last executing test programs:

52.974792979s ago: executing program 4 (id=594):
r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f0000000280)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x29, &(0x7f0000000780)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@call={0x85, 0x0, 0x0, 0x69}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x2}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x6}, @alu={0x7, 0x0, 0x5, 0x8, 0x2, 0xfffffffffffffff4, 0x10}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x4}}, @generic={0x4, 0x2, 0x8, 0x9, 0x7}, @printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffffe}}, @alu={0x7, 0x1, 0x7, 0x6, 0x1, 0x2, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000100000000000000", @ANYRES32=0x1], 0x50)
r4 = socket$kcm(0xa, 0x5, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$tipc(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="fb6bba8839fe8bc048c0cdafd1f8a9918bc4055eaaeb6db4ee9bcb25b1811dbf40b3a7da5a8a64db04ed6dd26eea2e37229c339b1f91201c2796173864", 0x3d}], 0x1}, 0x0)
recvmsg(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x40fd)
close(r5)
r7 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r7, &(0x7f00000002c0)={&(0x7f0000000180)={0x2, 0x2, @multicast2}, 0x10, &(0x7f0000000400)=[{&(0x7f0000001800)}, {&(0x7f00000003c0)="cbf766d9ca3947446ad0b048dcfda6", 0xf}, {&(0x7f00000005c0)="5c20d217d8d48f8dd8d36238b8d0916b132ba9c3f6053222390f589bb6057db31eae021cdc01b65950fba37a908b9635bb8cbe4f884d0241ecfa85cd708d2c6b053f9bd836b6285684a0ec2acb32bc97bf79ab51a8126077803c72e3cb7c56bba79dc6b0f77b75f80123dede011a0fe88f776b605c1e7186871f0f4005dcfbebc579547dcd111b6f033036471d4588dafc01950dd6d935eacc592f5096f33bb0db4e0e2e8ef4795435ce82ec15a67baf0e71cd66efc73ecd7f080048584d28251f9fec18b0a48589287bece93566e9788aea49db2b7edaf934a33a83fa5a4055a563d5894585d8da2e3d93e423455fc9eb990eb3", 0xf4}], 0x3}, 0x64)
setsockopt$sock_attach_bpf(r7, 0x84, 0x1e, &(0x7f0000000000), 0x10)
r8 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x8916, &(0x7f0000000000)={r8})
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r10 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="180000000000000000000000000000001811000033cf5f7f5062f985590263f506f0951fafc47392d1897ff375a07c03b26f346e7c06cf043c2ab1c92009f9f4a89fa70d9ca58bf760217204e4c480b2cd989dbbe98eb499194d420096e9d21c29a035bd7f4389abeb1001d0fab1", @ANYRES64=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff0007020000f8ffffffb703000008000000b7040000000000008500000059f70300001000"/65], 0x0, 0x20, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x33, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r11}, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000f40)=ANY=[@ANYBLOB="0100000042000000060000000800000000000000", @ANYRESHEX=r10, @ANYRES8=r11, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x10, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r12}, 0x10)
r13 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r13, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="b80000001300e9990000000004000000fc000000000000000000000000000000ac1e000100000000000000000000000000000000000000000a00406a87000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003000000000000000d00000000000000000080000000000004000000b86b6e000000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x8010}, 0x8004)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r14 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r14, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000000ac1e00010000000000000000000000ddff000000000000000a00603000000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000400"/112], 0xb8}}, 0x0)
lseek(r3, 0x6, 0x3)
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x8936, &(0x7f0000000000)={r8})

52.974385229s ago: executing program 4 (id=595):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

52.89327794s ago: executing program 4 (id=596):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r0 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x100)
mount(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x21, &(0x7f0000000140)=ANY=[@ANYBLOB="6e725f626c6f636b733d2c0400fb00756f74612c73697a653d37652c00"])
sendmsg$nl_route_sched(r0, 0x0, 0x2008c014)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000015c0)=ANY=[], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x1, 0x0, 0x7ffc0021}]})
pipe(&(0x7f00000000c0)={<r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="06000000040000000700000008"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="00008adaff00000000afa200000000000007020000f8ffffffb703000008000000000003000000950000000000000000000000000000000000000000ec410df230c37d192dd7672b598d32331bfb9523a1ef7da4374fc015778f1e61f5bf694114"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r4, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x4, @loopback}, 0x1c)
sendto$inet6(r4, 0x0, 0xffffffac, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x41, &(0x7f0000000180)=0x80000039f8, 0x4)
sendmmsg$inet6(r4, &(0x7f0000000fc0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)='a', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000340)="a1", 0x1}], 0x1}}], 0x2, 0x4c815)
inotify_add_watch(r1, 0x0, 0x0)
move_pages(0x0, 0x2, &(0x7f0000000080)=[&(0x7f0000057000/0x4000)=nil, &(0x7f00000be000/0x1000)=nil], 0x0, &(0x7f0000000180), 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000023000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7020000030000108500000055b36a89e9"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000003c0), 0x2, 0x1}}, 0x20)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]})

52.779656012s ago: executing program 4 (id=601):
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4482, 0x0) (async)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4482, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="7f454c4600040000ff7f00000000000003003e00ecffffff940200000000000040000000000000000000000000000000000000002c8f380003"], 0xe6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0xb, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffddc0000008000100b70300000000000085000000a40000009500000000000000"], &(0x7f0000000300)='GPL\x00', 0x9, 0xff6, &(0x7f0000001e00)=""/4086, 0x0, 0x61, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = syz_mount_image$iso9660(&(0x7f0000000dc0), &(0x7f0000002380)='./file1\x00', 0x3a0cc0a, &(0x7f0000000480)=ANY=[@ANYBLOB='hide,dmode=0x0000000000000005,map=normal,map=normal,session=0x000000000000000e,overriderockperm,showassoc,nocompress,utf8,map=normal,session=0x0000000000000006,map=acorn,mode=0x0000000000000086,uid=', @ANYRESDEC=0x0, @ANYBLOB='\x00\x00'], 0x41, 0x9ea, &(0x7f0000004100)="$eJzs3U1sHOUZB/D/+CNxTRQCpDRFQDahAQOpYzslNOLSxF4npv6obEciqipCSVJFsUoFRQLUQypVPRW1h6oHekPqpSckLnCpcmuvvfRQqeLcG+op6qFbzew6tmOv1wn+Ivx+1nrn45n3fd6d2Xnl8e684cus0WhUj3ucv/Dn7UyW3efs2GcffvR++fjljexJd14oPkn6ktSSniSHkt7RsdmZqQ4FXU8uJbmZFEn2pvm8IZdS/Db7luZvpvhjWW/lwj02jA1p8JW208cfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsRsXo2NDQcJHJiekLr9Taq4YAb7eya6m8T6tRv4tPO9abFOUjfX2LQ30fOri0+tHy19E83px7vBqQPH1574FHD7z0SE/X4vbrJHw3/tcaDPmuN3zr3feuv7awcOXNTUrky+ZcfXpibmZi6sy5em1ibqZ2+tSpoRPnx+dq4xOT9bmLc/P1qdrobP3M/MxsbWD02drw6dMna/XBizMXps+NDU7WFxe++O2RoaFTtZcHf1A/Mzs3M33i5cG50fMTk5MT0+eqmHJ1GfNieSB+f2K+Nl8/M1WrXb22cOXkiozWOCTKoOFOLSmDRjoFjQyNjAwPj4wMn3rh9AsvDg31LC3oTrVg6A5Ztcntgzb7slnHLzvvg66NRm7yGRzuXVer/89kJjKdC3kltTV/RjOW2cxkqs36lsX+/9iJ+rr1Lu//F3v5Q0urH0vV/z/ZnHuyXf/fJpft+3kr7+a9XM9rWchCruTNFWv33kOJjcbarfrT35uvxU63eOXPudQznYnMZSYTmcqZakmttaSW0zmVUxnKqzmf8cyllvFMZDL1zOVi5jKfenVEjWY29ZzJfE+zjQMZzbOpZTinczonU0s9g7mYmVzIdM5lLGeqUq7mWvW6n1wnx9tBwxsJGlknaJ3+v7XgLvp/vqI2+xQO96zR6v/3dA4dGN2OhAAAAIBN982/Zf/Bh//6r6Q3T1TX2AEAAID7TfVxvcfLp95y6okU4xOT9aHVgW9vf24AAADA5iiq79gVSfpzuDm1+E2oNS4CAAAAAF9G1f//nyyf+supwyn8/Q8AAAD3m8732O8YURxPLTfKVbXLzcjLrYjWfX77xycm64OjM5MvDefp6i4D1TcNVpXWnQNJ9fWD53KkGXWkv/ncv7LEvjJqePCl4fTlaKshA0+VT08NrBE5UkY+l2eakc8sRvZlVeTJMhIA7ndH1+mPN9r/P5fjzYjjj1W3b+95bI0+eEjPCgC7RecxdjpGFN9ZHP6nzd//3bl6uPmRgsG8njeykMs5Xn3boPrEQavU3CyyVGr/so8hHO9wNaB/2QgvxxevBxzet+b1gP5lA70cX3VFoF3syTVfu2LT9wYAbI+jq/rhdfr/RqM5ter6//p///f7SCEA7Cq3R7Dfwok76+zdmaYCAC3te+l1dG9hQgAAAAAAAAAAAAAAAAAAAAAAAAAAAHAf2Mr7/3cl2dqRBb7AxI0kuyCNbZ74d2u3r1rVWn5jxzNcNrE3X7ycvm0Z4eLdH+3ZxYf6vU3s4EkJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAbVMk3Wst70r2Jj1DSU5sf1Zb58ZOJ7DDilu5lXeyf6fzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC437Tu/9+V5vMDzUXp6UqOJbmU5Ic7neNmurXTCeywZff/L/d5GkV6mrs9Re/o2OzMVLn7s7dc/9mHH71fPu6lnrKAsoYVg0u0ami/1UPVVv1jV966/vM3flYbO1sleXZ+fHJs6tzs95YCHy0+TmppPhYt5vuLonUUr2z5x2VLO9db1jJe1Tu2ut5vrLX17XqP/eV37du2ZCmNawtXRsqa5uuvzL/902vvLAt6OEeSpwaSgZU1/aR8tKnpSHrXq7f4vPh1sT9/yKVq/5dpFI2i3EUPVu3/2tVrC1cGX39j4XKbnA7kcJLLSd/Gczq8ek8sqo66rt6y1qEqqPx1sEN563qge3+j0SxxuE0bHqoOmf67akOtfRsqHV73VhtPtsnokTx913v66Q41tvy30dScKz4v/lmczz/yq2Xjf3SV+/9YNvLuLGOqyGVHSvs2H1tq+cjyFa/eGdn2XckW+E1+nO/e3v9dy87/rX21PeejZTVu2fuiaPZCLdX0wTt6pNbZp12WrTwPNqPa5Pn1PL96uw55Pt/hjLJJ7/+Vis+LD4qB/Cc3jP8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsfkXSvdbyruRYkgNJHizna0ljM+rr6i82o5gN2rNqyY1trH336Lo9VdzKrbyT/TuaDgAAAAAAAACb5uzYZx9+9H75qP4f351vFZ8kfc3/9PckOVD8vnd0bHZmqkNBvcmlJDfL6b67y6HcLvuW5m+Wc4fuvi0AwMb8PwAA//9F2m9c")
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341) (async)
r2 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000700)=@usbdevfs_driver={0x6, 0x1, &(0x7f0000000740)="a5a80cac47fc95434923f569f80f402c870299fb9b1d2b02719e422f22cea3b11f859137af673a65a8162003c0c77b39626542211f9260596d160d0ad60be861647727ae"})
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect) (async)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, 0x0, 0x0) (async)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, 0x0, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3) (async)
ptrace(0x10, r3)
ptrace$setregs(0xd, r3, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb") (async)
ptrace$setregs(0xd, r3, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x8, &(0x7f00000006c0)=ANY=[@ANYRESDEC=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mprotect(&(0x7f000007f000/0x2000)=nil, 0x2000, 0x1)
ptrace$getregset(0x4205, r3, 0x2, &(0x7f0000000080)={0x0})
close(r0) (async)
close(r0)
execveat(r0, &(0x7f0000000500)='./file1\x00', 0x0, 0x0, 0x800) (async)
execveat(r0, &(0x7f0000000500)='./file1\x00', 0x0, 0x0, 0x800)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
setxattr$security_capability(&(0x7f0000000340)='./file1\x00', &(0x7f0000000380), &(0x7f00000003c0)=@v2={0x2000000, [{0x7fffffff}, {0x8, 0x1ff}]}, 0x14, 0x2)
sendmsg$L2TP_CMD_SESSION_DELETE(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000007c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYRES16=r6, @ANYBLOB="397cbce382bb68909f9a8fb9af9fb61a367c6b45f8329c10218a6ea84b46166d4d7fb0101f1e4ed9688ea49bb5bdce3faf93bb97ebe65f058de2d0d852eda84ad298e921c1b66e5db980792db4552d658be4b155e493a5cddfc53591f825c88b1ec9a67ae6e2d1f7c3219b8c167a1910f93be286da601a79ce835314e317e4a61774ddc3551a6e5e35f466855b02bea4bdb9fca9e2c9984e35f405e7d209977060adc87f2e0c16f95c711008652b8894ceca5151b23e09"], 0x3c}, 0x1, 0x0, 0x0, 0x20008000}, 0x30)
timer_create(0x3, &(0x7f0000000000)={0x0, 0x38, 0x2, @thr={&(0x7f0000000180)="5bacc0c5b09f34d15e2193ec2bdef83d4e7bdbdd4491a64a079ab721ee97b32394d7e48b23c5122b4f2274e964eb8d6ae692c45cc58bdac11e09a78736127f90c02c39c255f5e6887a5aa455688deb78665d9178695ad6b59e0d3d621e58775c90fd28e0321f902910fa9ae1b91512156944eb3afe3da41c81fe168efac62d746927106cf260e95a0e82a8fee3c03bd1740abf2d4266787b589ca7caea9062cbc4ff9496ba48e1a6675b3d6e08ea41983d01297e97d5efcbe38c8cd795a6393cd5b98d066da3de6b7767898aa390b83dd4533638cc3047ec0c5e968eda19bea7005fba3ab2", &(0x7f0000000280)="145d0000000000000000"}}, &(0x7f00000002c0)=<r7=>0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='f2fs_sync_file_exit\x00', r4, 0x0, 0x401}, 0x18)
timer_settime(r7, 0x0, &(0x7f0000000080), &(0x7f00000000c0))
socket$kcm(0x10, 0x2, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_io_uring_setup(0xa0, &(0x7f0000000640)={0x0, 0x105cc6, 0x8572c7da62997130, 0x0, 0x207, 0x0, r0}, &(0x7f0000000040), &(0x7f0000000300)) (async)
syz_io_uring_setup(0xa0, &(0x7f0000000640)={0x0, 0x105cc6, 0x8572c7da62997130, 0x0, 0x207, 0x0, r0}, &(0x7f0000000040)=<r8=>0x0, &(0x7f0000000300)=<r9=>0x0)
syslog(0x2, &(0x7f00000004c0)=""/28, 0x1c)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000580))

52.531821666s ago: executing program 4 (id=602):
r0 = socket$packet(0x11, 0xa, 0x300)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r0, &(0x7f0000001400)=[{{&(0x7f0000000c40)=@l2tp6={0xa, 0x0, 0x0, @remote}, 0x80, &(0x7f00000006c0)=[{0x0}, {&(0x7f0000000cc0)=""/124, 0x7c}], 0x2}, 0x4}, {{0x0, 0x0, &(0x7f00000012c0)=[{0x0}, {&(0x7f0000000740)=""/2, 0x2}, {&(0x7f0000001040)=""/140, 0x8c}, {&(0x7f0000001100)=""/192, 0xc0}, {&(0x7f00000011c0)=""/118, 0x76}, {&(0x7f0000001240)=""/95, 0x5f}], 0x6, &(0x7f0000001340)=""/176, 0xb0}, 0x1}], 0x2, 0x0, 0x0)

51.637730449s ago: executing program 4 (id=615):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x14}, 0x4010)
sendmsg$inet(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x2, 0xffff, @multicast2}, 0x24, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x5a}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000004) (fail_nth: 2)

51.636941319s ago: executing program 32 (id=615):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x14}, 0x4010)
sendmsg$inet(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x2, 0xffff, @multicast2}, 0x24, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x5a}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000004) (fail_nth: 2)

1.34743609s ago: executing program 1 (id=1515):
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$netlink(0x10, 0x3, 0xf)
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x700000, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet_mptcp(0x2, 0x1, 0x106)
socket(0xa, 0x3, 0x3a)
socket$inet6(0xa, 0x3, 0x8000000003c)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x2, 0x80805, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_COALESCE(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r2, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r3], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x2c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r2, {0xffe0}, {}, {0xa, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x39, 0x1}}]}, 0x2c}, 0x1, 0xf0ffffffffffff, 0x0, 0x4004140}, 0x0) (fail_nth: 13)

1.209731902s ago: executing program 5 (id=1517):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000020000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r2, &(0x7f0000001d80)='.\x00', 0x8000, &(0x7f0000000080)={0x0, 0x8, 0x40000}, 0x20)
ioctl$SNAPSHOT_FREE_SWAP_PAGES(r2, 0x3309)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYRES8=r2], 0xc0}}, 0x0)
syz_clone(0x648e7000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000020000000c"], 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) (async)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) (async)
mount_setattr(r2, &(0x7f0000001d80)='.\x00', 0x8000, &(0x7f0000000080)={0x0, 0x8, 0x40000}, 0x20) (async)
ioctl$SNAPSHOT_FREE_SWAP_PAGES(r2, 0x3309) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10) (async)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYRES8=r2], 0xc0}}, 0x0) (async)
syz_clone(0x648e7000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)

1.181844562s ago: executing program 0 (id=1519):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYRESDEC=r0], 0x50)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xb, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = syz_open_dev$usbfs(0x0, 0x1ff, 0x8401)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$USBDEVFS_SUBMITURB(r4, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'hsr0\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendto$packet(r5, &(0x7f0000000140)="33aaf14f564b1bf220cb1137d54b", 0xe, 0x20048844, &(0x7f0000000200)={0x11, 0x2, r7, 0x1, 0x6}, 0x14)
sendmsg$nl_route_sched(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r7, {}, {}, {0x13}}}, 0x24}}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000400)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', r7, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x10)
r10 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r10, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000180)=@keyring={'key_or_keyring:', r10})
bind$bt_hci(r4, &(0x7f0000000380)={0x1f, 0x4, 0x1}, 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r11}, 0x10)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r12, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=ANY=[@ANYBLOB="14000000030001000000000000000000ef5b000a20000000000a03000000000000000000070000000900010073797a30000000006c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000003f28001280140001800c000100636f756e74657200040002801000015e0c000100636f756e7465720008000340000001"], 0xb4}, 0x1, 0x0, 0x0, 0x8000}, 0x20050800)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x4e24, 0x8000, @local, 0x8}]}, &(0x7f0000000180)=0x10)

713.719589ms ago: executing program 1 (id=1521):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffea4, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='sys_enter\x00', r1, 0x0, 0x20000000}, 0x18)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/notes', 0x60800, 0x0)
sendfile(r2, r3, 0x0, 0x1000000000004)

713.532109ms ago: executing program 2 (id=1522):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000580), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000c00)={0x14, r1, 0x680822d7e3b5f37d}, 0x14}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), r2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
syz_clone3(&(0x7f0000000d80)={0xba0000, 0x0, 0x0, 0x0, {0x6}, 0x0, 0x0, 0x0, &(0x7f0000000d40)=[0x0], 0x1}, 0x58)

638.08775ms ago: executing program 1 (id=1523):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000400)='kfree\x00', r0}, 0x18)
syz_io_uring_setup(0x10d, &(0x7f00000004c0)={0x0, 0x8b7c, 0x800, 0x7, 0x22}, &(0x7f0000000940), &(0x7f0000000280))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000000000009500a1fb00001fe9e3a400000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000240), &(0x7f00000003c0)=r1}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r6, r3, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6000000000140600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="c70410"], 0x0)

594.091261ms ago: executing program 2 (id=1525):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

582.249341ms ago: executing program 3 (id=1526):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4d, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='mm_page_alloc\x00', r0, 0x0, 0x800000000000000}, 0x18)
r1 = io_uring_setup(0x1694, &(0x7f0000000080)={0x0, 0x2a309, 0x1000})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

544.008742ms ago: executing program 2 (id=1527):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, 0x0, &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x13, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020642500000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
wait4(0x0, 0x0, 0x40000000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0, 0x0, 0x7}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x2)
creat(&(0x7f0000000080)='./file0/file1\x00', 0x90)
unlink(&(0x7f0000000100)='./file0/file1\x00')

543.412942ms ago: executing program 1 (id=1528):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
pipe(&(0x7f00000000c0)={<r1=>0xffffffffffffffff})
openat$cgroup_netprio_ifpriomap(r1, &(0x7f0000000340), 0x2, 0x0)
pwrite64(r0, &(0x7f0000000740)="df87252188d4c08983c87eb23a65c2b1e326f1ff8032f4454187f7ffca7deef67fd8b20985ec40a399fa6958e39155fc7f75a03fdc606217457f1a3544cfa61833a1018123ac18a889e8b9a2040f2cb923de0e477aa1eee9703055b0e54463378fb2fe21a9a693aae9368d555aace74dcff04b04e8acfb351ef1268a9711a0a332f42e2bf46338dcc56f951545a203b6c574d39e106f5e0c000000aa95ddab0a73bea12fa9684462893807000000000019ff85f19b35dc344d190f0656a6e9cf01e4bcb45b5e83d58ebfe7e5f3673429608a49f64d90760efd1fb8ce6e3b5b615dda67cba9b5a78dc0487d3129c9f8c9da8b5b36627401296ea7c7cf97110e30836e32e508ab2511acf48aaf769de7760e484ad0ab425f04bdec7f850dc747", 0x11f, 0xfffffffffffffff7)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x80a, &(0x7f00000001c0), 0x1, 0x7b1, &(0x7f0000000ac0)="$eJzs3c9rXNUeAPDvnSRNmva95sGD175Ns3qvUDpp+/JaBcGICxEsFHRtGybTEDPJlMykNCELiwiCCFpcCLpxXbXu3Iqu/RvciEhLtWmxUlBG7vxIJpnJrzaT1ObzgRvOuffcnPO9d+65Z+YeZgLYswbTP5mIIxHxfhJxqL4+iYieaqo7YqRW7sHiQi5dkqhUXv0lqZa5v7iQi6Z9UgfqmcMR8c3bEcczrfWW5uYnRwuF/Ew9P1SeujxUmps/MTE1Op4fz0+fOTU8fPrs/8+e2b5Yf/1u/uDtD1767xcjD9/61833vk1iJA7WtzXHsV0GY7B+THrSQ7jCi9td2S5LdrsBPJL00uyqXeVxJA5FVzUFADzN0vt/BQDYYxL3fwDYYxqfA9xfXMg1lt39RGJn3XkhIvpq8Teeb9a2dNef2fVVn4P230/X9Cztt13PuwYj4pOvXv8sXaJDzyEB2nnzWkRcHBhs7f+TljkLW3VyE2UGV+X1f7Bzvk7HP8+0G/9llsY/UR3/JCtmhvS2uXYfxWDEvuZ86/WfudV2x+e3ofL6+O+52ty2NNCm8d/SpLWBrnrub2nmaERMFPJp3/b3iDgWPb2XJgr5U+vUcezeH/fW2tY8/rsbyY20/rvX37ixXCJzq7t35T5jo+XRx4m52Z1rEf/uXp7b96Cl/++rjnVXn/903fn1/vHR5eTLz77z8VrF0vjTeBtLa/ydVfk04j/RPv6GZN35iUPp6T9Z+9u+ji9/+Kh/rfqbz3+6pPU33gvshPT8968f/0DSPF+ztL31bxx/+9f/vuS1arrReVwdLZdnTkXsS15pXX96ed9GvlE+jb8W6er4M+u+/tN3ghc3GWP37Z8/f/T4OyuNf2xL53/riZsPJrvWqn9z53+4mjpWX7OZ/m+zDXycYwcAAAAAAAAAAAAAAAAAAAAAAAAAm5WJiIORZLJL6Uwmm639hvc/oz9TKJbKxy8VZ6fHovpb2QPRk2l81eWhWj5pfP/pQFP+9Kr8/yLiHxHxYe/+aj6bKxbGdjt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg7sMbv/6d+6t3t1gEAHdO3YYl7+RXZSqVS6WB7AIDO2/j+DwA8bda5/+/fyXYAADvH+38A2Hvc/wFg73H/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMPOnzuXLpXfFhdyaX7sytzsZPHKibF8aTI7NZvL5oozl7PjxeJ4IZ/NFac2+n+FYvHycEzPXh0q50vlodLc/IWp4ux0+cLE1Oh4/kK+Z0eiAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICtKc3NT44WCvmZpyLxbkQ8Ac3oRCKJJ6IZHU/E762bfjzx/eFqojci2ux1fYOX8UjnG//wCTh0j5PYX+8PltfscscEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8BfxZwAAAP//ds4gMA==")
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRESOCT=r3], 0x48)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x109)
sendfile(r4, r4, 0x0, 0xb)

488.047253ms ago: executing program 2 (id=1529):
r0 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x4885, 0x100, 0x4, 0x1d}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000600)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x10020, 0x1})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="01070000000000000000200000"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

464.760813ms ago: executing program 3 (id=1530):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000400)='kfree\x00', r0}, 0x18)
syz_io_uring_setup(0x10d, &(0x7f00000004c0)={0x0, 0x8b7c, 0x800, 0x7, 0x22}, &(0x7f0000000940), &(0x7f0000000280))
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000800000000005e002200850000006d00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r6, r3, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6000000000140600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="c70410"], 0x0)

417.901544ms ago: executing program 3 (id=1531):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x11, 0xb, &(0x7f00000005c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r1, 0x0, 0x2}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000030000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000020900010073797a30000000000900030073797a3200000000240b0000060a010400000000000000000100000008000b4000000000fc0a048028000180080001006c6f67001c0002800e00024073797a6b616c6c65720000000800054000000008d00a01800e000100696d6d656469617465000000bc0a0280640002804c0002800900020073797a32000000000900020073797a310000000008000180fffffffc0900020073797a31000000000800034000009c920900020073797a300000000008000180ffffffff14000280080003400000000808000180fffffffb0800014000000002080001400000000b500002804b000100fa62d7ba9ceeacf9aa4f832b78f35731f355d63e192a72aef5e68a05d1b806151b6bd1e2d74abafd383790ad363fdc1b7766748630b48f9beefdb33c86d5835a470b5ffd20d7e9006c0102805c00028008000180fffffffe0900020073797a30000000000900020073797a320000000008000180ffffffff0900020073797a320000000008000180fffffffd0900020073797a310000000008000180fffffffc0800034000000e5628000280080003400000000608000340000000070900020073797a320000000008000180fffffffe540002800900020073797a320000000008000180fffffffe0800034000000000080003400000000008000340000000090900020073797a310000000008000180fffffffe080003400000800108000180fffffffd8e000100818ce881ff18470752e86442e8b77ddcfc7a4c87f05cd36147be26c85cc854cc117db1906007a5a8c298f4724c8c743d46ec7f3ba478d9dfb10bbe9e4fdfc2188d62db9bb1364fed383fe0b0c3fbbab83959470cb0ffb14765c32f10b54d99531d04caaf264214997543a1c63637d9a3a20b7ce9312e545626eb375c88462c198f35cf8a11616de4fa0c000098020280eb00010099c8e680eb4d0e7f78e1fb62226ae541d997c8cb51c5ebd0bb7e2730b61310dcd7525807288a7ad8c00f6aa230a1d1b876ddb0e188384e7c79cd8af94a02451a04d8f116bde38077da45650d82bdd1767b03e3f35bc4a5769e659d8cdb6d9d9d717c78b50f6b3ac899b07a9eaf2c989654de7d6609299bad01ca1f3fa8b6229a6c69627a07f627880e902231b20368f3ae64fd12fc37afeb95f14a4dc3d0bc5f6e2afd0fc8ef6982054cffa703ee1376654019ad6d2add9052c5d2f2e0ba3318f931b2c5f2dcce5cbca6093c64d23b64e2f2061da3dd5983644280de22d592b63b5d7f6b571beb005400010041bbc64da6bacaad1bebec23352accccbca40d6ba87943f82df945bf4ccc5250a0c2b2cb13793380f424b280bfb960885af6df4afa26efa8fcd7a1243389ef3fcf1d709f775a9cd1dfb2b84fd03e5d70f800010001950b7c0ec30534e476b721ba6e82d03078fe63b683918ecbbb9c339c8cdd63689339ac43acd5973f4aac8720a98d18e13b98e11e291f3f3621ed29c717639f84bdd28810da6ae30538775f15e00133741e9de3f96f69ab363752fa962b3c71041ba1e463a91d782a968d9febb648b66e71a6827c53b3be014b785f61c4fd46fef00658f64cdd465edb61ba4c5f00849b2935c485da99a38489ecc29837433ac5446c3922d73153fd8fb2368a5ce4201760ca6778f570b7fcb38be633a02d57c5884b6bcbaf3bc28ca7686edb5d59e1b823a8f0f5ff788625995d51c16413783c6290a9714bd4dcbd2a388139f3e46f69916f335c0002800900020073797a3000000000080003400000000908000180000000000900020073797a3000000000080003400000000808000180fffffffd080003400000000408000340fffffff908000180fffffffb0800034000000003a80002801c000280080003400000020008000340fffffff508000340000000001400028008000340000000050800034000000007720001001c2cce526d2ee30fb33f426450278cb35ac06b1cef15fefc26b5c17a8c9251bed316fccb5588f2e071fc355537fcf458cf14217f16ce4c12a4b559f3e807c94c6cc4f418baebc6024b74b9dbc5ef66dbbe91812ea247db80670c101ed494f105ad9c09b4eaf8d5c133b46a311c1a00001c0302802000028008000180fffffffc0900020073797a320000000008000340000000035c00028008000180fffffffc08000180fffffffc08000180fffffffb0900020073797a300000000008000340000000060900020073797a30000000000900020073797a31000000000900020073797a310000000008000180fffffffbf6000100330e5af714359ac9da33381a13071148dbe4293800e6be0290efbb549850cda132ca27a55553fd77c3067504c4596086f4001f53d49e8111395ebccb983c6b04735a58ab2617dfc62123b09c8dc5a47154667414dc28e8369829764b2e3cc23303a882890bad6d3a70d9e15701ec8c4c15a46d38c9ed6bc8658f8a45a02083f563324a27c649bab7cbcb485c289bd8df0a040128df6891ab48095977e0463f8e3ed7ba6df976ee30768954dfeb3f08c942b2c9384aa0b78baf92ecf5e4d73788afb1bc5a8f7c4b454897cd8bcac7f19cdd949fac66756da3b9311e13362eee317df853f6bc7e4638eb145a1484d3780e09b50000c8000100d5c1e4159bf770e02e6e1ebe911d7513709588175328d2e11f2ebf3f6967c49bedcb2a5459a45272bb8084e3bb55ea7a80166d97ec16457ed7d2a834d9aafdb2a54110ddc7975eaeda4f897ec7d533c27df0ce5ff92cfedadc67fff850ee5d07822d72b27af229d17ad2f8d802ae40d98f373e348a04b4f0270c71f82319de3a0331f165204896e0e448cf7ea0f8eb32a312fda6716f72f0234742fe6708ad0adf587ea21d94b8c8f5080028dda1e21d3d9ac82d8edd12941631b72b692ecc262d6ae12393000100c56deda494a09379df59bad8f0f17376b307ce49571034af728b1c4bf694e3b91406b976944238ab36ccaf40e3d92952ba87aa27af6353a82868c9508577a1b6a349fce75b3e4952b04b9527f496b5555e6db110dec07430b01446635eff12f136dbcb54fd4dc90b02e1bc6488ed74efd9eeb1b6de6e2a234f6c323df5c28a0352d03b34ee4f64ab614078125aa3cc0048000280080003400000000c08000340000000010900020073797a310000000008000180fffffffd0800034000008000080003400000dc5b08000180fffffffc08000180fffffffb2c0202804b000100cece2d8ff50c68c1060c2e691ddc50c6d87b46b4e5f6695010163d98bac2d9d7693cff0ec1e2107f58d3c305c78e5a596df92f1dbe80793dce5424be9e7951890023db7d0b9b2700e5000100f46e4b21dd4b92221713eece21b0e3bfb3fe995725eca78713a8d11ac82a6aefeeeab4720bd136479523ccafa34771afedeafc55275842bb7adb37ff3c93b19d9d5139f8b67ee81e380faa9506e6c8e5956cf7efc9828438d340aa4bfe771769c6ddb2f8c31049c1fc37e8f28812ea0aadd0caa7e32f6bb4b2b7a4473e5fa876c87bf285a503660ea12a0cfff6863a87c64ea83c31e737e278edcad77cb964828c7049d335e25156fd4d1c2faada6a8363794fe487155fbfd7c2e1b8504d4a744357734f51fca0426ffe929280df27411f8a90a067b285e970fa1e403722ae91dd000000f400010073e22ba6603d1c92836887468b100c2dc430efeb2ef19c66bd0582fe94df7b5a20292fdfbd2009980dbf9651685f7713bfb0f42583e452670f29e2cabf848fcdcb7a2067f0b257efd7dc927e540584b08f026e14be231afa797e36410d8ad6cbced8c5d2cce2f5a8b75713e57b3161b5b4ce78f283bf59a04f90bc1c5a4371abed0124c621ecb51b6166ad39f14216c09456232b7ea8dd7058bbbeae8b1c13df7ffa1515a359309683421d783f4fb00547cb06b3f974e65f28397c2c16675436a414b6e28d61800c35bdc05f9837e14491ce0fa7c0fbf6f61dd8f7eceac62373ed913de212a188ad5fa12d0eab8a0b440900010073797a30"], 0xb98}}, 0x0)

382.409685ms ago: executing program 2 (id=1532):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x1e, 0x10, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="00007ff322d113e912ef0f8514fc1043000000000000b7050000080000008500"], &(0x7f0000000040)='GPL\x00', 0x10, 0x0, 0x0, 0x40f00, 0x68, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r4}, 0x18)
r5 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r5, &(0x7f0000000000)={0x18, 0x0, {0x2, @multicast, 'ip_vti0\x00'}}, 0x1e)
connect$pppoe(r5, &(0x7f0000000340)={0x18, 0x0, {0x0, @multicast, 'macvlan0\x00'}}, 0x1e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
r8 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r8, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000140)=@keyring={'key_or_keyring:', r8})
r9 = openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r10 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="610000000000000014001280090001fe616f6e6400000000040002800800290080440000"], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4000)
write$selinux_context(r9, &(0x7f0000000340)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
r11 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r11, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r11, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="380000001a00010000000000000000000a008000", @ANYRES32=0x0, @ANYRES8], 0x38}}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r12 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="480000001000010010000000ffdbdf2500000000", @ANYRES32, @ANYBLOB="20000000280e0400280012800b0001006d61637365630000180002800500030008"], 0x48}, 0x1, 0x0, 0x0, 0x24008001}, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000200)={[{@usrjquota}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid}, {@grpquota}, {@usrjquota}, {@journal_dev={'journal_dev', 0x3d, 0xdcc}}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")
chdir(&(0x7f0000000400)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)

382.007574ms ago: executing program 3 (id=1533):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffea4, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='sys_enter\x00', r1, 0x0, 0x20000000}, 0x18)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/notes', 0x60800, 0x0)
sendfile(r2, r3, 0x0, 0x1000000000004)

367.044294ms ago: executing program 1 (id=1534):
r0 = epoll_create1(0x80000)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/wakeup_count', 0x80800, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYRESDEC=r0], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000400)='rtc_alarm_irq_enable\x00', r1, 0x0, 0x8000000}, 0x18)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0xe000001a})
read$char_usb(r1, &(0x7f0000001980)=""/179, 0xb3)
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f00000003c0))
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f00000000c0), 0x2, 0xbd1, &(0x7f0000001340)="$eJzs3M1rHOcZAPBnRquVbKtduZRS91KVUmwoXUsuMrUp1C4uvfRQaK8Fq/LKCK0/kFRcyTqskn8gX+dALoEkJiGH+OxLQnLNJbGvCTkETFCsBEJIFGY/pI2lleR4V6PIvx+8mvedd7TP8+ywO/PC7gbwxBrJ/qQRxyLiYhJRau5PI6JY7w1G1BrHra4sTX65sjSZxNravz5LIomIBytLk63HSprbI83BYES8/9ckfvb05rhzC4szE9VqZbY5Pjl/5frJuYXFP0xfmbhcuVy5Onb6T+Onxk+PnhnvWq1ffXTu9he/+fsnta9f/ebW58+/nMS5GGrOtdfRLSMxsv6ctCtExES3g+Wkr1lPe51JYYd/SnucFAAAHaVt93C/iFL0xcbNWyne/iDX5AAAAICuWOuLWAMAAAAOuMT6HwAAAA641ucAHqwsTbZavp9I2Fv3z0fEcKP+1WZrzBSiVt8ORn9EHH6QRPvXWpPGvz22kYj4+N6ZN7IWPfoe8nZqyxHxy63Of1Kvf7j+Le7N9acRMdqF+CMPjX9M9Z/rQvy86wfgyXTnfONCtvn6l67f/8QW17/CFteuHyLv61/r/m910/3fRv19He7//rnLGDdfefFGp7ms/j/f/tvrrZbFz7aPVdQjuL8c8avCVvUn6/UnHeq/uMsYpW9vVDrN5V3/2ksRx2Pr+luS7X+f6OTUdLUy2vi7ZYzl98Zf6xQ/7/qz83+4Q/2t33/qdP6v7zLGfy5ceHPTznsb3e3rTz8tJv+u94rNPf+fmJ+fHYsoJv/YvP/U9rm0jmk9Rlb/id9u//rfqv7sPaHWfB6ytcByc5uNn3oo5l9u3XyrUz6t9V+e5/9Sh/PfXv+7hc3n/5ldxvjdO8+d6DTXvv7NWha/tRYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJY0IoYiScvr/TQtlyOORMTP43BavTY3//upa/+7eimbixiO/nRquloZjYhSY5xk47F6f2N86qHxHyPiaES8UDpUH5cnr1Uv5V08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA645ExFAkaTki0ohYLaVpuZx3VgAAAEDXDeedAAAAANBz1v8AAABw8Fn/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GNHf33nbhIRtbOH6i1TbM7155oZ0Gtp3gkAuenLOwEgN4W8EwBy84hrfLcLcAAlO8wPdpwZ6HouAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOxfx4/duZtERO3soXrLFJtz/blmBvRa2tZPcswD2Ht9200W9i4PYO95icOTyxof2GntP7hxTO37MwM9ywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/Weo3pK0HBHF5r5yOeInETEc/cnUdLUyGhE/jYgPS/0D2Xgs55wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADovrmFxZmJarUym3XSaHbW9/Sg09eM3MMQvekkjbxr+yWfg90ZeHanY/4bjxmiGPui0n3ayfNdCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvMwtLM5MVKuV2bm8MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyNrewODNRrVZme9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzXQAAAP//jAsGRw==")
io_setup(0x3ff, &(0x7f0000000500)=<r2=>0x0)
mount_setattr(0xffffffffffffffff, 0x0, 0x9000, &(0x7f0000001dc0)={0x1000f9, 0xc, 0x20070}, 0x20)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x40, 0x0, 0x7fff0000}]})
timerfd_create(0x0, 0x0)
timerfd_gettime(r1, &(0x7f00000001c0))
r3 = socket$caif_stream(0x25, 0x1, 0x0)
io_submit(r2, 0x1, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0}])
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket(0x2, 0x80805, 0x0)
setsockopt$inet_msfilter(r4, 0x0, 0x29, &(0x7f0000000300)=ANY=[@ANYBLOB="6401011b6d0000020100000006"], 0x20)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000940)={0x0, 0xa, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d08000b000000e8fe55a1180015000600142603600e1209000d0000000401a80016000a00014006000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)
recvfrom$x25(r4, &(0x7f0000000540)=""/167, 0xa7, 0x40000000, &(0x7f0000000080), 0x12)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES64=r4], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r7, <r8=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

346.224295ms ago: executing program 3 (id=1535):
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sync()
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000400)=ANY=[@ANYBLOB="180000007af78c0100a3e880fdffffff18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r1, &(0x7f0000000500)=""/45, 0x2d) (async)
getdents64(r1, &(0x7f0000000500)=""/45, 0x2d)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x24, 0x7, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0x8}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x24000000)
syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), r3) (async)
syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), r3)
r5 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_opts(r5, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5) (async)
setsockopt$inet_opts(r5, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
getsockopt$inet_opts(r5, 0x0, 0x4, 0xfffffffffffffffe, &(0x7f0000000200)) (async)
getsockopt$inet_opts(r5, 0x0, 0x4, 0xfffffffffffffffe, &(0x7f0000000200))
getsockname$packet(r3, &(0x7f0000000380)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50) (async)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000600)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r7, @ANYBLOB="0000000000000000b704000008b69e34811cbdce56000000c31774d0378503c29500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x802, @void, @value}, 0x4d)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r8}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r8}, 0x10)
r9 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
faccessat2(r9, &(0x7f0000000040)='\x00', 0x1, 0x1300)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r6, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r6, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newqdisc={0x2c, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}}, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000008085000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='kmem_cache_free\x00', r10, 0x0, 0x2000}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})

279.335196ms ago: executing program 5 (id=1536):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
get_mempolicy(&(0x7f0000000000), &(0x7f0000000080), 0xc, &(0x7f0000ff8000/0x3000)=nil, 0x0)

278.304876ms ago: executing program 2 (id=1537):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='netlink_extack\x00', r2, 0x0, 0xfffffffffffffffe}, 0x18)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="4c0000001800010d000000fbff0000850aff"], 0x4c}, 0x1, 0x0, 0x0, 0x11}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'macsec0\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000780)={'dummy0\x00', <r7=>0x0})
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r5, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010026bd6000000000002d9300000c00018008000100", @ANYRES32=r7], 0x20}, 0x1, 0x0, 0x0, 0xd4}, 0x24008000)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wg2\x00', <r8=>0x0})
socket$l2tp6(0xa, 0x2, 0x73)
r9 = signalfd(0xffffffffffffffff, &(0x7f0000000240)={[0xd]}, 0x8)
r10 = syz_io_uring_setup(0xddf, &(0x7f0000000300)={0x0, 0xbbd2, 0x10100, 0x0, 0x242}, &(0x7f0000000100)=<r11=>0x0, &(0x7f0000000140)=<r12=>0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x68, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r11, r12, &(0x7f00000001c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x3, r9})
io_uring_enter(r10, 0x353, 0x0, 0x0, 0x0, 0x0)
r13 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r13}, &(0x7f0000bbdffc)=<r14=>0x0)
timer_settime(r14, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r15 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r15, &(0x7f00000013c0)=""/4089, 0xff9)
sendmsg$ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xe0, r1, 0x200, 0x70bd2a, 0x25dfdbff, {}, [@HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg\x00'}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_team\x00'}]}]}, 0xe0}, 0x1, 0x0, 0x0, 0x10}, 0x1000)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r0)
r16 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r16, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10}, 0x24)
sendmmsg(r16, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[{0x18, 0x110, 0x1, '\n'}], 0x18, 0xe000}, 0x5}], 0x1, 0x0)

276.342836ms ago: executing program 0 (id=1538):
ioprio_set$uid(0x3, 0x0, 0x3000000)

220.412947ms ago: executing program 0 (id=1539):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, 0x0, &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x13, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020642500000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
wait4(0x0, 0x0, 0x40000000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0, 0x0, 0x7}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x2)
creat(&(0x7f0000000080)='./file0/file1\x00', 0x90)
unlink(&(0x7f0000000100)='./file0/file1\x00')

220.047847ms ago: executing program 5 (id=1540):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4d, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='mm_page_alloc\x00', r1, 0x0, 0x800000000000000}, 0x18)
r2 = io_uring_setup(0x1694, &(0x7f0000000080)={0x0, 0x2a309, 0x1000})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

200.486997ms ago: executing program 0 (id=1541):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000400)='kfree\x00', r0}, 0x18)
syz_io_uring_setup(0x10d, &(0x7f00000004c0)={0x0, 0x8b7c, 0x800, 0x7, 0x22}, &(0x7f0000000940), &(0x7f0000000280))
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000800000000005e002200850000006d00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r6, r3, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6000000000140600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="c70410"], 0x0)

155.534688ms ago: executing program 3 (id=1542):
r0 = epoll_create1(0x80000)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/wakeup_count', 0x80800, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYRESDEC=r0], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000400)='rtc_alarm_irq_enable\x00', r1, 0x0, 0x8000000}, 0x18)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0xe000001a})
read$char_usb(r1, &(0x7f0000001980)=""/179, 0xb3)

155.097818ms ago: executing program 5 (id=1543):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000ffffffff000000000000000095000000a88fd205a17706f4ff000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
io_uring_setup(0x177d, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101a80, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000740)=0xe)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), 0xffffffffffffffff)
link(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00')
sendmsg$BATADV_CMD_GET_ORIGINATORS(r2, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000280)={&(0x7f00000003c0)={0x14, r3, 0x200, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x24}, 0x8000)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000340)=0xff)

121.619238ms ago: executing program 0 (id=1544):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x11, 0xb, &(0x7f00000005c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r1, 0x0, 0x2}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000030000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000020900010073797a30000000000900030073797a3200000000240b0000060a010400000000000000000100000008000b4000000000fc0a048028000180080001006c6f67001c0002800e00024073797a6b616c6c65720000000800054000000008d00a01800e000100696d6d656469617465000000bc0a0280640002804c0002800900020073797a32000000000900020073797a310000000008000180fffffffc0900020073797a31000000000800034000009c920900020073797a300000000008000180ffffffff14000280080003400000000808000180fffffffb0800014000000002080001400000000b500002804b000100fa62d7ba9ceeacf9aa4f832b78f35731f355d63e192a72aef5e68a05d1b806151b6bd1e2d74abafd383790ad363fdc1b7766748630b48f9beefdb33c86d5835a470b5ffd20d7e9006c0102805c00028008000180fffffffe0900020073797a30000000000900020073797a320000000008000180ffffffff0900020073797a320000000008000180fffffffd0900020073797a310000000008000180fffffffc0800034000000e5628000280080003400000000608000340000000070900020073797a320000000008000180fffffffe540002800900020073797a320000000008000180fffffffe0800034000000000080003400000000008000340000000090900020073797a310000000008000180fffffffe080003400000800108000180fffffffd8e000100818ce881ff18470752e86442e8b77ddcfc7a4c87f05cd36147be26c85cc854cc117db1906007a5a8c298f4724c8c743d46ec7f3ba478d9dfb10bbe9e4fdfc2188d62db9bb1364fed383fe0b0c3fbbab83959470cb0ffb14765c32f10b54d99531d04caaf264214997543a1c63637d9a3a20b7ce9312e545626eb375c88462c198f35cf8a11616de4fa0c000098020280eb00010099c8e680eb4d0e7f78e1fb62226ae541d997c8cb51c5ebd0bb7e2730b61310dcd7525807288a7ad8c00f6aa230a1d1b876ddb0e188384e7c79cd8af94a02451a04d8f116bde38077da45650d82bdd1767b03e3f35bc4a5769e659d8cdb6d9d9d717c78b50f6b3ac899b07a9eaf2c989654de7d6609299bad01ca1f3fa8b6229a6c69627a07f627880e902231b20368f3ae64fd12fc37afeb95f14a4dc3d0bc5f6e2afd0fc8ef6982054cffa703ee1376654019ad6d2add9052c5d2f2e0ba3318f931b2c5f2dcce5cbca6093c64d23b64e2f2061da3dd5983644280de22d592b63b5d7f6b571beb005400010041bbc64da6bacaad1bebec23352accccbca40d6ba87943f82df945bf4ccc5250a0c2b2cb13793380f424b280bfb960885af6df4afa26efa8fcd7a1243389ef3fcf1d709f775a9cd1dfb2b84fd03e5d70f800010001950b7c0ec30534e476b721ba6e82d03078fe63b683918ecbbb9c339c8cdd63689339ac43acd5973f4aac8720a98d18e13b98e11e291f3f3621ed29c717639f84bdd28810da6ae30538775f15e00133741e9de3f96f69ab363752fa962b3c71041ba1e463a91d782a968d9febb648b66e71a6827c53b3be014b785f61c4fd46fef00658f64cdd465edb61ba4c5f00849b2935c485da99a38489ecc29837433ac5446c3922d73153fd8fb2368a5ce4201760ca6778f570b7fcb38be633a02d57c5884b6bcbaf3bc28ca7686edb5d59e1b823a8f0f5ff788625995d51c16413783c6290a9714bd4dcbd2a388139f3e46f69916f335c0002800900020073797a3000000000080003400000000908000180000000000900020073797a3000000000080003400000000808000180fffffffd080003400000000408000340fffffff908000180fffffffb0800034000000003a80002801c000280080003400000020008000340fffffff508000340000000001400028008000340000000050800034000000007720001001c2cce526d2ee30fb33f426450278cb35ac06b1cef15fefc26b5c17a8c9251bed316fccb5588f2e071fc355537fcf458cf14217f16ce4c12a4b559f3e807c94c6cc4f418baebc6024b74b9dbc5ef66dbbe91812ea247db80670c101ed494f105ad9c09b4eaf8d5c133b46a311c1a00001c0302802000028008000180fffffffc0900020073797a320000000008000340000000035c00028008000180fffffffc08000180fffffffc08000180fffffffb0900020073797a300000000008000340000000060900020073797a30000000000900020073797a31000000000900020073797a310000000008000180fffffffbf6000100330e5af714359ac9da33381a13071148dbe4293800e6be0290efbb549850cda132ca27a55553fd77c3067504c4596086f4001f53d49e8111395ebccb983c6b04735a58ab2617dfc62123b09c8dc5a47154667414dc28e8369829764b2e3cc23303a882890bad6d3a70d9e15701ec8c4c15a46d38c9ed6bc8658f8a45a02083f563324a27c649bab7cbcb485c289bd8df0a040128df6891ab48095977e0463f8e3ed7ba6df976ee30768954dfeb3f08c942b2c9384aa0b78baf92ecf5e4d73788afb1bc5a8f7c4b454897cd8bcac7f19cdd949fac66756da3b9311e13362eee317df853f6bc7e4638eb145a1484d3780e09b50000c8000100d5c1e4159bf770e02e6e1ebe911d7513709588175328d2e11f2ebf3f6967c49bedcb2a5459a45272bb8084e3bb55ea7a80166d97ec16457ed7d2a834d9aafdb2a54110ddc7975eaeda4f897ec7d533c27df0ce5ff92cfedadc67fff850ee5d07822d72b27af229d17ad2f8d802ae40d98f373e348a04b4f0270c71f82319de3a0331f165204896e0e448cf7ea0f8eb32a312fda6716f72f0234742fe6708ad0adf587ea21d94b8c8f5080028dda1e21d3d9ac82d8edd12941631b72b692ecc262d6ae12393000100c56deda494a09379df59bad8f0f17376b307ce49571034af728b1c4bf694e3b91406b976944238ab36ccaf40e3d92952ba87aa27af6353a82868c9508577a1b6a349fce75b3e4952b04b9527f496b5555e6db110dec07430b01446635eff12f136dbcb54fd4dc90b02e1bc6488ed74efd9eeb1b6de6e2a234f6c323df5c28a0352d03b34ee4f64ab614078125aa3cc0048000280080003400000000c08000340000000010900020073797a310000000008000180fffffffd0800034000008000080003400000dc5b08000180fffffffc08000180fffffffb2c0202804b000100cece2d8ff50c68c1060c2e691ddc50c6d87b46b4e5f6695010163d98bac2d9d7693cff0ec1e2107f58d3c305c78e5a596df92f1dbe80793dce5424be9e7951890023db7d0b9b2700e5000100f46e4b21dd4b92221713eece21b0e3bfb3fe995725eca78713a8d11ac82a6aefeeeab4720bd136479523ccafa34771afedeafc55275842bb7adb37ff3c93b19d9d5139f8b67ee81e380faa9506e6c8e5956cf7efc9828438d340aa4bfe771769c6ddb2f8c31049c1fc37e8f28812ea0aadd0caa7e32f6bb4b2b7a4473e5fa876c87bf285a503660ea12a0cfff6863a87c64ea83c31e737e278edcad77cb964828c7049d335e25156fd4d1c2faada6a8363794fe487155fbfd7c2e1b8504d4a744357734f51fca0426ffe929280df27411f8a90a067b285e970fa1e403722ae91dd000000f400010073e22ba6603d1c92836887468b100c2dc430efeb2ef19c66bd0582fe94df7b5a20292fdfbd2009980dbf9651685f7713bfb0f42583e452670f29e2cabf848fcdcb7a2067f0b257efd7dc927e540584b08f026e14be231afa797e36410d8ad6cbced8c5d2cce2f5a8b75713e57b3161b5b4ce78f283bf59a04f90bc1c5a4371abed0124c621ecb51b6166ad39f14216c09456232b7ea8dd7058bbbeae8b1c13df7ffa1515a359309683421d783f4fb00547cb06b3f974e65f28397c2c16675436a414b6e28d61800c35bdc05f9837e14491ce0fa7c0fbf6f61dd8f7eceac62373ed913de212a188ad5fa12d0eab8a0b440900010073797a30"], 0xb98}}, 0x0)

114.602628ms ago: executing program 5 (id=1545):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
pipe(&(0x7f00000000c0)={<r1=>0xffffffffffffffff})
openat$cgroup_netprio_ifpriomap(r1, &(0x7f0000000340), 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='ext4_fc_replay_scan\x00', r0, 0x0, 0x4}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x80a, &(0x7f00000001c0), 0x1, 0x7b1, &(0x7f0000000ac0)="$eJzs3c9rXNUeAPDvnSRNmva95sGD175Ns3qvUDpp+/JaBcGICxEsFHRtGybTEDPJlMykNCELiwiCCFpcCLpxXbXu3Iqu/RvciEhLtWmxUlBG7vxIJpnJrzaT1ObzgRvOuffcnPO9d+65Z+YeZgLYswbTP5mIIxHxfhJxqL4+iYieaqo7YqRW7sHiQi5dkqhUXv0lqZa5v7iQi6Z9UgfqmcMR8c3bEcczrfWW5uYnRwuF/Ew9P1SeujxUmps/MTE1Op4fz0+fOTU8fPrs/8+e2b5Yf/1u/uDtD1767xcjD9/61833vk1iJA7WtzXHsV0GY7B+THrSQ7jCi9td2S5LdrsBPJL00uyqXeVxJA5FVzUFADzN0vt/BQDYYxL3fwDYYxqfA9xfXMg1lt39RGJn3XkhIvpq8Teeb9a2dNef2fVVn4P230/X9Cztt13PuwYj4pOvXv8sXaJDzyEB2nnzWkRcHBhs7f+TljkLW3VyE2UGV+X1f7Bzvk7HP8+0G/9llsY/UR3/JCtmhvS2uXYfxWDEvuZ86/WfudV2x+e3ofL6+O+52ty2NNCm8d/SpLWBrnrub2nmaERMFPJp3/b3iDgWPb2XJgr5U+vUcezeH/fW2tY8/rsbyY20/rvX37ixXCJzq7t35T5jo+XRx4m52Z1rEf/uXp7b96Cl/++rjnVXn/903fn1/vHR5eTLz77z8VrF0vjTeBtLa/ydVfk04j/RPv6GZN35iUPp6T9Z+9u+ji9/+Kh/rfqbz3+6pPU33gvshPT8968f/0DSPF+ztL31bxx/+9f/vuS1arrReVwdLZdnTkXsS15pXX96ed9GvlE+jb8W6er4M+u+/tN3ghc3GWP37Z8/f/T4OyuNf2xL53/riZsPJrvWqn9z53+4mjpWX7OZ/m+zDXycYwcAAAAAAAAAAAAAAAAAAAAAAAAAm5WJiIORZLJL6Uwmm639hvc/oz9TKJbKxy8VZ6fHovpb2QPRk2l81eWhWj5pfP/pQFP+9Kr8/yLiHxHxYe/+aj6bKxbGdjt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg7sMbv/6d+6t3t1gEAHdO3YYl7+RXZSqVS6WB7AIDO2/j+DwA8bda5/+/fyXYAADvH+38A2Hvc/wFg73H/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMPOnzuXLpXfFhdyaX7sytzsZPHKibF8aTI7NZvL5oozl7PjxeJ4IZ/NFac2+n+FYvHycEzPXh0q50vlodLc/IWp4ux0+cLE1Oh4/kK+Z0eiAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICtKc3NT44WCvmZpyLxbkQ8Ac3oRCKJJ6IZHU/E762bfjzx/eFqojci2ux1fYOX8UjnG//wCTh0j5PYX+8PltfscscEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8BfxZwAAAP//ds4gMA==")
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRESOCT=r3], 0x48)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x109)
sendfile(r4, r4, 0x0, 0xb)

98.140349ms ago: executing program 0 (id=1546):
r0 = socket$nl_generic(0x11, 0x3, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0xa802, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0x158)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x8200, &(0x7f0000000000)=ANY=[@ANYBLOB='mpol=bind:N-N'])
ioctl$TIOCSSOFTCAR(r1, 0x541a, &(0x7f0000000180)=0x2)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x88140, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xa6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x19, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket(0x10, 0x3, 0x9)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f00000009c0), r5)
r7 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$selinux_access(r7, &(0x7f00000002c0)={'system_u:object_r:syslogd_var_run_t:s0', 0x20, '/usr/lib/telepathy/mission-control-5', 0x20, 0xb3bc}, 0x61)
r8 = socket$nl_rdma(0x10, 0x3, 0x14)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
splice(r8, 0x0, r11, 0x0, 0x400000008000f28, 0x0)
splice(r10, 0x0, r9, 0x0, 0x114, 0xe)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="00010000031401"], 0x100}, 0x1, 0x0, 0x0, 0x4040024}, 0x0)
r12 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r12, 0x1, 0x11, &(0x7f0000000240)={0x0, <r13=>0x0}, &(0x7f0000000280)=0x5)
setuid(r13)
quotactl_fd$Q_QUOTAON(r7, 0xffffffff80000200, r13, &(0x7f0000000ac0)='./file0\x00')
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000000a80)={&(0x7f0000000980), 0xc, &(0x7f0000000a40)={&(0x7f0000000a00)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="000227bd7000fedbdf25030000000800040001000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x1000)
sendmsg$NFT_BATCH(r5, &(0x7f00000001c0)={&(0x7f0000000080), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [], {0x14}}, 0x28}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r2, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @multicast1, @multicast1}, @address_request}}}}, 0x0)
sendmsg(r0, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x2c, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x3e}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)

803.45µs ago: executing program 1 (id=1547):
r0 = accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000040)=0x14, 0x0)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000080)=@req={0x2, 0x5, 0x200, 0x2}, 0x10) (async)
r2 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
waitid$P_PIDFD(0x3, r2, &(0x7f0000000100), 0x80000000, &(0x7f0000000180))
r3 = io_uring_setup(0x3171, &(0x7f0000000240)={0x0, 0xff35, 0x32f689a848ad5350, 0x3, 0x352})
io_uring_register$IORING_REGISTER_PBUF_RING(r3, 0x16, &(0x7f0000000780)={&(0x7f0000001000)={[{&(0x7f00000002c0)="3b266952146688e3a53f6e715f7259e4b143b6b4f1b84d28826ff36a0d6e5e640ba29a0fc5899d46a90af4bcc55307c3125fb5ef94e99e06371f23b2ebd3eccdf9afb12c80bf29e0bc9453129dda32499511ac066e", 0x55, 0x3}, {&(0x7f0000000340)="dfe12164fee984bf0f30", 0xa, 0x2}, {&(0x7f0000000380)="d76cee04dce98804db49a1f680f9de1be5f052583ed614fe64819976a43823d582068a2a4381454bbd1fbe58b7cfaaaeb6e420e8840a421cf55120f77c70dd7439e4a22a5ee80e4cd68f5754d2f55cc41da7df6588026ca3994240dde11e96180aa90eb8169f045196aa5fc1710c28684870811283b31a3ae013ae34ddb40d5a42b40b0a279e511fda8062158941b7a2d2ffb04d0a046f58b8ae094f75ab5b8fc72087f982f036fdab50c6a86ccd0f9ab7f8394d04f00f34ada27c1ef3fbe12db7", 0xc1, 0x1}, {&(0x7f0000000480)="f7714f08a7368990e9f1dec37810bd87d3ae17eb9d6abf823c3defe373b703195f2933c8f0919f627275df3fa0e408aebf63dc8797468044b84a41a743138e8dd07a9ee39d561361c78a2d3ea7532530c97c4937ca53c7eb07bdb9415fcb62703a0cd53e11e6e6e5d90e4ba8fb81579fe57d3bebc4844b15d18e0cc35d075b33c06fe497916db05c040ff3c5bbfa6ca6443bb6f769daf7f551ba400689863812e4134cb1908efc3eeb8a0d89c45a7650809e19cbe3dd076bb160f1d551670abf8745e947300cf4e2393514502896ce0ef9edb18651710a2d1d3350baccb073", 0xdf}, {&(0x7f0000000580)="3b58400d712b8fd5771985ea63a45afbc7ec995c191fb7de3d4cc6aae463a81f66d8f5e5b420225a798b900cdc688d82cf7943f5a3910e58dc29ea3e54ef7f260a1fe22f52e417757343da777fa48258af9af84f330bf2760d236e7e22a70b0ae2fff34c9c00d9e195938dfe998cebfd00cec24d625a3ef91d9675f8e9f7d38614e77a4d9471693da283a1e7eb1854e860677f815c48f8627fc69e9fe9ae090a2502182a87183413fbc3d6b05868d99e60e0f87cca97430e9cc43494134ecb4a4e8f905405ee07d289884b7087139487682e0b53d5817934a8386ec4799ac22854366a33f247b92bb604b5c6bb6af0970d971d229c", 0xf5, 0x3}, {&(0x7f0000000680)="ea93a636bd5d65f3b47efe47ce23f36aaaad52f8445e07d6", 0x18, 0x3}, {&(0x7f00000006c0)="b396fa3365121a00d4052717b42a8d7746058fa1856f02cc47aeaf683ecfda7eb34e5c4018a751d445cd1c0f06208d0f182cfd35de1ee011ea12369dbca6b38b0783e0ae6e95001e4facd91ef3ff1a5424129be0d053e49b3534221dd4eede913b5d1fe212a834821263a8790fc404cbee04988bc866d64b92788b7ac65e40a6206564f7b7c55b4e36e66af3c15566a95c3e15a6048e99a773066ccaa1298e1f", 0xa0}]}, 0x7, 0x3}, 0x1) (async)
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000a80)=@bpf_lsm={0x1d, 0x1d, &(0x7f00000007c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xffff4d6d, 0x0, 0x0, 0x0, 0x3e}, {}, {}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @map_idx={0x18, 0xb, 0x5, 0x0, 0xc}, @exit, @map_val={0x18, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000008c0)='syzkaller\x00', 0xb786, 0xf9, &(0x7f0000000900)=""/249, 0x41000, 0x50, '\x00', r1, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000a00)={0x7, 0x2}, 0x8, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000a40)=[0x1], 0x0, 0x10, 0x3, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000e00)={r4, 0xe0, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000b40)=[0x0], ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x3, 0x3, &(0x7f0000000b80)=[0x0, 0x0, 0x0], &(0x7f0000000bc0)=[0x0, 0x0, 0x0], 0x0, 0x79, &(0x7f0000000c00)=[{}, {}], 0x10, 0x10, &(0x7f0000000c40), &(0x7f0000000c80), 0x8, 0xd5, 0x8, 0x8, &(0x7f0000000cc0)}}, 0x10) (async)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000e40)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}) (async)
r8 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x2, &(0x7f0000000ec0)=[r6, r3, r0, r8], 0x4) (async)
sendmsg$IPCTNL_MSG_EXP_DELETE(r8, &(0x7f0000000f80)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000f40)={&(0x7f0000002000)={0xc8, 0x2, 0x2, 0x5, 0x0, 0x0, {0x7}, [@CTA_EXPECT_FN={0x13, 0xb, 'callforwarding\x00'}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x5}, @CTA_EXPECT_HELP_NAME={0xf, 0x6, 'sane-20000\x00'}, @CTA_EXPECT_TUPLE={0x70, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private=0xa010102}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2d0bc270b1e5eb3e}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private=0xa010100}, {0x8, 0x2, @multicast1}}}]}, @CTA_EXPECT_MASK={0x18, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private=0xa010101}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x14}}}}]}]}, 0xc8}, 0x1, 0x0, 0x0, 0x4008000}, 0x8000000) (async)
r9 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000fc0), 0x545000, 0x0) (async)
r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000002140), 0xffffffffffffffff) (async)
getpeername$packet(r0, &(0x7f0000002180)={0x11, 0x0, <r11=>0x0}, &(0x7f00000021c0)=0x14)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r8, &(0x7f0000002400)={&(0x7f0000002100), 0xc, &(0x7f00000023c0)={&(0x7f0000002200)={0x1b0, r10, 0x200, 0x70bd2c, 0x25dfdbfe, {}, [@HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp0\x00'}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gretap0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}]}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x4}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg\x00'}]}]}, 0x1b0}, 0x1, 0x0, 0x0, 0x24000004}, 0x4040000) (async)
ioctl$USBDEVFS_DISCARDURB(r8, 0x550b, &(0x7f0000002440)=0x1) (async)
epoll_pwait(r9, &(0x7f0000002480)=[{}, {}, {}, {}, {}, {}, {}], 0x7, 0x8000, &(0x7f0000002500)={[0x2e]}, 0x8) (async)
r12 = bpf$MAP_CREATE(0x0, &(0x7f0000002540)=@bloom_filter={0x1e, 0x2, 0x3, 0x6, 0x4584, r8, 0xf, '\x00', 0x0, r8, 0x5, 0x1, 0x2, 0x0, @void, @value, @void, @value}, 0x50) (async)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r8, 0x18, &(0x7f00000025c0)={0x2, r8, 0x2, {0x3, 0x8}, 0xb}, 0x1)
mprotect(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000005) (async)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r8, 0x84, 0x13, &(0x7f0000002600)={<r13=>0x0, 0x5}, &(0x7f0000002640)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r8, 0x84, 0x7b, &(0x7f0000002680)={r13, 0x9}, 0x8) (async)
poll(&(0x7f00000026c0)=[{r3, 0xc4}, {r6, 0x81}, {r8, 0x100}, {r7, 0x4001}, {r12, 0x14002}, {r8, 0x1245}, {r4, 0x108e}, {r6, 0x201}, {r4, 0x2005}, {r2, 0x2000}], 0xa, 0x3)
io_uring_register$IORING_REGISTER_PBUF_STATUS(r8, 0x1a, &(0x7f0000002740)={0x6}, 0x1) (async, rerun: 32)
sendto$inet6(r8, &(0x7f0000002780)="736b22c4231d9701cc195dedd41300b7d9e05e8bcb9d05914d0a8c33020e052b3c8d2ac520a358aef254cce6a9bbb1f149ae1ed38ef059dca3200366789183f5084c3d16837cc05be3623243e50aba2931bd7df5925942aaca054d72283dc08d6482447a327c82ce75d8d172b26584441fde74e87382bf2a617c4d7566a5be458d0de0021d11203f9d676244b38d26ed7c4bf54e93", 0x95, 0x24008040, &(0x7f0000002840)={0xa, 0x4e20, 0x6, @dev={0xfe, 0x80, '\x00', 0x10}, 0x9}, 0x1c) (rerun: 32)
r14 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt$EBT_SO_GET_INIT_ENTRIES(r14, 0x0, 0x83, &(0x7f0000002940)={'broute\x00', 0x0, 0x4, 0xd, [0xe, 0x7fff, 0x1000, 0x3, 0x7fff, 0x1], 0x8, &(0x7f0000002880)=[{}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000002900)=""/13}, &(0x7f00000029c0)=0x78) (async, rerun: 32)
r15 = socket$inet6_mptcp(0xa, 0x1, 0x106) (rerun: 32)
ioctl$sock_inet6_SIOCDELRT(r15, 0x890c, &(0x7f0000002a00)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private0, @private0, 0xb, 0x9, 0x8, 0x400, 0x7, 0x200, r1})

0s ago: executing program 5 (id=1548):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0e000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x15, 0x0, 0x0, &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x9b, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40a, 0x0, @perf_config_ext={0x9}, 0x104002, 0xa1b7, 0x0, 0x0, 0x6f00000000000, 0xffffffff, 0x0, 0x0, 0xffffbffe, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f1, &(0x7f0000000080))

kernel console output (not intermixed with test programs):

process `syz.2.838'.
[  105.398146][ T6192] loop2: detected capacity change from 0 to 512
[  105.432927][ T6192] EXT4-fs error (device loop2): ext4_iget_extra_inode:4693: inode #15: comm syz.2.838: corrupted in-inode xattr: invalid ea_ino
[  105.433148][ T6192] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.838: couldn't read orphan inode 15 (err -117)
[  105.433650][ T6192] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.446266][ T6197] netlink: 'syz.5.839': attribute type 6 has an invalid length.
[  105.652823][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.860232][ T6209] netlink: 16 bytes leftover after parsing attributes in process `syz.2.842'.
[  105.860253][ T6209] netlink: 12 bytes leftover after parsing attributes in process `syz.2.842'.
[  105.969574][ T6216] SELinux:  policydb magic number 0x2a does not match expected magic number 0xf97cff8c
[  105.969820][ T6216] SELinux: failed to load policy
[  106.041186][   T29] kauditd_printk_skb: 211 callbacks suppressed
[  106.041205][   T29] audit: type=1326 audit(1747407636.671:4395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6217 comm="syz.5.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  106.041241][   T29] audit: type=1326 audit(1747407636.671:4396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6217 comm="syz.5.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  106.041267][   T29] audit: type=1326 audit(1747407636.671:4397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6217 comm="syz.5.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  106.041295][   T29] audit: type=1326 audit(1747407636.671:4398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6217 comm="syz.5.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  106.041392][   T29] audit: type=1326 audit(1747407636.671:4399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6217 comm="syz.5.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  106.041423][   T29] audit: type=1326 audit(1747407636.671:4400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6217 comm="syz.5.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  106.041454][   T29] audit: type=1326 audit(1747407636.671:4401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6217 comm="syz.5.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  106.041485][   T29] audit: type=1326 audit(1747407636.671:4402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6217 comm="syz.5.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  106.041614][   T29] audit: type=1326 audit(1747407636.671:4403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6217 comm="syz.5.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  106.041646][   T29] audit: type=1326 audit(1747407636.671:4404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6217 comm="syz.5.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  106.047831][ T6215] netlink: 12 bytes leftover after parsing attributes in process `syz.1.845'.
[  106.050722][ T6215] loop1: detected capacity change from 0 to 512
[  106.061716][ T6215] EXT4-fs error (device loop1): ext4_iget_extra_inode:4693: inode #15: comm syz.1.845: corrupted in-inode xattr: invalid ea_ino
[  106.282307][ T6232] netlink: 12 bytes leftover after parsing attributes in process `syz.2.858'.
[  106.327613][ T6215] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.845: couldn't read orphan inode 15 (err -117)
[  106.338541][ T6234] loop2: detected capacity change from 0 to 512
[  106.345850][ T6224] bond1: (slave gretap1): Releasing active interface
[  106.362929][ T6234] EXT4-fs error (device loop2): ext4_iget_extra_inode:4693: inode #15: comm syz.2.858: corrupted in-inode xattr: invalid ea_ino
[  106.366604][ T6215] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.372825][ T6234] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.858: couldn't read orphan inode 15 (err -117)
[  106.420410][ T6234] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.432298][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.449838][ T6227] 8021q: VLANs not supported on vcan0
[  106.514536][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.533468][ T6242] C: renamed from team_slave_0
[  106.540706][ T6242] netlink: 'syz.2.850': attribute type 1 has an invalid length.
[  106.548526][ T6242] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  106.579024][ T6247] netlink: 12 bytes leftover after parsing attributes in process `syz.0.851'.
[  106.627502][ T6251] lo: entered promiscuous mode
[  106.633045][ T6251] lo: entered allmulticast mode
[  106.663752][ T6256] loop8: detected capacity change from 0 to 7
[  106.703535][ T6255] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  106.714007][ T6255] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.765541][ T6255] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  106.776001][ T6255] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.827280][ T6255] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  106.838126][ T6255] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.905784][ T6255] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  106.916140][ T6255] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.970616][ T6267] loop5: detected capacity change from 0 to 512
[  107.002319][ T6255] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  107.010925][ T6255] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  107.016964][ T6255] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  107.027679][ T6255] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  107.041335][ T6255] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  107.049621][ T6255] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  107.063372][ T6255] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  107.071709][ T6255] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  107.118947][ T6272] __nla_validate_parse: 3 callbacks suppressed
[  107.118974][ T6272] netlink: 12 bytes leftover after parsing attributes in process `syz.5.862'.
[  107.150157][ T6272] loop5: detected capacity change from 0 to 512
[  107.165049][ T6272] EXT4-fs error (device loop5): ext4_iget_extra_inode:4693: inode #15: comm syz.5.862: corrupted in-inode xattr: invalid ea_ino
[  107.179569][ T6272] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.862: couldn't read orphan inode 15 (err -117)
[  107.193584][ T6272] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.224592][ T5471] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.252599][ T6281] netlink: 4 bytes leftover after parsing attributes in process `syz.5.866'.
[  107.267294][ T6280] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  107.278996][ T6280] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  107.419740][ T6289] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  107.469510][ T6281] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  107.484748][ T6281] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  107.595101][ T6294] netlink: 28 bytes leftover after parsing attributes in process `syz.3.874'.
[  107.604066][ T6294] netlink: 108 bytes leftover after parsing attributes in process `syz.3.874'.
[  107.614101][ T6294] netlink: 28 bytes leftover after parsing attributes in process `syz.3.874'.
[  107.623264][ T6294] netlink: 108 bytes leftover after parsing attributes in process `syz.3.874'.
[  107.632434][ T6294] netlink: 84 bytes leftover after parsing attributes in process `syz.3.874'.
[  107.691755][ T6297] netlink: 12 bytes leftover after parsing attributes in process `syz.3.875'.
[  107.709671][ T6297] loop3: detected capacity change from 0 to 512
[  107.720011][ T6297] EXT4-fs error (device loop3): ext4_iget_extra_inode:4693: inode #15: comm syz.3.875: corrupted in-inode xattr: invalid ea_ino
[  107.736539][ T6297] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.875: couldn't read orphan inode 15 (err -117)
[  107.750074][ T6297] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.795220][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.872956][ T6301] netlink: 4 bytes leftover after parsing attributes in process `syz.0.876'.
[  107.890581][ T6301] wireguard0: entered promiscuous mode
[  107.896446][ T6301] wireguard0: entered allmulticast mode
[  108.294123][ T6308] loop3: detected capacity change from 0 to 512
[  108.345009][ T6308] EXT4-fs error (device loop3): ext4_iget_extra_inode:4693: inode #15: comm syz.3.877: corrupted in-inode xattr: invalid ea_ino
[  108.359620][ T6308] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.877: couldn't read orphan inode 15 (err -117)
[  108.374385][ T6308] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.387572][ T6312] loop1: detected capacity change from 0 to 2048
[  108.399885][ T6314] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(9)
[  108.406447][ T6314] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  108.414148][ T6314] vhci_hcd vhci_hcd.0: Device attached
[  108.424435][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.427242][ T6315] vhci_hcd: connection closed
[  108.434235][   T56] vhci_hcd: stop threads
[  108.441883][ T6312]  loop1: p1 < > p4
[  108.443305][   T56] vhci_hcd: release socket
[  108.450146][ T6312] loop1: p4 size 8388608 extends beyond EOD, 
[  108.451426][   T56] vhci_hcd: disconnect device
[  108.462477][ T6312] truncated
[  108.549325][ T6331] loop3: detected capacity change from 0 to 512
[  108.560697][ T6331] EXT4-fs error (device loop3): ext4_iget_extra_inode:4693: inode #15: comm syz.3.886: corrupted in-inode xattr: invalid ea_ino
[  108.574275][ T6333] loop1: detected capacity change from 0 to 512
[  108.578049][ T6331] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.886: couldn't read orphan inode 15 (err -117)
[  108.594001][ T6331] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.613733][ T6333] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.626655][ T6333] ext4 filesystem being mounted at /163/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  108.638883][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.703132][ T6339] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #2: comm syz.1.887: corrupted inode contents
[  108.718801][ T6339] EXT4-fs error (device loop1): ext4_dirty_inode:6103: inode #2: comm syz.1.887: mark_inode_dirty error
[  108.730621][ T6339] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #2: comm syz.1.887: corrupted inode contents
[  108.744585][ T6339] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #2: comm syz.1.887: mark_inode_dirty error
[  108.842944][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.857623][ T6341] C: renamed from team_slave_0
[  108.865543][ T6341] netlink: 'syz.3.889': attribute type 1 has an invalid length.
[  108.873380][ T6341] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  108.917224][ T6345] loop1: detected capacity change from 0 to 256
[  108.925604][ T6345] FAT-fs (loop1): count of clusters too big (178174)
[  108.932345][ T6345] FAT-fs (loop1): Can't find a valid FAT filesystem
[  108.973390][ T6352] netlink: 'syz.0.905': attribute type 1 has an invalid length.
[  108.981295][ T6352] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  109.008950][ T6353] loop5: detected capacity change from 0 to 512
[  109.156100][ T6354] syz_tun: entered allmulticast mode
[  109.162864][ T6353] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  109.176340][ T6353] ext4 filesystem being mounted at /48/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  109.455172][ T5471] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  109.493057][ T6383] netlink: zone id is out of range
[  109.498186][ T6385] loop1: detected capacity change from 0 to 512
[  109.498308][ T6383] netlink: zone id is out of range
[  109.509831][ T6383] netlink: zone id is out of range
[  109.515110][ T6383] netlink: zone id is out of range
[  109.520473][ T6383] netlink: zone id is out of range
[  109.525636][ T6383] netlink: zone id is out of range
[  109.526620][ T6385] EXT4-fs error (device loop1): ext4_iget_extra_inode:4693: inode #15: comm syz.1.904: corrupted in-inode xattr: invalid ea_ino
[  109.530738][ T6383] netlink: zone id is out of range
[  109.544552][ T6385] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.904: couldn't read orphan inode 15 (err -117)
[  109.563433][ T6385] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.564910][ T6383] hub 9-0:1.0: USB hub found
[  109.589938][ T6383] hub 9-0:1.0: 8 ports detected
[  109.596324][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.778309][ T6346] syz_tun: left allmulticast mode
[  109.840154][ T6404] loop5: detected capacity change from 0 to 1024
[  109.847001][ T6404] EXT4-fs: Ignoring removed oldalloc option
[  109.854770][ T6404] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  109.874922][ T6404] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.945016][ T6420] FAULT_INJECTION: forcing a failure.
[  109.945016][ T6420] name failslab, interval 1, probability 0, space 0, times 0
[  109.957820][ T6420] CPU: 0 UID: 0 PID: 6420 Comm: syz.0.916 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  109.957846][ T6420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  109.957857][ T6420] Call Trace:
[  109.957862][ T6420]  <TASK>
[  109.957869][ T6420]  __dump_stack+0x1d/0x30
[  109.957888][ T6420]  dump_stack_lvl+0xe8/0x140
[  109.957905][ T6420]  dump_stack+0x15/0x1b
[  109.957990][ T6420]  should_fail_ex+0x265/0x280
[  109.958020][ T6420]  should_failslab+0x8c/0xb0
[  109.958047][ T6420]  kmem_cache_alloc_noprof+0x50/0x310
[  109.958071][ T6420]  ? alloc_empty_file+0x76/0x200
[  109.958121][ T6420]  alloc_empty_file+0x76/0x200
[  109.958143][ T6420]  alloc_file_pseudo+0xc6/0x160
[  109.958176][ T6420]  aio_setup_ring+0x133/0x740
[  109.958203][ T6420]  ioctx_alloc+0x2c4/0x4e0
[  109.958224][ T6420]  ? fput+0x8f/0xc0
[  109.958241][ T6420]  __se_sys_io_setup+0x6b/0x1b0
[  109.958262][ T6420]  __x64_sys_io_setup+0x31/0x40
[  109.958334][ T6420]  x64_sys_call+0x2f0e/0x2fb0
[  109.958352][ T6420]  do_syscall_64+0xd0/0x1a0
[  109.958447][ T6420]  ? clear_bhb_loop+0x40/0x90
[  109.958466][ T6420]  ? clear_bhb_loop+0x40/0x90
[  109.958484][ T6420]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.958581][ T6420] RIP: 0033:0x7f8ac1bee969
[  109.958595][ T6420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.958610][ T6420] RSP: 002b:00007f8ac0257038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  109.958632][ T6420] RAX: ffffffffffffffda RBX: 00007f8ac1e15fa0 RCX: 00007f8ac1bee969
[  109.958643][ T6420] RDX: 0000000000000000 RSI: 0000200000000680 RDI: 0000000000002004
[  109.958653][ T6420] RBP: 00007f8ac0257090 R08: 0000000000000000 R09: 0000000000000000
[  109.958663][ T6420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.958701][ T6420] R13: 0000000000000000 R14: 00007f8ac1e15fa0 R15: 00007ffebdb3f838
[  109.958783][ T6420]  </TASK>
[  110.226622][ T6423] IPv6: NLM_F_CREATE should be specified when creating new route
[  110.285957][ T6423] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6423 comm=syz.0.917
[  110.621813][ T5471] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.622190][ T6427] netlink: 'syz.0.918': attribute type 13 has an invalid length.
[  110.638974][ T6427] syz_tun: refused to change device tx_queue_len
[  110.639054][ T6431] loop1: detected capacity change from 0 to 512
[  110.664783][ T6431] EXT4-fs error (device loop1): ext4_iget_extra_inode:4693: inode #15: comm syz.1.919: corrupted in-inode xattr: invalid ea_ino
[  110.699000][ T6431] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.919: couldn't read orphan inode 15 (err -117)
[  110.712198][ T6431] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.744131][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.760915][ T6440] hub 9-0:1.0: USB hub found
[  110.767184][ T6440] hub 9-0:1.0: 8 ports detected
[  111.373776][ T6474] loop5: detected capacity change from 0 to 4096
[  111.386391][ T6474] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.414555][ T6474] netlink: 'syz.5.938': attribute type 13 has an invalid length.
[  111.424716][ T6474] syz_tun: refused to change device tx_queue_len
[  111.520028][   T29] kauditd_printk_skb: 645 callbacks suppressed
[  111.520046][   T29] audit: type=1326 audit(1747407642.081:5050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6473 comm="syz.5.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  111.549936][   T29] audit: type=1326 audit(1747407642.081:5051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6473 comm="syz.5.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  111.573681][   T29] audit: type=1326 audit(1747407642.081:5052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6473 comm="syz.5.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  111.597009][   T29] audit: type=1326 audit(1747407642.081:5053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6473 comm="syz.5.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  111.620365][   T29] audit: type=1326 audit(1747407642.081:5054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6473 comm="syz.5.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  111.643802][   T29] audit: type=1326 audit(1747407642.081:5055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6473 comm="syz.5.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  111.667159][   T29] audit: type=1326 audit(1747407642.081:5056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6473 comm="syz.5.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  111.690514][   T29] audit: type=1326 audit(1747407642.081:5057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6473 comm="syz.5.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  111.713911][   T29] audit: type=1326 audit(1747407642.081:5058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6473 comm="syz.5.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  111.737389][   T29] audit: type=1326 audit(1747407642.081:5059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6473 comm="syz.5.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  111.761857][ T5471] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.788927][ T6480] tipc: Started in network mode
[  111.793939][ T6480] tipc: Node identity , cluster identity 4711
[  111.800062][ T6480] tipc: Failed to set node id, please configure manually
[  111.807167][ T6480] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  111.846251][ T6484] xt_hashlimit: max too large, truncated to 1048576
[  111.946827][ T6495] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  111.957161][ T6495] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98
[  112.058191][ T6506] loop3: detected capacity change from 0 to 2048
[  112.076841][ T6508] loop1: detected capacity change from 0 to 2048
[  112.192336][ T6508]  loop1: p1 < > p4
[  112.197422][ T6508] loop1: p4 size 8388608 extends beyond EOD, truncated
[  112.204651][ T6506] EXT4-fs error (device loop3): ext4_ext_check_inode:524: inode #2: comm syz.3.952: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  112.384648][ T6506] EXT4-fs (loop3): get root inode failed
[  112.390359][ T6506] EXT4-fs (loop3): mount failed
[  112.444553][ T6508] __nla_validate_parse: 20 callbacks suppressed
[  112.444623][ T6508] netlink: 12 bytes leftover after parsing attributes in process `syz.1.953'.
[  112.671293][ T6525] loop5: detected capacity change from 0 to 256
[  112.709707][ T6525] FAT-fs (loop5): error, corrupted file size (i_pos 196, 2097152)
[  112.717642][ T6525] FAT-fs (loop5): Filesystem has been set read-only
[  112.827058][ T6529] tipc: Started in network mode
[  112.832006][ T6529] tipc: Node identity , cluster identity 4711
[  112.832530][ T6527] loop1: detected capacity change from 0 to 1024
[  112.838089][ T6529] tipc: Failed to set node id, please configure manually
[  112.846541][ T6527] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  112.851507][ T6529] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  112.870470][ T6527] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  112.881738][ T6527] JBD2: no valid journal superblock found
[  112.887499][ T6527] EXT4-fs (loop1): Could not load journal inode
[  112.899325][ T6527] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  112.944577][ T6527] loop1: detected capacity change from 0 to 512
[  112.970711][ T6527] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.958: iget: bad extended attribute block 1
[  112.988884][ T6527] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.958: couldn't read orphan inode 15 (err -117)
[  113.015846][ T6527] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.029619][ T6527] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[  113.089736][ T6540] net_ratelimit: 593 callbacks suppressed
[  113.089754][ T6540] netlink: zone id is out of range
[  113.100882][ T6540] netlink: zone id is out of range
[  113.106117][ T6540] netlink: zone id is out of range
[  113.111347][ T6540] netlink: zone id is out of range
[  113.116475][ T6540] netlink: zone id is out of range
[  113.121514][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.121655][ T6540] netlink: zone id is out of range
[  113.135805][ T6540] netlink: zone id is out of range
[  113.141085][ T6540] netlink: zone id is out of range
[  113.146210][ T6540] netlink: zone id is out of range
[  113.151399][ T6540] netlink: zone id is out of range
[  113.167452][ T6543] loop3: detected capacity change from 0 to 512
[  113.192713][ T6543] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.223008][ T6543] ext4 filesystem being mounted at /192/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  113.256517][ T6543] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #2: comm syz.3.964: corrupted inode contents
[  113.282331][ T6550] loop1: detected capacity change from 0 to 1024
[  113.292880][ T6550] EXT4-fs: Ignoring removed oldalloc option
[  113.298825][ T6550] EXT4-fs: Ignoring removed orlov option
[  113.306808][ T6543] EXT4-fs error (device loop3): ext4_dirty_inode:6103: inode #2: comm syz.3.964: mark_inode_dirty error
[  113.343168][ T6550] EXT4-fs (loop1): stripe (1570) is not aligned with cluster size (16), stripe is disabled
[  113.358848][ T6543] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #2: comm syz.3.964: corrupted inode contents
[  113.386371][ T6543] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #2: comm syz.3.964: mark_inode_dirty error
[  113.401459][ T6550] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.457892][ T6550] EXT4-fs (loop1): shut down requested (2)
[  113.485024][ T6550] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  113.527096][ T6550] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  113.542173][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.595270][ T6550] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=16
[  113.615319][ T6570] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6570 comm=syz.0.971
[  113.622822][ T6569] 9pnet: p9_errstr2errno: server reported unknown error �@íÎÇpî‘AçÁ›
¬ž;
KZì44§/@®qæžkøp
[  113.622822][ T6569] éC<+¨¦³P5…"kÜÔö­¦ôÎxU’:
[  113.653887][ T6550] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=13
[  113.655239][ T6573] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  113.681614][ T6573] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  113.694885][ T6550] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  113.704191][ T6571] loop3: detected capacity change from 0 to 512
[  113.705429][ T6576] loop5: detected capacity change from 0 to 2048
[  113.711848][ T6550] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=16
[  113.718319][ T6571] EXT4-fs (loop3): bad s_min_extra_isize: 65528
[  113.725870][ T6550] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  113.742110][ T6550] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=13
[  113.751707][ T6576]  loop5: p1 < > p4
[  113.756926][ T6576] loop5: p4 size 8388608 extends beyond EOD, truncated
[  113.795401][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.881315][ T6587] loop1: detected capacity change from 0 to 1024
[  113.888246][ T6587] EXT4-fs: Ignoring removed oldalloc option
[  113.894906][ T6587] EXT4-fs: Ignoring removed orlov option
[  113.902438][ T6587] EXT4-fs (loop1): stripe (1570) is not aligned with cluster size (16), stripe is disabled
[  113.933658][ T6580] FAULT_INJECTION: forcing a failure.
[  113.933658][ T6580] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  113.946765][ T6580] CPU: 1 UID: 0 PID: 6580 Comm: syz.5.976 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  113.946791][ T6580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  113.946802][ T6580] Call Trace:
[  113.946808][ T6580]  <TASK>
[  113.946815][ T6580]  __dump_stack+0x1d/0x30
[  113.946834][ T6580]  dump_stack_lvl+0xe8/0x140
[  113.946851][ T6580]  dump_stack+0x15/0x1b
[  113.946912][ T6580]  should_fail_ex+0x265/0x280
[  113.946954][ T6580]  should_fail+0xb/0x20
[  113.946980][ T6580]  should_fail_usercopy+0x1a/0x20
[  113.946997][ T6580]  _copy_to_user+0x20/0xa0
[  113.947017][ T6580]  syslog_print_all+0x1cb/0x3a0
[  113.947082][ T6580]  do_syslog+0x2fd/0x7e0
[  113.947102][ T6580]  ? __secure_computing+0x82/0x150
[  113.947122][ T6580]  __x64_sys_syslog+0x41/0x50
[  113.947138][ T6580]  x64_sys_call+0x2ea0/0x2fb0
[  113.947220][ T6580]  do_syscall_64+0xd0/0x1a0
[  113.947247][ T6580]  ? clear_bhb_loop+0x40/0x90
[  113.947285][ T6580]  ? clear_bhb_loop+0x40/0x90
[  113.947303][ T6580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.947321][ T6580] RIP: 0033:0x7f8e7b6ae969
[  113.947334][ T6580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.947349][ T6580] RSP: 002b:00007f8e79d17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000067
[  113.947405][ T6580] RAX: ffffffffffffffda RBX: 00007f8e7b8d5fa0 RCX: 00007f8e7b6ae969
[  113.947421][ T6580] RDX: 00000000000000d8 RSI: 0000200000000580 RDI: 0000000000000004
[  113.947443][ T6580] RBP: 00007f8e79d17090 R08: 0000000000000000 R09: 0000000000000000
[  113.947462][ T6580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.947477][ T6580] R13: 0000000000000000 R14: 00007f8e7b8d5fa0 R15: 00007ffc3c357fa8
[  113.947499][ T6580]  </TASK>
[  113.948917][ T6587] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.144275][ T6587] EXT4-fs (loop1): shut down requested (2)
[  114.150572][ T6587] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  114.159436][ T6587] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  114.168400][ T6587] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=16
[  114.177310][ T6587] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=13
[  114.186232][ T6587] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  114.195097][ T6587] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=16
[  114.204041][ T6587] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  114.212852][ T6587] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=13
[  114.248597][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.283659][ T6594] loop1: detected capacity change from 0 to 2048
[  114.313595][ T6594] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #2: comm syz.1.981: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  114.333158][ T6594] EXT4-fs (loop1): get root inode failed
[  114.338968][ T6594] EXT4-fs (loop1): mount failed
[  114.359132][ T6602] loop5: detected capacity change from 0 to 512
[  114.383736][ T6602] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.387302][ T6606] netlink: 8 bytes leftover after parsing attributes in process `syz.1.986'.
[  114.396497][ T6602] ext4 filesystem being mounted at /71/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  114.420278][ T6602] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #2: comm syz.5.984: corrupted inode contents
[  114.433927][ T6602] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #2: comm syz.5.984: mark_inode_dirty error
[  114.445708][ T6602] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #2: comm syz.5.984: corrupted inode contents
[  114.446315][ T6606] netlink: 20 bytes leftover after parsing attributes in process `syz.1.986'.
[  114.458806][ T6602] EXT4-fs error (device loop5): __ext4_ext_dirty:207: inode #2: comm syz.5.984: mark_inode_dirty error
[  114.479613][ T6606] netlink: 76 bytes leftover after parsing attributes in process `syz.1.986'.
[  114.491217][ T6606] loop1: detected capacity change from 0 to 164
[  114.500693][ T6606] rock: directory entry would overflow storage
[  114.506999][ T6606] rock: sig=0x4f50, size=4, remaining=3
[  114.512638][ T6606] iso9660: Corrupted directory entry in block 4 of inode 1792
[  114.557779][ T6618] loop3: detected capacity change from 0 to 256
[  114.566067][ T6618] FAULT_INJECTION: forcing a failure.
[  114.566067][ T6618] name failslab, interval 1, probability 0, space 0, times 0
[  114.578827][ T6618] CPU: 0 UID: 0 PID: 6618 Comm: syz.3.989 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  114.578977][ T6618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  114.578993][ T6618] Call Trace:
[  114.579001][ T6618]  <TASK>
[  114.579011][ T6618]  __dump_stack+0x1d/0x30
[  114.579037][ T6618]  dump_stack_lvl+0xe8/0x140
[  114.579063][ T6618]  dump_stack+0x15/0x1b
[  114.579084][ T6618]  should_fail_ex+0x265/0x280
[  114.579127][ T6618]  should_failslab+0x8c/0xb0
[  114.579174][ T6618]  __kmalloc_noprof+0xa5/0x3e0
[  114.579198][ T6618]  ? copy_splice_read+0xc2/0x5f0
[  114.579240][ T6618]  copy_splice_read+0xc2/0x5f0
[  114.579272][ T6618]  ? __pfx_filemap_splice_read+0x10/0x10
[  114.579357][ T6618]  splice_direct_to_actor+0x290/0x680
[  114.579385][ T6618]  ? __pfx_direct_splice_actor+0x10/0x10
[  114.579419][ T6618]  do_splice_direct+0xda/0x150
[  114.579490][ T6618]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  114.579523][ T6618]  do_sendfile+0x380/0x640
[  114.579544][ T6618]  __x64_sys_sendfile64+0x105/0x150
[  114.579596][ T6618]  x64_sys_call+0xb39/0x2fb0
[  114.579623][ T6618]  do_syscall_64+0xd0/0x1a0
[  114.579724][ T6618]  ? clear_bhb_loop+0x40/0x90
[  114.579753][ T6618]  ? clear_bhb_loop+0x40/0x90
[  114.579781][ T6618]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.579805][ T6618] RIP: 0033:0x7fc6a4efe969
[  114.579823][ T6618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.579906][ T6618] RSP: 002b:00007fc6a3567038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  114.579930][ T6618] RAX: ffffffffffffffda RBX: 00007fc6a5125fa0 RCX: 00007fc6a4efe969
[  114.579946][ T6618] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004
[  114.580030][ T6618] RBP: 00007fc6a3567090 R08: 0000000000000000 R09: 0000000000000000
[  114.580041][ T6618] R10: 0000000800000009 R11: 0000000000000246 R12: 0000000000000001
[  114.580053][ T6618] R13: 0000000000000000 R14: 00007fc6a5125fa0 R15: 00007fffcd22a938
[  114.580077][ T6618]  </TASK>
[  114.584153][ T5471] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.828500][ T6620] loop2: detected capacity change from 0 to 1024
[  114.841722][ T6620] EXT4-fs: Ignoring removed oldalloc option
[  114.847747][ T6620] EXT4-fs: Ignoring removed orlov option
[  114.864951][ T6620] EXT4-fs (loop2): stripe (1570) is not aligned with cluster size (16), stripe is disabled
[  114.887936][ T6620] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.911564][ T6635] loop5: detected capacity change from 0 to 2048
[  114.919600][ T6620] EXT4-fs (loop2): shut down requested (2)
[  114.939168][ T6620] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  114.939181][ T6635] EXT4-fs error (device loop5): ext4_ext_check_inode:524: inode #2: comm syz.5.996: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  114.948364][ T6620] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  114.976395][ T6643] netlink: 4 bytes leftover after parsing attributes in process `syz.1.997'.
[  114.977181][ T6620] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=16
[  114.995719][ T6620] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=13
[  115.004747][ T6620] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  115.013741][ T6620] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=16
[  115.023214][ T6620] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  115.032205][ T6620] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=13
[  115.041368][ T6635] EXT4-fs (loop5): get root inode failed
[  115.045655][ T6643] loop1: detected capacity change from 0 to 2048
[  115.047035][ T6635] EXT4-fs (loop5): mount failed
[  115.104508][ T6643]  loop1: p1 < > p4
[  115.110363][ T6643] loop1: p4 size 8388608 extends beyond EOD, truncated
[  115.143644][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.160608][ T6643] netlink: 12 bytes leftover after parsing attributes in process `syz.1.997'.
[  115.287496][ T6675] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1010'.
[  115.305428][ T6675] loop2: detected capacity change from 0 to 2048
[  115.352187][ T6675]  loop2: p1 < > p4
[  115.356642][ T6675] loop2: p4 size 8388608 extends beyond EOD, truncated
[  115.371396][ T6675] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1010'.
[  115.460069][ T6684] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1013'.
[  115.492498][ T6686] loop2: detected capacity change from 0 to 1024
[  115.499111][ T6686] EXT4-fs: Ignoring removed oldalloc option
[  115.505125][ T6686] EXT4-fs: Ignoring removed orlov option
[  115.511468][ T6686] EXT4-fs (loop2): stripe (1570) is not aligned with cluster size (16), stripe is disabled
[  115.543509][ T6686] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.556917][ T6686] EXT4-fs (loop2): shut down requested (2)
[  115.563446][ T6686] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  115.572344][ T6686] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  115.581943][ T6686] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=16
[  115.590949][ T6686] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=13
[  115.599825][ T6686] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  115.608829][ T6686] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=16
[  115.617819][ T6686] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  115.626767][ T6686] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=13
[  115.663756][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.809410][ T6706] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1022'.
[  115.985639][ T6721] netlink: 'syz.0.1028': attribute type 4 has an invalid length.
[  116.027339][ T6725] loop3: detected capacity change from 0 to 2048
[  116.071626][ T6725]  loop3: p1 < > p4
[  116.076294][ T6725] loop3: p4 size 8388608 extends beyond EOD, truncated
[  116.292639][ T6756] FAULT_INJECTION: forcing a failure.
[  116.292639][ T6756] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  116.305873][ T6756] CPU: 0 UID: 0 PID: 6756 Comm: syz.0.1042 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  116.305908][ T6756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  116.305965][ T6756] Call Trace:
[  116.305974][ T6756]  <TASK>
[  116.305984][ T6756]  __dump_stack+0x1d/0x30
[  116.306009][ T6756]  dump_stack_lvl+0xe8/0x140
[  116.306033][ T6756]  dump_stack+0x15/0x1b
[  116.306127][ T6756]  should_fail_ex+0x265/0x280
[  116.306225][ T6756]  should_fail+0xb/0x20
[  116.306262][ T6756]  should_fail_usercopy+0x1a/0x20
[  116.306298][ T6756]  _copy_to_user+0x20/0xa0
[  116.306327][ T6756]  simple_read_from_buffer+0xb5/0x130
[  116.306431][ T6756]  proc_fail_nth_read+0x100/0x140
[  116.306498][ T6756]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  116.306531][ T6756]  vfs_read+0x19d/0x6f0
[  116.306625][ T6756]  ? __rcu_read_unlock+0x4f/0x70
[  116.306663][ T6756]  ? __fget_files+0x184/0x1c0
[  116.306702][ T6756]  ksys_read+0xda/0x1a0
[  116.306746][ T6756]  __x64_sys_read+0x40/0x50
[  116.306929][ T6756]  x64_sys_call+0x2d77/0x2fb0
[  116.306956][ T6756]  do_syscall_64+0xd0/0x1a0
[  116.307048][ T6756]  ? clear_bhb_loop+0x40/0x90
[  116.307073][ T6756]  ? clear_bhb_loop+0x40/0x90
[  116.307099][ T6756]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.307125][ T6756] RIP: 0033:0x7f8ac1bed37c
[  116.307144][ T6756] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  116.307166][ T6756] RSP: 002b:00007f8ac0257030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  116.307270][ T6756] RAX: ffffffffffffffda RBX: 00007f8ac1e15fa0 RCX: 00007f8ac1bed37c
[  116.307292][ T6756] RDX: 000000000000000f RSI: 00007f8ac02570a0 RDI: 0000000000000007
[  116.307303][ T6756] RBP: 00007f8ac0257090 R08: 0000000000000000 R09: 0000000000000000
[  116.307315][ T6756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  116.307328][ T6756] R13: 0000000000000000 R14: 00007f8ac1e15fa0 R15: 00007ffebdb3f838
[  116.307353][ T6756]  </TASK>
[  116.538400][   T29] kauditd_printk_skb: 370 callbacks suppressed
[  116.538419][   T29] audit: type=1326 audit(1747407647.181:5430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6759 comm="syz.1.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1dafe969 code=0x7ffc0000
[  116.588309][   T29] audit: type=1326 audit(1747407647.181:5431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6759 comm="syz.1.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbc1dafe969 code=0x7ffc0000
[  116.611829][   T29] audit: type=1326 audit(1747407647.181:5432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6759 comm="syz.1.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1dafe969 code=0x7ffc0000
[  116.635305][   T29] audit: type=1326 audit(1747407647.181:5433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6759 comm="syz.1.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbc1dafe969 code=0x7ffc0000
[  116.658835][   T29] audit: type=1326 audit(1747407647.181:5434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6759 comm="syz.1.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1dafe969 code=0x7ffc0000
[  116.682402][   T29] audit: type=1326 audit(1747407647.181:5435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6759 comm="syz.1.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fbc1dafe969 code=0x7ffc0000
[  116.706009][   T29] audit: type=1326 audit(1747407647.181:5436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6759 comm="syz.1.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1dafe969 code=0x7ffc0000
[  116.729441][   T29] audit: type=1326 audit(1747407647.181:5437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6759 comm="syz.1.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7fbc1dafe969 code=0x7ffc0000
[  116.752977][   T29] audit: type=1326 audit(1747407647.191:5438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6765 comm="syz.1.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fbc1db31225 code=0x7ffc0000
[  116.776489][   T29] audit: type=1326 audit(1747407647.191:5439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6759 comm="syz.1.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1dafe969 code=0x7ffc0000
[  116.816777][ T6776] loop2: detected capacity change from 0 to 512
[  116.851928][ T6776] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.875152][ T6776] ext4 filesystem being mounted at /190/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  116.890861][ T6776] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #2: comm syz.2.1052: corrupted inode contents
[  116.911032][ T6776] EXT4-fs error (device loop2): ext4_dirty_inode:6103: inode #2: comm syz.2.1052: mark_inode_dirty error
[  116.938820][ T6776] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #2: comm syz.2.1052: corrupted inode contents
[  116.977648][ T6798] loop3: detected capacity change from 0 to 128
[  116.991336][ T6776] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #2: comm syz.2.1052: mark_inode_dirty error
[  117.005702][ T6798] vfat: Unknown parameter 'ÿÿ'
[  117.040845][ T6806] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[  117.066180][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.115214][ T6808] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6808 comm=syz.1.1064
[  117.127999][ T6813] loop5: detected capacity change from 0 to 512
[  117.152617][ T6813] EXT4-fs: Ignoring removed mblk_io_submit option
[  117.160612][ T6813] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  117.183376][ T6813] EXT4-fs (loop5): 1 truncate cleaned up
[  117.194972][ T6813] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.257289][ T6823] loop1: detected capacity change from 0 to 2048
[  117.273602][ T6823] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #2: comm syz.1.1070: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  117.294230][ T6823] EXT4-fs (loop1): get root inode failed
[  117.299985][ T6823] EXT4-fs (loop1): mount failed
[  117.309054][ T5471] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.440359][ T6844] loop2: detected capacity change from 0 to 512
[  117.466497][ T6844] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.479507][ T6844] ext4 filesystem being mounted at /194/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  117.494592][ T6844] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #2: comm syz.2.1076: corrupted inode contents
[  117.506956][ T6844] EXT4-fs error (device loop2): ext4_dirty_inode:6103: inode #2: comm syz.2.1076: mark_inode_dirty error
[  117.520608][ T6844] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #2: comm syz.2.1076: corrupted inode contents
[  117.535392][ T6844] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #2: comm syz.2.1076: mark_inode_dirty error
[  117.540396][ T6854] __nla_validate_parse: 6 callbacks suppressed
[  117.540417][ T6854] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1080'.
[  117.566218][ T6854] loop5: detected capacity change from 0 to 512
[  117.574787][ T6854] EXT4-fs error (device loop5): ext4_iget_extra_inode:4693: inode #15: comm syz.5.1080: corrupted in-inode xattr: invalid ea_ino
[  117.588658][ T6854] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.1080: couldn't read orphan inode 15 (err -117)
[  117.602088][ T6854] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.631298][ T5471] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.655067][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.700299][ T6865] loop5: detected capacity change from 0 to 2048
[  117.738714][ T6865] EXT4-fs error (device loop5): ext4_ext_check_inode:524: inode #2: comm syz.5.1085: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  117.765639][ T6865] EXT4-fs (loop5): get root inode failed
[  117.771423][ T6865] EXT4-fs (loop5): mount failed
[  117.808264][ T6878] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1090'.
[  117.849586][ T6878] loop1: detected capacity change from 0 to 2048
[  117.863987][ T6884] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1092'.
[  117.877675][ T6884] loop5: detected capacity change from 0 to 512
[  117.886870][ T6884] EXT4-fs error (device loop5): ext4_iget_extra_inode:4693: inode #15: comm syz.5.1092: corrupted in-inode xattr: invalid ea_ino
[  117.900630][ T6884] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.1092: couldn't read orphan inode 15 (err -117)
[  117.916668][ T6884] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.930317][ T6878]  loop1: p1 < > p4
[  117.936071][ T6878] loop1: p4 size 8388608 extends beyond EOD, truncated
[  117.963497][ T5471] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.975005][ T6878] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1090'.
[  118.011420][ T6892] FAULT_INJECTION: forcing a failure.
[  118.011420][ T6892] name failslab, interval 1, probability 0, space 0, times 0
[  118.024099][ T6892] CPU: 0 UID: 0 PID: 6892 Comm: syz.0.1094 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  118.024131][ T6892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  118.024221][ T6892] Call Trace:
[  118.024291][ T6892]  <TASK>
[  118.024297][ T6892]  __dump_stack+0x1d/0x30
[  118.024319][ T6892]  dump_stack_lvl+0xe8/0x140
[  118.024343][ T6892]  dump_stack+0x15/0x1b
[  118.024370][ T6892]  should_fail_ex+0x265/0x280
[  118.024413][ T6892]  should_failslab+0x8c/0xb0
[  118.024452][ T6892]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  118.024478][ T6892]  ? htable_create+0x222/0x450
[  118.024517][ T6892]  kstrdup+0x3e/0xd0
[  118.024613][ T6892]  htable_create+0x222/0x450
[  118.024692][ T6892]  ? __rcu_read_unlock+0x4f/0x70
[  118.024788][ T6892]  hashlimit_mt_check_common+0x5db/0x6c0
[  118.024828][ T6892]  hashlimit_mt_check+0x64/0x80
[  118.024885][ T6892]  xt_check_match+0x2aa/0x4f0
[  118.024917][ T6892]  ? strnlen+0x28/0x50
[  118.024943][ T6892]  ? strcmp+0x22/0x50
[  118.024988][ T6892]  ? xt_find_match+0x1d1/0x210
[  118.025015][ T6892]  translate_table+0xb4b/0x1070
[  118.025047][ T6892]  ? _copy_from_user+0x89/0xb0
[  118.025078][ T6892]  do_ip6t_set_ctl+0x678/0x840
[  118.025190][ T6892]  nf_setsockopt+0x199/0x1b0
[  118.025210][ T6892]  ipv6_setsockopt+0x11a/0x130
[  118.025233][ T6892]  udpv6_setsockopt+0x99/0xb0
[  118.025273][ T6892]  sock_common_setsockopt+0x69/0x80
[  118.025309][ T6892]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  118.025402][ T6892]  __sys_setsockopt+0x184/0x200
[  118.025422][ T6892]  __x64_sys_setsockopt+0x64/0x80
[  118.025447][ T6892]  x64_sys_call+0x2bd5/0x2fb0
[  118.025478][ T6892]  do_syscall_64+0xd0/0x1a0
[  118.025507][ T6892]  ? clear_bhb_loop+0x40/0x90
[  118.025527][ T6892]  ? clear_bhb_loop+0x40/0x90
[  118.025547][ T6892]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.025628][ T6892] RIP: 0033:0x7f8ac1bee969
[  118.025647][ T6892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.025669][ T6892] RSP: 002b:00007f8ac0236038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  118.025689][ T6892] RAX: ffffffffffffffda RBX: 00007f8ac1e16080 RCX: 00007f8ac1bee969
[  118.025705][ T6892] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 000000000000000d
[  118.025721][ T6892] RBP: 00007f8ac0236090 R08: 00000000000004b8 R09: 0000000000000000
[  118.025737][ T6892] R10: 00002000000004c0 R11: 0000000000000246 R12: 0000000000000001
[  118.025824][ T6892] R13: 0000000000000000 R14: 00007f8ac1e16080 R15: 00007ffebdb3f838
[  118.025871][ T6892]  </TASK>
[  118.304958][ T6897] loop5: detected capacity change from 0 to 1024
[  118.311692][ T6897] EXT4-fs: Ignoring removed oldalloc option
[  118.317629][ T6897] EXT4-fs: Ignoring removed orlov option
[  118.328112][ T6891] loop3: detected capacity change from 0 to 2048
[  118.347092][ T6897] EXT4-fs (loop5): stripe (1570) is not aligned with cluster size (16), stripe is disabled
[  118.386516][ T6897] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.386563][ T6891] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.387319][ T6891] EXT4-fs error (device loop3): ext4_find_extent:938: inode #2: comm syz.3.1093: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  118.447513][ T6897] EXT4-fs (loop5): shut down requested (2)
[  118.454952][ T6897] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  118.467339][ T6897] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  118.487382][ T6891] EXT4-fs (loop3): Remounting filesystem read-only
[  118.487625][ T6897] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=16
[  118.518499][ T6914] loop1: detected capacity change from 0 to 2048
[  118.528677][ T6897] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=13
[  118.551652][ T6897] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  118.555781][ T6914] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #2: comm syz.1.1102: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  118.560789][ T6897] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=16
[  118.581265][ T6914] EXT4-fs (loop1): get root inode failed
[  118.589096][ T6897] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  118.594186][ T6914] EXT4-fs (loop1): mount failed
[  118.604581][ T6897] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=13
[  118.625551][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.697663][ T6928] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1106'.
[  118.711368][ T6928] loop1: detected capacity change from 0 to 512
[  118.720786][ T6928] EXT4-fs error (device loop1): ext4_iget_extra_inode:4693: inode #15: comm syz.1.1106: corrupted in-inode xattr: invalid ea_ino
[  118.737731][ T6928] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.1106: couldn't read orphan inode 15 (err -117)
[  118.884091][ T6947] bridge0: entered promiscuous mode
[  118.889577][ T6937] loop5: detected capacity change from 0 to 4096
[  118.893268][ T6947] macvlan2: entered promiscuous mode
[  118.902671][ T6947] bridge0: port 3(macvlan2) entered blocking state
[  118.909268][ T6947] bridge0: port 3(macvlan2) entered disabled state
[  118.916196][ T6947] macvlan2: entered allmulticast mode
[  118.921657][ T6947] bridge0: entered allmulticast mode
[  118.963276][ T6942] netlink: 'syz.5.1109': attribute type 13 has an invalid length.
[  118.971255][ T6942] netlink: 152 bytes leftover after parsing attributes in process `syz.5.1109'.
[  118.999085][ T6947] macvlan2: left allmulticast mode
[  119.004327][ T6947] bridge0: left allmulticast mode
[  119.012514][ T6955] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1025 sclass=netlink_route_socket pid=6955 comm=syz.1.1110
[  119.013410][ T6947] bridge0: left promiscuous mode
[  119.072874][ T6942] syz_tun: refused to change device tx_queue_len
[  119.079321][ T6942] net_ratelimit: 589 callbacks suppressed
[  119.079335][ T6942] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  119.277718][ T6969] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1120'.
[  119.332640][ T6969] loop1: detected capacity change from 0 to 512
[  119.352996][ T6970] syzkaller0: entered promiscuous mode
[  119.432132][ T6970] syzkaller0 (unregistering): left promiscuous mode
[  119.519834][ T6969] EXT4-fs error (device loop1): ext4_iget_extra_inode:4693: inode #15: comm syz.1.1120: corrupted in-inode xattr: invalid ea_ino
[  119.600641][ T6969] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.1120: couldn't read orphan inode 15 (err -117)
[  119.830821][ T6979] FAULT_INJECTION: forcing a failure.
[  119.830821][ T6979] name failslab, interval 1, probability 0, space 0, times 0
[  119.843501][ T6979] CPU: 1 UID: 0 PID: 6979 Comm: syz.2.1122 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  119.843529][ T6979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  119.843541][ T6979] Call Trace:
[  119.843548][ T6979]  <TASK>
[  119.843575][ T6979]  __dump_stack+0x1d/0x30
[  119.843601][ T6979]  dump_stack_lvl+0xe8/0x140
[  119.843626][ T6979]  dump_stack+0x15/0x1b
[  119.843647][ T6979]  should_fail_ex+0x265/0x280
[  119.843738][ T6979]  should_failslab+0x8c/0xb0
[  119.843777][ T6979]  __kmalloc_noprof+0xa5/0x3e0
[  119.843795][ T6979]  ? bpf_prepare_filter+0x476/0xbd0
[  119.843864][ T6979]  bpf_prepare_filter+0x476/0xbd0
[  119.843899][ T6979]  ? __kmalloc_node_track_caller_noprof+0x1e5/0x410
[  119.843928][ T6979]  ? bpf_prog_create_from_user+0x1b5/0x260
[  119.844020][ T6979]  ? __pfx_seccomp_check_filter+0x10/0x10
[  119.844052][ T6979]  bpf_prog_create_from_user+0x1e6/0x260
[  119.844146][ T6979]  ? __pfx_seccomp_check_filter+0x10/0x10
[  119.844177][ T6979]  do_seccomp+0x5ef/0xa40
[  119.844257][ T6979]  prctl_set_seccomp+0x4c/0x70
[  119.844284][ T6979]  __se_sys_prctl+0x200/0x12d0
[  119.844322][ T6979]  ? schedule+0x5f/0xd0
[  119.844359][ T6979]  __x64_sys_prctl+0x67/0x80
[  119.844413][ T6979]  x64_sys_call+0x2a96/0x2fb0
[  119.844433][ T6979]  do_syscall_64+0xd0/0x1a0
[  119.844456][ T6979]  ? clear_bhb_loop+0x40/0x90
[  119.844477][ T6979]  ? clear_bhb_loop+0x40/0x90
[  119.844580][ T6979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.844601][ T6979] RIP: 0033:0x7f292afbe969
[  119.844616][ T6979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.844635][ T6979] RSP: 002b:00007f29295e5038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d
[  119.844652][ T6979] RAX: ffffffffffffffda RBX: 00007f292b1e6160 RCX: 00007f292afbe969
[  119.844668][ T6979] RDX: 0000200000000000 RSI: 0000000000000002 RDI: 0000000000000016
[  119.844684][ T6979] RBP: 00007f29295e5090 R08: 0000000000000000 R09: 0000000000000000
[  119.844700][ T6979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  119.844715][ T6979] R13: 0000000000000001 R14: 00007f292b1e6160 R15: 00007fff5758ff88
[  119.844740][ T6979]  </TASK>
[  120.595982][ T6991] loop5: detected capacity change from 0 to 512
[  120.626909][ T6991] ext4 filesystem being mounted at /102/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  120.659693][ T6991] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #2: comm syz.5.1126: corrupted inode contents
[  120.676865][ T6999] loop2: detected capacity change from 0 to 4096
[  120.683721][ T6991] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #2: comm syz.5.1126: mark_inode_dirty error
[  120.702096][ T6991] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #2: comm syz.5.1126: corrupted inode contents
[  120.715310][ T6991] EXT4-fs error (device loop5): __ext4_ext_dirty:207: inode #2: comm syz.5.1126: mark_inode_dirty error
[  120.753911][ T7004] netlink: 'syz.2.1127': attribute type 13 has an invalid length.
[  120.761822][ T7004] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1127'.
[  120.786142][ T7003] loop1: detected capacity change from 0 to 4096
[  120.851127][ T7007] netlink: 'syz.1.1130': attribute type 13 has an invalid length.
[  120.859012][ T7007] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1130'.
[  121.383506][ T7004] syz_tun: refused to change device tx_queue_len
[  121.389983][ T7004] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  121.407150][ T7007] syz_tun: refused to change device tx_queue_len
[  121.413645][ T7007] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  121.555155][ T7016] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1135'.
[  121.582890][ T7020] loop1: detected capacity change from 0 to 512
[  121.594835][ T7020] EXT4-fs error (device loop1): ext4_iget_extra_inode:4693: inode #15: comm syz.1.1134: corrupted in-inode xattr: invalid ea_ino
[  121.617971][ T7022] loop2: detected capacity change from 0 to 2048
[  121.625968][ T7020] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.1134: couldn't read orphan inode 15 (err -117)
[  121.641511][   T29] kauditd_printk_skb: 294 callbacks suppressed
[  121.641525][   T29] audit: type=1326 audit(1747407652.291:5734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7025 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  121.677018][   T29] audit: type=1326 audit(1747407652.291:5735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7025 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  121.700538][   T29] audit: type=1326 audit(1747407652.291:5736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7025 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  121.724272][   T29] audit: type=1326 audit(1747407652.291:5737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7025 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  121.747785][   T29] audit: type=1326 audit(1747407652.291:5738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7025 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  121.771795][   T29] audit: type=1326 audit(1747407652.291:5739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7025 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  121.795340][   T29] audit: type=1326 audit(1747407652.291:5740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7025 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  121.805021][ T7022]  loop2: p1 < > p4
[  121.818800][   T29] audit: type=1326 audit(1747407652.321:5741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7025 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  121.827394][ T7022] loop2: p4 size 8388608 extends beyond EOD, 
[  121.846037][   T29] audit: type=1326 audit(1747407652.321:5742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7025 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  121.846074][   T29] audit: type=1326 audit(1747407652.321:5743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7025 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  121.901726][ T7022] truncated
[  121.996746][ T7046] netlink: 'syz.1.1146': attribute type 21 has an invalid length.
[  122.008344][ T7046] loop1: detected capacity change from 0 to 256
[  122.104859][ T7048] loop2: detected capacity change from 0 to 4096
[  122.156250][ T7048] netlink: 'syz.2.1147': attribute type 13 has an invalid length.
[  122.169460][ T7048] syz_tun: refused to change device tx_queue_len
[  122.176573][ T7048] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  122.196983][ T7055] loop5: detected capacity change from 0 to 128
[  123.000648][ T7080] loop3: detected capacity change from 0 to 512
[  123.027268][ T7084] __nla_validate_parse: 7 callbacks suppressed
[  123.027287][ T7084] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1161'.
[  123.044968][ T7083] loop2: detected capacity change from 0 to 2048
[  123.048035][ T7084] loop1: detected capacity change from 0 to 512
[  123.062101][ T7080] ext4 filesystem being mounted at /217/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  123.073624][ T7084] EXT4-fs error (device loop1): ext4_iget_extra_inode:4693: inode #15: comm syz.1.1161: corrupted in-inode xattr: invalid ea_ino
[  123.074044][ T7083] EXT4-fs error (device loop2): ext4_ext_check_inode:524: inode #2: comm syz.2.1153: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  123.108204][ T7084] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.1161: couldn't read orphan inode 15 (err -117)
[  123.122895][ T7080] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #2: comm syz.3.1160: corrupted inode contents
[  123.130572][ T7083] EXT4-fs (loop2): get root inode failed
[  123.136568][ T7080] EXT4-fs error (device loop3): ext4_dirty_inode:6103: inode #2: comm syz.3.1160: mark_inode_dirty error
[  123.141204][ T7083] EXT4-fs (loop2): mount failed
[  123.154629][ T7080] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #2: comm syz.3.1160: corrupted inode contents
[  123.170754][ T7080] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #2: comm syz.3.1160: mark_inode_dirty error
[  123.275848][ T7103] netlink: zone id is out of range
[  123.281124][ T7103] netlink: zone id is out of range
[  123.286281][ T7103] netlink: zone id is out of range
[  123.291440][ T7103] netlink: zone id is out of range
[  123.296641][ T7103] netlink: zone id is out of range
[  123.296779][ T7096] loop1: detected capacity change from 0 to 4096
[  123.301813][ T7103] netlink: zone id is out of range
[  123.319458][ T7096] netlink: 'syz.1.1164': attribute type 13 has an invalid length.
[  123.327386][ T7096] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1164'.
[  123.336885][ T7096] syz_tun: refused to change device tx_queue_len
[  123.373077][ T7102] netlink: 'syz.0.1166': attribute type 13 has an invalid length.
[  123.380987][ T7102] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1166'.
[  123.390715][ T7102] syz_tun: refused to change device tx_queue_len
[  123.403954][ T7112] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1169'.
[  123.424045][ T7112] loop2: detected capacity change from 0 to 2048
[  123.440892][ T7116] netlink: 10 bytes leftover after parsing attributes in process `syz.5.1171'.
[  123.463086][ T7112]  loop2: p1 < > p4
[  123.474419][ T7112] loop2: p4 size 8388608 extends beyond EOD, truncated
[  123.506579][ T7112] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1169'.
[  123.543954][ T7130] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1174'.
[  123.562154][ T7135] loop2: detected capacity change from 0 to 2048
[  123.586715][ T7135] EXT4-fs error (device loop2): ext4_ext_check_inode:524: inode #2: comm syz.2.1177: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  123.609855][ T7135] EXT4-fs (loop2): get root inode failed
[  123.616291][ T7135] EXT4-fs (loop2): mount failed
[  123.630306][ T7143] loop1: detected capacity change from 0 to 512
[  123.666524][ T7143] ext4 filesystem being mounted at /234/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  123.698202][ T7155] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  123.719762][ T7143] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #2: comm syz.1.1176: corrupted inode contents
[  123.736144][ T7143] EXT4-fs error (device loop1): ext4_dirty_inode:6103: inode #2: comm syz.1.1176: mark_inode_dirty error
[  123.750901][ T7143] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #2: comm syz.1.1176: corrupted inode contents
[  123.779149][ T7143] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #2: comm syz.1.1176: mark_inode_dirty error
[  123.799846][ T7166] FAULT_INJECTION: forcing a failure.
[  123.799846][ T7166] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.815623][ T7166] CPU: 0 UID: 0 PID: 7166 Comm: syz.5.1185 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  123.815703][ T7166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  123.815721][ T7166] Call Trace:
[  123.815729][ T7166]  <TASK>
[  123.815737][ T7166]  __dump_stack+0x1d/0x30
[  123.815763][ T7166]  dump_stack_lvl+0xe8/0x140
[  123.815820][ T7166]  dump_stack+0x15/0x1b
[  123.815841][ T7166]  should_fail_ex+0x265/0x280
[  123.815882][ T7166]  should_fail+0xb/0x20
[  123.815913][ T7166]  should_fail_usercopy+0x1a/0x20
[  123.816016][ T7166]  _copy_to_user+0x20/0xa0
[  123.816087][ T7166]  rng_dev_read+0x3ef/0x740
[  123.816196][ T7166]  vfs_readv+0x3e6/0x670
[  123.816219][ T7166]  ? __pfx_rng_dev_read+0x10/0x10
[  123.816374][ T7166]  __x64_sys_preadv+0xfd/0x1c0
[  123.816465][ T7166]  x64_sys_call+0x1503/0x2fb0
[  123.816494][ T7166]  do_syscall_64+0xd0/0x1a0
[  123.816527][ T7166]  ? clear_bhb_loop+0x40/0x90
[  123.816553][ T7166]  ? clear_bhb_loop+0x40/0x90
[  123.816579][ T7166]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.816654][ T7166] RIP: 0033:0x7f8e7b6ae969
[  123.816682][ T7166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.816701][ T7166] RSP: 002b:00007f8e79d17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  123.816739][ T7166] RAX: ffffffffffffffda RBX: 00007f8e7b8d5fa0 RCX: 00007f8e7b6ae969
[  123.816754][ T7166] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000005
[  123.816770][ T7166] RBP: 00007f8e79d17090 R08: 0000000000000000 R09: 0000000000000000
[  123.816786][ T7166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.816801][ T7166] R13: 0000000000000000 R14: 00007f8e7b8d5fa0 R15: 00007ffc3c357fa8
[  123.816867][ T7166]  </TASK>
[  124.007929][ T7169] loop2: detected capacity change from 0 to 1024
[  124.052863][ T7169] EXT4-fs: Ignoring removed nobh option
[  124.055160][ T7165] netlink: 'syz.0.1183': attribute type 13 has an invalid length.
[  124.058472][ T7169] ext2: Unknown parameter 'dont_hash'
[  124.066285][ T7165] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1183'.
[  124.066646][ T7165] syz_tun: refused to change device tx_queue_len
[  124.090770][ T7172] loop3: detected capacity change from 0 to 4096
[  124.118126][ T7167] netlink: 'syz.3.1184': attribute type 13 has an invalid length.
[  124.126050][ T7167] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1184'.
[  124.136817][ T7167] syz_tun: refused to change device tx_queue_len
[  124.143195][ T7167] net_ratelimit: 296 callbacks suppressed
[  124.143210][ T7167] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  124.316425][ T7188] loop1: detected capacity change from 0 to 2048
[  124.349632][ T7188] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #2: comm syz.1.1192: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  124.356602][ T7198] loop5: detected capacity change from 0 to 512
[  124.385800][ T7188] EXT4-fs (loop1): get root inode failed
[  124.391548][ T7188] EXT4-fs (loop1): mount failed
[  124.392806][ T7198] EXT4-fs: Ignoring removed oldalloc option
[  124.408295][ T7198] EXT4-fs: Ignoring removed mblk_io_submit option
[  124.430776][ T7200] loop2: detected capacity change from 0 to 512
[  124.438120][ T7198] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  124.459726][ T7198] EXT4-fs (loop5): orphan cleanup on readonly fs
[  124.482703][ T7200] ext4 filesystem being mounted at /213/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  124.498785][ T7198] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm +}[@: Failed to acquire dquot type 1
[  124.514471][ T7213] netlink: 'syz.1.1201': attribute type 10 has an invalid length.
[  124.518172][ T7200] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #2: comm syz.2.1197: corrupted inode contents
[  124.523284][ T7213] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  124.538680][ T7200] EXT4-fs error (device loop2): ext4_dirty_inode:6103: inode #2: comm syz.2.1197: mark_inode_dirty error
[  124.543803][ T7213] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  124.544719][ T7198] EXT4-fs (loop5): 1 truncate cleaned up
[  124.577482][ T7200] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #2: comm syz.2.1197: corrupted inode contents
[  124.590061][ T7198] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  124.590056][ T7200] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #2: comm syz.2.1197: mark_inode_dirty error
[  124.623261][ T7217] loop1: detected capacity change from 0 to 1024
[  124.631482][ T7198] EXT4-fs error (device loop5): __ext4_remount:6738: comm +}[@: Abort forced by user
[  124.642358][ T7198] EXT4-fs (loop5): Remounting filesystem read-only
[  124.648913][ T7198] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  124.660734][ T7198] ext4 filesystem being remounted at /116/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  124.716995][ T7227] loop2: detected capacity change from 0 to 512
[  124.736586][ T7227] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1206: invalid indirect mapped block 256 (level 2)
[  124.753171][ T7227] EXT4-fs (loop2): 2 truncates cleaned up
[  124.780643][ T7223] loop5: detected capacity change from 0 to 4096
[  124.794414][ T7223] netlink: 'syz.5.1204': attribute type 13 has an invalid length.
[  124.802307][ T7223] netlink: 152 bytes leftover after parsing attributes in process `syz.5.1204'.
[  124.813480][ T7223] syz_tun: refused to change device tx_queue_len
[  124.819854][ T7223] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  124.867825][ T7240] loop2: detected capacity change from 0 to 2048
[  124.882728][ T7240] EXT4-fs error (device loop2): ext4_ext_check_inode:524: inode #2: comm syz.2.1211: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  124.904052][ T7240] EXT4-fs (loop2): get root inode failed
[  124.909792][ T7240] EXT4-fs (loop2): mount failed
[  125.004714][ T7250] loop5: detected capacity change from 0 to 512
[  125.025706][ T7250] ext4 filesystem being mounted at /119/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  125.093659][ T7250] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #2: comm syz.5.1214: corrupted inode contents
[  125.111089][ T7250] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #2: comm syz.5.1214: mark_inode_dirty error
[  125.127605][ T7250] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #2: comm syz.5.1214: corrupted inode contents
[  125.140945][ T7250] EXT4-fs error (device loop5): __ext4_ext_dirty:207: inode #2: comm syz.5.1214: mark_inode_dirty error
[  125.180011][ T7263] loop1: detected capacity change from 0 to 512
[  125.189519][ T7263] EXT4-fs error (device loop1): ext4_iget_extra_inode:4693: inode #15: comm syz.1.1218: corrupted in-inode xattr: invalid ea_ino
[  125.203700][ T7263] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.1218: couldn't read orphan inode 15 (err -117)
[  125.282461][ T7274] loop1: detected capacity change from 0 to 512
[  125.308383][ T7274] EXT4-fs error (device loop1): ext4_iget_extra_inode:4693: inode #15: comm syz.1.1223: corrupted in-inode xattr: invalid ea_ino
[  125.326494][ T7274] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.1223: couldn't read orphan inode 15 (err -117)
[  125.436355][ T7288] loop1: detected capacity change from 0 to 2048
[  125.453334][ T7279] loop2: detected capacity change from 0 to 4096
[  125.472166][ T7288]  loop1: p1 < > p4
[  125.477293][ T7288] loop1: p4 size 8388608 extends beyond EOD, truncated
[  125.495855][ T7298] loop5: detected capacity change from 0 to 512
[  125.503793][ T7279] netlink: 'syz.2.1225': attribute type 13 has an invalid length.
[  125.512092][ T7279] syz_tun: refused to change device tx_queue_len
[  125.518468][ T7279] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  125.535720][ T7298] EXT4-fs error (device loop5): ext4_iget_extra_inode:4693: inode #15: comm syz.5.1232: corrupted in-inode xattr: invalid ea_ino
[  125.580203][ T7302] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7302 comm=syz.0.1234
[  125.600430][ T7298] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.1232: couldn't read orphan inode 15 (err -117)
[  125.800110][ T7331] loop1: detected capacity change from 0 to 128
[  125.848472][ T7332] loop2: detected capacity change from 0 to 256
[  125.857593][ T7332] FAT-fs (loop2): bogus number of FAT sectors
[  125.863857][ T7332] FAT-fs (loop2): Can't find a valid FAT filesystem
[  125.866873][ T7336] loop5: detected capacity change from 0 to 2048
[  125.993237][ T7336]  loop5: p1 < > p4
[  126.017693][ T7339] netlink: zone id is out of range
[  126.022986][ T7339] netlink: zone id is out of range
[  126.028123][ T7339] netlink: zone id is out of range
[  126.033253][ T7339] netlink: zone id is out of range
[  126.038460][ T7339] netlink: zone id is out of range
[  126.043695][ T7339] netlink: zone id is out of range
[  126.064917][ T7336] loop5: p4 size 8388608 extends beyond EOD, truncated
[  126.389917][ T7346] loop1: detected capacity change from 0 to 4096
[  126.523961][ T7346] netlink: 'syz.1.1249': attribute type 13 has an invalid length.
[  126.539000][ T7352] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7352 comm=syz.5.1250
[  126.562343][ T7346] syz_tun: refused to change device tx_queue_len
[  126.655050][   T29] kauditd_printk_skb: 480 callbacks suppressed
[  126.655066][   T29] audit: type=1326 audit(1747407658.293:6222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7355 comm="syz.3.1253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6a4efe969 code=0x7ffc0000
[  126.693573][   T29] audit: type=1326 audit(1747407658.293:6223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7355 comm="syz.3.1253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fc6a4efe969 code=0x7ffc0000
[  126.717107][   T29] audit: type=1326 audit(1747407658.293:6224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7355 comm="syz.3.1253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6a4efe969 code=0x7ffc0000
[  126.740596][   T29] audit: type=1326 audit(1747407658.293:6225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7355 comm="syz.3.1253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7fc6a4efe969 code=0x7ffc0000
[  126.764838][   T29] audit: type=1326 audit(1747407658.293:6226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7355 comm="syz.3.1253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6a4efe969 code=0x7ffc0000
[  126.788452][   T29] audit: type=1326 audit(1747407658.293:6227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7355 comm="syz.3.1253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fc6a4efe969 code=0x7ffc0000
[  126.812634][   T29] audit: type=1326 audit(1747407658.293:6228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7355 comm="syz.3.1253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6a4efe969 code=0x7ffc0000
[  126.836123][   T29] audit: type=1326 audit(1747407658.293:6229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7355 comm="syz.3.1253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7fc6a4efe969 code=0x7ffc0000
[  126.860227][   T29] audit: type=1326 audit(1747407658.293:6230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7355 comm="syz.3.1253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6a4efe969 code=0x7ffc0000
[  126.884641][   T29] audit: type=1326 audit(1747407658.293:6231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7355 comm="syz.3.1253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7fc6a4efe969 code=0x7ffc0000
[  126.909504][ T7370] loop2: detected capacity change from 0 to 128
[  126.925472][ T7370] program syz.2.1258 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  127.016162][ T7372] loop3: detected capacity change from 0 to 2048
[  127.306145][ T7372]  loop3: p1 < > p4
[  127.345553][ T7372] loop3: p4 size 8388608 extends beyond EOD, truncated
[  127.891554][ T7391] loop3: detected capacity change from 0 to 2048
[  127.929237][ T7391] EXT4-fs error (device loop3): ext4_ext_check_inode:524: inode #2: comm syz.3.1265: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  128.096473][ T7391] EXT4-fs (loop3): get root inode failed
[  128.102313][ T7391] EXT4-fs (loop3): mount failed
[  128.460565][ T7411] __nla_validate_parse: 10 callbacks suppressed
[  128.460586][ T7411] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1272'.
[  128.827725][ T7419] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1275'.
[  128.837410][ T7421] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1276'.
[  128.875633][ T7419] loop5: detected capacity change from 0 to 512
[  128.924697][ T7421] loop2: detected capacity change from 0 to 2048
[  128.935595][ T7419] EXT4-fs error (device loop5): ext4_iget_extra_inode:4693: inode #15: comm syz.5.1275: corrupted in-inode xattr: invalid ea_ino
[  128.959906][ T7419] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.1275: couldn't read orphan inode 15 (err -117)
[  128.961736][ T7421]  loop2: p1 < > p4
[  128.990056][ T7421] loop2: p4 size 8388608 extends beyond EOD, truncated
[  129.020559][ T7421] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1276'.
[  129.092080][ T7452] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1289'.
[  129.132890][ T7452] loop2: detected capacity change from 0 to 512
[  129.155196][ T7452] EXT4-fs error (device loop2): ext4_iget_extra_inode:4693: inode #15: comm syz.2.1289: corrupted in-inode xattr: invalid ea_ino
[  129.158158][ T7460] loop5: detected capacity change from 0 to 512
[  129.183788][ T7452] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.1289: couldn't read orphan inode 15 (err -117)
[  129.205987][ T7460] ext4 filesystem being mounted at /136/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  129.227755][ T7460] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #2: comm syz.5.1293: corrupted inode contents
[  129.240557][ T7460] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #2: comm syz.5.1293: mark_inode_dirty error
[  129.253670][ T7460] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #2: comm syz.5.1293: corrupted inode contents
[  129.269650][ T7460] EXT4-fs error (device loop5): __ext4_ext_dirty:207: inode #2: comm syz.5.1293: mark_inode_dirty error
[  129.285676][ T7474] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1297'.
[  129.305896][ T7464] loop3: detected capacity change from 0 to 4096
[  129.326187][ T7464] netlink: 'syz.3.1294': attribute type 13 has an invalid length.
[  129.334179][ T7464] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1294'.
[  129.345811][ T7464] syz_tun: refused to change device tx_queue_len
[  129.352222][ T7464] net_ratelimit: 294 callbacks suppressed
[  129.352235][ T7464] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  129.435443][ T7485] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1302'.
[  129.445012][ T7485] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  129.445103][ T7487] FAULT_INJECTION: forcing a failure.
[  129.445103][ T7487] name failslab, interval 1, probability 0, space 0, times 0
[  129.452672][ T7485] batman_adv: batadv0: Removing interface: batadv_slave_0
[  129.465829][ T7487] CPU: 0 UID: 0 PID: 7487 Comm: syz.0.1303 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  129.465869][ T7487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  129.465885][ T7487] Call Trace:
[  129.465894][ T7487]  <TASK>
[  129.465906][ T7487]  __dump_stack+0x1d/0x30
[  129.466011][ T7487]  dump_stack_lvl+0xe8/0x140
[  129.466037][ T7487]  dump_stack+0x15/0x1b
[  129.466058][ T7487]  should_fail_ex+0x265/0x280
[  129.466103][ T7487]  should_failslab+0x8c/0xb0
[  129.466202][ T7487]  kmem_cache_alloc_node_noprof+0x57/0x320
[  129.466229][ T7487]  ? __alloc_skb+0x101/0x320
[  129.466351][ T7487]  __alloc_skb+0x101/0x320
[  129.466394][ T7487]  netlink_ack+0xfd/0x500
[  129.466439][ T7487]  ? __pfx_inet_diag_handler_cmd+0x10/0x10
[  129.466475][ T7487]  netlink_rcv_skb+0x192/0x220
[  129.466540][ T7487]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[  129.466583][ T7487]  sock_diag_rcv+0x1c/0x30
[  129.466673][ T7487]  netlink_unicast+0x5a1/0x670
[  129.466717][ T7487]  netlink_sendmsg+0x58b/0x6b0
[  129.466745][ T7487]  ? __pfx_netlink_sendmsg+0x10/0x10
[  129.466772][ T7487]  __sock_sendmsg+0x145/0x180
[  129.466870][ T7487]  ____sys_sendmsg+0x31e/0x4e0
[  129.466903][ T7487]  ___sys_sendmsg+0x17b/0x1d0
[  129.466953][ T7487]  __x64_sys_sendmsg+0xd4/0x160
[  129.467016][ T7487]  x64_sys_call+0x2999/0x2fb0
[  129.467043][ T7487]  do_syscall_64+0xd0/0x1a0
[  129.467158][ T7487]  ? clear_bhb_loop+0x40/0x90
[  129.467185][ T7487]  ? clear_bhb_loop+0x40/0x90
[  129.467305][ T7487]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.467366][ T7487] RIP: 0033:0x7f8ac1bee969
[  129.467387][ T7487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.467410][ T7487] RSP: 002b:00007f8ac0257038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  129.467488][ T7487] RAX: ffffffffffffffda RBX: 00007f8ac1e15fa0 RCX: 00007f8ac1bee969
[  129.467506][ T7487] RDX: 0000000020000000 RSI: 0000200000000340 RDI: 0000000000000003
[  129.467522][ T7487] RBP: 00007f8ac0257090 R08: 0000000000000000 R09: 0000000000000000
[  129.467538][ T7487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.467554][ T7487] R13: 0000000000000000 R14: 00007f8ac1e15fa0 R15: 00007ffebdb3f838
[  129.467580][ T7487]  </TASK>
[  129.700282][ T7485] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  129.700941][ T3326] EXT4-fs unmount: 54 callbacks suppressed
[  129.701012][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.708604][ T7485] batman_adv: batadv0: Removing interface: batadv_slave_1
[  129.759987][ T7495] loop1: detected capacity change from 0 to 2048
[  129.783594][ T7499] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1307'.
[  129.797401][ T7499] loop3: detected capacity change from 0 to 512
[  129.804856][ T7495] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #2: comm syz.1.1306: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  129.824927][ T7495] EXT4-fs (loop1): get root inode failed
[  129.826483][ T7499] EXT4-fs error (device loop3): ext4_iget_extra_inode:4693: inode #15: comm syz.3.1307: corrupted in-inode xattr: invalid ea_ino
[  129.830577][ T7495] EXT4-fs (loop1): mount failed
[  129.856194][ T7499] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1307: couldn't read orphan inode 15 (err -117)
[  129.869791][ T7499] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.899479][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.038891][ T7523] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1316'.
[  130.367941][ T7554] netlink: zone id is out of range
[  130.373205][ T7554] netlink: zone id is out of range
[  130.378815][ T7554] netlink: zone id is out of range
[  130.384088][ T7554] netlink: zone id is out of range
[  130.389469][ T7554] netlink: zone id is out of range
[  130.394759][ T7554] netlink: zone id is out of range
[  130.399876][ T7554] netlink: zone id is out of range
[  130.405084][ T7554] netlink: zone id is out of range
[  130.410264][ T7554] netlink: zone id is out of range
[  130.624049][ T7575] FAULT_INJECTION: forcing a failure.
[  130.624049][ T7575] name failslab, interval 1, probability 0, space 0, times 0
[  130.637463][ T7575] CPU: 0 UID: 0 PID: 7575 Comm: syz.5.1336 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  130.637554][ T7575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  130.637566][ T7575] Call Trace:
[  130.637572][ T7575]  <TASK>
[  130.637580][ T7575]  __dump_stack+0x1d/0x30
[  130.637606][ T7575]  dump_stack_lvl+0xe8/0x140
[  130.637664][ T7575]  dump_stack+0x15/0x1b
[  130.637680][ T7575]  should_fail_ex+0x265/0x280
[  130.637713][ T7575]  should_failslab+0x8c/0xb0
[  130.637756][ T7575]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  130.637785][ T7575]  ? sidtab_sid2str_get+0xa0/0x130
[  130.637824][ T7575]  kmemdup_noprof+0x2b/0x70
[  130.637844][ T7575]  sidtab_sid2str_get+0xa0/0x130
[  130.637872][ T7575]  security_sid_to_context_core+0x1eb/0x2e0
[  130.637943][ T7575]  security_sid_to_context+0x27/0x40
[  130.637978][ T7575]  selinux_lsmprop_to_secctx+0x67/0xf0
[  130.638067][ T7575]  security_lsmprop_to_secctx+0x43/0x80
[  130.638089][ T7575]  audit_log_task_context+0x77/0x190
[  130.638120][ T7575]  audit_log_task+0xf4/0x250
[  130.638147][ T7575]  audit_seccomp+0x61/0x100
[  130.638201][ T7575]  ? __seccomp_filter+0x68c/0x10d0
[  130.638230][ T7575]  __seccomp_filter+0x69d/0x10d0
[  130.638260][ T7575]  ? __pfx_proc_reg_read_iter+0x10/0x10
[  130.638326][ T7575]  ? vfs_read+0x47f/0x6f0
[  130.638357][ T7575]  ? __pfx_proc_reg_read_iter+0x10/0x10
[  130.638395][ T7575]  __secure_computing+0x82/0x150
[  130.638414][ T7575]  syscall_trace_enter+0xcf/0x1e0
[  130.638445][ T7575]  do_syscall_64+0xaa/0x1a0
[  130.638521][ T7575]  ? clear_bhb_loop+0x40/0x90
[  130.638540][ T7575]  ? clear_bhb_loop+0x40/0x90
[  130.638559][ T7575]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.638696][ T7575] RIP: 0033:0x7f8e7b6ad37c
[  130.638709][ T7575] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  130.638725][ T7575] RSP: 002b:00007f8e79d17030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  130.638742][ T7575] RAX: ffffffffffffffda RBX: 00007f8e7b8d5fa0 RCX: 00007f8e7b6ad37c
[  130.638801][ T7575] RDX: 000000000000000f RSI: 00007f8e79d170a0 RDI: 0000000000000007
[  130.638812][ T7575] RBP: 00007f8e79d17090 R08: 0000000000000000 R09: 0000000000000000
[  130.638873][ T7575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  130.638914][ T7575] R13: 0000000000000000 R14: 00007f8e7b8d5fa0 R15: 00007ffc3c357fa8
[  130.638932][ T7575]  </TASK>
[  130.990552][ T7588] loop5: detected capacity change from 0 to 4096
[  131.003749][ T7588] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.027050][ T7588] netlink: 'syz.5.1338': attribute type 13 has an invalid length.
[  131.085180][ T7588] syz_tun: refused to change device tx_queue_len
[  131.159992][ T7606] loop1: detected capacity change from 0 to 1024
[  131.166721][ T7606] EXT4-fs: Ignoring removed oldalloc option
[  131.172758][ T7606] EXT4-fs: Ignoring removed orlov option
[  131.179037][ T7606] EXT4-fs (loop1): stripe (1570) is not aligned with cluster size (16), stripe is disabled
[  131.203345][ T7606] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.217642][ T7606] EXT4-fs (loop1): shut down requested (2)
[  131.224211][ T7606] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  131.233439][ T7606] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  131.242975][ T7606] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=16
[  131.252161][ T7606] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=13
[  131.261240][ T7606] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  131.270650][ T7606] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=16
[  131.304206][ T7606] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  131.317019][ T7606] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=13
[  131.369304][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.390547][ T7614] loop3: detected capacity change from 0 to 2048
[  131.392140][ T5471] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.459401][ T7614]  loop3: p1 < > p4
[  131.467189][ T7614] loop3: p4 size 8388608 extends beyond EOD, truncated
[  131.528519][ T7620] loop5: detected capacity change from 0 to 4096
[  131.543848][ T7620] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.583718][ T7616] xt_connbytes: Forcing CT accounting to be enabled
[  131.590609][ T7620] netlink: 'syz.5.1353': attribute type 13 has an invalid length.
[  131.599020][ T7620] syz_tun: refused to change device tx_queue_len
[  131.604368][ T7616] Cannot find del_set index 1 as target
[  131.622676][ T7616] block device autoloading is deprecated and will be removed.
[  131.632351][ T7616] syz.2.1351: attempt to access beyond end of device
[  131.632351][ T7616] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  131.673854][   T29] kauditd_printk_skb: 257 callbacks suppressed
[  131.673958][   T29] audit: type=1326 audit(1747407663.313:6488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7639 comm="syz.1.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1dafe969 code=0x7ffc0000
[  131.716813][   T29] audit: type=1326 audit(1747407663.353:6489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7639 comm="syz.1.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbc1dafe969 code=0x7ffc0000
[  131.741132][   T29] audit: type=1326 audit(1747407663.353:6490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7639 comm="syz.1.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1dafe969 code=0x7ffc0000
[  131.764675][   T29] audit: type=1326 audit(1747407663.353:6491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7639 comm="syz.1.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbc1dafe969 code=0x7ffc0000
[  131.788949][   T29] audit: type=1326 audit(1747407663.353:6492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7639 comm="syz.1.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1dafe969 code=0x7ffc0000
[  131.810433][ T7646] netlink: 'syz.1.1362': attribute type 16 has an invalid length.
[  131.813251][   T29] audit: type=1326 audit(1747407663.353:6493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7639 comm="syz.1.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fbc1dafe969 code=0x7ffc0000
[  131.820345][ T7646] netlink: 'syz.1.1362': attribute type 17 has an invalid length.
[  131.844546][   T29] audit: type=1326 audit(1747407663.353:6494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7639 comm="syz.1.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1dafe969 code=0x7ffc0000
[  131.875850][   T29] audit: type=1326 audit(1747407663.353:6495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7639 comm="syz.1.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7fbc1dafe969 code=0x7ffc0000
[  131.899211][   T29] audit: type=1326 audit(1747407663.353:6496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7639 comm="syz.1.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc1dafe969 code=0x7ffc0000
[  131.923340][   T29] audit: type=1326 audit(1747407663.353:6497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7639 comm="syz.1.1360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc1dafe969 code=0x7ffc0000
[  131.967737][ T5471] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.983059][ T7645] loop3: detected capacity change from 0 to 512
[  132.006875][ T7645] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.021835][ T7653] loop2: detected capacity change from 0 to 2048
[  132.033700][ T7645] ext4 filesystem being mounted at /266/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  132.076617][ T7645] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #2: comm syz.3.1363: corrupted inode contents
[  132.089322][ T7645] EXT4-fs error (device loop3): ext4_dirty_inode:6103: inode #2: comm syz.3.1363: mark_inode_dirty error
[  132.126189][ T7645] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #2: comm syz.3.1363: corrupted inode contents
[  132.165152][ T7645] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #2: comm syz.3.1363: mark_inode_dirty error
[  132.273218][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.294658][ T7684] loop1: detected capacity change from 0 to 128
[  132.314764][ T7684] loop1: detected capacity change from 0 to 1024
[  132.334689][ T7684] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.416363][ T7697] FAULT_INJECTION: forcing a failure.
[  132.416363][ T7697] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  132.429625][ T7697] CPU: 1 UID: 0 PID: 7697 Comm: syz.0.1383 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  132.429658][ T7697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  132.429673][ T7697] Call Trace:
[  132.429680][ T7697]  <TASK>
[  132.429690][ T7697]  __dump_stack+0x1d/0x30
[  132.429716][ T7697]  dump_stack_lvl+0xe8/0x140
[  132.429740][ T7697]  dump_stack+0x15/0x1b
[  132.429761][ T7697]  should_fail_ex+0x265/0x280
[  132.429840][ T7697]  should_fail+0xb/0x20
[  132.429872][ T7697]  should_fail_usercopy+0x1a/0x20
[  132.429891][ T7697]  _copy_to_user+0x20/0xa0
[  132.429913][ T7697]  simple_read_from_buffer+0xb5/0x130
[  132.429987][ T7697]  proc_fail_nth_read+0x100/0x140
[  132.430018][ T7697]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  132.430077][ T7697]  vfs_read+0x19d/0x6f0
[  132.430106][ T7697]  ? __cond_resched+0x4e/0x90
[  132.430143][ T7697]  ksys_read+0xda/0x1a0
[  132.430248][ T7697]  __x64_sys_read+0x40/0x50
[  132.430272][ T7697]  x64_sys_call+0x2d77/0x2fb0
[  132.430356][ T7697]  do_syscall_64+0xd0/0x1a0
[  132.430386][ T7697]  ? clear_bhb_loop+0x40/0x90
[  132.430407][ T7697]  ? clear_bhb_loop+0x40/0x90
[  132.430427][ T7697]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.430528][ T7697] RIP: 0033:0x7f8ac1bed37c
[  132.430579][ T7697] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  132.430596][ T7697] RSP: 002b:00007f8ac0257030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  132.430615][ T7697] RAX: ffffffffffffffda RBX: 00007f8ac1e15fa0 RCX: 00007f8ac1bed37c
[  132.430701][ T7697] RDX: 000000000000000f RSI: 00007f8ac02570a0 RDI: 0000000000000006
[  132.430712][ T7697] RBP: 00007f8ac0257090 R08: 0000000000000000 R09: 0000000000000000
[  132.430723][ T7697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  132.430734][ T7697] R13: 0000000000000000 R14: 00007f8ac1e15fa0 R15: 00007ffebdb3f838
[  132.430756][ T7697]  </TASK>
[  132.656145][ T7701] IPv6: NLM_F_CREATE should be specified when creating new route
[  132.718026][ T7684] FAULT_INJECTION: forcing a failure.
[  132.718026][ T7684] name failslab, interval 1, probability 0, space 0, times 0
[  132.730758][ T7684] CPU: 1 UID: 0 PID: 7684 Comm: syz.1.1379 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  132.730792][ T7684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  132.730829][ T7684] Call Trace:
[  132.730841][ T7684]  <TASK>
[  132.730849][ T7684]  __dump_stack+0x1d/0x30
[  132.730873][ T7684]  dump_stack_lvl+0xe8/0x140
[  132.730904][ T7684]  dump_stack+0x15/0x1b
[  132.730924][ T7684]  should_fail_ex+0x265/0x280
[  132.730959][ T7684]  should_failslab+0x8c/0xb0
[  132.731053][ T7684]  kmem_cache_alloc_noprof+0x50/0x310
[  132.731078][ T7684]  ? getname_flags+0x80/0x3b0
[  132.731134][ T7684]  getname_flags+0x80/0x3b0
[  132.731172][ T7684]  __x64_sys_renameat2+0x6c/0x90
[  132.731206][ T7684]  x64_sys_call+0x2bf6/0x2fb0
[  132.731233][ T7684]  do_syscall_64+0xd0/0x1a0
[  132.731350][ T7684]  ? clear_bhb_loop+0x40/0x90
[  132.731376][ T7684]  ? clear_bhb_loop+0x40/0x90
[  132.731403][ T7684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.731488][ T7684] RIP: 0033:0x7fbc1dafe969
[  132.731507][ T7684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.731530][ T7684] RSP: 002b:00007fbc1c167038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  132.731553][ T7684] RAX: ffffffffffffffda RBX: 00007fbc1dd25fa0 RCX: 00007fbc1dafe969
[  132.731569][ T7684] RDX: ffffffffffffff9c RSI: 0000200000000080 RDI: ffffffffffffff9c
[  132.731656][ T7684] RBP: 00007fbc1c167090 R08: 0000000000000002 R09: 0000000000000000
[  132.731671][ T7684] R10: 00002000000003c0 R11: 0000000000000246 R12: 0000000000000001
[  132.731744][ T7684] R13: 0000000000000000 R14: 00007fbc1dd25fa0 R15: 00007fffff473148
[  132.731770][ T7684]  </TASK>
[  132.946819][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.004598][ T7711] loop1: detected capacity change from 0 to 512
[  133.016131][ T7712] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  133.024690][ T7712] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  133.048811][ T7711] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.085809][ T7711] ext4 filesystem being mounted at /278/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  133.100937][ T7711] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #2: comm syz.1.1388: corrupted inode contents
[  133.115949][ T7711] EXT4-fs error (device loop1): ext4_dirty_inode:6103: inode #2: comm syz.1.1388: mark_inode_dirty error
[  133.128849][ T7711] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #2: comm syz.1.1388: corrupted inode contents
[  133.143162][ T7711] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #2: comm syz.1.1388: mark_inode_dirty error
[  133.203519][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.313024][ T7731] loop1: detected capacity change from 0 to 4096
[  133.324485][ T7731] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.342420][ T7731] netlink: 'syz.1.1395': attribute type 13 has an invalid length.
[  133.351109][ T7731] syz_tun: refused to change device tx_queue_len
[  133.362621][ T7744] loop5: detected capacity change from 0 to 2048
[  133.401680][ T7744]  loop5: p1 < > p4
[  133.406102][ T7744] loop5: p4 size 8388608 extends beyond EOD, truncated
[  133.458383][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.812854][ T7784] __nla_validate_parse: 12 callbacks suppressed
[  133.812873][ T7784] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1417'.
[  134.014901][ T7802] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1426'.
[  134.038105][ T7806] serio: Serial port ptm1
[  134.056790][ T7802] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7802 comm=syz.3.1426
[  134.137009][ T7813] loop2: detected capacity change from 0 to 512
[  134.154785][ T7813] EXT4-fs: Ignoring removed oldalloc option
[  134.175283][ T7813] EXT4-fs: Ignoring removed mblk_io_submit option
[  134.176942][ T7819] loop3: detected capacity change from 0 to 512
[  134.192704][ T7819] EXT4-fs: Ignoring removed oldalloc option
[  134.199140][ T7819] EXT4-fs: Ignoring removed mblk_io_submit option
[  134.210177][ T7819] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  134.221985][ T7813] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  134.222537][ T7819] EXT4-fs (loop3): orphan cleanup on readonly fs
[  134.237833][ T7819] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm +}[@: Failed to acquire dquot type 1
[  134.250769][ T7819] EXT4-fs (loop3): 1 truncate cleaned up
[  134.251662][ T7819] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  134.275534][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.288106][ T7813] EXT4-fs (loop2): orphan cleanup on readonly fs
[  134.302080][ T7813] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm +}[@: Failed to acquire dquot type 1
[  134.316806][ T7813] EXT4-fs (loop2): 1 truncate cleaned up
[  134.326338][ T7813] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  134.386517][ T7824] SELinux:  Context system_u:object_r:man_t:s0 is not valid (left unmapped).
[  134.408802][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.615221][ T7838] loop2: detected capacity change from 0 to 2048
[  134.633405][ T7836] loop1: detected capacity change from 0 to 2048
[  134.654536][ T7836] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #2: comm syz.1.1437: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  134.682803][ T7836] EXT4-fs (loop1): get root inode failed
[  134.688512][ T7836] EXT4-fs (loop1): mount failed
[  134.694229][ T7838] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.730319][ T7838] ext4 filesystem being mounted at /262/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  134.747423][ T7836] syz.1.1437: attempt to access beyond end of device
[  134.747423][ T7836] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  134.924495][ T7850] loop1: detected capacity change from 0 to 128
[  134.986636][ T7850] 9pnet_fd: Insufficient options for proto=fd
[  135.118711][ T7851] loop1: detected capacity change from 0 to 1024
[  135.146499][ T7851] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.413280][ T7855] syzkaller0: entered promiscuous mode
[  135.418863][ T7855] syzkaller0: entered allmulticast mode
[  135.913334][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.996838][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.088792][ T7876] loop3: detected capacity change from 0 to 2048
[  136.100980][ T7875] net_ratelimit: 1489 callbacks suppressed
[  136.100996][ T7875] netlink: zone id is out of range
[  136.112135][ T7875] netlink: zone id is out of range
[  136.117330][ T7875] netlink: zone id is out of range
[  136.123725][ T7875] netlink: zone id is out of range
[  136.128905][ T7875] netlink: zone id is out of range
[  136.134305][ T7875] netlink: zone id is out of range
[  136.139438][ T7875] netlink: zone id is out of range
[  136.144669][ T7875] netlink: zone id is out of range
[  136.149927][ T7875] netlink: zone id is out of range
[  136.155811][ T7875] netlink: zone id is out of range
[  136.171156][ T7876] EXT4-fs error (device loop3): ext4_ext_check_inode:524: inode #2: comm syz.3.1449: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  136.190884][ T7876] EXT4-fs (loop3): get root inode failed
[  136.196832][ T7876] EXT4-fs (loop3): mount failed
[  136.220133][ T7876] syz.3.1449: attempt to access beyond end of device
[  136.220133][ T7876] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  136.272928][ T7893] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7893 comm=syz.1.1457
[  136.286774][ T7881] loop5: detected capacity change from 0 to 4096
[  136.297397][ T7881] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.315420][ T7881] netlink: 'syz.5.1452': attribute type 13 has an invalid length.
[  136.319541][ T7893] xt_addrtype: both incoming and outgoing interface limitation cannot be selected
[  136.323314][ T7881] netlink: 152 bytes leftover after parsing attributes in process `syz.5.1452'.
[  136.343074][ T7881] syz_tun: refused to change device tx_queue_len
[  136.386380][ T7898] loop2: detected capacity change from 0 to 4096
[  136.399201][ T7898] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.414623][ T7903] loop1: detected capacity change from 0 to 512
[  136.438733][ T7903] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.454607][ T7890] netlink: 'syz.2.1455': attribute type 13 has an invalid length.
[  136.462771][ T7890] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1455'.
[  136.475336][ T7903] ext4 filesystem being mounted at /295/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  136.488162][ T7890] syz_tun: refused to change device tx_queue_len
[  136.495452][ T5471] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.517269][ T7903] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #2: comm syz.1.1460: corrupted inode contents
[  136.552738][ T7903] EXT4-fs error (device loop1): ext4_dirty_inode:6103: inode #2: comm syz.1.1460: mark_inode_dirty error
[  136.567422][ T7917] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1464'.
[  136.577206][ T7917] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1464'.
[  136.577777][ T7903] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #2: comm syz.1.1460: corrupted inode contents
[  136.612868][ T7903] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #2: comm syz.1.1460: mark_inode_dirty error
[  136.625935][ T7921] loop3: detected capacity change from 0 to 512
[  136.641481][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.654349][ T7921] EXT4-fs: Ignoring removed nobh option
[  136.672210][ T7921] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[  136.680656][ T7921] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #13: comm syz.3.1468: casefold flag without casefold feature
[  136.693838][   T29] kauditd_printk_skb: 336 callbacks suppressed
[  136.693854][   T29] audit: type=1326 audit(1747407668.343:6828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7925 comm="syz.5.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  136.694952][   T29] audit: type=1326 audit(1747407668.343:6829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7925 comm="syz.5.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  136.748709][   T29] audit: type=1326 audit(1747407668.383:6830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7925 comm="syz.5.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e7b6ae969 code=0x7ffc0000
[  136.772645][ T7921] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1468: couldn't read orphan inode 13 (err -117)
[  136.786343][   T29] audit: type=1326 audit(1747407668.423:6831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7930 comm="syz.2.1469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f292afbe969 code=0x7ffc0000
[  136.809826][   T29] audit: type=1326 audit(1747407668.423:6832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7930 comm="syz.2.1469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f292afbe969 code=0x7ffc0000
[  136.833410][   T29] audit: type=1326 audit(1747407668.433:6833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7930 comm="syz.2.1469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7f292afbe969 code=0x7ffc0000
[  136.835667][ T7921] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.856925][   T29] audit: type=1326 audit(1747407668.433:6834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7930 comm="syz.2.1469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f292afbe969 code=0x7ffc0000
[  136.856972][   T29] audit: type=1326 audit(1747407668.433:6835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7930 comm="syz.2.1469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f292afbe969 code=0x7ffc0000
[  136.934361][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.949045][   T29] audit: type=1400 audit(1747407668.583:6836): avc:  denied  { setopt } for  pid=7936 comm="syz.2.1477" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  137.038021][ T7948] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1480'.
[  137.047121][ T7948] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1480'.
[  137.058334][ T7949] audit: audit_lost=5 audit_rate_limit=0 audit_backlog_limit=64
[  137.104633][ T7943] loop5: detected capacity change from 0 to 4096
[  137.120496][ T7957] loop2: detected capacity change from 0 to 512
[  137.144846][ T7943] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.172670][ T7957] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.195291][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.210925][ T7943] netlink: 'syz.5.1479': attribute type 13 has an invalid length.
[  137.218974][ T7943] netlink: 152 bytes leftover after parsing attributes in process `syz.5.1479'.
[  137.230091][ T7943] syz_tun: refused to change device tx_queue_len
[  137.239135][ T7957] ext4 filesystem being mounted at /270/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  137.241534][ T7972] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1490'.
[  137.260903][ T7957] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #2: comm syz.2.1484: corrupted inode contents
[  137.275142][ T7957] EXT4-fs error (device loop2): ext4_dirty_inode:6103: inode #2: comm syz.2.1484: mark_inode_dirty error
[  137.287038][ T7957] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #2: comm syz.2.1484: corrupted inode contents
[  137.301833][ T7957] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #2: comm syz.2.1484: mark_inode_dirty error
[  137.337097][ T5471] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.386552][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.415014][ T7988] loop5: detected capacity change from 0 to 2048
[  137.445363][ T7988] EXT4-fs error (device loop5): ext4_ext_check_inode:524: inode #2: comm syz.5.1494: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  137.466065][ T7988] EXT4-fs (loop5): get root inode failed
[  137.471766][ T7988] EXT4-fs (loop5): mount failed
[  137.488870][ T7988] syz.5.1494: attempt to access beyond end of device
[  137.488870][ T7988] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  137.597807][ T8010] loop1: detected capacity change from 0 to 2048
[  137.654050][ T8010]  loop1: p1 < > p4
[  137.660639][ T8010] loop1: p4 size 8388608 extends beyond EOD, truncated
[  137.712390][ T8027] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  137.723060][ T8024] loop3: detected capacity change from 0 to 2048
[  137.779230][ T8024] EXT4-fs error (device loop3): ext4_ext_check_inode:524: inode #2: comm syz.3.1513: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  137.806753][ T8024] EXT4-fs (loop3): get root inode failed
[  137.812497][ T8024] EXT4-fs (loop3): mount failed
[  137.850059][ T8033] dummy0: entered promiscuous mode
[  137.857187][ T8024] syz.3.1513: attempt to access beyond end of device
[  137.857187][ T8024] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  137.863620][ T8033] macvtap1: entered promiscuous mode
[  137.892451][ T8033] macvtap1: entered allmulticast mode
[  137.898449][ T8033] dummy0: entered allmulticast mode
[  137.929206][ T8036] dummy0: left allmulticast mode
[  137.934533][ T8036] FAULT_INJECTION: forcing a failure.
[  137.934533][ T8036] name failslab, interval 1, probability 0, space 0, times 0
[  137.948341][ T8036] CPU: 0 UID: 0 PID: 8036 Comm: syz.1.1515 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  137.948390][ T8036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  137.948406][ T8036] Call Trace:
[  137.948413][ T8036]  <TASK>
[  137.948422][ T8036]  __dump_stack+0x1d/0x30
[  137.948448][ T8036]  dump_stack_lvl+0xe8/0x140
[  137.948531][ T8036]  dump_stack+0x15/0x1b
[  137.948554][ T8036]  should_fail_ex+0x265/0x280
[  137.948597][ T8036]  should_failslab+0x8c/0xb0
[  137.948726][ T8036]  kmem_cache_alloc_node_noprof+0x57/0x320
[  137.948750][ T8036]  ? __alloc_skb+0x101/0x320
[  137.948790][ T8036]  __alloc_skb+0x101/0x320
[  137.948830][ T8036]  rtmsg_ifinfo_build_skb+0x5f/0x1b0
[  137.948863][ T8036]  ? xfd_validate_state+0x45/0xf0
[  137.948894][ T8036]  rtmsg_ifinfo+0x6d/0x110
[  137.948919][ T8036]  __dev_notify_flags+0x76/0x1a0
[  137.948960][ T8036]  __dev_set_promiscuity+0x10e/0x360
[  137.949004][ T8036]  netif_set_promiscuity+0x39/0x90
[  137.949107][ T8036]  dev_set_promiscuity+0xc1/0x170
[  137.949221][ T8036]  ? macvlan_stop+0x18b/0x260
[  137.949260][ T8036]  macvlan_stop+0x198/0x260
[  137.949300][ T8036]  ? __pfx_macvlan_stop+0x10/0x10
[  137.949386][ T8036]  __dev_close_many+0x1e4/0x420
[  137.949424][ T8036]  __dev_change_flags+0x1e9/0x400
[  137.949459][ T8036]  netif_change_flags+0x5a/0xd0
[  137.949491][ T8036]  do_setlink+0x90e/0x27f0
[  137.949600][ T8036]  ? schedule+0x5f/0xd0
[  137.949650][ T8036]  ? __list_del_entry_valid_or_report+0x65/0x130
[  137.949690][ T8036]  rtnl_newlink+0xe75/0x12d0
[  137.949823][ T8036]  ? xas_load+0x413/0x430
[  137.949906][ T8036]  ? xas_load+0x413/0x430
[  137.949927][ T8036]  ? __memcg_slab_free_hook+0xb7/0x1c0
[  137.949971][ T8036]  ? __kfree_skb+0x109/0x150
[  137.950024][ T8036]  ? __rcu_read_unlock+0x4f/0x70
[  137.950052][ T8036]  ? avc_has_perm_noaudit+0x1b1/0x200
[  137.950141][ T8036]  ? selinux_capable+0x1f9/0x270
[  137.950171][ T8036]  ? security_capable+0x83/0x90
[  137.950202][ T8036]  ? ns_capable+0x7d/0xb0
[  137.950221][ T8036]  ? __pfx_rtnl_newlink+0x10/0x10
[  137.950306][ T8036]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  137.950351][ T8036]  netlink_rcv_skb+0x120/0x220
[  137.950390][ T8036]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  137.950427][ T8036]  rtnetlink_rcv+0x1c/0x30
[  137.950450][ T8036]  netlink_unicast+0x5a1/0x670
[  137.950520][ T8036]  netlink_sendmsg+0x58b/0x6b0
[  137.950544][ T8036]  ? __pfx_netlink_sendmsg+0x10/0x10
[  137.950569][ T8036]  __sock_sendmsg+0x145/0x180
[  137.950654][ T8036]  ____sys_sendmsg+0x31e/0x4e0
[  137.950683][ T8036]  ___sys_sendmsg+0x17b/0x1d0
[  137.950775][ T8036]  __x64_sys_sendmsg+0xd4/0x160
[  137.950809][ T8036]  x64_sys_call+0x2999/0x2fb0
[  137.950837][ T8036]  do_syscall_64+0xd0/0x1a0
[  137.950946][ T8036]  ? clear_bhb_loop+0x40/0x90
[  137.950968][ T8036]  ? clear_bhb_loop+0x40/0x90
[  137.950988][ T8036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.951008][ T8036] RIP: 0033:0x7fbc1dafe969
[  137.951024][ T8036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.951110][ T8036] RSP: 002b:00007fbc1c146038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  137.951128][ T8036] RAX: ffffffffffffffda RBX: 00007fbc1dd26080 RCX: 00007fbc1dafe969
[  137.951140][ T8036] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000d
[  137.951155][ T8036] RBP: 00007fbc1c146090 R08: 0000000000000000 R09: 0000000000000000
[  137.951171][ T8036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  137.951187][ T8036] R13: 0000000000000001 R14: 00007fbc1dd26080 R15: 00007fffff473148
[  137.951212][ T8036]  </TASK>
[  138.303468][ T8036] dummy0: left promiscuous mode
[  138.327180][ T8044] hsr_slave_0: left promiscuous mode
[  138.334403][ T8044] hsr_slave_1: left promiscuous mode
[  138.584405][ T8066] loop1: detected capacity change from 0 to 2048
[  138.605349][ T8066] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #2: comm syz.1.1528: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  138.654129][ T8066] EXT4-fs (loop1): get root inode failed
[  138.659893][ T8066] EXT4-fs (loop1): mount failed
[  138.694178][ T8066] syz.1.1528: attempt to access beyond end of device
[  138.694178][ T8066] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  138.728831][ T8077] loop2: detected capacity change from 0 to 512
[  138.750671][ T8077] EXT4-fs error (device loop2): ext4_iget_extra_inode:4693: inode #15: comm syz.2.1532: corrupted in-inode xattr: invalid ea_ino
[  138.767604][ T8077] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.1532: couldn't read orphan inode 15 (err -117)
[  138.782562][ T8077] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.824940][ T8084] __nla_validate_parse: 13 callbacks suppressed
[  138.824959][ T8084] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1535'.
[  138.831504][ T8080] loop1: detected capacity change from 0 to 4096
[  138.840367][ T8083] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1535'.
[  138.861983][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.891850][ T8080] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.919657][ T8080] netlink: 'syz.1.1534': attribute type 13 has an invalid length.
[  138.927611][ T8080] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1534'.
[  138.944530][ T8099] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1537'.
[  138.969246][ T8080] syz_tun: refused to change device tx_queue_len
[  138.998363][ T8107] loop5: detected capacity change from 0 to 2048
[  139.002246][ T8109] tmpfs: Bad value for 'mpol'
[  139.012564][ T8109] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=8109 comm=syz.0.1546
[  139.012817][ T8107] EXT4-fs error (device loop5): ext4_ext_check_inode:524: inode #2: comm syz.5.1545: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  139.045953][ T8107] EXT4-fs (loop5): get root inode failed
[  139.051694][ T8107] EXT4-fs (loop5): mount failed
[  139.065679][ T8107] syz.5.1545: attempt to access beyond end of device
[  139.065679][ T8107] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  139.092910][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.118122][ T8120] ==================================================================
[  139.126240][ T8120] BUG: KCSAN: data-race in call_rcu / mas_state_walk
[  139.132943][ T8120] 
[  139.135272][ T8120] write to 0xffff888104371a10 of 8 bytes by task 8117 on cpu 0:
[  139.142913][ T8120]  call_rcu+0x3b/0x3e0
[  139.147004][ T8120]  mas_replace_node+0x30b/0x440
[  139.151871][ T8120]  mas_wr_store_entry+0x2425/0x2b60
[  139.157083][ T8120]  mas_store_prealloc+0x74d/0x9e0
[  139.162117][ T8120]  vma_iter_store_new+0x1c5/0x200
[  139.167164][ T8120]  vma_complete+0x125/0x570
[  139.171690][ T8120]  __split_vma+0x54c/0x610
[  139.176115][ T8120]  vma_modify+0x107/0x210
[  139.180549][ T8120]  vma_modify_flags+0x101/0x130
[  139.185420][ T8120]  mprotect_fixup+0x2cc/0x570
[  139.190101][ T8120]  do_mprotect_pkey+0x6d6/0x980
[  139.194997][ T8120]  __x64_sys_mprotect+0x48/0x60
[  139.199884][ T8120]  x64_sys_call+0x2794/0x2fb0
[  139.204570][ T8120]  do_syscall_64+0xd0/0x1a0
[  139.209102][ T8120]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.215005][ T8120] 
[  139.217338][ T8120] read to 0xffff888104371a10 of 8 bytes by task 8120 on cpu 1:
[  139.224885][ T8120]  mas_state_walk+0x2f5/0x650
[  139.229569][ T8120]  mas_walk+0x30/0x120
[  139.233642][ T8120]  lock_vma_under_rcu+0xa2/0x2f0
[  139.238612][ T8120]  do_user_addr_fault+0x233/0x1090
[  139.243774][ T8120]  exc_page_fault+0x54/0xc0
[  139.248291][ T8120]  asm_exc_page_fault+0x26/0x30
[  139.253148][ T8120] 
[  139.255478][ T8120] value changed: 0x000000110e22ffff -> 0xffffffff855cac30
[  139.262587][ T8120] 
[  139.264915][ T8120] Reported by Kernel Concurrency Sanitizer on:
[  139.271083][ T8120] CPU: 1 UID: 0 PID: 8120 Comm: syz.1.1547 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  139.283534][ T8120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  139.293602][ T8120] ==================================================================
[  139.303910][ T8122] netlink: 240 bytes leftover after parsing attributes in process `syz.0.1546'.
[  139.314275][ T8109] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=8109 comm=syz.0.1546
[  139.327471][ T8109] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=8109 comm=syz.0.1546