0a03af01418d7dc6ae8a1be8ab08c1722d66d1e9277480b8b178447667c024f9b78f8a878a2d7cf8e83e5104f6964b2907a989abafc7d7d0df941abf3d7283b6a11d46c2911a42182ec27ab785d92946e1ee8ef44846d561850d2a98c305c382f36d4cfc9b2bfd3b86ef21a0d187adcafbec8268c7d662a34dda1c83c4967097743133bc8c587edf249f5668c34ddb112fa4eb1bea9c8f6a000f1f34428b54688a5e214a7919868b25dbe930e86a243ecf54afe0b518c647d04873d2cf62cb2ab27f00015537a4fd2ea3dc8777abdf3284622347016566da0b9c406ca8c40694e4013a53fbf2e803d51b0bbe5e9df5fc74f66be618856357ccf803c53ed0e3b3fe79f69f0ede9b565d8f7a8ce5aa8cbb4e8fa61be3fd00ffb07e45065498925c14c0b311942d4ed951ad6237aadb5405bc7b2d79e1fd295b7c2ed8efa883e44c86a5053e2f421c6d4dc0c47d3a05d911db37d6efdb8e50fb3f06139ac147bc7162c21aece79eaf72e9779f19eb5395cec3d15a7594ea70a6b373d98651d2215b210f037ea3f8a57ded74474f6fdb64a08b56af52168da70b30aee03472cd8bee5af04cad7303004a4aba464b99", 0xcb3}, {&(0x7f00000006c0)="97b13f5cf9f584c87e0e637d2ff483a311bb412cb3b03c3d9e97e435f2fceb58ff0402ed7b96244b43386c222917662028d7a01206a1990722ccef1d8f39f7c8ae242e58359217b1c6161ea741445cf16b0c48eb18a6c72174dfb7cd1bd0f409dad5a432bed4afb470da3656dd30d70769e229dc91037321d618e1eff4a176ea46d5cd4d5da97f80356e46d9e8166bf2d97210b631654ece218a2a204a1786ab5a60a881a7a294cd2f92438350e6e3ec4439ebe06133ff65b1e32b809ba0482783b563ec8e5778285da5211e5821135433053a7921319c544d5e797f", 0xdc}, {&(0x7f00000007c0)="75c37714a0bada8343bceb64ccb6d95a2a37b020e0bf1f6a1de4584223a2f285aaca30a9554cd5cdc1659cb9fec462cc5c2220a7cd891ec3bad99fe3c06e15a109ec0fdb6aeeee5ef8e4bfc28e17984a3860b907d549492d47a447782b7357ea72f4b2c26512a6a33c0247b730a6182ea5a99aee25fcee07f9cb0a80595cd5f744fa6898fdffda5b34b19474b8e853467329e4aea36cfd0e00735d37beb0f895c5688259a8935194eefd3a96d55707133a08f03e14da563160a545396b93341f41c161c93687e28a", 0xc8}, {&(0x7f0000000b00)}], 0x8, &(0x7f0000001480)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private, @multicast1}}}], 0x20}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff27}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
recvmsg$unix(r1, &(0x7f0000001140)={0x0, 0x2, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1}, 0x40000100)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x18)

135.944749ms ago: executing program 4 (id=1564):
r0 = socket$netlink(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0x8, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x14)
fcntl$setlease(r1, 0x400, 0x0)
utime(&(0x7f0000000100)='./file0\x00', 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2, <r3=>0xffffffffffffffff}, 0x4)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r5, &(0x7f0000004200)='t', 0x1)
sendfile(r5, r4, 0x0, 0x3ffff)
socket$packet(0x11, 0x2, 0x300)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0xa, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x7fffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r6, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r7 = socket(0x10, 0x3, 0x0)
connect$netlink(r7, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route(r7, &(0x7f0000000380)={&(0x7f00000001c0), 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=@bridge_getlink={0x34, 0x12, 0x1, 0x0, 0x0, {}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'wg0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x4c014}, 0x0)
sendfile(r5, r4, 0x0, 0x7ffff000)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_genetlink_get_family_id$devlink(&(0x7f0000000080), r0)

135.297849ms ago: executing program 3 (id=1565):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x27}}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x18)
r2 = syz_io_uring_setup(0x3e, &(0x7f0000000640)={0x0, 0xaddb, 0x10100, 0x1, 0x92}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f00000003c0)=<r4=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
syz_io_uring_submit(r3, r4, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r5, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x80002101})
io_uring_enter(r2, 0xd81, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7}, 0x48)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCMIWAIT(r7, 0x545c, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000280), r6)

19.019209ms ago: executing program 0 (id=1566):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000040000e41300050003030000000a0000005dc00000000001080002000500000014"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="48010000100001005d6a98a7db72f2f7da28bd70", @ANYRES32=0x0, @ANYBLOB="6cf2040000000000140003006e657464657673696d3000000000000014011680300001802c000c8014000100ff000000530f00000000000088a8000014"], 0x148}}, 0x40)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=ANY=[@ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
r5 = getpgid(0x0)
r6 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x40, r6, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x43}}, 0x0)
sendmsg$SMC_PNETID_DEL(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r6, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x4000)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r2, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, r4, 0x2, 0x70bd26, 0x25dfdbfd, {}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x200880c0)
ptrace$getenv(0x4201, r5, 0xf538, &(0x7f00000002c0))

0s ago: executing program 1 (id=1567):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='\x00\x00\x00\x00\x00')
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x3, 0x8}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newtfilter={0x90, 0x2c, 0xd27, 0x70bd28, 0x6000000, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_fw={{0x7}, {0x5c, 0x2, [@TCA_FW_ACT={0x58, 0x4, [@m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0xfffffc00, 0x8, 0x10000000, 0x200000b, 0xff}, @broadcast, @local, 0xff, 0x1}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x11, 0x8}}]}, 0x90}, 0x1, 0x0, 0x0, 0x4}, 0x4000800)

kernel console output (not intermixed with test programs):

c604ebe9 code=0x7ffc0000
[   66.433532][   T29] audit: type=1326 audit(1755046298.426:5304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5036 comm="syz.2.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f37c604ebe9 code=0x7ffc0000
[   66.457158][   T29] audit: type=1326 audit(1755046298.426:5305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5036 comm="syz.2.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37c604ebe9 code=0x7ffc0000
[   66.480662][   T29] audit: type=1326 audit(1755046298.426:5306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5036 comm="syz.2.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f37c604ebe9 code=0x7ffc0000
[   66.504189][   T29] audit: type=1326 audit(1755046298.426:5307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5036 comm="syz.2.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37c604ebe9 code=0x7ffc0000
[   66.527674][   T29] audit: type=1326 audit(1755046298.426:5308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5036 comm="syz.2.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7f37c604ebe9 code=0x7ffc0000
[   66.551178][   T29] audit: type=1326 audit(1755046298.426:5309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5036 comm="syz.2.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37c604ebe9 code=0x7ffc0000
[   66.579127][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.585589][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.598942][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.618687][ T5050] loop2: detected capacity change from 0 to 1024
[   66.633102][ T5050] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   66.673425][ T5059] loop4: detected capacity change from 0 to 512
[   66.696642][ T5059] journal_path: Non-blockdev passed as './bus'
[   66.703147][ T5059] EXT4-fs: error: could not find journal device path
[   66.715239][ T5065] netlink: 'syz.3.524': attribute type 13 has an invalid length.
[   66.724523][ T5060] FAULT_INJECTION: forcing a failure.
[   66.724523][ T5060] name failslab, interval 1, probability 0, space 0, times 0
[   66.737388][ T5060] CPU: 0 UID: 0 PID: 5060 Comm: syz.3.524 Not tainted 6.17.0-rc1-syzkaller-00014-g0e39a731820a #0 PREEMPT(voluntary) 
[   66.737425][ T5060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   66.737516][ T5060] Call Trace:
[   66.737524][ T5060]  <TASK>
[   66.737534][ T5060]  __dump_stack+0x1d/0x30
[   66.737559][ T5060]  dump_stack_lvl+0xe8/0x140
[   66.737583][ T5060]  dump_stack+0x15/0x1b
[   66.737603][ T5060]  should_fail_ex+0x265/0x280
[   66.737628][ T5060]  should_failslab+0x8c/0xb0
[   66.737662][ T5060]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   66.737763][ T5060]  ? sidtab_sid2str_get+0xa0/0x130
[   66.737788][ T5060]  kmemdup_noprof+0x2b/0x70
[   66.737815][ T5060]  sidtab_sid2str_get+0xa0/0x130
[   66.737910][ T5060]  security_sid_to_context_core+0x1eb/0x2e0
[   66.737941][ T5060]  security_sid_to_context+0x27/0x40
[   66.737963][ T5060]  avc_audit_post_callback+0x10f/0x520
[   66.737996][ T5060]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   66.738106][ T5060]  common_lsm_audit+0x1b8/0x230
[   66.738135][ T5060]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   66.738167][ T5060]  slow_avc_audit+0x104/0x140
[   66.738197][ T5060]  avc_has_perm+0x13a/0x180
[   66.738257][ T5060]  selinux_kernel_load_data+0x128/0x140
[   66.738278][ T5060]  security_kernel_load_data+0x3e/0x80
[   66.738300][ T5060]  __se_sys_kexec_load+0x38/0x160
[   66.738319][ T5060]  __x64_sys_kexec_load+0x55/0x70
[   66.738418][ T5060]  x64_sys_call+0x2898/0x2ff0
[   66.738462][ T5060]  do_syscall_64+0xd2/0x200
[   66.738488][ T5060]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   66.738516][ T5060]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   66.738545][ T5060]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.738571][ T5060] RIP: 0033:0x7f16d0f9ebe9
[   66.738611][ T5060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.738665][ T5060] RSP: 002b:00007f16cfa07038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[   66.738689][ T5060] RAX: ffffffffffffffda RBX: 00007f16d11c5fa0 RCX: 00007f16d0f9ebe9
[   66.738704][ T5060] RDX: 0000200000000140 RSI: 0000000000000001 RDI: 0000000000000000
[   66.738745][ T5060] RBP: 00007f16cfa07090 R08: 0000000000000000 R09: 0000000000000000
[   66.738759][ T5060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.738771][ T5060] R13: 00007f16d11c6038 R14: 00007f16d11c5fa0 R15: 00007ffe733537f8
[   66.738787][ T5060]  </TASK>
[   67.046763][ T5074] loop4: detected capacity change from 0 to 512
[   67.093083][ T5074] EXT4-fs: Ignoring removed i_version option
[   67.115425][ T5074] EXT4-fs (loop4): orphan cleanup on readonly fs
[   67.131527][ T5074] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.535: bg 0: block 131: padding at end of block bitmap is not set
[   67.157799][ T5074] EXT4-fs (loop4): Remounting filesystem read-only
[   67.164567][ T5074] EXT4-fs (loop4): 1 truncate cleaned up
[   67.172658][ T5074] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   67.325440][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.345731][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.424256][ T5092] loop1: detected capacity change from 0 to 164
[   67.474347][ T5092] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   67.485674][ T5098] loop0: detected capacity change from 0 to 512
[   67.514780][ T5098] journal_path: Non-blockdev passed as './bus'
[   67.521207][ T5098] EXT4-fs: error: could not find journal device path
[   67.545818][ T5107] loop2: detected capacity change from 0 to 1024
[   67.590267][ T5107] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.610789][ T5122] FAULT_INJECTION: forcing a failure.
[   67.610789][ T5122] name failslab, interval 1, probability 0, space 0, times 0
[   67.623540][ T5122] CPU: 1 UID: 0 PID: 5122 Comm: syz.4.555 Not tainted 6.17.0-rc1-syzkaller-00014-g0e39a731820a #0 PREEMPT(voluntary) 
[   67.623567][ T5122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   67.623578][ T5122] Call Trace:
[   67.623585][ T5122]  <TASK>
[   67.623593][ T5122]  __dump_stack+0x1d/0x30
[   67.623628][ T5122]  dump_stack_lvl+0xe8/0x140
[   67.623648][ T5122]  dump_stack+0x15/0x1b
[   67.623666][ T5122]  should_fail_ex+0x265/0x280
[   67.623687][ T5122]  should_failslab+0x8c/0xb0
[   67.623772][ T5122]  kmem_cache_alloc_lru_noprof+0x55/0x310
[   67.623799][ T5122]  ? shmem_alloc_inode+0x34/0x50
[   67.623879][ T5122]  ? __pfx_shmem_alloc_inode+0x10/0x10
[   67.623907][ T5122]  shmem_alloc_inode+0x34/0x50
[   67.623930][ T5122]  alloc_inode+0x3d/0x170
[   67.623953][ T5122]  new_inode+0x1d/0xe0
[   67.624034][ T5122]  shmem_get_inode+0x244/0x750
[   67.624058][ T5122]  __shmem_file_setup+0x113/0x210
[   67.624091][ T5122]  shmem_file_setup+0x3b/0x50
[   67.624178][ T5122]  __se_sys_memfd_create+0x2c3/0x590
[   67.624203][ T5122]  __x64_sys_memfd_create+0x31/0x40
[   67.624271][ T5122]  x64_sys_call+0x2abe/0x2ff0
[   67.624296][ T5122]  do_syscall_64+0xd2/0x200
[   67.624404][ T5122]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   67.624443][ T5122]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   67.624514][ T5122]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.624540][ T5122] RIP: 0033:0x7fcf46dcebe9
[   67.624558][ T5122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.624576][ T5122] RSP: 002b:00007fcf45836e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   67.624656][ T5122] RAX: ffffffffffffffda RBX: 000000000000050a RCX: 00007fcf46dcebe9
[   67.624743][ T5122] RDX: 00007fcf45836ef0 RSI: 0000000000000000 RDI: 00007fcf46e527e8
[   67.624759][ T5122] RBP: 0000200000000200 R08: 00007fcf45836bb7 R09: 00007fcf45836e40
[   67.624774][ T5122] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000001c0
[   67.624787][ T5122] R13: 00007fcf45836ef0 R14: 00007fcf45836eb0 R15: 0000200000000080
[   67.624807][ T5122]  </TASK>
[   67.855344][ T5127] loop0: detected capacity change from 0 to 512
[   67.866626][ T5127] EXT4-fs: Ignoring removed nomblk_io_submit option
[   67.891602][ T5127] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   67.899656][ T5127] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[   67.908945][ T5127] EXT4-fs (loop0): couldn't mount RDWR because of unsupported optional features (80)
[   67.918742][ T5127] EXT4-fs (loop0): Skipping orphan cleanup due to unknown ROCOMPAT features
[   67.930413][ T5127] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   67.961897][ T5127] EXT4-fs warning (device loop0): dx_probe:861: inode #2: comm syz.0.557: dx entry: limit 65535 != root limit 120
[   67.974014][ T5127] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.557: Corrupt directory, running e2fsck is recommended
[   67.977701][ T5107] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   68.008302][ T5127] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 3: comm syz.0.557: path /111/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   68.056321][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.069077][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.109586][ T5149] __nla_validate_parse: 20 callbacks suppressed
[   68.109606][ T5149] netlink: 8 bytes leftover after parsing attributes in process `syz.1.564'.
[   68.150306][ T5149] netlink: 8 bytes leftover after parsing attributes in process `syz.1.564'.
[   68.180032][ T5157] syzkaller0: entered allmulticast mode
[   68.188278][ T5157] syzkaller0: entered promiscuous mode
[   68.197719][ T5159] loop0: detected capacity change from 0 to 512
[   68.205395][ T5157] syzkaller0 (unregistering): left allmulticast mode
[   68.212248][ T5157] syzkaller0 (unregistering): left promiscuous mode
[   68.222643][ T5159] EXT4-fs (loop0): orphan cleanup on readonly fs
[   68.230242][ T5159] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.569: bg 0: block 248: padding at end of block bitmap is not set
[   68.245418][ T5159] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.569: Failed to acquire dquot type 1
[   68.257850][ T5159] EXT4-fs (loop0): 1 truncate cleaned up
[   68.264577][ T5159] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   68.280386][ T5161] netlink: 8 bytes leftover after parsing attributes in process `syz.1.570'.
[   68.291976][ T5168] netlink: 8 bytes leftover after parsing attributes in process `syz.1.570'.
[   68.301530][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.341166][ T5175] bond_slave_1: entered promiscuous mode
[   68.347484][ T5175] bond_slave_1: left promiscuous mode
[   68.422613][ T5175] 9pnet_fd: Insufficient options for proto=fd
[   68.437342][ T5192] netlink: 8 bytes leftover after parsing attributes in process `syz.2.580'.
[   68.461563][ T5194] loop3: detected capacity change from 0 to 512
[   68.484577][ T5192] loop2: detected capacity change from 0 to 1024
[   68.489385][ T5194] journal_path: Non-blockdev passed as './bus'
[   68.497449][ T5194] EXT4-fs: error: could not find journal device path
[   68.501548][ T5192] EXT4-fs: Ignoring removed orlov option
[   68.525139][ T5192] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.610568][ T5214] FAULT_INJECTION: forcing a failure.
[   68.610568][ T5214] name failslab, interval 1, probability 0, space 0, times 0
[   68.623700][ T5214] CPU: 1 UID: 0 PID: 5214 Comm: syz.3.590 Not tainted 6.17.0-rc1-syzkaller-00014-g0e39a731820a #0 PREEMPT(voluntary) 
[   68.623729][ T5214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   68.623741][ T5214] Call Trace:
[   68.623749][ T5214]  <TASK>
[   68.623759][ T5214]  __dump_stack+0x1d/0x30
[   68.623785][ T5214]  dump_stack_lvl+0xe8/0x140
[   68.623806][ T5214]  dump_stack+0x15/0x1b
[   68.623821][ T5214]  should_fail_ex+0x265/0x280
[   68.623855][ T5214]  should_failslab+0x8c/0xb0
[   68.623897][ T5214]  kmem_cache_alloc_lru_noprof+0x55/0x310
[   68.623939][ T5214]  ? __d_alloc+0x3d/0x340
[   68.623969][ T5214]  __d_alloc+0x3d/0x340
[   68.624021][ T5214]  d_alloc_parallel+0x53/0xc60
[   68.624079][ T5214]  ? number+0x9ae/0xab0
[   68.624150][ T5214]  ? __rcu_read_unlock+0x4f/0x70
[   68.624173][ T5214]  ? __d_lookup+0x316/0x340
[   68.624204][ T5214]  __lookup_slow+0x8c/0x250
[   68.624283][ T5214]  lookup_noperm+0xc9/0x180
[   68.624365][ T5214]  simple_start_creating+0x97/0x120
[   68.624392][ T5214]  start_creating+0xe9/0x160
[   68.624428][ T5214]  __debugfs_create_file+0x6b/0x330
[   68.624456][ T5214]  debugfs_create_file_full+0x3f/0x60
[   68.624513][ T5214]  ? __pfx_macvlan_setup+0x10/0x10
[   68.624538][ T5214]  ref_tracker_dir_debugfs+0x100/0x1e0
[   68.624566][ T5214]  alloc_netdev_mqs+0x1a2/0xa20
[   68.624610][ T5214]  rtnl_create_link+0x239/0x710
[   68.624630][ T5214]  rtnl_newlink_create+0x14c/0x620
[   68.624658][ T5214]  ? security_capable+0x83/0x90
[   68.624739][ T5214]  ? netlink_ns_capable+0x86/0xa0
[   68.624769][ T5214]  rtnl_newlink+0xf29/0x12d0
[   68.624798][ T5214]  ? strlen+0x19/0x40
[   68.624825][ T5214]  ? __memcg_slab_free_hook+0x135/0x230
[   68.624867][ T5214]  ? __rcu_read_unlock+0x4f/0x70
[   68.624930][ T5214]  ? avc_has_perm_noaudit+0x1b1/0x200
[   68.624958][ T5214]  ? cred_has_capability+0x210/0x280
[   68.625001][ T5214]  ? selinux_capable+0x31/0x40
[   68.625031][ T5214]  ? security_capable+0x83/0x90
[   68.625057][ T5214]  ? ns_capable+0x7d/0xb0
[   68.625153][ T5214]  ? __pfx_rtnl_newlink+0x10/0x10
[   68.625181][ T5214]  rtnetlink_rcv_msg+0x5fb/0x6d0
[   68.625251][ T5214]  netlink_rcv_skb+0x120/0x220
[   68.625268][ T5214]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   68.625296][ T5214]  rtnetlink_rcv+0x1c/0x30
[   68.625352][ T5214]  netlink_unicast+0x5c0/0x690
[   68.625390][ T5214]  netlink_sendmsg+0x58b/0x6b0
[   68.625418][ T5214]  ? __pfx_netlink_sendmsg+0x10/0x10
[   68.625441][ T5214]  __sock_sendmsg+0x145/0x180
[   68.625506][ T5214]  ____sys_sendmsg+0x31e/0x4e0
[   68.625539][ T5214]  ___sys_sendmsg+0x17b/0x1d0
[   68.625570][ T5214]  __x64_sys_sendmsg+0xd4/0x160
[   68.625595][ T5214]  x64_sys_call+0x191e/0x2ff0
[   68.625629][ T5214]  do_syscall_64+0xd2/0x200
[   68.625723][ T5214]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   68.625748][ T5214]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   68.625774][ T5214]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.625798][ T5214] RIP: 0033:0x7f16d0f9ebe9
[   68.625875][ T5214] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.625893][ T5214] RSP: 002b:00007f16cfa07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   68.625979][ T5214] RAX: ffffffffffffffda RBX: 00007f16d11c5fa0 RCX: 00007f16d0f9ebe9
[   68.625994][ T5214] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[   68.626009][ T5214] RBP: 00007f16cfa07090 R08: 0000000000000000 R09: 0000000000000000
[   68.626023][ T5214] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.626089][ T5214] R13: 00007f16d11c6038 R14: 00007f16d11c5fa0 R15: 00007ffe733537f8
[   68.626109][ T5214]  </TASK>
[   68.699243][ T5216] netlink: 8 bytes leftover after parsing attributes in process `syz.2.580'.
[   68.863757][ T5222] 9pnet_fd: Insufficient options for proto=fd
[   68.910210][ T5219] bond_slave_1: entered promiscuous mode
[   69.005044][ T5219] bond_slave_1: left promiscuous mode
[   69.057384][ T5228] bond_slave_1: entered promiscuous mode
[   69.065051][ T5228] bond_slave_1: left promiscuous mode
[   69.084100][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.150975][ T5238] netlink: 'syz.0.597': attribute type 10 has an invalid length.
[   69.188197][ T5238] bond0: (slave dummy0): Releasing backup interface
[   69.203105][ T5238] team0: Port device dummy0 added
[   69.206882][ T5246] loop2: detected capacity change from 0 to 512
[   69.215270][ T5246] EXT4-fs: Ignoring removed mblk_io_submit option
[   69.225059][ T5246] ext3: Unknown parameter 'noacl'
[   69.253078][ T5250] netlink: 8 bytes leftover after parsing attributes in process `syz.2.602'.
[   69.265080][ T5250] netlink: 8 bytes leftover after parsing attributes in process `syz.2.602'.
[   69.309143][ T5261] loop2: detected capacity change from 0 to 164
[   69.316497][ T5261] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   69.326474][ T5264] loop0: detected capacity change from 0 to 1024
[   69.368782][ T5266] bond_slave_1: entered promiscuous mode
[   69.375147][ T5266] bond_slave_1: left promiscuous mode
[   69.389546][ T5264] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.407289][ T5264] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.607: Allocating blocks 465-513 which overlap fs metadata
[   69.422619][ T5264] EXT4-fs (loop0): pa ffff888104c2daf0: logic 256, phys. 369, len 9
[   69.430751][ T5264] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   69.457824][ T5264] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   69.498946][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.543014][ T5280] loop0: detected capacity change from 0 to 512
[   69.549814][ T5280] EXT4-fs: Ignoring removed i_version option
[   69.559854][ T5280] EXT4-fs (loop0): orphan cleanup on readonly fs
[   69.575753][ T5283] loop2: detected capacity change from 0 to 512
[   69.587188][ T5280] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.610: bg 0: block 131: padding at end of block bitmap is not set
[   69.610748][ T5283] EXT4-fs: Ignoring removed mblk_io_submit option
[   69.617498][ T5283] ext3: Unknown parameter 'noacl'
[   69.624577][ T5280] EXT4-fs (loop0): Remounting filesystem read-only
[   69.641448][ T5280] EXT4-fs (loop0): 1 truncate cleaned up
[   69.647720][ T5280] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   69.727961][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.767102][ T5296] loop0: detected capacity change from 0 to 1024
[   69.785040][ T5299] loop1: detected capacity change from 0 to 1024
[   69.793278][ T5296] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.809108][ T5299] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.839963][ T5299] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.620: Allocating blocks 465-513 which overlap fs metadata
[   69.870950][ T5299] EXT4-fs (loop1): pa ffff888106def230: logic 256, phys. 369, len 9
[   69.879198][ T5299] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   69.913278][ T5299] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   69.961198][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.046919][ T5296] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   70.117419][ T5308] netlink: 104 bytes leftover after parsing attributes in process `syz.1.622'.
[   70.132251][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.192257][ T5314] loop1: detected capacity change from 0 to 164
[   70.202589][ T5316] loop0: detected capacity change from 0 to 512
[   70.209683][ T5316] EXT4-fs: Ignoring removed mblk_io_submit option
[   70.217005][ T5316] ext3: Unknown parameter 'noacl'
[   70.222965][ T5314] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   70.364396][ T5325] netlink: 8 bytes leftover after parsing attributes in process `syz.0.629'.
[   70.382053][ T5325] smc: net device bond0 applied user defined pnetid SYZ0
[   70.391552][ T5325] smc: net device bond0 erased user defined pnetid SYZ0
[   70.787151][ T5348] loop2: detected capacity change from 0 to 512
[   70.794103][ T5348] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   70.805823][ T5348] EXT4-fs (loop2): orphan cleanup on readonly fs
[   70.813555][ T5348] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:517: comm syz.2.639: Block bitmap for bg 0 marked uninitialized
[   70.826792][ T5348] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   70.836937][ T5348] EXT4-fs (loop2): 1 orphan inode deleted
[   70.843137][ T5348] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   70.914890][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.952433][ T5353] FAULT_INJECTION: forcing a failure.
[   70.952433][ T5353] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   70.965564][ T5353] CPU: 0 UID: 0 PID: 5353 Comm: syz.2.640 Not tainted 6.17.0-rc1-syzkaller-00014-g0e39a731820a #0 PREEMPT(voluntary) 
[   70.965595][ T5353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   70.965607][ T5353] Call Trace:
[   70.965614][ T5353]  <TASK>
[   70.965623][ T5353]  __dump_stack+0x1d/0x30
[   70.965646][ T5353]  dump_stack_lvl+0xe8/0x140
[   70.965748][ T5353]  dump_stack+0x15/0x1b
[   70.965766][ T5353]  should_fail_ex+0x265/0x280
[   70.965786][ T5353]  should_fail+0xb/0x20
[   70.965802][ T5353]  should_fail_usercopy+0x1a/0x20
[   70.965948][ T5353]  _copy_to_user+0x20/0xa0
[   70.965979][ T5353]  __x64_sys_fstatfs+0xe8/0x140
[   70.966088][ T5353]  x64_sys_call+0x1ebd/0x2ff0
[   70.966116][ T5353]  do_syscall_64+0xd2/0x200
[   70.966144][ T5353]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   70.966209][ T5353]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   70.966235][ T5353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.966259][ T5353] RIP: 0033:0x7f37c604ebe9
[   70.966276][ T5353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.966295][ T5353] RSP: 002b:00007f37c4aaf038 EFLAGS: 00000246 ORIG_RAX: 000000000000008a
[   70.966353][ T5353] RAX: ffffffffffffffda RBX: 00007f37c6275fa0 RCX: 00007f37c604ebe9
[   70.966365][ T5353] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[   70.966378][ T5353] RBP: 00007f37c4aaf090 R08: 0000000000000000 R09: 0000000000000000
[   70.966391][ T5353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   70.966439][ T5353] R13: 00007f37c6276038 R14: 00007f37c6275fa0 R15: 00007ffd37085eb8
[   70.966458][ T5353]  </TASK>
[   71.250150][ T5360] loop0: detected capacity change from 0 to 512
[   71.259363][ T5360] journal_path: Non-blockdev passed as './bus'
[   71.265624][ T5360] EXT4-fs: error: could not find journal device path
[   71.324892][ T5371] loop2: detected capacity change from 0 to 1024
[   71.349966][ T5374] netlink: 'syz.3.648': attribute type 10 has an invalid length.
[   71.373679][ T5374] 8021q: adding VLAN 0 to HW filter on device team0
[   71.394905][ T5374] bond0: (slave team0): Enslaving as an active interface with an up link
[   71.422139][ T5371] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.443007][ T5379] loop0: detected capacity change from 0 to 1024
[   71.450153][ T5374] netlink: 'syz.3.648': attribute type 10 has an invalid length.
[   71.451217][   T29] kauditd_printk_skb: 618 callbacks suppressed
[   71.451231][   T29] audit: type=1326 audit(1755046303.556:5926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5358 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf46dcebe9 code=0x7ffc0000
[   71.460277][ T5379] EXT4-fs: Ignoring removed bh option
[   71.468931][   T29] audit: type=1326 audit(1755046303.556:5927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5358 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf46dcebe9 code=0x7ffc0000
[   71.521142][ T5374] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[   71.521617][   T29] audit: type=1400 audit(1755046303.616:5928): avc:  denied  { add_name } for  pid=5369 comm="syz.2.647" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   71.550536][   T29] audit: type=1400 audit(1755046303.616:5929): avc:  denied  { create } for  pid=5369 comm="syz.2.647" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   71.565201][ T5374] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   71.571299][   T29] audit: type=1400 audit(1755046303.656:5930): avc:  denied  { read write open } for  pid=5369 comm="syz.2.647" path="/132/file1/bus" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   71.580161][ T5371] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.647: Allocating blocks 465-513 which overlap fs metadata
[   71.601472][   T29] audit: type=1400 audit(1755046303.656:5931): avc:  denied  { create } for  pid=5372 comm="syz.3.648" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   71.620416][ T5379] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.635967][   T29] audit: type=1400 audit(1755046303.656:5932): avc:  denied  { write } for  pid=5372 comm="syz.3.648" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   71.648500][ T5371] EXT4-fs (loop2): pa ffff888104c2daf0: logic 256, phys. 369, len 9
[   71.677625][ T5371] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   71.688449][ T5374] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   71.688590][ T5371] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   71.715693][   T29] audit: type=1400 audit(1755046303.806:5933): avc:  denied  { create } for  pid=5372 comm="syz.3.648" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   71.771918][   T29] audit: type=1400 audit(1755046303.826:5934): avc:  denied  { bind } for  pid=5372 comm="syz.3.648" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   71.788684][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.791865][   T29] audit: type=1400 audit(1755046303.836:5935): avc:  denied  { read write } for  pid=5378 comm="syz.0.649" name="file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   71.825566][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.846350][ T5391] loop2: detected capacity change from 0 to 512
[   71.853147][ T5391] journal_path: Non-blockdev passed as './bus'
[   71.859505][ T5391] EXT4-fs: error: could not find journal device path
[   71.892862][ T5397] loop2: detected capacity change from 0 to 1024
[   71.901981][ T5397] EXT4-fs: Ignoring removed bh option
[   71.921186][ T5397] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.977733][ T5406] loop4: detected capacity change from 0 to 1024
[   71.991686][ T5406] EXT4-fs: Ignoring removed bh option
[   72.001426][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.013888][ T5406] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.061363][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.103654][ T5424] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   72.174795][ T5431] loop4: detected capacity change from 0 to 164
[   72.184061][ T5431] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   72.223376][ T5434] loop4: detected capacity change from 0 to 1024
[   72.265196][ T5434] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.294613][ T5434] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.668: Allocating blocks 465-513 which overlap fs metadata
[   72.329536][ T5434] EXT4-fs (loop4): pa ffff888106def230: logic 256, phys. 369, len 9
[   72.337783][ T5434] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   72.348282][ T5434] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   72.385070][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.411567][ T5454] loop1: detected capacity change from 0 to 164
[   72.430682][ T5454] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   72.496737][ T5468] loop2: detected capacity change from 0 to 164
[   72.507409][ T5468] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   72.568395][ T5479] loop0: detected capacity change from 0 to 1024
[   72.580291][ T5482] loop4: detected capacity change from 0 to 512
[   72.584643][ T5479] EXT4-fs: Ignoring removed orlov option
[   72.588061][ T5482] EXT4-fs: Ignoring removed i_version option
[   72.596845][ T5479] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.600318][ T5482] EXT4-fs (loop4): orphan cleanup on readonly fs
[   72.620646][ T5482] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.687: bg 0: block 131: padding at end of block bitmap is not set
[   72.636053][ T5482] EXT4-fs (loop4): Remounting filesystem read-only
[   72.643774][ T5482] EXT4-fs (loop4): 1 truncate cleaned up
[   72.649946][ T5482] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   72.683921][ T5489] loop1: detected capacity change from 0 to 1024
[   72.751943][ T5489] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.773532][ T5489] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.689: Allocating blocks 465-513 which overlap fs metadata
[   72.791638][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.818414][ T5489] EXT4-fs (loop1): pa ffff888104c2db60: logic 256, phys. 369, len 9
[   72.826524][ T5489] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   72.851497][ T5489] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   72.882652][ T5504] loop4: detected capacity change from 0 to 1024
[   72.892925][ T5503] loop3: detected capacity change from 0 to 1024
[   72.901651][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.911587][ T5504] EXT4-fs: Ignoring removed orlov option
[   72.913535][ T5503] EXT4-fs: Ignoring removed bh option
[   72.925978][ T5504] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.938841][ T5507] loop2: detected capacity change from 0 to 164
[   72.946271][ T5507] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   72.965926][ T5503] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.041345][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.239562][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.310972][ T5547] netlink: 'syz.0.711': attribute type 10 has an invalid length.
[   73.383738][ T5549] SELinux: failed to load policy
[   73.396907][ T5551] loop0: detected capacity change from 0 to 512
[   73.404037][ T5551] EXT4-fs: Ignoring removed i_version option
[   73.412107][ T5551] EXT4-fs (loop0): orphan cleanup on readonly fs
[   73.418997][ T5551] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.712: bg 0: block 131: padding at end of block bitmap is not set
[   73.434733][ T5551] EXT4-fs (loop0): Remounting filesystem read-only
[   73.441534][ T5551] EXT4-fs (loop0): 1 truncate cleaned up
[   73.447717][ T5551] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   73.497172][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.537508][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.550965][ T5557] loop2: detected capacity change from 0 to 512
[   73.557607][ T5557] EXT4-fs: Ignoring removed i_version option
[   73.565681][ T5555] __nla_validate_parse: 20 callbacks suppressed
[   73.565773][ T5555] netlink: 8 bytes leftover after parsing attributes in process `syz.4.713'.
[   73.582439][ T5557] EXT4-fs (loop2): orphan cleanup on readonly fs
[   73.591020][ T5555] netlink: 8 bytes leftover after parsing attributes in process `syz.4.713'.
[   73.599356][ T5564] netlink: 104 bytes leftover after parsing attributes in process `syz.0.717'.
[   73.602333][ T5557] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.714: bg 0: block 131: padding at end of block bitmap is not set
[   73.627198][ T5557] EXT4-fs (loop2): Remounting filesystem read-only
[   73.634199][ T5566] netlink: 8 bytes leftover after parsing attributes in process `syz.0.718'.
[   73.634328][ T5557] EXT4-fs (loop2): 1 truncate cleaned up
[   73.649885][ T5557] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   73.675785][ T5566] loop0: detected capacity change from 0 to 1024
[   73.682711][ T5566] EXT4-fs: Ignoring removed orlov option
[   73.707332][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.719313][ T5566] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.779376][ T5581] bond_slave_1: entered promiscuous mode
[   73.785831][ T5581] bond_slave_1: left promiscuous mode
[   73.858879][ T5588] netlink: 8 bytes leftover after parsing attributes in process `syz.0.718'.
[   73.887277][ T5591] netlink: 28 bytes leftover after parsing attributes in process `syz.4.726'.
[   73.931868][ T5595] netlink: 20 bytes leftover after parsing attributes in process `syz.4.728'.
[   73.965628][ T5597] netlink: 8 bytes leftover after parsing attributes in process `syz.4.729'.
[   73.976086][ T5597] netlink: 8 bytes leftover after parsing attributes in process `syz.4.729'.
[   73.994885][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.080314][ T5604] loop3: detected capacity change from 0 to 164
[   74.097132][ T5604] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   74.139615][ T5613] loop0: detected capacity change from 0 to 128
[   74.173636][ T5618] bond_slave_1: entered promiscuous mode
[   74.189962][ T5618] bond_slave_1: left promiscuous mode
[   74.233029][ T5623] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=256 sclass=netlink_route_socket pid=5623 comm=syz.0.740
[   74.258626][ T5633] netlink: 104 bytes leftover after parsing attributes in process `syz.1.745'.
[   74.269737][ T5634] bond_slave_1: entered promiscuous mode
[   74.284143][ T5634] bond_slave_1: left promiscuous mode
[   74.305689][ T5639] loop3: detected capacity change from 0 to 512
[   74.314267][ T5639] journal_path: Non-blockdev passed as './bus'
[   74.320592][ T5639] EXT4-fs: error: could not find journal device path
[   74.325959][ T5644] loop0: detected capacity change from 0 to 164
[   74.349241][ T5644] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   74.393266][ T5647] loop3: detected capacity change from 0 to 1024
[   74.401496][ T5647] EXT4-fs: Ignoring removed bh option
[   74.404934][ T5649] loop0: detected capacity change from 0 to 1024
[   74.423290][ T5647] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.424013][ T5649] EXT4-fs: Ignoring removed bh option
[   74.476173][ T5658] netlink: 'syz.1.754': attribute type 10 has an invalid length.
[   74.501245][ T5658] team0: Port device dummy0 added
[   74.505636][ T5649] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.535075][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.552311][ T5664] loop4: detected capacity change from 0 to 512
[   74.568039][ T5664] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   74.612785][ T5664] loop4: detected capacity change from 0 to 512
[   74.620133][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.653006][ T5675] loop0: detected capacity change from 0 to 512
[   74.665232][ T5675] journal_path: Non-blockdev passed as './bus'
[   74.671629][ T5675] EXT4-fs: error: could not find journal device path
[   74.715829][ T5683] netlink: 'syz.1.765': attribute type 10 has an invalid length.
[   74.780092][ T5683] 8021q: adding VLAN 0 to HW filter on device team0
[   74.790137][ T5683] bond0: (slave team0): Enslaving as an active interface with an up link
[   74.808472][ T5683] netlink: 'syz.1.765': attribute type 10 has an invalid length.
[   74.820425][ T5683] siw: device registration error -23
[   74.928380][ T5708] loop4: detected capacity change from 0 to 512
[   74.928901][ T5709] loop3: detected capacity change from 0 to 512
[   74.954150][ T5709] EXT4-fs: Ignoring removed i_version option
[   74.960849][ T5708] journal_path: Non-blockdev passed as './bus'
[   74.967049][ T5708] EXT4-fs: error: could not find journal device path
[   74.979611][ T5709] EXT4-fs (loop3): orphan cleanup on readonly fs
[   74.995600][ T5709] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.776: bg 0: block 131: padding at end of block bitmap is not set
[   75.032809][ T5709] EXT4-fs (loop3): Remounting filesystem read-only
[   75.051574][ T5709] EXT4-fs (loop3): 1 truncate cleaned up
[   75.057795][ T5709] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   75.112976][ T5728] siw: device registration error -23
[   75.131569][ T5717] loop0: detected capacity change from 0 to 512
[   75.143517][ T5717] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: inode #11: comm syz.0.774: missing EA_INODE flag
[   75.155467][ T5717] EXT4-fs error (device loop0): ext4_xattr_inode_iget:442: comm syz.0.774: error while reading EA inode 11 err=-117
[   75.169105][ T5717] EXT4-fs (loop0): 1 orphan inode deleted
[   75.309480][ T5753] smc: net device bond0 applied user defined pnetid SYZ0
[   75.316986][ T5753] smc: net device bond0 erased user defined pnetid SYZ0
[   75.366348][ T5762] loop4: detected capacity change from 0 to 512
[   75.374125][ T5762] EXT4-fs: Ignoring removed i_version option
[   75.388716][ T5762] EXT4-fs (loop4): orphan cleanup on readonly fs
[   75.395590][ T5762] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.796: bg 0: block 131: padding at end of block bitmap is not set
[   75.411876][ T5762] EXT4-fs (loop4): Remounting filesystem read-only
[   75.418526][ T5762] EXT4-fs (loop4): 1 truncate cleaned up
[   75.421006][ T5768] loop1: detected capacity change from 0 to 1024
[   75.632395][ T5791] FAULT_INJECTION: forcing a failure.
[   75.632395][ T5791] name failslab, interval 1, probability 0, space 0, times 0
[   75.645232][ T5791] CPU: 0 UID: 0 PID: 5791 Comm: syz.4.806 Not tainted 6.17.0-rc1-syzkaller-00014-g0e39a731820a #0 PREEMPT(voluntary) 
[   75.645265][ T5791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   75.645278][ T5791] Call Trace:
[   75.645286][ T5791]  <TASK>
[   75.645295][ T5791]  __dump_stack+0x1d/0x30
[   75.645392][ T5791]  dump_stack_lvl+0xe8/0x140
[   75.645413][ T5791]  dump_stack+0x15/0x1b
[   75.645432][ T5791]  should_fail_ex+0x265/0x280
[   75.645456][ T5791]  should_failslab+0x8c/0xb0
[   75.645484][ T5791]  __kmalloc_noprof+0xa5/0x3e0
[   75.645562][ T5791]  ? io_cache_alloc_new+0x2a/0xb0
[   75.645646][ T5791]  io_cache_alloc_new+0x2a/0xb0
[   75.645675][ T5791]  __io_prep_rw+0xcf/0x6d0
[   75.645693][ T5791]  ? __io_alloc_req_refill+0x12e/0x1d0
[   75.645800][ T5791]  io_prep_read+0x20/0xa0
[   75.645822][ T5791]  io_submit_sqes+0x5de/0x1050
[   75.645851][ T5791]  __se_sys_io_uring_enter+0x1c1/0x1b70
[   75.645875][ T5791]  ? 0xffffffff81000000
[   75.645889][ T5791]  ? __rcu_read_unlock+0x4f/0x70
[   75.645975][ T5791]  ? get_pid_task+0x96/0xd0
[   75.645997][ T5791]  ? proc_fail_nth_write+0x13b/0x160
[   75.646027][ T5791]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   75.646065][ T5791]  ? vfs_write+0x7e8/0x960
[   75.646089][ T5791]  ? __rcu_read_unlock+0x4f/0x70
[   75.646124][ T5791]  ? __fget_files+0x184/0x1c0
[   75.646149][ T5791]  ? fput+0x8f/0xc0
[   75.646179][ T5791]  __x64_sys_io_uring_enter+0x78/0x90
[   75.646206][ T5791]  x64_sys_call+0x2de1/0x2ff0
[   75.646227][ T5791]  do_syscall_64+0xd2/0x200
[   75.646254][ T5791]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   75.646354][ T5791]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   75.646379][ T5791]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.646503][ T5791] RIP: 0033:0x7fcf46dcebe9
[   75.646520][ T5791] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.646601][ T5791] RSP: 002b:00007fcf45837038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[   75.646623][ T5791] RAX: ffffffffffffffda RBX: 00007fcf46ff5fa0 RCX: 00007fcf46dcebe9
[   75.646637][ T5791] RDX: 00000000000004c1 RSI: 0000000000000fd0 RDI: 0000000000000004
[   75.646650][ T5791] RBP: 00007fcf45837090 R08: 0000000000000000 R09: 0000000000000000
[   75.646664][ T5791] R10: 0000000000000043 R11: 0000000000000246 R12: 0000000000000001
[   75.646678][ T5791] R13: 00007fcf46ff6038 R14: 00007fcf46ff5fa0 R15: 00007ffdad71b1b8
[   75.646697][ T5791]  </TASK>
[   75.650554][ T5768] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, 
[   75.701351][ T5795] loop4: detected capacity change from 0 to 164
[   75.703945][ T5768] inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   75.935134][ T5795] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   75.972669][ T5800] loop2: detected capacity change from 0 to 1024
[   75.990410][ T5800] EXT4-fs: Ignoring removed bh option
[   76.089941][ T5821] bond_slave_1: entered promiscuous mode
[   76.096188][ T5821] bond_slave_1: left promiscuous mode
[   76.113072][ T5824] smc: net device bond0 applied user defined pnetid SYZ0
[   76.138319][ T5824] smc: net device bond0 erased user defined pnetid SYZ0
[   76.171879][ T5833] loop0: detected capacity change from 0 to 512
[   76.187584][ T5834] loop1: detected capacity change from 0 to 164
[   76.234623][ T5834] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   76.356744][ T5869] loop0: detected capacity change from 0 to 1024
[   76.388832][ T5876] loop2: detected capacity change from 0 to 164
[   76.416169][ T5876] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   76.476658][   T29] kauditd_printk_skb: 1092 callbacks suppressed
[   76.476675][   T29] audit: type=1326 audit(1755046308.566:7026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5875 comm="syz.2.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f37c604d550 code=0x7ffc0000
[   76.506468][   T29] audit: type=1326 audit(1755046308.566:7027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5875 comm="syz.2.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f37c604d550 code=0x7ffc0000
[   76.529959][   T29] audit: type=1326 audit(1755046308.566:7028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5875 comm="syz.2.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37c604ebe9 code=0x7ffc0000
[   76.553552][   T29] audit: type=1326 audit(1755046308.566:7029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5875 comm="syz.2.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37c604ebe9 code=0x7ffc0000
[   76.577062][   T29] audit: type=1326 audit(1755046308.566:7030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5875 comm="syz.2.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7f37c604ebe9 code=0x7ffc0000
[   76.600506][   T29] audit: type=1326 audit(1755046308.566:7031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5875 comm="syz.2.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37c604ebe9 code=0x7ffc0000
[   76.623835][   T29] audit: type=1326 audit(1755046308.566:7032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5875 comm="syz.2.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37c604ebe9 code=0x7ffc0000
[   76.655804][   T29] audit: type=1400 audit(1755046308.746:7033): avc:  denied  { cpu } for  pid=5882 comm="syz.3.846" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   76.708396][ T5869] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   76.725431][ T5890] FAULT_INJECTION: forcing a failure.
[   76.725431][ T5890] name failslab, interval 1, probability 0, space 0, times 0
[   76.738367][ T5890] CPU: 0 UID: 0 PID: 5890 Comm: syz.2.848 Not tainted 6.17.0-rc1-syzkaller-00014-g0e39a731820a #0 PREEMPT(voluntary) 
[   76.738397][ T5890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   76.738451][ T5890] Call Trace:
[   76.738459][ T5890]  <TASK>
[   76.738469][ T5890]  __dump_stack+0x1d/0x30
[   76.738496][ T5890]  dump_stack_lvl+0xe8/0x140
[   76.738517][ T5890]  dump_stack+0x15/0x1b
[   76.738533][ T5890]  should_fail_ex+0x265/0x280
[   76.738627][ T5890]  ? alloc_fdtable+0x8c/0x1d0
[   76.738697][ T5890]  should_failslab+0x8c/0xb0
[   76.738719][ T5890]  __kmalloc_cache_noprof+0x4c/0x320
[   76.738747][ T5890]  alloc_fdtable+0x8c/0x1d0
[   76.738838][ T5890]  dup_fd+0x4c7/0x540
[   76.738858][ T5890]  ksys_unshare+0x346/0x6d0
[   76.738883][ T5890]  ? ksys_write+0x192/0x1a0
[   76.738906][ T5890]  __x64_sys_unshare+0x1f/0x30
[   76.739059][ T5890]  x64_sys_call+0x2911/0x2ff0
[   76.739084][ T5890]  do_syscall_64+0xd2/0x200
[   76.739166][ T5890]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   76.739193][ T5890]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   76.739221][ T5890]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.739290][ T5890] RIP: 0033:0x7f37c604ebe9
[   76.739306][ T5890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.739325][ T5890] RSP: 002b:00007f37c4aaf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[   76.739346][ T5890] RAX: ffffffffffffffda RBX: 00007f37c6275fa0 RCX: 00007f37c604ebe9
[   76.739358][ T5890] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000024040400
[   76.739403][ T5890] RBP: 00007f37c4aaf090 R08: 0000000000000000 R09: 0000000000000000
[   76.739417][ T5890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.739430][ T5890] R13: 00007f37c6276038 R14: 00007f37c6275fa0 R15: 00007ffd37085eb8
[   76.739451][ T5890]  </TASK>
[   77.042989][ T5900] syz_tun: entered allmulticast mode
[   77.048443][   T29] audit: type=1400 audit(1755046309.136:7034): avc:  denied  { setopt } for  pid=5893 comm="syz.4.850" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   77.068861][   T29] audit: type=1400 audit(1755046309.136:7035): avc:  denied  { create } for  pid=5893 comm="syz.4.850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   77.093702][ T5903] loop2: detected capacity change from 0 to 512
[   77.100484][ T5903] journal_path: Non-blockdev passed as './bus'
[   77.106723][ T5903] EXT4-fs: error: could not find journal device path
[   77.117260][ T5910] loop0: detected capacity change from 0 to 1024
[   77.144882][ T5910] EXT4-fs: Ignoring removed nobh option
[   77.150612][ T5910] EXT4-fs: Ignoring removed bh option
[   77.173775][ T5909] atomic_op ffff88811d920d28 conn xmit_atomic 0000000000000000
[   77.184208][ T5916] netlink: 'syz.2.859': attribute type 10 has an invalid length.
[   77.234899][ T5916] 8021q: adding VLAN 0 to HW filter on device team0
[   77.246454][ T5921] netlink: 'syz.2.859': attribute type 10 has an invalid length.
[   77.256325][ T5916] bond0: (slave team0): Enslaving as an active interface with an up link
[   77.265183][ T5893] syz_tun: left allmulticast mode
[   77.299531][ T5916] siw: device registration error -23
[   77.312471][ T5921] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[   77.365467][ T5927] bond_slave_1: entered promiscuous mode
[   77.398707][ T5927] bond_slave_1: left promiscuous mode
[   77.489203][ T5941] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.540660][ T5941] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.567333][ T5955] FAULT_INJECTION: forcing a failure.
[   77.567333][ T5955] name failslab, interval 1, probability 0, space 0, times 0
[   77.580145][ T5955] CPU: 0 UID: 0 PID: 5955 Comm: syz.3.875 Not tainted 6.17.0-rc1-syzkaller-00014-g0e39a731820a #0 PREEMPT(voluntary) 
[   77.580179][ T5955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   77.580190][ T5955] Call Trace:
[   77.580196][ T5955]  <TASK>
[   77.580204][ T5955]  __dump_stack+0x1d/0x30
[   77.580326][ T5955]  dump_stack_lvl+0xe8/0x140
[   77.580344][ T5955]  dump_stack+0x15/0x1b
[   77.580419][ T5955]  should_fail_ex+0x265/0x280
[   77.580444][ T5955]  should_failslab+0x8c/0xb0
[   77.580481][ T5955]  kmem_cache_alloc_lru_noprof+0x55/0x310
[   77.580514][ T5955]  ? __d_alloc+0x3d/0x340
[   77.580555][ T5955]  __d_alloc+0x3d/0x340
[   77.580585][ T5955]  d_alloc_parallel+0x53/0xc60
[   77.580617][ T5955]  ? number+0x9ae/0xab0
[   77.580649][ T5955]  ? __rcu_read_unlock+0x4f/0x70
[   77.580690][ T5955]  ? __d_lookup+0x316/0x340
[   77.580815][ T5955]  __lookup_slow+0x8c/0x250
[   77.580849][ T5955]  lookup_noperm+0xc9/0x180
[   77.580882][ T5955]  simple_start_creating+0x97/0x120
[   77.580923][ T5955]  start_creating+0xe9/0x160
[   77.580947][ T5955]  __debugfs_create_file+0x6b/0x330
[   77.580976][ T5955]  debugfs_create_file_full+0x3f/0x60
[   77.581005][ T5955]  ? __pfx_macvlan_setup+0x10/0x10
[   77.581033][ T5955]  ref_tracker_dir_debugfs+0x100/0x1e0
[   77.581067][ T5955]  alloc_netdev_mqs+0x1a2/0xa20
[   77.581105][ T5955]  rtnl_create_link+0x239/0x710
[   77.581128][ T5955]  rtnl_newlink_create+0x14c/0x620
[   77.581159][ T5955]  ? security_capable+0x83/0x90
[   77.581252][ T5955]  ? netlink_ns_capable+0x86/0xa0
[   77.581289][ T5955]  rtnl_newlink+0xf29/0x12d0
[   77.581366][ T5955]  ? __kfree_skb+0x109/0x150
[   77.581384][ T5955]  ? __memcg_slab_free_hook+0x135/0x230
[   77.581432][ T5955]  ? __rcu_read_unlock+0x4f/0x70
[   77.581456][ T5955]  ? avc_has_perm_noaudit+0x1b1/0x200
[   77.581487][ T5955]  ? cred_has_capability+0x210/0x280
[   77.581516][ T5955]  ? selinux_capable+0x31/0x40
[   77.581602][ T5955]  ? security_capable+0x83/0x90
[   77.581629][ T5955]  ? ns_capable+0x7d/0xb0
[   77.581698][ T5955]  ? __pfx_rtnl_newlink+0x10/0x10
[   77.581723][ T5955]  rtnetlink_rcv_msg+0x5fb/0x6d0
[   77.581759][ T5955]  netlink_rcv_skb+0x120/0x220
[   77.581779][ T5955]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   77.581834][ T5955]  rtnetlink_rcv+0x1c/0x30
[   77.581857][ T5955]  netlink_unicast+0x5c0/0x690
[   77.581975][ T5955]  netlink_sendmsg+0x58b/0x6b0
[   77.582002][ T5955]  ? __pfx_netlink_sendmsg+0x10/0x10
[   77.582027][ T5955]  __sock_sendmsg+0x145/0x180
[   77.582052][ T5955]  ____sys_sendmsg+0x31e/0x4e0
[   77.582131][ T5955]  ___sys_sendmsg+0x17b/0x1d0
[   77.582168][ T5955]  __x64_sys_sendmsg+0xd4/0x160
[   77.582362][ T5955]  x64_sys_call+0x191e/0x2ff0
[   77.582383][ T5955]  do_syscall_64+0xd2/0x200
[   77.582412][ T5955]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   77.582441][ T5955]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   77.582468][ T5955]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.582537][ T5955] RIP: 0033:0x7f16d0f9ebe9
[   77.582552][ T5955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.582570][ T5955] RSP: 002b:00007f16cfa07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   77.582593][ T5955] RAX: ffffffffffffffda RBX: 00007f16d11c5fa0 RCX: 00007f16d0f9ebe9
[   77.582627][ T5955] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[   77.582639][ T5955] RBP: 00007f16cfa07090 R08: 0000000000000000 R09: 0000000000000000
[   77.582651][ T5955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   77.582663][ T5955] R13: 00007f16d11c6038 R14: 00007f16d11c5fa0 R15: 00007ffe733537f8
[   77.582684][ T5955]  </TASK>
[   77.990785][ T5941] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.050742][ T5941] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.121338][ T3587] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.140538][ T3587] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.186108][ T3587] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.197198][ T3587] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.335545][ T5982] netlink: 'syz.3.886': attribute type 10 has an invalid length.
[   78.363919][ T5982] netlink: 'syz.3.886': attribute type 10 has an invalid length.
[   78.470735][ T5992] loop3: detected capacity change from 0 to 1024
[   78.478598][ T5988] loop4: detected capacity change from 0 to 1024
[   78.496301][ T5988] EXT4-fs: Ignoring removed bh option
[   78.539849][ T5996] loop0: detected capacity change from 0 to 1024
[   78.823345][ T6002] loop4: detected capacity change from 0 to 2048
[   78.850424][ T6002] EXT4-fs: Ignoring removed mblk_io_submit option
[   78.856950][ T6002] EXT4-fs: Ignoring removed nobh option
[   78.925479][ T5992] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   79.118297][ T6010] __nla_validate_parse: 21 callbacks suppressed
[   79.118315][ T6010] netlink: 8 bytes leftover after parsing attributes in process `syz.4.894'.
[   79.167167][ T6010] netlink: 8 bytes leftover after parsing attributes in process `syz.4.894'.
[   79.244409][ T5964] netlink: 16 bytes leftover after parsing attributes in process `syz.2.877'.
[   79.314439][ T6012] netlink: 104 bytes leftover after parsing attributes in process `syz.4.896'.
[   79.470482][ T6023] loop4: detected capacity change from 0 to 512
[   79.477552][ T6023] EXT4-fs: Ignoring removed i_version option
[   79.508632][ T6023] EXT4-fs (loop4): orphan cleanup on readonly fs
[   79.517504][ T6023] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.900: bg 0: block 131: padding at end of block bitmap is not set
[   79.538987][ T6030] netlink: 'syz.2.901': attribute type 10 has an invalid length.
[   79.550614][ T6023] EXT4-fs (loop4): Remounting filesystem read-only
[   79.571314][ T6023] EXT4-fs (loop4): 1 truncate cleaned up
[   79.594744][ T6032] netlink: 'syz.2.901': attribute type 10 has an invalid length.
[   79.664777][ T6030] siw: device registration error -23
[   79.687547][ T6036] loop3: detected capacity change from 0 to 512
[   79.705308][ T6036] journal_path: Non-blockdev passed as './bus'
[   79.711618][ T6036] EXT4-fs: error: could not find journal device path
[   79.779986][ T6040] loop0: detected capacity change from 0 to 1024
[   79.792148][ T6040] EXT4-fs: Ignoring removed bh option
[   79.801230][ T6044] netlink: 8 bytes leftover after parsing attributes in process `syz.4.906'.
[   79.816609][ T6044] loop4: detected capacity change from 0 to 1024
[   79.824220][ T6044] EXT4-fs: Ignoring removed orlov option
[   79.957310][ T6055] netlink: 8 bytes leftover after parsing attributes in process `syz.4.906'.
[   80.082287][ T6062] netlink: 8 bytes leftover after parsing attributes in process `syz.2.913'.
[   80.104982][ T6062] smc: net device bond0 applied user defined pnetid SYZ0
[   80.106327][ T6064] netlink: 24 bytes leftover after parsing attributes in process `syz.0.914'.
[   80.128147][ T6062] smc: net device bond0 erased user defined pnetid SYZ0
[   80.289925][ T6070] loop0: detected capacity change from 0 to 512
[   80.296674][ T6070] EXT4-fs: Ignoring removed i_version option
[   80.306931][ T6070] EXT4-fs (loop0): orphan cleanup on readonly fs
[   80.314342][ T6070] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.916: bg 0: block 131: padding at end of block bitmap is not set
[   80.336078][ T6070] EXT4-fs (loop0): Remounting filesystem read-only
[   80.344504][ T6070] EXT4-fs (loop0): 1 truncate cleaned up
[   80.359285][ T6075] netlink: 8 bytes leftover after parsing attributes in process `syz.1.918'.
[   80.394937][ T6075] loop1: detected capacity change from 0 to 1024
[   80.401859][ T6075] EXT4-fs: Ignoring removed orlov option
[   80.424805][ T6082] loop4: detected capacity change from 0 to 164
[   80.432672][ T6082] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   80.482035][ T6086] loop4: detected capacity change from 0 to 1024
[   80.489091][ T6086] EXT4-fs: Ignoring removed bh option
[   80.536468][ T6095] netlink: 8 bytes leftover after parsing attributes in process `syz.1.918'.
[   80.633146][ T6097] loop4: detected capacity change from 0 to 1024
[   80.640135][ T6097] EXT4-fs: Ignoring removed bh option
[   80.711642][ T6106] loop4: detected capacity change from 0 to 1024
[   80.835642][ T6106] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   80.889743][ T6115] loop1: detected capacity change from 0 to 512
[   80.896425][ T6115] EXT4-fs: Ignoring removed i_version option
[   80.905661][ T6117] loop4: detected capacity change from 0 to 164
[   80.913407][ T6114] loop2: detected capacity change from 0 to 1024
[   80.913489][ T6115] EXT4-fs (loop1): orphan cleanup on readonly fs
[   80.926452][ T6117] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   80.926536][ T6115] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.932: bg 0: block 131: padding at end of block bitmap is not set
[   80.949524][ T6115] EXT4-fs (loop1): Remounting filesystem read-only
[   80.956126][ T6115] EXT4-fs (loop1): 1 truncate cleaned up
[   81.026064][ T6126] bond_slave_1: entered promiscuous mode
[   81.033581][ T6126] bond_slave_1: left promiscuous mode
[   81.185992][ T6114] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   81.201419][ T6132] loop4: detected capacity change from 0 to 1024
[   81.209284][ T6132] EXT4-fs: Ignoring removed bh option
[   81.346992][ T6151] smc: net device bond0 applied user defined pnetid SYZ0
[   81.354449][ T6151] smc: net device bond0 erased user defined pnetid SYZ0
[   81.521039][   T29] kauditd_printk_skb: 8297 callbacks suppressed
[   81.521057][   T29] audit: type=1326 audit(1755046313.616:15327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6149 comm="syz.0.945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f920978ebe9 code=0x7ffc0000
[   81.521145][ T6162] netlink: 'syz.3.949': attribute type 10 has an invalid length.
[   81.527385][   T29] audit: type=1326 audit(1755046313.616:15328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6149 comm="syz.0.945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f920978ebe9 code=0x7ffc0000
[   81.659785][   T29] audit: type=1400 audit(1755046313.756:15329): avc:  denied  { ioctl } for  pid=6168 comm="syz.0.952" path="socket:[14120]" dev="sockfs" ino=14120 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   81.660137][ T6169] netlink: 'syz.0.952': attribute type 2 has an invalid length.
[   81.716156][   T29] audit: type=1400 audit(1755046313.806:15330): avc:  denied  { read write } for  pid=6168 comm="syz.0.952" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   81.740480][   T29] audit: type=1400 audit(1755046313.806:15331): avc:  denied  { open } for  pid=6168 comm="syz.0.952" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   81.789851][   T29] audit: type=1326 audit(1755046313.886:15332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6173 comm="syz.4.954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf46dcebe9 code=0x7ffc0000
[   81.853604][ T6180] loop4: detected capacity change from 0 to 512
[   81.860079][   T29] audit: type=1326 audit(1755046313.916:15333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6173 comm="syz.4.954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf46dcebe9 code=0x7ffc0000
[   81.880608][ T6180] EXT4-fs: Ignoring removed i_version option
[   81.883717][   T29] audit: type=1326 audit(1755046313.916:15334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6173 comm="syz.4.954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf46dcebe9 code=0x7ffc0000
[   81.891895][ T6180] EXT4-fs (loop4): orphan cleanup on readonly fs
[   81.913124][   T29] audit: type=1326 audit(1755046313.916:15335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6173 comm="syz.4.954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf46dcebe9 code=0x7ffc0000
[   81.920726][ T6180] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.957: bg 0: block 131: padding at end of block bitmap is not set
[   81.942978][   T29] audit: type=1326 audit(1755046313.916:15336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6173 comm="syz.4.954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf46dcebe9 code=0x7ffc0000
[   81.958456][ T6180] EXT4-fs (loop4): Remounting filesystem read-only
[   81.987053][ T6180] EXT4-fs (loop4): 1 truncate cleaned up
[   82.018075][ T6183] loop0: detected capacity change from 0 to 164
[   82.030847][ T6183] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   82.103839][ T6196] loop3: detected capacity change from 0 to 1024
[   82.147358][ T6196] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.964: Allocating blocks 465-513 which overlap fs metadata
[   82.168108][ T6196] EXT4-fs (loop3): pa ffff888106def460: logic 256, phys. 369, len 9
[   82.176227][ T6196] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   82.188324][ T6196] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   82.286811][ T6215] loop0: detected capacity change from 0 to 512
[   82.302101][ T6215] EXT4-fs: Ignoring removed i_version option
[   82.312854][ T6215] EXT4-fs (loop0): orphan cleanup on readonly fs
[   82.320958][ T6215] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.972: bg 0: block 131: padding at end of block bitmap is not set
[   82.335760][ T6215] EXT4-fs (loop0): Remounting filesystem read-only
[   82.343574][ T6215] EXT4-fs (loop0): 1 truncate cleaned up
[   82.386448][ T6224] loop2: detected capacity change from 0 to 164
[   82.412909][ T6224] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   82.424578][ T6228] loop3: detected capacity change from 0 to 1024
[   82.580335][ T6251] loop4: detected capacity change from 0 to 1024
[   82.596118][ T6259] loop1: detected capacity change from 0 to 512
[   82.621879][ T6251] EXT4-fs: Ignoring removed bh option
[   82.631266][ T6228] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   82.631433][ T6259] EXT4-fs: Ignoring removed i_version option
[   82.654260][ T6262] netlink: 'syz.2.991': attribute type 10 has an invalid length.
[   82.665493][ T6262] netlink: 'syz.2.991': attribute type 10 has an invalid length.
[   82.674501][ T6262] siw: device registration error -23
[   82.684475][ T6259] EXT4-fs (loop1): orphan cleanup on readonly fs
[   82.691254][ T6259] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.989: bg 0: block 131: padding at end of block bitmap is not set
[   82.717733][ T6259] EXT4-fs (loop1): Remounting filesystem read-only
[   82.724955][ T6259] EXT4-fs (loop1): 1 truncate cleaned up
[   82.748683][ T6273] loop2: detected capacity change from 0 to 512
[   82.803891][ T6273] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[   82.950725][ T6294] loop1: detected capacity change from 0 to 164
[   82.965281][ T6294] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   83.029997][ T6301] netlink: 'syz.1.1008': attribute type 10 has an invalid length.
[   83.081744][ T6306] netlink: 'syz.1.1008': attribute type 10 has an invalid length.
[   83.102443][ T6301] siw: device registration error -23
[   83.171652][ T6317] loop4: detected capacity change from 0 to 512
[   83.179596][ T6317] EXT4-fs: Ignoring removed i_version option
[   83.200590][ T6317] EXT4-fs (loop4): orphan cleanup on readonly fs
[   83.207411][ T6317] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1016: bg 0: block 131: padding at end of block bitmap is not set
[   83.238710][ T6317] EXT4-fs (loop4): Remounting filesystem read-only
[   83.245373][ T6317] EXT4-fs (loop4): 1 truncate cleaned up
[   83.245502][ T3587] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[   83.337638][ T6337] siw: device registration error -23
[   83.392586][ T6345] loop4: detected capacity change from 0 to 1024
[   83.393621][ T6339] loop3: detected capacity change from 0 to 1024
[   83.406604][ T6339] EXT4-fs: Ignoring removed orlov option
[   83.553267][ T6360] loop1: detected capacity change from 0 to 512
[   83.560091][ T6360] journal_path: Non-blockdev passed as './bus'
[   83.566353][ T6360] EXT4-fs: error: could not find journal device path
[   83.612168][ T6366] loop1: detected capacity change from 0 to 512
[   83.619423][ T6366] EXT4-fs: Ignoring removed i_version option
[   83.627634][ T6366] EXT4-fs (loop1): orphan cleanup on readonly fs
[   83.634596][ T6366] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1036: bg 0: block 131: padding at end of block bitmap is not set
[   83.652170][ T6366] EXT4-fs (loop1): Remounting filesystem read-only
[   83.659999][ T6366] EXT4-fs (loop1): 1 truncate cleaned up
[   83.749406][ T6373] validate_nla: 2 callbacks suppressed
[   83.749423][ T6373] netlink: 'syz.2.1039': attribute type 10 has an invalid length.
[   83.770715][ T6373] netlink: 'syz.2.1039': attribute type 10 has an invalid length.
[   83.780315][ T6373] siw: device registration error -23
[   83.790225][ T6375] loop1: detected capacity change from 0 to 164
[   83.801002][ T6375] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   83.801790][ T6376] smc: net device bond0 applied user defined pnetid SYZ0
[   83.821401][ T6376] smc: net device bond0 erased user defined pnetid SYZ0
[   83.850689][ T6382] netlink: 'syz.2.1043': attribute type 10 has an invalid length.
[   83.866675][ T6382] bond0: (slave dummy0): Releasing backup interface
[   83.876047][ T6382] team0: Port device dummy0 added
[   83.920252][ T6390] loop3: detected capacity change from 0 to 1024
[   84.027687][ T6396] loop0: detected capacity change from 0 to 512
[   84.043952][ T6396] EXT4-fs: Ignoring removed i_version option
[   84.060292][ T6396] EXT4-fs (loop0): orphan cleanup on readonly fs
[   84.070189][ T6396] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1048: bg 0: block 131: padding at end of block bitmap is not set
[   84.084898][ T6396] EXT4-fs (loop0): Remounting filesystem read-only
[   84.092934][ T6396] EXT4-fs (loop0): 1 truncate cleaned up
[   84.224482][ T6406] loop2: detected capacity change from 0 to 164
[   84.234274][ T6406] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   84.281220][ T6412] loop2: detected capacity change from 0 to 164
[   84.291038][ T6412] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   84.308084][ T6418] netlink: 'syz.3.1057': attribute type 10 has an invalid length.
[   84.323962][ T6420] loop0: detected capacity change from 0 to 1024
[   84.383001][ T6430] FAULT_INJECTION: forcing a failure.
[   84.383001][ T6430] name failslab, interval 1, probability 0, space 0, times 0
[   84.395769][ T6430] CPU: 1 UID: 0 PID: 6430 Comm: syz.3.1063 Not tainted 6.17.0-rc1-syzkaller-00014-g0e39a731820a #0 PREEMPT(voluntary) 
[   84.395847][ T6430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   84.395861][ T6430] Call Trace:
[   84.395868][ T6430]  <TASK>
[   84.395876][ T6430]  __dump_stack+0x1d/0x30
[   84.395957][ T6430]  dump_stack_lvl+0xe8/0x140
[   84.395978][ T6430]  dump_stack+0x15/0x1b
[   84.395995][ T6430]  should_fail_ex+0x265/0x280
[   84.396016][ T6430]  should_failslab+0x8c/0xb0
[   84.396041][ T6430]  kmem_cache_alloc_node_noprof+0x57/0x320
[   84.396149][ T6430]  ? __alloc_skb+0x101/0x320
[   84.396183][ T6430]  __alloc_skb+0x101/0x320
[   84.396217][ T6430]  netlink_alloc_large_skb+0xba/0xf0
[   84.396272][ T6430]  netlink_sendmsg+0x3cf/0x6b0
[   84.396295][ T6430]  ? __pfx_netlink_sendmsg+0x10/0x10
[   84.396319][ T6430]  __sock_sendmsg+0x145/0x180
[   84.396387][ T6430]  ____sys_sendmsg+0x31e/0x4e0
[   84.396481][ T6430]  ___sys_sendmsg+0x17b/0x1d0
[   84.396599][ T6430]  __x64_sys_sendmsg+0xd4/0x160
[   84.396626][ T6430]  x64_sys_call+0x191e/0x2ff0
[   84.396717][ T6430]  do_syscall_64+0xd2/0x200
[   84.396744][ T6430]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   84.396842][ T6430]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   84.396897][ T6430]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.396922][ T6430] RIP: 0033:0x7f16d0f9ebe9
[   84.396940][ T6430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.396958][ T6430] RSP: 002b:00007f16cfa07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   84.396998][ T6430] RAX: ffffffffffffffda RBX: 00007f16d11c5fa0 RCX: 00007f16d0f9ebe9
[   84.397011][ T6430] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000005
[   84.397095][ T6430] RBP: 00007f16cfa07090 R08: 0000000000000000 R09: 0000000000000000
[   84.397108][ T6430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   84.397121][ T6430] R13: 00007f16d11c6038 R14: 00007f16d11c5fa0 R15: 00007ffe733537f8
[   84.397142][ T6430]  </TASK>
[   84.652618][ T6437] loop3: detected capacity change from 0 to 164
[   84.661655][ T6437] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   84.699848][ T6422] __nla_validate_parse: 14 callbacks suppressed
[   84.699902][ T6422] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1060'.
[   84.885004][ T6452] loop0: detected capacity change from 0 to 164
[   84.951848][ T6452] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   84.960753][ T6460] SELinux: failed to load policy
[   84.979513][ T6463] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1074'.
[   84.979784][ T6462] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1076'.
[   85.001462][ T6463] smc: net device bond0 applied user defined pnetid SYZ0
[   85.008801][ T6463] smc: net device bond0 erased user defined pnetid SYZ0
[   85.030332][ T6467] netlink: 'syz.1.1078': attribute type 10 has an invalid length.
[   85.038448][ T6462] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1076'.
[   85.104688][ T6474] loop2: detected capacity change from 0 to 1024
[   85.370841][ T6482] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1084'.
[   85.436578][ T6499] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1090'.
[   85.447227][ T6499] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1090'.
[   85.560751][ T6509] loop2: detected capacity change from 0 to 512
[   85.567657][ T6509] EXT4-fs: Ignoring removed i_version option
[   85.576381][ T6509] EXT4-fs (loop2): orphan cleanup on readonly fs
[   85.583106][ T6509] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1095: bg 0: block 131: padding at end of block bitmap is not set
[   85.595382][ T6512] loop1: detected capacity change from 0 to 1024
[   85.602562][ T6509] EXT4-fs (loop2): Remounting filesystem read-only
[   85.610564][ T6509] EXT4-fs (loop2): 1 truncate cleaned up
[   85.621007][ T6512] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   85.778244][ T6525] loop4: detected capacity change from 0 to 1024
[   85.785885][ T6525] EXT4-fs: Ignoring removed orlov option
[   85.789132][ T6534] netlink: 'syz.3.1104': attribute type 10 has an invalid length.
[   85.843320][ T6519] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1098'.
[   86.010848][ T6551] loop0: detected capacity change from 0 to 512
[   86.020951][ T6551] journal_path: Non-blockdev passed as './bus'
[   86.027209][ T6551] EXT4-fs: error: could not find journal device path
[   86.057791][ T6562] netlink: 'syz.0.1116': attribute type 10 has an invalid length.
[   86.105177][ T6565] loop2: detected capacity change from 0 to 512
[   86.123291][ T6565] EXT4-fs: Ignoring removed i_version option
[   86.131859][ T6565] EXT4-fs (loop2): orphan cleanup on readonly fs
[   86.139838][ T6565] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1117: bg 0: block 131: padding at end of block bitmap is not set
[   86.155363][ T6565] EXT4-fs (loop2): Remounting filesystem read-only
[   86.162688][ T6565] EXT4-fs (loop2): 1 truncate cleaned up
[   86.245155][ T6579] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1122'.
[   86.335863][ T6587] loop4: detected capacity change from 0 to 512
[   86.360994][ T6587] ext4 filesystem being mounted at /232/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   86.410884][ T6587] random: crng reseeded on system resumption
[   86.422881][ T6587] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1126'.
[   86.438109][ T6587] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #2: block 3: comm syz.4.1126: lblock 8 mapped to illegal pblock 3 (length 26)
[   86.507558][ T6597] loop1: detected capacity change from 0 to 164
[   86.516744][ T6597] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   86.537274][   T29] kauditd_printk_skb: 686 callbacks suppressed
[   86.537348][   T29] audit: type=1400 audit(1755046318.626:16023): avc:  denied  { unmount } for  pid=3300 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[   86.582821][   T29] audit: type=1326 audit(1755046318.676:16024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6600 comm="syz.4.1128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf46dcebe9 code=0x7ffc0000
[   86.606549][   T29] audit: type=1326 audit(1755046318.676:16025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6600 comm="syz.4.1128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf46dcebe9 code=0x7ffc0000
[   86.635176][   T29] audit: type=1326 audit(1755046318.706:16026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6600 comm="syz.4.1128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf46dcebe9 code=0x7ffc0000
[   86.658820][   T29] audit: type=1326 audit(1755046318.706:16027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6600 comm="syz.4.1128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf46dcebe9 code=0x7ffc0000
[   86.682514][   T29] audit: type=1326 audit(1755046318.706:16028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6600 comm="syz.4.1128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf46dcebe9 code=0x7ffc0000
[   86.706205][   T29] audit: type=1326 audit(1755046318.706:16029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6600 comm="syz.4.1128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf46dcebe9 code=0x7ffc0000
[   86.732257][   T29] audit: type=1326 audit(1755046318.756:16030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6600 comm="syz.4.1128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7fcf46dcebe9 code=0x7ffc0000
[   86.756028][   T29] audit: type=1326 audit(1755046318.756:16031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6600 comm="syz.4.1128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf46dcebe9 code=0x7ffc0000
[   86.779683][   T29] audit: type=1400 audit(1755046318.786:16032): avc:  denied  { create } for  pid=6598 comm="syz.1.1131" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   87.020590][ T6626] loop3: detected capacity change from 0 to 512
[   87.035418][ T6626] EXT4-fs: Ignoring removed i_version option
[   87.065085][ T6626] EXT4-fs (loop3): orphan cleanup on readonly fs
[   87.073468][ T6626] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1142: bg 0: block 131: padding at end of block bitmap is not set
[   87.089801][ T6626] EXT4-fs (loop3): Remounting filesystem read-only
[   87.109619][ T6626] EXT4-fs (loop3): 1 truncate cleaned up
[   87.132957][ T6642] loop4: detected capacity change from 0 to 1024
[   87.334889][ T6664] loop3: detected capacity change from 0 to 1024
[   87.341961][ T6664] EXT4-fs: Ignoring removed bh option
[   87.457373][ T6674] loop3: detected capacity change from 0 to 1024
[   87.464747][ T6674] EXT4-fs: Ignoring removed bh option
[   87.471807][ T6678] loop0: detected capacity change from 0 to 512
[   87.478763][ T6678] EXT4-fs: Ignoring removed i_version option
[   87.486453][ T6678] EXT4-fs (loop0): orphan cleanup on readonly fs
[   87.493342][ T6678] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1160: bg 0: block 131: padding at end of block bitmap is not set
[   87.509994][ T6678] EXT4-fs (loop0): Remounting filesystem read-only
[   87.518077][ T6678] EXT4-fs (loop0): 1 truncate cleaned up
[   87.642880][ T6690] loop4: detected capacity change from 0 to 164
[   87.650579][ T6690] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   87.704645][ T6700] loop4: detected capacity change from 0 to 1024
[   87.727103][ T6700] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.1169: Allocating blocks 465-513 which overlap fs metadata
[   87.747469][ T6700] EXT4-fs (loop4): pa ffff888104c2dc40: logic 256, phys. 369, len 9
[   87.755620][ T6700] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   87.779650][ T6700] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   87.917642][ T6717] netlink: 'syz.4.1176': attribute type 10 has an invalid length.
[   87.958225][ T6717] bond0: (slave dummy0): Releasing backup interface
[   87.982266][ T6717] team0: Port device dummy0 added
[   88.144440][ T6739] loop0: detected capacity change from 0 to 1024
[   88.182296][ T6743] loop3: detected capacity change from 0 to 1024
[   88.195523][ T6743] EXT4-fs: Ignoring removed bh option
[   88.209943][ T6747] loop4: detected capacity change from 0 to 1024
[   88.216673][ T6747] EXT4-fs: Ignoring removed orlov option
[   88.280083][ T6754] loop3: detected capacity change from 0 to 164
[   88.296376][ T6754] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   88.343722][ T6757] loop2: detected capacity change from 0 to 1024
[   88.360374][ T6739] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   88.375351][ T6757] EXT4-fs: Ignoring removed bh option
[   88.401823][ T6763] loop3: detected capacity change from 0 to 512
[   88.410659][ T6763] EXT4-fs: Ignoring removed i_version option
[   88.433788][ T6763] EXT4-fs (loop3): orphan cleanup on readonly fs
[   88.452557][ T6763] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1195: bg 0: block 131: padding at end of block bitmap is not set
[   88.472237][ T6763] EXT4-fs (loop3): Remounting filesystem read-only
[   88.488096][ T6763] EXT4-fs (loop3): 1 truncate cleaned up
[   88.505465][ T6776] loop0: detected capacity change from 0 to 512
[   88.514785][ T6776] EXT4-fs: Ignoring removed i_version option
[   88.524049][ T6776] EXT4-fs (loop0): orphan cleanup on readonly fs
[   88.534920][ T6776] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1200: bg 0: block 131: padding at end of block bitmap is not set
[   88.535109][ T6781] FAULT_INJECTION: forcing a failure.
[   88.535109][ T6781] name failslab, interval 1, probability 0, space 0, times 0
[   88.561998][ T6781] CPU: 1 UID: 0 PID: 6781 Comm: syz.3.1202 Not tainted 6.17.0-rc1-syzkaller-00014-g0e39a731820a #0 PREEMPT(voluntary) 
[   88.562029][ T6781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   88.562040][ T6781] Call Trace:
[   88.562096][ T6781]  <TASK>
[   88.562104][ T6781]  __dump_stack+0x1d/0x30
[   88.562129][ T6781]  dump_stack_lvl+0xe8/0x140
[   88.562151][ T6781]  dump_stack+0x15/0x1b
[   88.562168][ T6781]  should_fail_ex+0x265/0x280
[   88.562192][ T6781]  should_failslab+0x8c/0xb0
[   88.562273][ T6781]  kmem_cache_alloc_node_noprof+0x57/0x320
[   88.562317][ T6781]  ? __alloc_skb+0x101/0x320
[   88.562418][ T6781]  __alloc_skb+0x101/0x320
[   88.562450][ T6781]  netlink_alloc_large_skb+0xba/0xf0
[   88.562479][ T6781]  netlink_sendmsg+0x3cf/0x6b0
[   88.562500][ T6781]  ? __pfx_netlink_sendmsg+0x10/0x10
[   88.562540][ T6781]  __sock_sendmsg+0x145/0x180
[   88.562564][ T6781]  ____sys_sendmsg+0x31e/0x4e0
[   88.562586][ T6781]  ___sys_sendmsg+0x17b/0x1d0
[   88.562616][ T6781]  __x64_sys_sendmsg+0xd4/0x160
[   88.562660][ T6781]  x64_sys_call+0x191e/0x2ff0
[   88.562684][ T6781]  do_syscall_64+0xd2/0x200
[   88.562714][ T6781]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   88.562743][ T6781]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   88.562843][ T6781]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.562901][ T6781] RIP: 0033:0x7f16d0f9ebe9
[   88.562921][ T6781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.563051][ T6781] RSP: 002b:00007f16cfa07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   88.563109][ T6781] RAX: ffffffffffffffda RBX: 00007f16d11c5fa0 RCX: 00007f16d0f9ebe9
[   88.563124][ T6781] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[   88.563137][ T6781] RBP: 00007f16cfa07090 R08: 0000000000000000 R09: 0000000000000000
[   88.563159][ T6781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.563172][ T6781] R13: 00007f16d11c6038 R14: 00007f16d11c5fa0 R15: 00007ffe733537f8
[   88.563282][ T6781]  </TASK>
[   88.564460][ T6776] EXT4-fs (loop0): Remounting filesystem read-only
[   88.730199][ T6795] loop4: detected capacity change from 0 to 1024
[   88.737669][ T6776] EXT4-fs (loop0): 1 truncate cleaned up
[   88.745467][ T6795] EXT4-fs: Ignoring removed bh option
[   88.819196][ T6797] loop0: detected capacity change from 0 to 164
[   88.827363][ T6797] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   88.871258][ T6811] netlink: 'syz.2.1214': attribute type 10 has an invalid length.
[   88.893637][ T6808] loop0: detected capacity change from 0 to 1024
[   88.902762][ T6808] EXT4-fs: Ignoring removed bh option
[   88.989314][ T6814] loop4: detected capacity change from 0 to 512
[   88.993293][ T6823] loop3: detected capacity change from 0 to 1024
[   89.003592][ T6814] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2848: Unable to expand inode 17. Delete some EAs or run e2fsck.
[   89.017232][ T6814] EXT4-fs (loop4): 1 truncate cleaned up
[   89.023923][ T6823] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.1219: Allocating blocks 465-513 which overlap fs metadata
[   89.045101][ T6823] EXT4-fs (loop3): pa ffff888106def460: logic 256, phys. 369, len 9
[   89.053364][ T6823] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   89.063881][ T6814] EXT4-fs error (device loop4): __ext4_iget:5464: inode #12: block 2: comm syz.4.1216: invalid block
[   89.064554][ T6823] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   89.091090][ T6830] loop0: detected capacity change from 0 to 512
[   89.097821][ T6830] EXT4-fs: Ignoring removed i_version option
[   89.113890][ T6831] smc: net device bond0 applied user defined pnetid SYZ0
[   89.121790][ T6831] smc: net device bond0 erased user defined pnetid SYZ0
[   89.132603][ T6830] EXT4-fs (loop0): orphan cleanup on readonly fs
[   89.140518][ T6830] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1220: bg 0: block 131: padding at end of block bitmap is not set
[   89.164221][ T6830] EXT4-fs (loop0): Remounting filesystem read-only
[   89.171504][ T6830] EXT4-fs (loop0): 1 truncate cleaned up
[   89.183455][ T6838] loop4: detected capacity change from 0 to 128
[   89.198864][ T6838] FAT-fs (loop4): Directory bread(block 162) failed
[   89.205497][ T6838] FAT-fs (loop4): Directory bread(block 163) failed
[   89.214810][ T6838] FAT-fs (loop4): Directory bread(block 164) failed
[   89.222163][ T6838] FAT-fs (loop4): Directory bread(block 165) failed
[   89.230007][ T6838] FAT-fs (loop4): Directory bread(block 166) failed
[   89.236656][ T6838] FAT-fs (loop4): Directory bread(block 167) failed
[   89.243424][ T6838] FAT-fs (loop4): Directory bread(block 168) failed
[   89.252536][ T6838] FAT-fs (loop4): Directory bread(block 169) failed
[   89.260963][ T6838] FAT-fs (loop4): Directory bread(block 162) failed
[   89.267767][ T6838] FAT-fs (loop4): Directory bread(block 163) failed
[   89.275230][ T6838] syz.4.1224: attempt to access beyond end of device
[   89.275230][ T6838] loop4: rw=3, sector=226, nr_sectors = 6 limit=128
[   89.288893][ T6838] syz.4.1224: attempt to access beyond end of device
[   89.288893][ T6838] loop4: rw=2051, sector=232, nr_sectors = 2 limit=128
[   89.306080][ T6846] syz.4.1224: attempt to access beyond end of device
[   89.306080][ T6846] loop4: rw=3, sector=234, nr_sectors = 6 limit=128
[   89.320728][ T6846] syz.4.1224: attempt to access beyond end of device
[   89.320728][ T6846] loop4: rw=2051, sector=240, nr_sectors = 2 limit=128
[   89.339375][ T6848] loop0: detected capacity change from 0 to 164
[   89.348988][ T6848] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   89.397098][ T6852] loop4: detected capacity change from 0 to 164
[   89.405242][ T6852] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   89.476032][ T6863] netlink: 'syz.3.1234': attribute type 10 has an invalid length.
[   89.624791][ T6875] bond0: (slave bond_slave_1): Releasing backup interface
[   89.720239][ T6879] __nla_validate_parse: 13 callbacks suppressed
[   89.720255][ T6879] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1240'.
[   89.737207][ T6879] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1240'.
[   89.795399][ T6885] loop3: detected capacity change from 0 to 164
[   89.803972][ T6885] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   89.849919][ T6891] netlink: 'syz.3.1246': attribute type 10 has an invalid length.
[   89.910610][ T6899] loop3: detected capacity change from 0 to 164
[   89.922356][ T6899] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   89.939169][ T6901] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1252'.
[   89.953255][ T6901] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1252'.
[   89.959143][ T6903] loop2: detected capacity change from 0 to 1024
[   89.970712][ T6903] EXT4-fs: Ignoring removed bh option
[   89.994331][ T6909] loop3: detected capacity change from 0 to 164
[   90.002081][ T6909] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   90.200633][ T6932] loop2: detected capacity change from 0 to 164
[   90.212105][ T6932] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   90.223294][ T6938] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1266'.
[   90.234147][ T6938] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1266'.
[   90.299919][ T6946] tipc: Started in network mode
[   90.304911][ T6946] tipc: Node identity aaaaaaaaaa17, cluster identity 4711
[   90.312398][ T6946] tipc: Enabled bearer <eth:team0>, priority 0
[   90.364424][ T6951] SELinux: failed to load policy
[   90.425590][ T6965] loop1: detected capacity change from 0 to 2048
[   90.464079][ T6974] loop0: detected capacity change from 0 to 1024
[   90.474880][ T6978] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1282'.
[   90.475764][ T6965] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:169: inode #12: comm syz.1.1279: inline data xattr refers to an external xattr inode
[   90.487127][ T6978] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1282'.
[   90.500820][ T6965] EXT4-fs (loop1): Remounting filesystem read-only
[   90.523744][ T6974] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.1283: Allocating blocks 465-513 which overlap fs metadata
[   90.539441][ T6974] EXT4-fs (loop0): pa ffff888106def3f0: logic 256, phys. 369, len 9
[   90.547586][ T6974] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   90.559062][ T6974] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   90.698346][ T6990] veth5: entered allmulticast mode
[   90.716077][ T6990] loop1: detected capacity change from 0 to 1024
[   90.723531][ T6990] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   90.734707][ T6990] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   90.749251][ T6990] JBD2: no valid journal superblock found
[   90.755100][ T6990] EXT4-fs (loop1): Could not load journal inode
[   90.779039][ T6995] SELinux:  policydb magic number 0x1 does not match expected magic number 0xf97cff8c
[   90.789146][ T6995] SELinux: failed to load policy
[   90.807664][ T6997] sd 0:0:1:0: device reset
[   90.818985][ T6990] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   90.893133][ T6999] loop3: detected capacity change from 0 to 512
[   90.901580][ T6999] EXT4-fs: Ignoring removed i_version option
[   90.920123][ T6999] EXT4-fs (loop3): orphan cleanup on readonly fs
[   90.927052][ T6999] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1291: bg 0: block 131: padding at end of block bitmap is not set
[   90.942830][ T6999] EXT4-fs (loop3): Remounting filesystem read-only
[   90.950626][ T6999] EXT4-fs (loop3): 1 truncate cleaned up
[   91.116622][ T7011] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1296'.
[   91.129426][ T7011] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1296'.
[   91.141851][ T7009] loop3: detected capacity change from 0 to 1024
[   91.149084][ T7009] EXT4-fs: Ignoring removed bh option
[   91.283031][ T7017] netlink: 'syz.2.1298': attribute type 10 has an invalid length.
[   91.292682][ T7017] netlink: 'syz.2.1298': attribute type 10 has an invalid length.
[   91.385760][ T7025] loop2: detected capacity change from 0 to 512
[   91.394553][ T7025] EXT4-fs: Ignoring removed i_version option
[   91.404861][ T7025] EXT4-fs (loop2): orphan cleanup on readonly fs
[   91.413763][ T7025] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1303: bg 0: block 131: padding at end of block bitmap is not set
[   91.428141][ T3376] tipc: Node number set to 12429994
[   91.433925][ T7025] EXT4-fs (loop2): Remounting filesystem read-only
[   91.440709][ T7025] EXT4-fs (loop2): 1 truncate cleaned up
[   91.550786][   T29] kauditd_printk_skb: 1028 callbacks suppressed
[   91.550812][   T29] audit: type=1400 audit(1755046323.646:17059): avc:  denied  { open } for  pid=7037 comm="syz.0.1308" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   91.577930][   T29] audit: type=1400 audit(1755046323.646:17060): avc:  denied  { kernel } for  pid=7037 comm="syz.0.1308" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   91.597754][   T29] audit: type=1400 audit(1755046323.646:17061): avc:  denied  { tracepoint } for  pid=7037 comm="syz.0.1308" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   91.654391][   T29] audit: type=1400 audit(1755046323.746:17062): avc:  denied  { load_policy } for  pid=7035 comm="syz.2.1307" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   91.657243][ T7036] SELinux: failed to load policy
[   91.723585][   T29] audit: type=1400 audit(1755046323.816:17063): avc:  denied  { read write } for  pid=7043 comm="syz.0.1311" name="loop0" dev="devtmpfs" ino=100 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   91.724169][ T7045] loop0: detected capacity change from 0 to 512
[   91.766013][ T7045] EXT4-fs: Ignoring removed i_version option
[   91.774392][   T29] audit: type=1400 audit(1755046323.816:17064): avc:  denied  { open } for  pid=7043 comm="syz.0.1311" path="/dev/loop0" dev="devtmpfs" ino=100 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   91.798588][   T29] audit: type=1400 audit(1755046323.816:17065): avc:  denied  { ioctl } for  pid=7043 comm="syz.0.1311" path="/dev/loop0" dev="devtmpfs" ino=100 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   91.824281][   T29] audit: type=1400 audit(1755046323.846:17066): avc:  denied  { recv } for  pid=3309 comm="syz-executor" saddr=10.128.0.163 src=30036 daddr=10.128.1.188 dest=51942 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[   91.850195][   T29] audit: type=1400 audit(1755046323.856:17067): avc:  denied  { mounton } for  pid=7043 comm="syz.0.1311" path="/263/file0" dev="tmpfs" ino=1455 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   91.873498][   T29] audit: type=1400 audit(1755046323.856:17068): avc:  denied  { map_create } for  pid=7047 comm="syz.1.1312" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   91.895495][ T7045] EXT4-fs (loop0): orphan cleanup on readonly fs
[   91.902554][ T7045] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1311: bg 0: block 131: padding at end of block bitmap is not set
[   91.922997][ T7045] EXT4-fs (loop0): Remounting filesystem read-only
[   91.939014][ T7045] EXT4-fs (loop0): 1 truncate cleaned up
[   91.986067][ T7062] loop4: detected capacity change from 0 to 1024
[   91.994106][ T7062] EXT4-fs: Ignoring removed bh option
[   92.043565][ T7074] netlink: 'syz.4.1321': attribute type 10 has an invalid length.
[   92.336479][ T7105] loop4: detected capacity change from 0 to 1024
[   92.349721][ T7107] loop2: detected capacity change from 0 to 512
[   92.356545][ T7107] EXT4-fs: Ignoring removed i_version option
[   92.408444][ T7109] loop3: detected capacity change from 0 to 1024
[   92.417114][ T7109] EXT4-fs: Ignoring removed bh option
[   92.427461][ T7107] EXT4-fs (loop2): orphan cleanup on readonly fs
[   92.442707][ T7107] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1334: bg 0: block 131: padding at end of block bitmap is not set
[   92.463042][ T7105] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.1333: Allocating blocks 465-513 which overlap fs metadata
[   92.502711][ T7107] EXT4-fs (loop2): Remounting filesystem read-only
[   92.509671][ T7105] EXT4-fs (loop4): pa ffff888104c2dcb0: logic 256, phys. 369, len 9
[   92.517904][ T7105] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   92.531400][ T7107] EXT4-fs (loop2): 1 truncate cleaned up
[   92.538181][ T7105] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   92.786097][ T7142] loop2: detected capacity change from 0 to 128
[   92.850960][ T7142] ext4 filesystem being mounted at /276/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   92.890379][ T7147] smc: net device bond0 applied user defined pnetid SYZ0
[   92.904361][ T7147] smc: net device bond0 erased user defined pnetid SYZ0
[   92.954658][ T7149] loop4: detected capacity change from 0 to 1024
[   93.006873][ T7149] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.1350: Allocating blocks 465-513 which overlap fs metadata
[   93.023855][ T7149] EXT4-fs (loop4): pa ffff888106def4d0: logic 256, phys. 369, len 9
[   93.031945][ T7149] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   93.061628][ T7149] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   93.094619][ T7159] loop2: detected capacity change from 0 to 512
[   93.101602][ T7159] EXT4-fs: Ignoring removed i_version option
[   93.112282][ T7159] EXT4-fs (loop2): orphan cleanup on readonly fs
[   93.119227][ T7159] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1353: bg 0: block 131: padding at end of block bitmap is not set
[   93.139178][ T7159] EXT4-fs (loop2): Remounting filesystem read-only
[   93.145855][ T7159] EXT4-fs (loop2): 1 truncate cleaned up
[   93.253346][ T7168] loop1: detected capacity change from 0 to 128
[   93.295444][ T7168] ext4 filesystem being mounted at /248/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   93.332049][ T7168] FAULT_INJECTION: forcing a failure.
[   93.332049][ T7168] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   93.345291][ T7168] CPU: 0 UID: 0 PID: 7168 Comm: syz.1.1357 Not tainted 6.17.0-rc1-syzkaller-00014-g0e39a731820a #0 PREEMPT(voluntary) 
[   93.345389][ T7168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   93.345397][ T7168] Call Trace:
[   93.345402][ T7168]  <TASK>
[   93.345408][ T7168]  __dump_stack+0x1d/0x30
[   93.345425][ T7168]  dump_stack_lvl+0xe8/0x140
[   93.345438][ T7168]  dump_stack+0x15/0x1b
[   93.345448][ T7168]  should_fail_ex+0x265/0x280
[   93.345480][ T7168]  should_fail+0xb/0x20
[   93.345491][ T7168]  should_fail_usercopy+0x1a/0x20
[   93.345505][ T7168]  strncpy_from_user+0x25/0x230
[   93.345523][ T7168]  ? kmem_cache_alloc_noprof+0x186/0x310
[   93.345564][ T7168]  ? getname_flags+0x80/0x3b0
[   93.345584][ T7168]  getname_flags+0xae/0x3b0
[   93.345614][ T7168]  do_sys_openat2+0x60/0x110
[   93.345635][ T7168]  __x64_sys_openat+0xf2/0x120
[   93.345706][ T7168]  x64_sys_call+0x2e9c/0x2ff0
[   93.345719][ T7168]  do_syscall_64+0xd2/0x200
[   93.345735][ T7168]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   93.345761][ T7168]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   93.345776][ T7168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.345790][ T7168] RIP: 0033:0x7f2b41a4ebe9
[   93.345801][ T7168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.345814][ T7168] RSP: 002b:00007f2b404b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   93.345835][ T7168] RAX: ffffffffffffffda RBX: 00007f2b41c75fa0 RCX: 00007f2b41a4ebe9
[   93.345922][ T7168] RDX: 000000000000275a RSI: 0000200000000280 RDI: ffffffffffffff9c
[   93.345931][ T7168] RBP: 00007f2b404b7090 R08: 0000000000000000 R09: 0000000000000000
[   93.345939][ T7168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.345947][ T7168] R13: 00007f2b41c76038 R14: 00007f2b41c75fa0 R15: 00007ffe0efbed08
[   93.345959][ T7168]  </TASK>
[   93.449198][ T7178] SELinux: failed to load policy
[   93.540512][ T7177] 
: renamed from bond0 (while UP)
[   93.716757][ T7202] loop1: detected capacity change from 0 to 4096
[   93.740429][ T7210] netlink: 'syz.2.1374': attribute type 10 has an invalid length.
[   93.774306][ T7213] FAULT_INJECTION: forcing a failure.
[   93.774306][ T7213] name failslab, interval 1, probability 0, space 0, times 0
[   93.787054][ T7213] CPU: 1 UID: 0 PID: 7213 Comm: syz.2.1375 Not tainted 6.17.0-rc1-syzkaller-00014-g0e39a731820a #0 PREEMPT(voluntary) 
[   93.787079][ T7213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   93.787128][ T7213] Call Trace:
[   93.787134][ T7213]  <TASK>
[   93.787140][ T7213]  __dump_stack+0x1d/0x30
[   93.787203][ T7213]  dump_stack_lvl+0xe8/0x140
[   93.787213][ T7213]  dump_stack+0x15/0x1b
[   93.787241][ T7213]  should_fail_ex+0x265/0x280
[   93.787252][ T7213]  should_failslab+0x8c/0xb0
[   93.787264][ T7213]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   93.787336][ T7213]  ? nf_ct_ext_add+0xff/0x210
[   93.787349][ T7213]  krealloc_noprof+0xb9/0x2d0
[   93.787410][ T7213]  nf_ct_ext_add+0xff/0x210
[   93.787422][ T7213]  init_conntrack+0x43a/0x830
[   93.787437][ T7213]  nf_conntrack_in+0x8b8/0xf30
[   93.787450][ T7213]  ? selinux_netlbl_skbuff_setsid+0x156/0x3b0
[   93.787472][ T7213]  ipv4_conntrack_local+0xd0/0x150
[   93.787482][ T7213]  ? __pfx_ipv4_conntrack_local+0x10/0x10
[   93.787493][ T7213]  nf_hook_slow+0x75/0x180
[   93.787503][ T7213]  __ip_local_out+0x2cb/0x2f0
[   93.787528][ T7213]  ? __pfx_dst_output+0x10/0x10
[   93.787572][ T7213]  __ip_queue_xmit+0xa81/0xb80
[   93.787598][ T7213]  ? __tcp_select_window+0x503/0x940
[   93.787680][ T7213]  ip_queue_xmit+0x39/0x50
[   93.787705][ T7213]  ? __pfx_ip_queue_xmit+0x10/0x10
[   93.787716][ T7213]  __tcp_transmit_skb+0x1641/0x1a60
[   93.787733][ T7213]  tcp_send_window_probe+0x1e1/0x200
[   93.787752][ T7213]  do_tcp_setsockopt+0x15cc/0x1670
[   93.787811][ T7213]  ? selinux_socket_setsockopt+0x1ad/0x1e0
[   93.787827][ T7213]  tcp_setsockopt+0x51/0xb0
[   93.787920][ T7213]  sock_common_setsockopt+0x69/0x80
[   93.787942][ T7213]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   93.788002][ T7213]  __sys_setsockopt+0x184/0x200
[   93.788020][ T7213]  __x64_sys_setsockopt+0x64/0x80
[   93.788035][ T7213]  x64_sys_call+0x20ec/0x2ff0
[   93.788115][ T7213]  do_syscall_64+0xd2/0x200
[   93.788139][ T7213]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   93.788161][ T7213]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   93.788184][ T7213]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.788254][ T7213] RIP: 0033:0x7f37c604ebe9
[   93.788269][ T7213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.788288][ T7213] RSP: 002b:00007f37c4aaf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   93.788334][ T7213] RAX: ffffffffffffffda RBX: 00007f37c6275fa0 RCX: 00007f37c604ebe9
[   93.788348][ T7213] RDX: 0000000000000013 RSI: 0000000000000006 RDI: 0000000000000005
[   93.788389][ T7213] RBP: 00007f37c4aaf090 R08: 0000000000000004 R09: 0000000000000000
[   93.788468][ T7213] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001
[   93.788481][ T7213] R13: 00007f37c6276038 R14: 00007f37c6275fa0 R15: 00007ffd37085eb8
[   93.788509][ T7213]  </TASK>
[   94.096058][ T7217] loop4: detected capacity change from 0 to 1024
[   94.121558][ T7217] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.1376: Allocating blocks 465-513 which overlap fs metadata
[   94.139598][ T7217] EXT4-fs (loop4): pa ffff888106def540: logic 256, phys. 369, len 9
[   94.147769][ T7217] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   94.159519][ T7217] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   94.270806][ T7237] loop0: detected capacity change from 0 to 4096
[   94.631689][ T7254] loop2: detected capacity change from 0 to 164
[   94.652094][ T7254] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   94.732755][ T7256] loop2: detected capacity change from 0 to 164
[   94.747736][ T7256] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   95.392118][ T7285] loop4: detected capacity change from 0 to 512
[   95.418403][ T7285] EXT4-fs: Ignoring removed i_version option
[   95.449265][ T7285] EXT4-fs (loop4): orphan cleanup on readonly fs
[   95.466960][ T7285] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1403: bg 0: block 131: padding at end of block bitmap is not set
[   95.504913][ T7285] EXT4-fs (loop4): Remounting filesystem read-only
[   95.517934][ T7285] EXT4-fs (loop4): 1 truncate cleaned up
[   95.670222][ T7295] __nla_validate_parse: 6 callbacks suppressed
[   95.670260][ T7295] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1406'.
[   95.751020][ T7305] loop2: detected capacity change from 0 to 1024
[   95.794283][ T7305] EXT4-fs mount: 153 callbacks suppressed
[   95.794302][ T7305] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.979288][ T7320] SELinux: failed to load policy
[   96.091648][ T7305] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   96.138160][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.329705][ T7340] loop2: detected capacity change from 0 to 1024
[   96.336525][ T7340] EXT4-fs: Ignoring removed bh option
[   96.350386][ T7340] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.374230][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.462133][ T7349] SELinux:  policydb magic number 0x1 does not match expected magic number 0xf97cff8c
[   96.471907][ T7349] SELinux: failed to load policy
[   96.653694][ T7353] syz.3.1430 uses obsolete (PF_INET,SOCK_PACKET)
[   96.731811][   T29] kauditd_printk_skb: 821 callbacks suppressed
[   96.731827][   T29] audit: type=1326 audit(1755046328.826:17890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7361 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16d0f9ebe9 code=0x7ffc0000
[   96.773645][   T29] audit: type=1326 audit(1755046328.866:17891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7361 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7f16d0f9ebe9 code=0x7ffc0000
[   96.797420][   T29] audit: type=1326 audit(1755046328.866:17892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7361 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16d0f9ebe9 code=0x7ffc0000
[   96.803493][ T7372] loop3: detected capacity change from 0 to 1024
[   96.828359][ T7372] EXT4-fs: Ignoring removed bh option
[   96.839458][ T7372] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.853155][   T29] audit: type=1326 audit(1755046328.956:17893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7371 comm="syz.3.1438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16d0f9ebe9 code=0x7ffc0000
[   96.877144][   T29] audit: type=1326 audit(1755046328.956:17894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7371 comm="syz.3.1438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16d0f9ebe9 code=0x7ffc0000
[   96.900989][   T29] audit: type=1326 audit(1755046328.956:17895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7371 comm="syz.3.1438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7f16d0f9ebe9 code=0x7ffc0000
[   96.924824][   T29] audit: type=1326 audit(1755046328.956:17896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7371 comm="syz.3.1438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16d0f9ebe9 code=0x7ffc0000
[   96.954063][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.971173][   T29] audit: type=1400 audit(1755046329.066:17897): avc:  denied  { getopt } for  pid=7379 comm="syz.1.1441" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   96.992776][   T29] audit: type=1400 audit(1755046329.086:17898): avc:  denied  { read write } for  pid=7381 comm="syz.4.1442" name="rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   97.017335][   T29] audit: type=1400 audit(1755046329.086:17899): avc:  denied  { open } for  pid=7381 comm="syz.4.1442" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   97.048632][ T7385] loop1: detected capacity change from 0 to 1024
[   97.059773][ T7385] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended
[   97.069866][ T7385] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.083463][ T7385] ext4 filesystem being mounted at /265/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.120668][ T7385] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #15: block 3: comm syz.1.1441: lblock 3 mapped to illegal pblock 3 (length 13)
[   97.135864][ T7385] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[   97.148518][ T7385] EXT4-fs (loop1): This should not happen!! Data will be lost
[   97.148518][ T7385] 
[   97.161252][ T7396] serio: Serial port ptm0
[   97.296902][ T7412] loop2: detected capacity change from 0 to 1024
[   97.380750][ T7412] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.412314][ T7412] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.1451: Allocating blocks 465-513 which overlap fs metadata
[   97.427227][ T7412] EXT4-fs (loop2): pa ffff888106def540: logic 256, phys. 369, len 9
[   97.435370][ T7412] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   97.447609][ T7412] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   97.478006][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.701322][ T7425] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1456'.
[   97.806975][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.844430][ T7443] loop1: detected capacity change from 0 to 512
[   97.853096][ T7443] EXT4-fs: Ignoring removed i_version option
[   97.863541][ T7443] EXT4-fs (loop1): orphan cleanup on readonly fs
[   97.870212][ T7443] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1464: bg 0: block 131: padding at end of block bitmap is not set
[   97.886894][ T7443] EXT4-fs (loop1): Remounting filesystem read-only
[   97.893639][ T7443] EXT4-fs (loop1): 1 truncate cleaned up
[   97.901315][ T7443] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   97.915947][ T7447] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1465'.
[   97.942489][ T7447] smc: net device bond0 applied user defined pnetid SYZ0
[   97.957663][ T7447] smc: net device bond0 erased user defined pnetid SYZ0
[   97.957679][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.999144][ T7453] loop1: detected capacity change from 0 to 1024
[   98.021945][ T7453] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.146124][ T7473] loop3: detected capacity change from 0 to 1024
[   98.165334][ T7453] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   98.190092][ T7473] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.224773][ T7473] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.1475: Allocating blocks 465-513 which overlap fs metadata
[   98.252281][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.263946][ T7473] EXT4-fs (loop3): pa ffff888104c2dd20: logic 256, phys. 369, len 9
[   98.272162][ T7473] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   98.285351][ T7473] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   98.311995][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.412370][ T7486] loop4: detected capacity change from 0 to 256
[   98.647959][ T7501] loop3: detected capacity change from 0 to 256
[   98.872591][ T7509] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1485'.
[   98.940379][ T7509] loop2: detected capacity change from 0 to 1024
[   98.974910][ T7509] EXT4-fs: Ignoring removed orlov option
[   99.015776][ T7509] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.145380][ T7515] veth7: entered allmulticast mode
[   99.183211][ T7519] loop1: detected capacity change from 0 to 1024
[   99.222043][ T7519] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   99.233047][ T7519] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   99.236912][ T7526] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1485'.
[   99.279447][ T7519] JBD2: no valid journal superblock found
[   99.285307][ T7519] EXT4-fs (loop1): Could not load journal inode
[   99.316838][ T7528] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1490'.
[   99.338111][ T7515] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   99.382672][ T7528] process 'syz.0.1490' launched '/dev/fd/13' with NULL argv: empty string added
[   99.606079][ T7534] netlink: 'syz.0.1492': attribute type 10 has an invalid length.
[   99.668126][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.703165][ T7538] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1494'.
[   99.834866][ T7550] netlink: 'syz.0.1500': attribute type 10 has an invalid length.
[   99.877151][ T7550] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[   99.896014][ T7552] siw: device registration error -23
[   99.922864][ T7551] SELinux: failed to load policy
[  100.047653][ T7558] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1503'.
[  100.059283][ T7558] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1503'.
[  100.098993][ T7560] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1504'.
[  100.294944][   T36] IPVS: starting estimator thread 0...
[  100.301866][ T7569] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  100.387977][ T7571] IPVS: using max 2496 ests per chain, 124800 per kthread
[  100.824328][ T7579] netlink: 'syz.2.1511': attribute type 10 has an invalid length.
[  100.994250][ T7583] loop2: detected capacity change from 0 to 164
[  101.022150][ T7583] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  101.102524][ T7585] loop2: detected capacity change from 0 to 512
[  101.119472][ T7568] __nla_validate_parse: 1 callbacks suppressed
[  101.119567][ T7568] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1508'.
[  101.201471][ T7585] EXT4-fs: Ignoring removed i_version option
[  101.228260][ T7585] EXT4-fs (loop2): orphan cleanup on readonly fs
[  101.243587][ T7587] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1515'.
[  101.248153][ T7585] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1514: bg 0: block 131: padding at end of block bitmap is not set
[  101.274767][ T7585] EXT4-fs (loop2): Remounting filesystem read-only
[  101.282261][ T7587] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1515'.
[  101.293047][ T7585] EXT4-fs (loop2): 1 truncate cleaned up
[  101.306627][ T7585] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  101.456919][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.770395][   T29] kauditd_printk_skb: 279 callbacks suppressed
[  101.770413][   T29] audit: type=1326 audit(1755046333.866:18179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7605 comm="syz.0.1523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f920978ebe9 code=0x7ffc0000
[  101.828540][   T29] audit: type=1326 audit(1755046333.906:18180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7605 comm="syz.0.1523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7f920978ebe9 code=0x7ffc0000
[  101.852197][   T29] audit: type=1326 audit(1755046333.906:18181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7605 comm="syz.0.1523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f920978ebe9 code=0x7ffc0000
[  101.947256][   T29] audit: type=1400 audit(1755046334.036:18182): avc:  denied  { create } for  pid=7611 comm="syz.2.1526" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  102.055455][   T29] audit: type=1400 audit(1755046334.146:18183): avc:  denied  { allowed } for  pid=7614 comm="syz.0.1527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  102.075090][   T29] audit: type=1400 audit(1755046334.146:18184): avc:  denied  { create } for  pid=7614 comm="syz.0.1527" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  102.096497][   T29] audit: type=1400 audit(1755046334.146:18185): avc:  denied  { map } for  pid=7614 comm="syz.0.1527" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=18712 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  102.120900][   T29] audit: type=1400 audit(1755046334.146:18186): avc:  denied  { read write } for  pid=7614 comm="syz.0.1527" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=18712 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  102.145817][   T29] audit: type=1400 audit(1755046334.146:18187): avc:  denied  { read } for  pid=7614 comm="syz.0.1527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  102.168088][   T29] audit: type=1400 audit(1755046334.266:18188): avc:  denied  { write } for  pid=7614 comm="syz.0.1527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  102.209656][ T7594] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1518'.
[  102.275496][ T7620] veth9: entered allmulticast mode
[  102.310189][ T7620] loop4: detected capacity change from 0 to 1024
[  102.329601][ T7620] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  102.340541][ T7620] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  102.366369][ T7620] JBD2: no valid journal superblock found
[  102.372313][ T7620] EXT4-fs (loop4): Could not load journal inode
[  102.397452][ T7620] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  102.437772][ T7627] loop4: detected capacity change from 0 to 164
[  102.446962][ T7627] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  102.565341][ T7637] loop4: detected capacity change from 0 to 1024
[  102.588250][ T7637] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.790919][ T7637] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[  102.870774][ T7648] SELinux: failed to load policy
[  102.878569][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.922169][ T7658] loop4: detected capacity change from 0 to 164
[  102.931328][ T7658] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  102.989267][ T7664] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1545'.
[  103.000586][ T7664] smc: net device bond0 applied user defined pnetid SYZ0
[  103.008054][ T7664] smc: net device bond0 erased user defined pnetid SYZ0
[  103.391526][ T7670] netlink: 'syz.1.1548': attribute type 10 has an invalid length.
[  103.401219][ T7670] netlink: 'syz.1.1548': attribute type 10 has an invalid length.
[  103.410926][ T7670] siw: device registration error -23
[  103.469788][ T7676] loop1: detected capacity change from 0 to 1024
[  103.476404][ T7676] EXT4-fs: Ignoring removed orlov option
[  103.487678][ T7676] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.740454][ T7680] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1552'.
[  103.780509][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.879904][ T7686] bond1: entered promiscuous mode
[  103.884980][ T7686] bond1: entered allmulticast mode
[  103.894460][ T7686] 8021q: adding VLAN 0 to HW filter on device bond1
[  103.903193][ T7703] netlink: 'syz.1.1554': attribute type 13 has an invalid length.
[  103.922574][ T7686] bond1 (unregistering): Released all slaves
[  103.961955][ T7707] netlink: 'syz.0.1561': attribute type 10 has an invalid length.
[  103.990682][ T7703] 8021q: adding VLAN 0 to HW filter on device team0
[  104.013375][ T7712] netlink: 'syz.0.1561': attribute type 10 has an invalid length.
[  104.032162][ T7703] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  104.055338][ T7716] loop4: detected capacity change from 0 to 1024
[  104.063019][ T7716] EXT4-fs: Ignoring removed orlov option
[  104.071185][ T7707] 8021q: adding VLAN 0 to HW filter on device team0
[  104.076159][ T7716] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.090920][ T7707] bond0: (slave team0): Enslaving as an active interface with an up link
[  104.094441][ T7721] siw: device registration error -23
[  104.202222][ T7729] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1566'.
[  104.214332][ T7729] smc: net device bond0 applied user defined pnetid SYZ0
[  104.224365][ T7729] smc: net device bond0 erased user defined pnetid SYZ0
[  104.244114][ T7716] ==================================================================
[  104.252232][ T7716] BUG: KCSAN: data-race in generic_buffers_fsync_noflush / writeback_single_inode
[  104.261480][ T7716] 
[  104.263830][ T7716] write to 0xffff888106f9f5c0 of 4 bytes by task 7726 on cpu 1:
[  104.271505][ T7716]  writeback_single_inode+0x14a/0x3e0
[  104.276919][ T7716]  sync_inode_metadata+0x5b/0x90
[  104.282087][ T7716]  generic_buffers_fsync_noflush+0xd9/0x120
[  104.287991][ T7716]  ext4_sync_file+0x1ab/0x690
[  104.292780][ T7716]  vfs_fsync_range+0x10d/0x130
[  104.297566][ T7716]  ext4_buffered_write_iter+0x34f/0x3c0
[  104.303134][ T7716]  ext4_file_write_iter+0x383/0xf00
[  104.308349][ T7716]  iter_file_splice_write+0x666/0x9e0
[  104.313746][ T7716]  direct_splice_actor+0x153/0x2a0
[  104.318848][ T7716]  splice_direct_to_actor+0x30f/0x680
[  104.324245][ T7716]  do_splice_direct+0xda/0x150
[  104.329003][ T7716]  do_sendfile+0x380/0x650
[  104.333420][ T7716]  __x64_sys_sendfile64+0x105/0x150
[  104.338628][ T7716]  x64_sys_call+0x2bb0/0x2ff0
[  104.343344][ T7716]  do_syscall_64+0xd2/0x200
[  104.347862][ T7716]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.353775][ T7716] 
[  104.356082][ T7716] read to 0xffff888106f9f5c0 of 4 bytes by task 7716 on cpu 0:
[  104.363603][ T7716]  generic_buffers_fsync_noflush+0x80/0x120
[  104.369490][ T7716]  ext4_sync_file+0x1ab/0x690
[  104.374155][ T7716]  vfs_fsync_range+0x10d/0x130
[  104.378900][ T7716]  ext4_buffered_write_iter+0x34f/0x3c0
[  104.384471][ T7716]  ext4_file_write_iter+0x383/0xf00
[  104.389658][ T7716]  iter_file_splice_write+0x666/0x9e0
[  104.395010][ T7716]  direct_splice_actor+0x153/0x2a0
[  104.400189][ T7716]  splice_direct_to_actor+0x30f/0x680
[  104.405537][ T7716]  do_splice_direct+0xda/0x150
[  104.410298][ T7716]  do_sendfile+0x380/0x650
[  104.414697][ T7716]  __x64_sys_sendfile64+0x105/0x150
[  104.419884][ T7716]  x64_sys_call+0x2bb0/0x2ff0
[  104.424590][ T7716]  do_syscall_64+0xd2/0x200
[  104.429183][ T7716]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.435149][ T7716] 
[  104.437463][ T7716] value changed: 0x00000038 -> 0x00000002
[  104.443160][ T7716] 
[  104.445492][ T7716] Reported by Kernel Concurrency Sanitizer on:
[  104.451622][ T7716] CPU: 0 UID: 0 PID: 7716 Comm: syz.4.1564 Not tainted 6.17.0-rc1-syzkaller-00014-g0e39a731820a #0 PREEMPT(voluntary) 
[  104.464008][ T7716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  104.474058][ T7716] ==================================================================
[  104.556040][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.