last executing test programs:

1m12.694413159s ago: executing program 1 (id=46):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000480)=@security={'security\x00', 0x4, 0x4, 0x418, 0xffffffff, 0xd0, 0x0, 0xd0, 0xffffffff, 0xffffffff, 0x348, 0x348, 0x348, 0xffffffff, 0x7fffffe, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x1a0}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0xfffa, 0x8}}}, {{@ipv6={@private1, @private2, [], [0xffffff00, 0xffffff00], 'geneve1\x00', 'macvlan0\x00', {0xff}, {}, 0x0, 0x2, 0x3, 0x5}, 0x0, 0x138, 0x1a8, 0x0, {}, [@common=@srh1={{0x90}, {0x16, 0xb7, 0xe, 0x8, 0x7, @local, @private2, @private1={0xfc, 0x1, '\x00', 0xfd}, [0xff000000, 0xff000000, 0xff, 0xff], [0xff, 0xffffffff, 0xff000000, 0xffffff00], [0xffffffff, 0xff000000, 0xffffffff, 0xff], 0x604, 0x208}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x2, 0x3, 0x8, 0x0, 0x0, "cf3523f6abea0ac59f38e4cee2d4e02b4433ada4369fbb16cedc9b2a2cbc46c2804dc8c41ce7aba48504d24e8bc4e7d304000000db2882bc827158e95f1a87e8"}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x478)
r3 = socket$rxrpc(0x21, 0x2, 0xa)
setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r3, 0x110, 0x3)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000040)=r0, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000", @ANYRES32, @ANYBLOB="ff1c076541e76ae93b1093f24b9a000000aa9902", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)

1m12.652064093s ago: executing program 1 (id=47):
r0 = socket(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

1m12.461802762s ago: executing program 1 (id=48):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0xfffffffffffff001}, 0x18)
syz_mount_image$ext4(0x0, &(0x7f00000007c0)='./file0\x00', 0x0, 0x0, 0x2, 0x0, &(0x7f0000000840))
mount$bind(&(0x7f0000000800)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x1a9851, 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000003c0), 0x200044, 0x0)
fcntl$getownex(r1, 0x10, &(0x7f0000000880))
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r3 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'team_slave_1\x00', <r4=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1}}, &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x40, '\x00', r4, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x94)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xe, 0x1}, {0x0, 0x3}}}, 0x24}}, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
request_key(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={'syz', 0x3}, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2$9p(&(0x7f0000000240)={<r7=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r6, @ANYBLOB=',U'])
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c30000"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r9}, 0x4)
syz_mount_image$ext4(&(0x7f0000000380)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000007c0)={[{@acl}, {@nodelalloc}, {@nodelalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1004804}}, {@jqfmt_vfsold}, {@resgid}, {@block_validity}, {@data_writeback}, {@nobh}, {@user_xattr}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4e}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x1}}]}, 0x1, 0x567, &(0x7f0000001a40)="$eJzs3c9rHOUbAPBnNtn+/n6bQikqIoEerNRumsQfETzUo2ixoPe6JNNQsumW7KY0sWB7sBcvUgQRC+Jd7x6L/4B/RUELRUrQg5fIbGbTNNlNNum2m2Y/H5jwvjuzed9nZ55339mZZQPoW8PZn0LEyxHxTRJxNCKSfN1g5CuHV7ZbenRjMluSWF7+9K+ksV1Wb/6v5vMO55WXIuK3ryJOFza2W1tYnClXKulcXh+pz14dqS0snrk8W55Op9MrY+PjE2+Pj7337jtdi/WNC/98/8m9Dye+Prn03S8Pjt1J4lwcydetjeMp3FxbGY7h/DUpxrl1G452obHdJOl1B9iRgTzPi5GNAUdjIM96YO/7MiKWgT6VyH/oU815QPPcvkvnwS+Mhx+snABtjH9w5bORONA4Nzq0lDxxZpSd7w51of2sjV//vHsnW2L95xDFLjQA0MbNWxFxdnBw4/iX5OPfzp3tYJv1bfTb+w/00r1s/vNmq/lPYXX+Ey3mP4db5O5ObJ3/hQddaKatbP73fsv57+pFq6GBvPa/xpyvmFy6XEmzse3/EXEqivuz+mbXcyaW7i+3W7d2/pctWfvNuWDejweD+598zlS5Xn6amNd6eCvilZbz32R1/yct9n/2elzosI0T6d3X2q3bOv5na/mniNdb7v/HV7SSza9PjjSOh5HmUbHR37dP/N6u/V7Hn+3/Q5vHP5SsvV5b234bPx74N2237on4o/Pjf1/yWaO8L3/serlenxuN2Jd8vPHxscfPbdab22fxnzq5+fjX6vg/GBGfdxj/7eM/v9pR/D3a/1Pb2v/bL9z/6Isf2rXf2fj3VqN0Kn+kk/Gv0w4+zWsHAAAAAAAAu00hIo5EUiitlguFUmnl/o7jcahQqdbqpy9V569MReO7skNRLDSvdB9dcz/EaH4/bLM+tq4+HhHHIuLbgYONemmyWpnqdfAAAAAAAAAAAAAAAAAAAACwSxxu8/3/zB8Dve4d8Mxt7ye/Jw4+s44Az92W+d+NX3oCdqXtvf8De4n8h/4l/6F/yX/oX/If+pf8h/4l/6F/bZ7/yXPrBwAAAAAAAAAAAAAAAAAAAAAAAAAAAOwRF86fz5blpUc3JrP61LWF+ZnqtTNTaW2mNDs/WZqszl0tTVer05W0NFmd3er/VarVq6NjMX99pJ7W6iO1hcWLs9X5K/WLl2fL0+nFtPhcogIAAAAAAAAAAAAAAAAAAIAXS21hcaZcqaRzCgo7Kgzujm4odLnQ65EJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB77LwAA//9iIDf4")
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r10}, 0x10)
r11 = creat(&(0x7f0000000280)='./file2\x00', 0xecf86c37d530498c)
write$binfmt_elf32(r11, &(0x7f0000000000)=ANY=[@ANYBLOB="7f454c46fdc300030700000000000000020003"], 0x58)

1m11.551434652s ago: executing program 1 (id=61):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f00000003c0)=[{0x200000000006, 0x8, 0x0, 0x7ffc0002}]})
getresuid(&(0x7f0000000440), &(0x7f0000000480), 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x1c0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, 0x0, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r4}, 0x18)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000280)={'\x00', 0x7f, 0x1002, 0x5c8, 0x80000003, 0x6, <r5=>0x0})
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)
r6 = syz_open_dev$evdev(&(0x7f0000001900), 0x0, 0x0)
read$hidraw(r6, &(0x7f0000000180)=""/215, 0xd7)
ioctl$EVIOCREVOKE(r6, 0x40044591, 0x0)
syz_open_procfs$userns(r5, &(0x7f0000000000))
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$EVIOCGABS0(r2, 0x80184540, &(0x7f0000000100)=""/28)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x18)
setsockopt$inet6_tcp_int(r7, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
r8 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2082)
r9 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r9, 0x40042408, r10)
r11 = fcntl$dupfd(r8, 0x0, r8)
ioctl$SG_IO(r11, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})

1m11.401342217s ago: executing program 1 (id=64):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32, @ANYBLOB="f5ff"], 0x3c}}, 0x40000)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x1828, &(0x7f0000000040)={0x0, 0x20c8a1, 0x1c881, 0x8, 0xd1})
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

1m11.140447063s ago: executing program 1 (id=68):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0x14, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000100000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8ab8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, 0x0, &(0x7f0000000180)}, 0x20)

1m11.140245722s ago: executing program 32 (id=68):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0x14, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000100000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8ab8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, 0x0, &(0x7f0000000180)}, 0x20)

17.1333923s ago: executing program 0 (id=759):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r0}, 0x10)
timer_create(0x2, 0x0, &(0x7f0000000540))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0000bd2dca8a9848a3c728f138d509000000000100005ae583de0dd7d8319f98af84fda542e718f94b929ade5b175c0a9b2ce9", 0x55}], 0x1}, 0x4000000)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="16000000000000000400000007"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
getrlimit(0x0, &(0x7f0000000200))
r4 = inotify_init()
r5 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r6 = inotify_add_watch(r4, &(0x7f00000001c0)='./file0\x00', 0x2000008)
write$binfmt_elf32(r5, &(0x7f0000000040)=ANY=[@ANYRES64=r6], 0x69)
close(r5)
execve(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)

17.016102292s ago: executing program 0 (id=764):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000007c5e0000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x5, 0x18, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x42, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000"], 0x0}, 0x94)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xad, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r3}, 0x10)
close(r1)

16.647378418s ago: executing program 0 (id=770):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00"/11], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r3 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r3, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
sendmsg$kcm(r3, &(0x7f00000001c0)={&(0x7f00000000c0)=@tipc=@name={0x1e, 0x2, 0x3, {{0x41}, 0x5}}, 0x80, 0x0, 0x0, &(0x7f0000000900)=ANY=[], 0x1458}, 0x48800)

16.593385254s ago: executing program 0 (id=771):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f00000003c0)={[{@nombcache}, {@errors_remount}, {@noinit_itable}, {@bsdgroups}, {@bsdgroups}, {@dioread_lock}]}, 0x1, 0x783, &(0x7f0000001340)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', &(0x7f0000000140)={0x474203, 0x408}, 0x18)
r1 = epoll_create1(0x80000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
connect$unix(0xffffffffffffffff, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1d, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000400000006e09000000000018110000", @ANYRES32, @ANYRES16=r1], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x7ffe, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x3}, 0x0)
mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000400)='ramfs\x00', 0x10, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r3, 0x10001, 0x0)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3e, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000002c0)='kmem_cache_free\x00', r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r6, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
r7 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r7, &(0x7f0000000280)={&(0x7f0000000040), 0x10, 0x0}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)

16.336000909s ago: executing program 0 (id=772):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)={0x34, r2, 0x1b, 0x0, 0x3, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0x8, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}]}]}, 0x34}}, 0x0)

16.003930562s ago: executing program 0 (id=774):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)={0x34, r2, 0x1b, 0x0, 0x3, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0x8, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x52}]}]}, 0x34}}, 0x0)

15.948050167s ago: executing program 33 (id=774):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)={0x34, r2, 0x1b, 0x0, 0x3, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0x8, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x52}]}]}, 0x34}}, 0x0)

1.693025203s ago: executing program 3 (id=1069):
unshare(0x28000600)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
unshare(0x28000600)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="0000000000008da4b70800000000391ad23cccff00000000bfa200000000000007020000f80800000000000000000000b704000000000000850000002400000095"], &(0x7f0000000800)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = syz_open_procfs(0x0, &(0x7f0000000140)='coredump_filter\x00')
preadv(r3, &(0x7f0000000300)=[{&(0x7f0000000040)=""/3, 0x3}, {0x0, 0x3}], 0x2, 0x0, 0x0)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14)
pipe(&(0x7f0000000080)={<r4=>0xffffffffffffffff})
r5 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open$cgroup(&(0x7f0000000540)={0x2, 0x80, 0x0, 0x6, 0x9, 0x3, 0x0, 0x4, 0x40000, 0xd, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x81, 0x2, @perf_config_ext={0x800, 0x2}, 0x2000, 0x9, 0x8001, 0x4, 0xb, 0x3, 0x4, 0x0, 0x5, 0x0, 0x6}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x8946, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xd7, 0x2, 0x0, 0x0, 0x0, 0x6149, 0x4, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x400, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_pressure(0xffffffffffffffff, 0x0, 0x2, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
tee(r4, r7, 0x8f5, 0x100000000000000)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x3, 0x2}, 0x50)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000380)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x57a, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4}, 0x50)
r8 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r8, 0x0)
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x800, 0x0, 0x1, 0xd, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x1}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000004c0)={0x1}, 0x4)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000500)={0x1}, 0x4)
syz_read_part_table(0x106f, &(0x7f0000000000)="$eJzsz6FNBkEQBeDZHf7cnTuLujbogJBgkSgEhCY4EkqgCiQWj8DRAooScEs2d7QAiO8Tm53Je2KCPzXVMSLLyUM+RsZdxDz09dqfw56pZ0vEy9t5fLV2qOXyOiN/+sfz61L2f3uPo9Mceq98ti1Sbq/G6IGpD+vHTb3P56hbIS+efvlcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiXvgMAAP//6XISlw==")
r10 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001080)=ANY=[@ANYRESDEC, @ANYBLOB="aaf9be1a61cba304c9227a45e5edc231a405b87d8685eedd1cd0c5e505c31c18cc0e023eae840290df99af9090260b70d64fcd9b8c236b0f597e1574bad480439f7f60d983691fb5554fda34c089ec5be3e72c57ae897398e210421c473cf040ef664d5a5d3bef6357455204f7d8969ad59f86071a9ec7367fbaf5ce0250aa31d7c8858a9a38fa6586d665b9c49441ff", @ANYRES64=r2, @ANYRES64=r9, @ANYRESOCT=r1, @ANYRES16=r4, @ANYRESOCT=r5, @ANYRESDEC=r6], 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b702000014800000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r11}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

1.634515939s ago: executing program 5 (id=1071):
r0 = socket(0x2a, 0x2, 0x0)
r1 = getpgrp(0x0)
syz_pidfd_open(r1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x63}, 0x94)
connect$netlink(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x3, 0x2, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x7}, 0x0, 0x10000, 0xfffffff0, 0x1, 0x4, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x107}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$KDGKBDIACR(r3, 0x4bfa, &(0x7f0000002f80)=""/61)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000c80)={'lo\x00'})
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000200)={'vxcan0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0b0000001f00000002040000ff03100001000000", @ANYRES32, @ANYBLOB="0000000000a46200"/20, @ANYRES32=0x0, @ANYRES32, @ANYRES8=r2], 0x50)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000100)=ANY=[@ANYRES32=r1], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x58, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x1a3, 0x655c, 0x4, 0x40, 0x7fffffff, 0x7fffffff, 0x80, 0xffffffff, 0x1}}}}]}, 0x58}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x10}, {}, {0x8}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x100}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4080}, 0x4000)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.371562875s ago: executing program 4 (id=1075):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c45, 0x0)
flock(r0, 0x5)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000007c5e0000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x5, 0x18, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x42, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
r3 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xad, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r5}, 0x10)
close(r3)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
io_setup(0x8f0, &(0x7f0000002400))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r7, 0x0, 0x200000000000006}, 0x18)
r8 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x80)
flock(r8, 0x2)
dup3(r8, r0, 0x0)

1.170700234s ago: executing program 4 (id=1080):
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
recvfrom$l2tp6(r0, &(0x7f0000000180)=""/33, 0x21, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x0, @private1}, 0x20)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000400)=@gcm_256={{0x304}, "17dfddbb197a3a12", "7b1b33b8c204aa020fcd33a463fbbb614f4f92035236406df31598072c292a20", "28180a75", "65b768190a63bdf2"}, 0x38)
write$tun(0xffffffffffffffff, 0x0, 0x46)

1.150680977s ago: executing program 5 (id=1081):
r0 = socket$isdn_base(0x22, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f00000002c0)='cpuset.mems\x00', 0x2, 0x0)
write$cgroup_freezer_state(r2, &(0x7f0000000040)='FROZEN\x00', 0x7)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000800)={&(0x7f0000000040)='fib6_table_lookup\x00', r4}, 0x18)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x24142, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x71ab}, 0x0, 0x6, 0x0, 0x0, 0xfffffffffff7bbfe, 0x0, 0x0, 0x0, 0xffffffff}, 0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x89f1, &(0x7f0000000080))
bind$isdn_base(r0, &(0x7f0000000200)={0x22, 0x3, 0x4, 0xf8, 0x6}, 0x6)

1.072622825s ago: executing program 5 (id=1082):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x6, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000094000000000000000095"], &(0x7f0000000580)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r0, 0x21, 0x85, 0xcf, &(0x7f0000000000)="fae68670fef1c45ff0634fe72a6253b4357c978887379648e34b8e43761f35000437ab851cde4821ce97abc68f6a1c3593e2a7a267f78fff0e9e1743899a7dc5c1d2ecae353bd4bcdb61c053b1d7b1223331d664596d93a54d408700062455bf71027a99387a4c190aa0098ed6ed8951ff86c092399a8d11b76c5e00"/133, &(0x7f00000008c0)=""/206, 0x1000, 0x0, 0x1a, 0x64, 0xfffffffffffffffe, &(0x7f00000000c0)="d5231f25b5f85be12036902ce1a29123e3c1d418a6d9c06ff230c473bf3c", 0x0, 0x8000}, 0x48)

1.072198345s ago: executing program 5 (id=1083):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f00000003c0)={[{@nombcache}, {@errors_remount}, {@noinit_itable}, {@bsdgroups}, {@bsdgroups}, {@dioread_lock}]}, 0x1, 0x783, &(0x7f0000001340)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', &(0x7f0000000140)={0x474203, 0x408}, 0x18)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r1, 0x10001, 0x0)

1.01493872s ago: executing program 6 (id=1086):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r3 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r3, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
sendmsg$kcm(r3, &(0x7f00000001c0)={&(0x7f00000000c0)=@tipc=@name={0x1e, 0x2, 0x3, {{0x41}, 0x5}}, 0x80, 0x0, 0x0, &(0x7f0000000900)=ANY=[], 0x1458}, 0x48800)

990.263852ms ago: executing program 6 (id=1087):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x8, 0xf9, 0x7ffc1ffb}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000740)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x64)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x4}, 0x10)
write(r1, &(0x7f0000000240)="240000001a005f0214f9f407000904ff81000000ff020002000a01008898425bcdbd0008", 0x24)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
sysinfo(0x0)
msync(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x6)
mlock2(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYRESHEX, @ANYRES8=r3, @ANYRESOCT=r2], 0x48)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
futex(0x0, 0x5, 0x2, &(0x7f0000fd7ff0)={0x0, 0x3938700}, 0x0, 0xfffffffd)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xd, &(0x7f0000000600)=ANY=[@ANYRES16=r4, @ANYRES32=r5, @ANYRESDEC], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{}, &(0x7f0000000100), &(0x7f0000000180)='%-5lx  \x00'}, 0x20)
setgroups(0x0, 0x0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="01002dbd7000fedbdf252c000000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x20048881}, 0x2000c800)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)

922.699349ms ago: executing program 5 (id=1088):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0x9]}, &(0x7f00000000c0), 0x8)

904.555541ms ago: executing program 6 (id=1089):
r0 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'syz_tun\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, r1, 0x1, 0x0, 0x6, @random="518440db9de1"}, 0x14)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0xf, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000005000000000000004000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014350d00b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000001c0)={r4, 0x0, 0xe, 0x0, &(0x7f0000000040)="3242703ecf43c18550f6abfcd9b7", 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$smc(&(0x7f0000000100), r0)
sendmsg$SMC_PNETID_DEL(r5, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x3c, r6, 0x300, 0x70bd2d, 0xb2, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'gretap0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'ip6erspan0\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4084}, 0x20000000)
fspick(r2, &(0x7f0000000000)='./file0\x00', 0x0)
syz_emit_ethernet(0xc6, &(0x7f0000000180)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @random="e43f6642531e", @void, {@ipv4={0x800, @dccp={{0x2a, 0x4, 0x3, 0x30, 0xb8, 0x68, 0x0, 0x5, 0x21, 0x0, @multicast1, @multicast1, {[@timestamp_addr={0x44, 0x3c, 0x99, 0x1, 0xc, [{@remote, 0x7fffffff}, {@multicast2, 0x3}, {@dev={0xac, 0x14, 0x14, 0x2f}, 0xca93}, {@multicast2, 0x10001}, {@loopback, 0x8}, {@dev={0xac, 0x14, 0x14, 0x20}, 0xfff}, {@multicast2, 0x4}]}, @timestamp_prespec={0x44, 0x14, 0xae, 0x3, 0x4, [{@local, 0x8}, {@multicast2, 0x7fff}]}, @generic={0x86, 0x5, "1e3f66"}, @timestamp_addr={0x44, 0x3c, 0xa8, 0x1, 0x0, [{@rand_addr=0x64010100, 0x9e}, {@dev={0xac, 0x14, 0x14, 0x2a}, 0xfffffff6}, {@multicast2, 0x8001}, {@dev={0xac, 0x14, 0x14, 0x42}, 0x1}, {@rand_addr=0x64010101}, {@multicast1, 0x5}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x82c0}]}]}}, {{0x4e20, 0x4e21, 0x4, 0x1, 0x1, 0x0, 0x0, 0x8, 0x3, "318aa3", 0x9, "717f22"}}}}}}, 0x0)

861.626345ms ago: executing program 6 (id=1090):
r0 = socket$netlink(0x10, 0x3, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)}], 0x1)

860.587745ms ago: executing program 5 (id=1092):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
futex(0x0, 0x6, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x1022002, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
accept(r1, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x6}, 0x220}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000160000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000007c0)=ANY=[@ANYBLOB="5800000002060108000000bca3000000000000400500010006000000050005000200000005000400000000000900020073797a31000000000c000780080012400000000211000300686173683a69702c6d61726b"], 0x58}}, 0x0)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2e, &(0x7f0000000000)={0x8, {{0x2, 0x4e21, @empty=0xe0009eff}}, {{0x2, 0x4e23, @broadcast}}}, 0x108)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}]}, &(0x7f0000000180)=0x10)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000000200)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f00000000c0)={r5, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, &(0x7f00000001c0)=0x9c)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="480000000906010200000000000000000200ffff200007800c00018008000140a2fd4ebc08000a400000000205000300020000000900020073797a310000000005000100"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
open(&(0x7f0000000100)='.\x00', 0x591002, 0x50f)
getdents64(r7, &(0x7f0000000380)=""/4091, 0xff3a)
fadvise64(r2, 0x8, 0x1, 0x4)
signalfd(r0, &(0x7f0000000240)={[0xd3]}, 0x8)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000000)={0x3, 0x8000}, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000200)='kfree\x00', r8}, 0x18)

860.273656ms ago: executing program 6 (id=1093):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x6, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000094000000000000000095"], &(0x7f0000000580)='syzkaller\x00'}, 0x94)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f0000000000)=<r2=>0x0)
bind$nfc_llcp(r0, &(0x7f0000001040)={0x27, r2, 0xffffffffffffffff, 0x5, 0x0, 0x0, "d92984bd1ca44c226af5160e961711a077609475b78411e88509de050000000000f2170e65e3f50327e422000000000000000000000200000000001900", 0x3c}, 0x60)
close(r1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$KDSETMODE(r3, 0x4b3a, 0x1)
ioctl$TCXONC(r3, 0x4b3a, 0x2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7"], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000400)='kfree\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f00000005c0)={[{@jqfmt_vfsold}, {@orlov}, {@user_xattr}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@nodiscard}]}, 0xfa, 0x47c, &(0x7f0000000a80)="$eJzs3M1vFOUfAPDvTLulwI9fK+ILCFJFI/GlpeVFDl40mnDQxEQPGE+1LaRSqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzsztLS77ZZud4H9fJLZfZ6Z2X2e78w8O8/Ms7sBdK2h7CGJ+F9E/B4RA3n29hWG8qeb1y9N/H390kQS1epbfyW19W5cvzRRrlq+bnueqVaL/JY65V5+N2J8ZmbqfJEfmT/7wcjchYsvTJ8dPz11eurc2PHjRw7v6zs2drQlcWZx3djz8eze3SfeufLGxMkr7/2UpJHHHcviaJWhfOvW9XSrC+uwHUvSSW/22F/k9v+yuKTekUAn9UREtrsqtfY/ED2x9daygXjts45WDthU1Wq1usqn8kIVuI8l0ekaAJ1Rnuiz699yalPX465w7eX8AiiL+2Yx5Ut6I80T+yvLrm9baSgiTi7881U2xSbdhwAAWOq7rP/zfL3+XxoP54m+7OH/xRjKYEQ8EBE7I+LBiNgVEQ9F1NZ9JCIeXWf5y0dIVvZ/0qt3HFwTsv7fS8XY1u39v7RcZbCnyO2oxV9JTk3PTB0qtsnBqGw5NZ1Mja5Sxvev/vZFo2VL+3/ZlJVf9gWLelztXXaDbnJ8fnwjMS917dOIPb314k9q4wJRjOvtjog9d1jG9LO9DZetHf8qGr9t06pfRzyT7/+FWBZ/KWk4Pjn64rGxoyP9MTN1aKQ8Klb6+dfLbzYqf0Pxt0C2/7fVPf5vxT+Y9EfMXbh4pjZeO7f+Mi7/8XnDa5p1Hv8ndhTHf1/ydm1GX7Hgo/H5+fOjEX3J6yvnjy2+W5kv18/iP3igfvvfGYtb4rGI2BsR+yLi8eyisKj7ExHxZEQcWCX+H1956v31x9+esdIs/sm19n8s3f/rT/Sc+eHbtePvj4hG+/9ILXWwmNPM51+zFdzItgMAAIB7Rf4d+CQdXkwnw8P5d/h3xbZ0ZnZu/rlTsx+em8y/Kz8YlbS80zWw5H7oaHFvuMyPLcsfLu4bf9mztZYfnpidmex08NDltq9o/2matf/Mnz2drh2w6Vowjgbco7R/6F7aP3SnZM32X2lbXYD2c/6H7lWv/X/ScO3hbza1MkBbOf9D92qi/S/kT417BcC9yfkfupf2D12p4W/j0w395L/tiX+L/zO8W+pz/ycivSuqcf8nepv+M4tGicrKtlwdyNt/NmdL3Vd1+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4LAAD///R05PQ=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r4, 0x0, 0x2}, 0x18)
r6 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
getpeername$packet(r6, 0x0, &(0x7f0000000d40))
sendmsg$xdp(r6, &(0x7f0000000500)={&(0x7f0000000440)={0x2c, 0xa, 0x0, 0x37}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000480)="74cddac3215859cca1d13980", 0xc}], 0x1, 0x0, 0x0, 0x14}, 0x40064)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
recvmsg$can_j1939(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000640)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, 0x80, &(0x7f0000000980)=[{&(0x7f00000006c0)=""/57, 0x39}, {&(0x7f0000000700)=""/158, 0x9e}], 0x2, &(0x7f00000013c0)=""/102, 0x66}, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x42000, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0x40, r8, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_DEBUG_MSGMASK={0x14, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}]}]}]}, @ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x24044815}, 0x0)
syz_genetlink_get_family_id$devlink(0x0, r6)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ff9}]})
r9 = syz_open_dev$usbmon(&(0x7f0000000100), 0x0, 0x600)
mmap$usbmon(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2, 0x40010, r9, 0x3)

786.133733ms ago: executing program 3 (id=1094):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122", @ANYRES32, @ANYBLOB], 0x3c}}, 0x40000)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x1828, &(0x7f0000000040)={0x0, 0x20c8a1, 0x1c881, 0x8, 0xd1})
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

720.15073ms ago: executing program 3 (id=1095):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_config_ext={0x100000001, 0xdd5}, 0x1004, 0x0, 0x10000, 0x0, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
clock_nanosleep(0x2, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000006c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000080)={<r2=>0xffffffffffffffff}, 0x106, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @id_tos={0x0, r2, 0x0, 0x3, 0x4000}}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r7, &(0x7f00000002c0)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r8, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}, 0x1, 0x0, 0x0, 0x4c840}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}, 0x1, 0xfffc}, 0x4000800) (async)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0) (async)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001200)=ANY=[@ANYBLOB="4c000000190001090000000000000000021800000000fd010000000008000100ac141400080005000a0101021800168014000300fe8000000000000000000000000000aa060015"], 0x4c}}, 0x0) (async)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000140)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x6, @loopback, 0x8}, {0xa, 0x4e20, 0x2, @private2}, r2, 0xf4}}, 0x48)

650.286016ms ago: executing program 2 (id=1097):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_setup(0x10001, &(0x7f0000000000)=<r0=>0x0)
io_pgetevents(r0, 0x8000000000000000, 0x2, &(0x7f0000000040)=[{}, {}], &(0x7f00000001c0)={0x0, 0x989680}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0040, &(0x7f0000002a00)={[{@noblock_validity}, {@resgid={'resgid', 0x3d, 0xee00}}, {@acl}, {@noload}, {@journal_dev={'journal_dev', 0x3d, 0x3}}, {@nodiscard}]}, 0xfe, 0x472, &(0x7f0000000940)="$eJzs3MtvG8UfAPDvOk6a9PFLf6U8WloIFETFI2nSBz1wAYHEAQQSHIo4BSetSt0GNUGiVQSBQxDigCpxRxyR+As4wQUBJySucEeVEMqlhZPRenfTxLVDHk6c4s9H2nZmd92Z786OPTtjN4CuNZT+kUTsjohfI2Iwyy4/YSj76+bCbOWvhdlKErXaa38m9fNuLMxW8n9i8XW7sh21Wp7f0aTc+TcjxqvVyct5fmTm4jsj01euPnX+4vi5yXOTl8ZOnz5x/HDfqbGTbYkzjevGwfenDh148Y1rL1fOXHvrx6/T+u7OjxdxtNNQdnWberTdhXXYniXppNzBirAmabulzdVb7/+D0RMDi8cG44WPOlo5YFPVarVas8/n3FwN+A9LotM1ADqj+KBPn3+LbYuGHtvCH89mD0Bp3DfzLTtSjlJ+Tm/D82079UfEmbm/v0i32KR5CACApb5Nxz9PNhv/leKeJef9L19D2RsR/4+IfRFxV0Tsj4i7I+rn3hsR962x/MYVktvHP6Xr6wpsldLx3zP52tby8V8x+ou9PXluTz3+3uTs+erksfyaHI3eHWl+dNlLlvvu+V8+a9z3aT7NPrRk/JduafnFWDCvx/VywwTdxPjMeFuCT+P/MOJguVn8SRTLOElEHIiIg+ss4/zjXx1qdezf419BG9aZal9GPJa1/1w0xF9IWq5Pjj59auzkSH9UJ4+NFHfF7X76ef7VVuVvKP42SNt/Z9P7P4s/fUZM+iOmr1y9UF+vnV57GfO/fVxJWhzbv877vy95vZ7uy/e9Nz4zc3k0oi95Kc0OLNs/duu1Rb44P43/6JHm/X9f9nhWvxL3R0R6Ex+OiAci4sG87R6KiIcj4sgK8f/w3CNvtzrWuv1XmJVvozT+iRXaP33LS1O32n/tiZ4L33/Tqvzaqtr/RD11NN+zmve/1VZwI9cOAAAA7hSl+nfgk9LwYrpUGh7OvsO/P3aWqlPTM0+cnXr30kT2Xfm90VsqZroGl8yHjuZzw0V+rCF/PJ83/rxnoJ4frkxVJzodPHS5XS36f+r3nk7XDth0fq8F3Uv/h+6l/0P30v+he+n/0KX6mu/+YKvrAXTE2j//+zelHsDWM/6H7qX/Q/fS/6ErtfxtfGlDP/m/UxPl7VGNpomB7VGNIhGlbVGN9iVe+STrEtulPkWivOr/zGKdiR1ND3X6nQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA9/gkAAP//Uo/mdg==")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000300)={0x0, 0x2904c, 0x0, 0x10003, '\x00', [{0x0, 0x0, 0x700, 0x7}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x40000000000000}]})
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r3 = io_uring_setup(0x6c3, &(0x7f0000000080)={0x0, 0x4075, 0x18, 0x2, 0x10f})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r3, 0x10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[{0x0}], 0x0, 0x1}, 0x20)

492.272022ms ago: executing program 2 (id=1098):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x12, 0x7, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="f615bc415495c5d188931ee3ce911054712475b62b1d1bd01896a19bfafb740d39168bf3332e3997676a3928906c3a3b4ceda94e295c4deaf277c5eeffb87982264318a4363eba2b394557f3f3a01dcdb9010bdc427e1b51df4f47507555d801129cd3dfd9860b9a169e11d2d2c95771910078d30724718b9f1e4304c5d85fe2f177bbc6e1e5e0f54f65003bab4753b103c8d30d6c062b7deb64cf9feafdb543c0b0dacd40", @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)="290000001e00190f00003fffffffda060200000000e80001dd0008040d000800250000000005000000", 0x29}], 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$inet_tcp(0x2, 0x1, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000000040040000000", @ANYRES32=0x0, @ANYBLOB="00071d210df70000000000000000e8ffffff00000000100000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000470bcc5800"/32], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18ffe20000000000000088b325ad90183a5d0000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
openat$selinux_load(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
r5 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0xffffffff}, 0x48, 0xffffffffffffffff)
r6 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r7 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc1}, &(0x7f0000000500)={0x0, "6035ae1e0fe721441705322025000000003e2a5b3d77f7ad4bcf2b71d17e1ec0ef54e6773fd7264c39ea00c508ba607269613800", 0x3d}, 0x48, 0xfffffffffffffffe)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000040), r8)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000003040)={'batadv0\x00', <r9=>0x0})
sendmsg$BATADV_CMD_TP_METER(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000003100)={&(0x7f0000000580)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRESOCT=r4, @ANYBLOB="01002bbd7000fbdbdf25020000000a000900aaaaaaaaaa44000008000300", @ANYRES32=r9, @ANYBLOB='\b\x00\v'], 0x30}, 0x1, 0x0, 0x0, 0x20000050}, 0x20040084)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r10}, 0x4)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r10, @ANYRESDEC=r9], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='sched_switch\x00', r11}, 0x18)
keyctl$KEYCTL_MOVE(0x4, r7, r6, r6, 0x0)
keyctl$KEYCTL_MOVE(0x4, r5, r5, 0x0, 0x0)

459.969865ms ago: executing program 2 (id=1099):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f00000003c0)={[{@nombcache}, {@errors_remount}, {@noinit_itable}, {@bsdgroups}, {@bsdgroups}, {@dioread_lock}]}, 0x1, 0x783, &(0x7f0000001340)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r1, 0x10001, 0x0)

434.711957ms ago: executing program 3 (id=1100):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000200)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x18)
unshare(0x8040600)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x10000}, 0x28)
ioctl$EVIOCGPROP(0xffffffffffffffff, 0x80404509, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
r3 = openat$selinux_policy(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x50)
write$selinux_load(r2, &(0x7f0000000000)=ANY=[], 0x190da)

364.095084ms ago: executing program 2 (id=1101):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x2}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_io_uring_setup(0x1108, &(0x7f0000000880)={0x0, 0x2, 0x80, 0x2, 0x21e}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x200000000000, 0x0, 0x200, 0x0, 0x1})
io_uring_enter(r2, 0x471b, 0xf694, 0x20, 0x0, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = socket$inet6(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r7], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r7}, &(0x7f0000000000), &(0x7f00000005c0)=r8}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r9}, 0x9)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r6, 0x89f1, &(0x7f00000004c0)={'ip6_vti0\x00', &(0x7f0000000740)={'syztnl1\x00', 0x0, 0x29, 0xfd, 0x3, 0x2, 0x5c, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7800, 0x40, 0x4, 0x4}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r6, 0x89f2, &(0x7f0000000680)={'syztnl1\x00', 0x0})
sendmsg$nl_xfrm(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="24000000240035b90000000000000000070000000600040000ef0000060003"], 0x24}}, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r10, 0x2000002, 0xe, 0x3d, &(0x7f00000005c0)="df12c9f7b9a6000000000000000096fc36dc2f8741d451f4117d2a7e856d7783dd24c267235638bc9848dc2a4802eb8368252950343416c0cc5e97c1ad38221bbee42fa6889347a1142eb02d2082edef45e3e6c986b5ac38b4da20680e38cfb2654edde484745f8540011d9bbb54745dfa48054f466adddae71c126e89108ffcd3397aeb659b430910aee5cf2cfb1b2ea381441c09a0d2edc5c3cfbc2e5a73945b148d5609de2360726517cd100704031259b829b7f8201a02fc0278a61d1dfbfa5d8840ddf3271e47444e87e3400b3f291c695dbc4ef710b0429828c87229b506bd7893194745c04adf82b656cbafa7d5c64ddf8e9beb0991b60cfff30cd024686fc44699e925d7e58f5756bde679da2a71755539a5f0f8304a7c378afdc42aecd4b881f1cd91a5f038e4a6981088d7307dbe16ba236ce0e69af08025e6188f8f0f920741aa719c6f5d848eaa760443e50bc849d6891481a26ce7cf06eb91553bdb6f27b7dac817", 0x0, 0x3, 0x0, 0x0, 0xfe25, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x2b)

304.23726ms ago: executing program 4 (id=1102):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0x9]}, &(0x7f00000000c0), 0x8)

285.246482ms ago: executing program 3 (id=1103):
r0 = socket$netlink(0x10, 0x3, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)}], 0x1)

271.684293ms ago: executing program 4 (id=1104):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000140)={0x24, 0x18, 0x1, 0x0, 0x25dfdbfd, {0xa}, [@typed={0x8, 0x800, 0x0, 0x0, @ipv4=@multicast2}, @nested={0x8, 0x8, 0x0, 0x1, [@nested={0x4, 0xc7}]}]}, 0x24}}, 0x0)

204.43474ms ago: executing program 2 (id=1105):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122", @ANYRES32, @ANYBLOB="f5ff"], 0x3c}}, 0x40000)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x1828, &(0x7f0000000040)={0x0, 0x20c8a1, 0x1c881, 0x8, 0xd1})
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

186.330632ms ago: executing program 4 (id=1106):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f00000003c0)=[{0x200000000006, 0x8, 0x0, 0x7ffc0002}]})
getresuid(&(0x7f0000000440), &(0x7f0000000480), 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x1c0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, 0x0, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r4}, 0x18)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000280)={'\x00', 0x7f, 0x1002, 0x5c8, 0x80000003, 0x6, <r5=>0x0})
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)
r6 = syz_open_dev$evdev(&(0x7f0000001900), 0x0, 0x0)
read$hidraw(r6, &(0x7f0000000180)=""/215, 0xd7)
ioctl$EVIOCREVOKE(r6, 0x40044591, 0x0)
syz_open_procfs$userns(r5, &(0x7f0000000000))
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$EVIOCGABS0(r2, 0x80184540, &(0x7f0000000100)=""/28)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x18)
setsockopt$inet6_tcp_int(r7, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
r8 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2082)
r9 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r9, 0x40042408, r10)
r11 = fcntl$dupfd(r8, 0x0, r8)
ioctl$SG_IO(r11, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})

181.219012ms ago: executing program 3 (id=1107):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f00000000c0)={{0x2, 0x4e22, @empty}, {0x0, @remote}, 0x48, {0x2, 0x0, @empty}, 'lo\x00'})
ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f00000002c0)={{0x2, 0x4e21, @broadcast}, {0x306, @local}, 0x48, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x30}}, 'lo\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2008}, 0x80)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r5}, 0x18)
r6 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r6, 0x6, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r7}, 0x10)
r8 = fsmount(r6, 0x0, 0x0)
openat$cgroup_subtree(r8, &(0x7f0000000100), 0x2, 0x0)

98.387391ms ago: executing program 2 (id=1108):
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x445bd}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r2, 0x0, 0x5}, 0x18)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002080)=@newtaction={0xe98, 0x30, 0x25, 0x0, 0x0, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x30, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0xffffffffffffff09}]}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x6}, {0x1000}, {0x1}, {}, {}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x20000}, {}, {}, {}, {0x1}, {0x0, 0x0, 0x0, 0x8000000, 0xfffffffe}, {}, {0x0, 0x0, 0x7}, {0x0, 0x7}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0x2, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {0xfffffffc}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {0x0, 0x0, 0x10000000}, {0x0, 0x1, 0x0, 0x0, 0x0, 0x2}, {0x7}, {}, {0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x800000, 0x2}, {}, {}, {}, {0x0, 0x0, 0x2}, {0x4, 0xc000000}, {}, {0x0, 0x80000000}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, {0x0, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x23}, {0x0, 0x0, 0x0, 0x404}, {0x0, 0x0, 0x0, 0x2, 0xfffffffd}, {0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0x0, 0x100000}, {}, {}, {0x0, 0x0, 0x0, 0xc1f5}, {0x0, 0x0, 0x9f, 0x0, 0x0, 0x1}, {0x20000, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {0xfffffffd}, {}, {}, {}, {}, {0xfffffffd}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, {0x0, 0x0, 0x1, 0x0, 0x747}, {0x8}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x80000001, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x0, 0x6}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, {0x0, 0x0, 0x0, 0x0, 0x401}, {}, {0x0, 0x78}, {0x0, 0x5}, {}, {0x0, 0x0, 0x3a006510, 0x2}], [{0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x2}, {}, {}, {0x4}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="2100000000000000000000000000100000040000", @ANYRES32, @ANYRESDEC=0x0], 0x50)

522.16µs ago: executing program 4 (id=1109):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x401, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x29}}, './file0\x00'})

0s ago: executing program 6 (id=1110):
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x445bd}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r2, 0x0, 0x5}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002080)=@newtaction={0xe98, 0x30, 0x25, 0x0, 0x0, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x30, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0xffffffffffffff09}]}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x6}, {0x1000}, {0x1}, {}, {}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x20000}, {}, {}, {}, {0x1}, {0x0, 0x0, 0x0, 0x8000000, 0xfffffffe}, {}, {0x0, 0x0, 0x7}, {0x0, 0x7}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0x2, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {0xfffffffc}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {0x0, 0x0, 0x10000000}, {0x0, 0x1, 0x0, 0x0, 0x0, 0x2}, {0x7}, {}, {0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x800000, 0x2}, {}, {}, {}, {0x0, 0x0, 0x2}, {0x4, 0xc000000}, {}, {0x0, 0x80000000}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, {0x0, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x23}, {0x0, 0x0, 0x0, 0x404}, {0x0, 0x0, 0x0, 0x2, 0xfffffffd}, {0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0x0, 0x100000}, {}, {}, {0x0, 0x0, 0x0, 0xc1f5}, {0x0, 0x0, 0x9f, 0x0, 0x0, 0x1}, {0x20000, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {0xfffffffd}, {}, {}, {}, {}, {0xfffffffd}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, {0x0, 0x0, 0x1, 0x0, 0x747}, {0x8}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x80000001, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x0, 0x6}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, {0x0, 0x0, 0x0, 0x0, 0x401}, {}, {0x0, 0x78}, {0x0, 0x5}, {}, {0x0, 0x0, 0x3a006510, 0x2}], [{0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x2}, {}, {}, {0x4}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="2100000000000000000000000000100000040000", @ANYRES32, @ANYRESDEC=0x0], 0x50)

kernel console output (not intermixed with test programs):

EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.901985][   T29] audit: type=1400 audit(79.886:7730): avc:  denied  { execute } for  pid=4979 comm="syz.4.485" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=9972 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[   79.955179][ T4982] netlink: 20 bytes leftover after parsing attributes in process `syz.2.487'.
[   79.965161][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.057931][   T29] audit: type=1400 audit(80.036:7731): avc:  denied  { ioctl } for  pid=4986 comm="syz.5.488" path=2F7365637265746D656D202864656C6574656429 dev="secretmem" ino=10512 ioctlcmd=0x5346 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   80.084622][   T29] audit: type=1400 audit(80.036:7732): avc:  denied  { read } for  pid=4986 comm="syz.5.488" dev="nsfs" ino=4026533069 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   80.084719][   T29] audit: type=1400 audit(80.036:7733): avc:  denied  { open } for  pid=4986 comm="syz.5.488" path="net:[4026533069]" dev="nsfs" ino=4026533069 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   80.084744][   T29] audit: type=1400 audit(80.036:7734): avc:  denied  { ioctl } for  pid=4986 comm="syz.5.488" path="socket:[10515]" dev="sockfs" ino=10515 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   80.137597][   T29] audit: type=1400 audit(80.116:7735): avc:  denied  { create } for  pid=4983 comm="syz.0.486" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   80.138539][   T29] audit: type=1400 audit(80.116:7736): avc:  denied  { write } for  pid=4983 comm="syz.0.486" name="file0" dev="tmpfs" ino=556 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   80.138573][   T29] audit: type=1400 audit(80.116:7737): avc:  denied  { open } for  pid=4983 comm="syz.0.486" path="/98/file0" dev="tmpfs" ino=556 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   80.169617][ T4997] netlink: 4 bytes leftover after parsing attributes in process `syz.4.493'.
[   80.169641][ T4997] netlink: 4 bytes leftover after parsing attributes in process `syz.4.493'.
[   80.169734][ T4997] netlink: 4 bytes leftover after parsing attributes in process `syz.4.493'.
[   80.170312][   T29] audit: type=1400 audit(80.146:7738): avc:  denied  { ioctl } for  pid=4995 comm="syz.4.493" path="socket:[10532]" dev="sockfs" ino=10532 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   80.178587][ T4997] netlink: 4 bytes leftover after parsing attributes in process `syz.4.493'.
[   80.178614][ T4997] netlink: 4 bytes leftover after parsing attributes in process `syz.4.493'.
[   80.178668][ T4997] netlink: 4 bytes leftover after parsing attributes in process `syz.4.493'.
[   80.187363][ T4988] Illegal XDP return value 4294967294 on prog  (id 400) dev N/A, expect packet loss!
[   80.382410][ T5014] IPv6: NLM_F_CREATE should be specified when creating new route
[   80.402178][ T5013] loop0: detected capacity change from 0 to 512
[   80.402609][ T5013] /dev/loop0: Can't open blockdev
[   80.438585][ T5011] loop5: detected capacity change from 0 to 8192
[   80.711680][ T5030] loop4: detected capacity change from 0 to 512
[   80.745626][ T5030] EXT4-fs: Ignoring removed nobh option
[   80.810220][ T5030] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #3: comm syz.4.501: corrupted inode contents
[   80.862051][ T5030] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #3: comm syz.4.501: mark_inode_dirty error
[   80.874444][ T5030] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #3: comm syz.4.501: corrupted inode contents
[   80.888018][ T5030] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #3: comm syz.4.501: mark_inode_dirty error
[   80.906536][ T5030] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.501: Failed to acquire dquot type 0
[   80.925006][ T5004] loop3: detected capacity change from 0 to 32768
[   80.925579][ T5030] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.501: corrupted inode contents
[   80.944639][ T5030] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #16: comm syz.4.501: mark_inode_dirty error
[   80.956751][ T5030] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.501: corrupted inode contents
[   80.977373][ T5038] block device autoloading is deprecated and will be removed.
[   80.985385][ T5030] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #16: comm syz.4.501: mark_inode_dirty error
[   81.001791][ T5038] netlink: 'syz.0.504': attribute type 10 has an invalid length.
[   81.012984][ T5038] team0: Port device dummy0 added
[   81.030754][ T5038] netlink: 'syz.0.504': attribute type 10 has an invalid length.
[   81.039163][ T5038] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   81.048820][ T5030] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.501: corrupted inode contents
[   81.061819][ T5030] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem
[   81.061878][ T5038] team0: Failed to send options change via netlink (err -105)
[   81.061910][ T5038] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   81.088576][ T5038] team0: Port device dummy0 removed
[   81.094169][ T5030] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.501: corrupted inode contents
[   81.107181][ T5030] EXT4-fs error (device loop4): ext4_truncate:4637: inode #16: comm syz.4.501: mark_inode_dirty error
[   81.112627][ T5038] .`: (slave dummy0): Enslaving as an active interface with an up link
[   81.127321][ T5030] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem
[   81.141556][ T5030] EXT4-fs (loop4): 1 truncate cleaned up
[   81.175374][ T5030] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.222193][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.367553][ T5055] loop3: detected capacity change from 0 to 1024
[   81.377842][ T5055] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   81.389395][ T5055] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   81.400156][ T5055] JBD2: no valid journal superblock found
[   81.406062][ T5055] EXT4-fs (loop3): Could not load journal inode
[   82.082369][ T5079] wireguard0: entered promiscuous mode
[   82.088218][ T5079] wireguard0: entered allmulticast mode
[   82.208778][ T5083] loop5: detected capacity change from 0 to 512
[   82.260658][ T5077] loop0: detected capacity change from 0 to 32768
[   82.267729][ T5083] EXT4-fs: Ignoring removed nobh option
[   82.302507][ T5077]  loop0: p1 p3 < >
[   82.316136][ T5083] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #3: comm syz.5.518: corrupted inode contents
[   82.335324][ T5083] EXT4-fs error (device loop5): ext4_dirty_inode:6517: inode #3: comm syz.5.518: mark_inode_dirty error
[   82.352257][ T5090] loop3: detected capacity change from 0 to 1024
[   82.361638][ T5090] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   82.373100][ T5090] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   82.373273][ T5083] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #3: comm syz.5.518: corrupted inode contents
[   82.396227][ T5090] JBD2: no valid journal superblock found
[   82.402158][ T5090] EXT4-fs (loop3): Could not load journal inode
[   82.408772][ T5083] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #3: comm syz.5.518: mark_inode_dirty error
[   82.423826][ T5083] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.518: Failed to acquire dquot type 0
[   82.437263][ T5083] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #16: comm syz.5.518: corrupted inode contents
[   82.476605][ T5083] EXT4-fs error (device loop5): ext4_dirty_inode:6517: inode #16: comm syz.5.518: mark_inode_dirty error
[   82.491275][ T5092] __nla_validate_parse: 14 callbacks suppressed
[   82.491295][ T5092] netlink: 4 bytes leftover after parsing attributes in process `syz.3.522'.
[   82.507166][ T5092] netlink: 4 bytes leftover after parsing attributes in process `syz.3.522'.
[   82.517225][ T5083] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #16: comm syz.5.518: corrupted inode contents
[   82.527575][ T5092] netlink: 4 bytes leftover after parsing attributes in process `syz.3.522'.
[   82.549109][ T5092] netlink: 4 bytes leftover after parsing attributes in process `syz.3.522'.
[   82.558290][ T5092] netlink: 4 bytes leftover after parsing attributes in process `syz.3.522'.
[   82.588080][ T5083] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #16: comm syz.5.518: mark_inode_dirty error
[   82.599755][ T5083] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #16: comm syz.5.518: corrupted inode contents
[   82.612380][ T5092] netlink: 4 bytes leftover after parsing attributes in process `syz.3.522'.
[   82.630662][ T5083] EXT4-fs error (device loop5) in ext4_orphan_del:301: Corrupt filesystem
[   82.636471][ T5100] IPv6: NLM_F_CREATE should be specified when creating new route
[   82.649638][ T5083] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #16: comm syz.5.518: corrupted inode contents
[   82.663116][ T5092] netlink: 4 bytes leftover after parsing attributes in process `syz.3.522'.
[   82.672249][ T5092] netlink: 4 bytes leftover after parsing attributes in process `syz.3.522'.
[   82.681180][ T5092] netlink: 4 bytes leftover after parsing attributes in process `syz.3.522'.
[   82.690397][ T5083] EXT4-fs error (device loop5): ext4_truncate:4637: inode #16: comm syz.5.518: mark_inode_dirty error
[   82.702699][ T5083] EXT4-fs error (device loop5) in ext4_process_orphan:343: Corrupt filesystem
[   82.720823][ T5083] EXT4-fs (loop5): 1 truncate cleaned up
[   82.726998][ T5083] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.751134][ T5104] loop0: detected capacity change from 0 to 512
[   82.758783][ T5104] EXT4-fs: Ignoring removed bh option
[   82.765477][ T5104] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   82.774679][ T5104] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[   82.783867][ T5106] FAULT_INJECTION: forcing a failure.
[   82.783867][ T5106] name failslab, interval 1, probability 0, space 0, times 0
[   82.796662][ T5106] CPU: 0 UID: 0 PID: 5106 Comm: syz.3.525 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   82.796697][ T5106] Tainted: [W]=WARN
[   82.796766][ T5106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   82.796780][ T5106] Call Trace:
[   82.796788][ T5106]  <TASK>
[   82.796796][ T5106]  __dump_stack+0x1d/0x30
[   82.796835][ T5106]  dump_stack_lvl+0xe8/0x140
[   82.796869][ T5106]  dump_stack+0x15/0x1b
[   82.796929][ T5106]  should_fail_ex+0x265/0x280
[   82.796991][ T5106]  should_failslab+0x8c/0xb0
[   82.797018][ T5106]  kmem_cache_alloc_noprof+0x50/0x480
[   82.797044][ T5106]  ? audit_log_start+0x342/0x720
[   82.797130][ T5106]  audit_log_start+0x342/0x720
[   82.797165][ T5106]  ? kstrtouint+0x76/0xc0
[   82.797279][ T5106]  audit_seccomp+0x48/0x100
[   82.797309][ T5106]  ? __seccomp_filter+0x82d/0x1250
[   82.797382][ T5106]  __seccomp_filter+0x83e/0x1250
[   82.797409][ T5106]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   82.797440][ T5106]  ? vfs_write+0x7e8/0x960
[   82.797461][ T5106]  ? __rcu_read_unlock+0x4f/0x70
[   82.797519][ T5106]  ? __fget_files+0x184/0x1c0
[   82.797623][ T5106]  __secure_computing+0x82/0x150
[   82.797642][ T5106]  syscall_trace_enter+0xcf/0x1e0
[   82.797664][ T5106]  do_syscall_64+0xac/0x200
[   82.797701][ T5106]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   82.797815][ T5106]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   82.797849][ T5106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.797891][ T5106] RIP: 0033:0x7ff36dc4efc9
[   82.797944][ T5106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.797966][ T5106] RSP: 002b:00007ff36c6b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000103
[   82.797985][ T5106] RAX: ffffffffffffffda RBX: 00007ff36dea5fa0 RCX: 00007ff36dc4efc9
[   82.797997][ T5106] RDX: 0000000000000200 RSI: 0000000000000000 RDI: ffffffffffffffff
[   82.798009][ T5106] RBP: 00007ff36c6b7090 R08: 0000000000000000 R09: 0000000000000000
[   82.798020][ T5106] R10: 0000000000000706 R11: 0000000000000246 R12: 0000000000000001
[   82.798034][ T5106] R13: 00007ff36dea6038 R14: 00007ff36dea5fa0 R15: 00007fff4539a108
[   82.798062][ T5106]  </TASK>
[   83.031666][ T5104] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[   83.042456][ T5083] netlink: 20 bytes leftover after parsing attributes in process `syz.5.518'.
[   83.059198][ T5104] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=e002e01c, mo2=0006]
[   83.068380][ T3691] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.070390][ T5104] System zones: 0-2, 18-18, 34-35
[   83.086506][ T5104] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.104456][ T5104] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   83.126040][ T5104] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 3: comm syz.0.524: path /105/file0: bad entry in directory: inode out of bounds - offset=24, inode=134217739, rec_len=20, size=2048 fake=0
[   83.212268][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.548834][ T5140] netlink: 'syz.3.538': attribute type 21 has an invalid length.
[   84.179584][ T5125] loop0: detected capacity change from 0 to 32768
[   84.197173][ T5148] veth1_to_batadv: entered promiscuous mode
[   84.257940][ T5153] IPVS: Unknown mcast interface: 
[   84.302819][ T5125]  loop0: p1 p3 < >
[   84.412094][ T5167] loop3: detected capacity change from 0 to 1024
[   84.461333][ T5167] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   84.472576][ T5167] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   84.519686][ T5172] loop9: detected capacity change from 0 to 7
[   84.530683][ T5172] buffer_io_error: 16 callbacks suppressed
[   84.530697][ T5172] Buffer I/O error on dev loop9, logical block 0, async page read
[   84.546076][ T5167] JBD2: no valid journal superblock found
[   84.552034][ T5167] EXT4-fs (loop3): Could not load journal inode
[   84.564210][ T5172] Buffer I/O error on dev loop9, logical block 0, async page read
[   84.572207][ T5172]  loop9: unable to read partition table
[   84.578068][ T5172] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ �
[   84.578068][ T5172] 
) failed (rc=-5)
[   84.779641][ T5190] netlink: 'syz.5.553': attribute type 4 has an invalid length.
[   84.788880][ T5190] loop5: detected capacity change from 0 to 128
[   84.798602][ T5190] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   84.830481][   T29] kauditd_printk_skb: 466 callbacks suppressed
[   84.830500][   T29] audit: type=1400 audit(84.806:8199): avc:  denied  { relabelfrom } for  pid=5185 comm="syz.0.552" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   84.856075][   T29] audit: type=1400 audit(84.806:8200): avc:  denied  { relabelto } for  pid=5185 comm="syz.0.552" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   84.892711][   T29] audit: type=1400 audit(84.876:8201): avc:  denied  { read write } for  pid=5194 comm="syz.4.554" name="usbmon7" dev="devtmpfs" ino=163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   84.916546][   T29] audit: type=1400 audit(84.876:8202): avc:  denied  { open } for  pid=5194 comm="syz.4.554" path="/dev/usbmon7" dev="devtmpfs" ino=163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   84.939795][   T29] audit: type=1400 audit(84.876:8203): avc:  denied  { ioctl } for  pid=5194 comm="syz.4.554" path="/dev/usbmon7" dev="devtmpfs" ino=163 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   85.019443][   T29] audit: type=1326 audit(84.996:8204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5189 comm="syz.5.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dd2d9efc9 code=0x7ffc0000
[   85.047595][   T29] audit: type=1326 audit(85.026:8205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5189 comm="syz.5.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dd2d9efc9 code=0x7ffc0000
[   85.106003][ T5198] loop3: detected capacity change from 0 to 32768
[   85.150924][ T5198]  loop3: p1 p3 < >
[   85.212844][ T5202] netlink: 'syz.3.556': attribute type 21 has an invalid length.
[   85.223350][   T29] audit: type=1326 audit(85.206:8206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5201 comm="syz.3.556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36dc4efc9 code=0x7ffc0000
[   85.246781][   T29] audit: type=1326 audit(85.206:8207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5201 comm="syz.3.556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36dc4efc9 code=0x7ffc0000
[   85.270524][   T29] audit: type=1326 audit(85.206:8208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5201 comm="syz.3.556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ff36dc4efc9 code=0x7ffc0000
[   85.438095][ T5218] loop3: detected capacity change from 0 to 512
[   85.445397][ T5218] EXT4-fs: Ignoring removed nobh option
[   85.472404][ T5218] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #3: comm syz.3.562: corrupted inode contents
[   85.484673][ T5218] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #3: comm syz.3.562: mark_inode_dirty error
[   85.497002][ T5218] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #3: comm syz.3.562: corrupted inode contents
[   85.509911][ T5218] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.562: mark_inode_dirty error
[   85.521984][ T5218] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.562: Failed to acquire dquot type 0
[   85.534486][ T5218] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.562: corrupted inode contents
[   85.547260][ T5218] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #16: comm syz.3.562: mark_inode_dirty error
[   85.558999][ T5218] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.562: corrupted inode contents
[   85.571348][ T5218] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.562: mark_inode_dirty error
[   85.582928][ T5218] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.562: corrupted inode contents
[   85.595230][ T5218] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem
[   85.606469][ T3691] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   85.616074][ T5218] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.562: corrupted inode contents
[   85.617943][ T5224] netlink: 'syz.2.564': attribute type 1 has an invalid length.
[   85.632314][ T5218] EXT4-fs error (device loop3): ext4_truncate:4637: inode #16: comm syz.3.562: mark_inode_dirty error
[   85.649045][ T5218] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem
[   85.664740][ T5218] EXT4-fs (loop3): 1 truncate cleaned up
[   85.671240][ T5218] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.707891][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.762933][ T5239] netlink: 'syz.5.571': attribute type 21 has an invalid length.
[   86.244434][ T5229] loop0: detected capacity change from 0 to 32768
[   86.302156][ T5268] netlink: 'syz.4.580': attribute type 1 has an invalid length.
[   86.490927][ T5229]  loop0: p1 p3 < >
[   86.651486][ T5274] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=38416 sclass=netlink_route_socket pid=5274 comm=syz.5.583
[   86.890195][ T5282] loop0: detected capacity change from 0 to 1024
[   86.912008][ T5284] loop5: detected capacity change from 0 to 512
[   86.921886][ T5282] EXT4-fs: Ignoring removed orlov option
[   86.930557][ T5284] EXT4-fs: Ignoring removed bh option
[   86.942407][ T5284] EXT4-fs: Ignoring removed mblk_io_submit option
[   86.954514][ T5282] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.969318][ T5284] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   86.998270][ T5284] EXT4-fs (loop5): revision level too high, forcing read-only mode
[   87.006821][ T5284] EXT4-fs (loop5): orphan cleanup on readonly fs
[   87.018679][ T5284] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.586: Failed to acquire dquot type 1
[   87.038236][ T5282] infiniband syû: set active
[   87.043075][ T5282] infiniband syû: added bond_slave_0
[   87.072302][ T5284] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.586: Invalid block bitmap block 0 in block_group 0
[   87.092480][ T5282] RDS/IB: syû: added
[   87.100422][ T5282] smc: adding ib device syû with port count 1
[   87.105068][ T5284] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.586: Invalid block bitmap block 0 in block_group 0
[   87.106968][ T5282] smc:    ib device syû port 1 has no pnetid
[   87.144921][ T5284] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.586: Invalid block bitmap block 0 in block_group 0
[   87.159195][ T5284] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.586: Failed to acquire dquot type 1
[   87.171244][ T5284] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.586: Failed to acquire dquot type 1
[   87.184962][ T5284] EXT4-fs (loop5): 1 orphan inode deleted
[   87.200524][ T5284] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   87.305287][ T3691] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.441071][ T5330] loop3: detected capacity change from 0 to 512
[   87.448090][ T5330] EXT4-fs: Ignoring removed nobh option
[   87.471871][ T5330] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #3: comm syz.3.603: corrupted inode contents
[   87.486777][ T5330] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #3: comm syz.3.603: mark_inode_dirty error
[   87.499475][ T5330] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #3: comm syz.3.603: corrupted inode contents
[   87.511742][ T5330] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.603: mark_inode_dirty error
[   87.523697][ T5330] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.603: Failed to acquire dquot type 0
[   87.721832][ T5330] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.603: corrupted inode contents
[   87.768936][ T5330] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #16: comm syz.3.603: mark_inode_dirty error
[   87.809477][ T5330] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.603: corrupted inode contents
[   87.854442][ T5330] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.603: mark_inode_dirty error
[   87.928450][ T5330] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.603: corrupted inode contents
[   87.945937][ T5330] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem
[   87.954182][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.963898][ T5330] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.603: corrupted inode contents
[   87.977858][ T5330] EXT4-fs error (device loop3): ext4_truncate:4637: inode #16: comm syz.3.603: mark_inode_dirty error
[   88.014496][ T5330] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem
[   88.031994][ T5330] EXT4-fs (loop3): 1 truncate cleaned up
[   88.047742][ T5330] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.072278][ T5345] __nla_validate_parse: 25 callbacks suppressed
[   88.072295][ T5345] netlink: 4 bytes leftover after parsing attributes in process `syz.0.607'.
[   88.087678][ T5345] netlink: 4 bytes leftover after parsing attributes in process `syz.0.607'.
[   88.096942][ T5345] netlink: 4 bytes leftover after parsing attributes in process `syz.0.607'.
[   88.116668][ T5345] netlink: 4 bytes leftover after parsing attributes in process `syz.0.607'.
[   88.117663][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.125787][ T5345] netlink: 4 bytes leftover after parsing attributes in process `syz.0.607'.
[   88.143970][ T5345] netlink: 4 bytes leftover after parsing attributes in process `syz.0.607'.
[   88.240552][ T5351] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[   88.247103][ T5351] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   88.254790][ T5351] vhci_hcd vhci_hcd.0: Device attached
[   88.285305][ T5358] FAULT_INJECTION: forcing a failure.
[   88.285305][ T5358] name failslab, interval 1, probability 0, space 0, times 0
[   88.298212][ T5358] CPU: 0 UID: 0 PID: 5358 Comm: syz.5.610 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   88.298252][ T5358] Tainted: [W]=WARN
[   88.298317][ T5358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   88.298333][ T5358] Call Trace:
[   88.298341][ T5358]  <TASK>
[   88.298414][ T5358]  __dump_stack+0x1d/0x30
[   88.298451][ T5358]  dump_stack_lvl+0xe8/0x140
[   88.298484][ T5358]  dump_stack+0x15/0x1b
[   88.298584][ T5358]  should_fail_ex+0x265/0x280
[   88.298660][ T5358]  ? __se_sys_mount+0xef/0x2e0
[   88.298696][ T5358]  should_failslab+0x8c/0xb0
[   88.298719][ T5358]  __kmalloc_cache_noprof+0x4c/0x4a0
[   88.298746][ T5358]  ? memdup_user+0x99/0xd0
[   88.298768][ T5358]  __se_sys_mount+0xef/0x2e0
[   88.298819][ T5358]  ? fput+0x8f/0xc0
[   88.298846][ T5358]  ? ksys_write+0x192/0x1a0
[   88.298866][ T5358]  __x64_sys_mount+0x67/0x80
[   88.298941][ T5358]  x64_sys_call+0x2b51/0x3000
[   88.299002][ T5358]  do_syscall_64+0xd2/0x200
[   88.299033][ T5358]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   88.299056][ T5358]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   88.299162][ T5358]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.299186][ T5358] RIP: 0033:0x7f3dd2d9efc9
[   88.299203][ T5358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.299230][ T5358] RSP: 002b:00007f3dd1807038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   88.299300][ T5358] RAX: ffffffffffffffda RBX: 00007f3dd2ff5fa0 RCX: 00007f3dd2d9efc9
[   88.299315][ T5358] RDX: 0000200000000280 RSI: 0000200000000300 RDI: 0000000000000000
[   88.299328][ T5358] RBP: 00007f3dd1807090 R08: 0000200000000600 R09: 0000000000000000
[   88.299342][ T5358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.299355][ T5358] R13: 00007f3dd2ff6038 R14: 00007f3dd2ff5fa0 R15: 00007fff4d0871e8
[   88.299378][ T5358]  </TASK>
[   88.494914][ T5354] vhci_hcd: connection closed
[   88.520486][   T55] vhci_hcd: stop threads
[   88.529720][   T55] vhci_hcd: release socket
[   88.534280][   T55] vhci_hcd: disconnect device
[   88.539381][ T5345] netlink: 4 bytes leftover after parsing attributes in process `syz.0.607'.
[   88.548321][ T5345] netlink: 4 bytes leftover after parsing attributes in process `syz.0.607'.
[   88.567496][ T5368] loop5: detected capacity change from 0 to 2048
[   88.575316][ T5368] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities
[   88.584126][ T5345] netlink: 4 bytes leftover after parsing attributes in process `syz.0.607'.
[   88.659424][ T5350] loop3: detected capacity change from 0 to 32768
[   88.666173][ T1035] vhci_hcd: vhci_device speed not set
[   88.710687][ T5350]  loop3: p1 p3 < >
[   88.871277][ T5382] loop3: detected capacity change from 0 to 512
[   88.900829][ T5382] EXT4-fs (loop3): orphan cleanup on readonly fs
[   88.910564][ T5384] FAULT_INJECTION: forcing a failure.
[   88.910564][ T5384] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   88.924632][ T5384] CPU: 0 UID: 0 PID: 5384 Comm: syz.5.613 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   88.924668][ T5384] Tainted: [W]=WARN
[   88.924674][ T5384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   88.924728][ T5384] Call Trace:
[   88.924736][ T5384]  <TASK>
[   88.924746][ T5384]  __dump_stack+0x1d/0x30
[   88.924784][ T5384]  dump_stack_lvl+0xe8/0x140
[   88.924812][ T5384]  dump_stack+0x15/0x1b
[   88.924839][ T5384]  should_fail_ex+0x265/0x280
[   88.924936][ T5384]  should_fail+0xb/0x20
[   88.924968][ T5384]  should_fail_usercopy+0x1a/0x20
[   88.925030][ T5384]  _copy_to_user+0x20/0xa0
[   88.925057][ T5384]  bpf_verifier_vlog+0x2c5/0x5b0
[   88.925134][ T5384]  ? __schedule+0x6b9/0xb30
[   88.925155][ T5384]  __btf_verifier_log+0x7f/0xb0
[   88.925324][ T5384]  ? should_fail_ex+0xdb/0x280
[   88.925360][ T5384]  ? btf_parse_hdr+0x1aa/0x3b0
[   88.925390][ T5384]  btf_parse_hdr+0x1bd/0x3b0
[   88.925458][ T5384]  btf_new_fd+0x246/0x790
[   88.925490][ T5384]  bpf_btf_load+0x112/0x130
[   88.925530][ T5384]  __sys_bpf+0x357/0x7c0
[   88.925569][ T5384]  __x64_sys_bpf+0x41/0x50
[   88.925592][ T5384]  x64_sys_call+0x2aee/0x3000
[   88.925624][ T5384]  do_syscall_64+0xd2/0x200
[   88.925726][ T5384]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   88.925752][ T5384]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   88.925785][ T5384]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.925956][ T5384] RIP: 0033:0x7f3dd2d9efc9
[   88.925973][ T5384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.925993][ T5384] RSP: 002b:00007f3dd17c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   88.926025][ T5384] RAX: ffffffffffffffda RBX: 00007f3dd2ff6180 RCX: 00007f3dd2d9efc9
[   88.926042][ T5384] RDX: 0000000000000028 RSI: 0000200000000000 RDI: 0000000000000012
[   88.926057][ T5384] RBP: 00007f3dd17c5090 R08: 0000000000000000 R09: 0000000000000000
[   88.926073][ T5384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.926146][ T5384] R13: 00007f3dd2ff6218 R14: 00007f3dd2ff6180 R15: 00007fff4d0871e8
[   88.926167][ T5384]  </TASK>
[   89.147830][ T5382] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.617: bad orphan inode 13
[   89.158472][ T5382] ext4_test_bit(bit=12, block=18) = 1
[   89.163909][ T5382] is_bad_inode(inode)=0
[   89.168269][ T5382] NEXT_ORPHAN(inode)=2130706432
[   89.173456][ T5382] max_ino=32
[   89.176666][ T5382] i_nlink=1
[   89.197940][ T5382] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   89.231196][ T5386] loop4: detected capacity change from 0 to 512
[   89.244872][ T5386] EXT4-fs: Ignoring removed nobh option
[   89.263959][ T5382] EXT4-fs error (device loop3): ext4_lookup:1791: inode #2: comm syz.3.617: deleted inode referenced: 12
[   89.297717][ T5382] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[   89.330424][ T5386] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #3: comm syz.4.618: corrupted inode contents
[   89.364162][ T5382] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.617: bg 0: block 248: padding at end of block bitmap is not set
[   89.364085][ T5386] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #3: comm syz.4.618: mark_inode_dirty error
[   89.401033][ T5386] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #3: comm syz.4.618: corrupted inode contents
[   89.421947][ T5386] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #3: comm syz.4.618: mark_inode_dirty error
[   89.433534][ T5382] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.617: Failed to acquire dquot type 1
[   89.451867][ T5382] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   89.470575][ T5386] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.618: Failed to acquire dquot type 0
[   89.492139][ T5386] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.618: corrupted inode contents
[   89.521037][ T5386] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #16: comm syz.4.618: mark_inode_dirty error
[   89.541604][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.551279][ T5386] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.618: corrupted inode contents
[   89.574724][ T5386] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #16: comm syz.4.618: mark_inode_dirty error
[   89.586677][ T5386] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.618: corrupted inode contents
[   89.603507][ T5386] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem
[   89.612582][ T5386] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.618: corrupted inode contents
[   89.624860][ T5386] EXT4-fs error (device loop4): ext4_truncate:4637: inode #16: comm syz.4.618: mark_inode_dirty error
[   89.642037][ T5386] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem
[   89.651896][ T5386] EXT4-fs (loop4): 1 truncate cleaned up
[   89.658795][ T5386] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.689181][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.001334][ T5410] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5410 comm=syz.5.624
[   90.013954][ T5410] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5410 comm=syz.5.624
[   90.063696][ T5411] netlink: 60 bytes leftover after parsing attributes in process `syz.4.623'.
[   90.097940][ T5411] IPVS: Unknown mcast interface: 
[   90.170623][   T29] kauditd_printk_skb: 457 callbacks suppressed
[   90.170638][   T29] audit: type=1400 audit(90.156:8652): avc:  denied  { load_policy } for  pid=5413 comm="syz.4.625" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   90.197248][ T5415] SELinux:  policydb version -2071858674 does not match my version range 15-35
[   90.206676][ T5415] SELinux: failed to load policy
[   90.211899][   T29] audit: type=1326 audit(90.186:8653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.5.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dd2d9efc9 code=0x7ffc0000
[   90.235001][   T29] audit: type=1326 audit(90.186:8654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.5.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f3dd2d9efc9 code=0x7ffc0000
[   90.258295][   T29] audit: type=1326 audit(90.186:8655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.5.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dd2d9efc9 code=0x7ffc0000
[   90.281593][   T29] audit: type=1326 audit(90.186:8656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.5.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f3dd2d9efc9 code=0x7ffc0000
[   90.304684][   T29] audit: type=1326 audit(90.186:8657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.5.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dd2d9efc9 code=0x7ffc0000
[   90.327732][   T29] audit: type=1326 audit(90.186:8658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.5.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dd2d9efc9 code=0x7ffc0000
[   90.350661][   T29] audit: type=1326 audit(90.186:8659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.5.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dd2d9efc9 code=0x7ffc0000
[   90.373291][   T29] audit: type=1326 audit(90.186:8660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.5.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3dd2d9efc9 code=0x7ffc0000
[   90.396200][   T29] audit: type=1326 audit(90.186:8661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.5.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dd2d9efc9 code=0x7ffc0000
[   90.485281][ T5415] ipvlan2: entered promiscuous mode
[   90.499787][ T5421] netlink: 'syz.0.626': attribute type 1 has an invalid length.
[   90.510732][ T5415] bridge0: port 3(ipvlan2) entered blocking state
[   90.517396][ T5415] bridge0: port 3(ipvlan2) entered disabled state
[   90.533034][ T5415] ipvlan2: entered allmulticast mode
[   90.538439][ T5415] bridge0: entered allmulticast mode
[   90.545017][ T5415] ipvlan2: left allmulticast mode
[   90.550158][ T5415] bridge0: left allmulticast mode
[   90.629421][ T5427] netlink: 'syz.3.630': attribute type 10 has an invalid length.
[   90.643676][ T5427] team0: Port device dummy0 added
[   90.653621][ T5427] netlink: 'syz.3.630': attribute type 10 has an invalid length.
[   90.663471][ T5427] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   90.676418][ T5427] team0: Failed to send options change via netlink (err -105)
[   90.703177][ T5427] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   90.703393][ T5431] loop0: detected capacity change from 0 to 1024
[   90.713155][ T5427] team0: Port device dummy0 removed
[   90.726327][ T5431] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   90.733433][ T5427] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   90.737533][ T5431] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   90.757792][ T5431] JBD2: no valid journal superblock found
[   90.763728][ T5431] EXT4-fs (loop0): Could not load journal inode
[   90.820409][ T5436] loop4: detected capacity change from 0 to 512
[   90.827090][ T5436] EXT4-fs: Ignoring removed nobh option
[   90.876519][ T5446] loop5: detected capacity change from 0 to 1024
[   90.884086][ T5446] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   90.895358][ T5446] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   90.901422][ T5436] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #3: comm syz.4.633: corrupted inode contents
[   90.910224][ T5446] JBD2: no valid journal superblock found
[   90.922869][ T5446] EXT4-fs (loop5): Could not load journal inode
[   90.937374][ T5436] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #3: comm syz.4.633: mark_inode_dirty error
[   90.949400][ T5436] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #3: comm syz.4.633: corrupted inode contents
[   90.964020][ T5436] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #3: comm syz.4.633: mark_inode_dirty error
[   90.976408][ T5436] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.633: Failed to acquire dquot type 0
[   90.988566][ T5436] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.633: corrupted inode contents
[   91.000832][ T5436] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #16: comm syz.4.633: mark_inode_dirty error
[   91.012850][ T5436] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.633: corrupted inode contents
[   91.025545][ T5436] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #16: comm syz.4.633: mark_inode_dirty error
[   91.037019][ T5436] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.633: corrupted inode contents
[   91.045569][ T5461] netlink: 'syz.3.641': attribute type 21 has an invalid length.
[   91.049447][ T5436] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem
[   91.065620][ T5436] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.633: corrupted inode contents
[   91.078136][ T5436] EXT4-fs error (device loop4): ext4_truncate:4637: inode #16: comm syz.4.633: mark_inode_dirty error
[   91.089974][ T5436] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem
[   91.099764][ T5436] EXT4-fs (loop4): 1 truncate cleaned up
[   91.106091][ T5436] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.135954][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.251394][ T5465] loop3: detected capacity change from 0 to 1024
[   91.259127][ T5465] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   91.270834][ T5465] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   91.281741][ T5465] JBD2: no valid journal superblock found
[   91.287959][ T5465] EXT4-fs (loop3): Could not load journal inode
[   91.315827][ T5468] IPVS: Unknown mcast interface: 
[   91.459839][ T5479] FAULT_INJECTION: forcing a failure.
[   91.459839][ T5479] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   91.473540][ T5479] CPU: 1 UID: 0 PID: 5479 Comm: syz.3.648 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   91.473635][ T5479] Tainted: [W]=WARN
[   91.473644][ T5479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   91.473660][ T5479] Call Trace:
[   91.473667][ T5479]  <TASK>
[   91.473676][ T5479]  __dump_stack+0x1d/0x30
[   91.473714][ T5479]  dump_stack_lvl+0xe8/0x140
[   91.473751][ T5479]  dump_stack+0x15/0x1b
[   91.473867][ T5479]  should_fail_ex+0x265/0x280
[   91.473906][ T5479]  should_fail+0xb/0x20
[   91.474003][ T5479]  should_fail_usercopy+0x1a/0x20
[   91.474043][ T5479]  _copy_from_user+0x1c/0xb0
[   91.474098][ T5479]  memdup_user+0x5e/0xd0
[   91.474123][ T5479]  autofs_dev_ioctl+0x167/0x6a0
[   91.474163][ T5479]  ? __pfx_autofs_dev_ioctl+0x10/0x10
[   91.474225][ T5479]  __se_sys_ioctl+0xce/0x140
[   91.474263][ T5479]  __x64_sys_ioctl+0x43/0x50
[   91.474307][ T5479]  x64_sys_call+0x1816/0x3000
[   91.474369][ T5479]  do_syscall_64+0xd2/0x200
[   91.474400][ T5479]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   91.474422][ T5479]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   91.474449][ T5479]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.474492][ T5479] RIP: 0033:0x7ff36dc4efc9
[   91.474507][ T5479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.474525][ T5479] RSP: 002b:00007ff36c6b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   91.474544][ T5479] RAX: ffffffffffffffda RBX: 00007ff36dea5fa0 RCX: 00007ff36dc4efc9
[   91.474557][ T5479] RDX: 0000200000000200 RSI: 00000000c018937e RDI: 0000000000000007
[   91.474570][ T5479] RBP: 00007ff36c6b7090 R08: 0000000000000000 R09: 0000000000000000
[   91.474582][ T5479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.474660][ T5479] R13: 00007ff36dea6038 R14: 00007ff36dea5fa0 R15: 00007fff4539a108
[   91.474681][ T5479]  </TASK>
[   91.769882][ T5496] blktrace: Concurrent blktraces are not allowed on loop0
[   91.963930][ T5499] loop3: detected capacity change from 0 to 32768
[   91.994894][ T5499]  loop3: p1 p3 < >
[   92.068756][ T5524] loop4: detected capacity change from 0 to 1024
[   92.082069][ T5524] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   92.093079][ T5524] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   92.108992][ T5524] JBD2: no valid journal superblock found
[   92.115007][ T5524] EXT4-fs (loop4): Could not load journal inode
[   92.182032][ T5542] loop3: detected capacity change from 0 to 1024
[   92.199343][ T5542] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   92.210648][ T5542] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   92.247788][ T5542] JBD2: no valid journal superblock found
[   92.253719][ T5542] EXT4-fs (loop3): Could not load journal inode
[   92.397310][ T5561] FAULT_INJECTION: forcing a failure.
[   92.397310][ T5561] name failslab, interval 1, probability 0, space 0, times 0
[   92.410171][ T5561] CPU: 1 UID: 0 PID: 5561 Comm: syz.4.680 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   92.410273][ T5561] Tainted: [W]=WARN
[   92.410279][ T5561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   92.410295][ T5561] Call Trace:
[   92.410322][ T5561]  <TASK>
[   92.410330][ T5561]  __dump_stack+0x1d/0x30
[   92.410366][ T5561]  dump_stack_lvl+0xe8/0x140
[   92.410420][ T5561]  dump_stack+0x15/0x1b
[   92.410452][ T5561]  should_fail_ex+0x265/0x280
[   92.410491][ T5561]  should_failslab+0x8c/0xb0
[   92.410577][ T5561]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   92.410600][ T5561]  ? __alloc_skb+0x101/0x320
[   92.410629][ T5561]  __alloc_skb+0x101/0x320
[   92.410657][ T5561]  ? audit_log_start+0x342/0x720
[   92.410735][ T5561]  audit_log_start+0x3a0/0x720
[   92.410765][ T5561]  ? kstrtouint+0x76/0xc0
[   92.410876][ T5561]  audit_seccomp+0x48/0x100
[   92.410983][ T5561]  ? __seccomp_filter+0x82d/0x1250
[   92.411018][ T5561]  __seccomp_filter+0x83e/0x1250
[   92.411118][ T5561]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   92.411150][ T5561]  ? vfs_write+0x7e8/0x960
[   92.411172][ T5561]  ? __rcu_read_unlock+0x4f/0x70
[   92.411215][ T5561]  ? __fget_files+0x184/0x1c0
[   92.411245][ T5561]  __secure_computing+0x82/0x150
[   92.411275][ T5561]  syscall_trace_enter+0xcf/0x1e0
[   92.411299][ T5561]  do_syscall_64+0xac/0x200
[   92.411327][ T5561]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   92.411347][ T5561]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   92.411444][ T5561]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.411468][ T5561] RIP: 0033:0x7f9c3e10efc9
[   92.411483][ T5561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.411504][ T5561] RSP: 002b:00007f9c3cb6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000082
[   92.411576][ T5561] RAX: ffffffffffffffda RBX: 00007f9c3e365fa0 RCX: 00007f9c3e10efc9
[   92.411591][ T5561] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   92.411684][ T5561] RBP: 00007f9c3cb6f090 R08: 0000000000000000 R09: 0000000000000000
[   92.411699][ T5561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   92.411712][ T5561] R13: 00007f9c3e366038 R14: 00007f9c3e365fa0 R15: 00007ffc0334ddf8
[   92.411731][ T5561]  </TASK>
[   92.649770][ T5565] netlink: 'syz.5.682': attribute type 10 has an invalid length.
[   92.658466][ T5565] ipvlan0: entered allmulticast mode
[   92.664205][ T5565] veth0_vlan: entered allmulticast mode
[   92.671657][ T5565] team0: Device ipvlan0 failed to register rx_handler
[   92.686372][ T5567] netlink: 'syz.4.683': attribute type 10 has an invalid length.
[   92.710653][ T5567] ipvlan0: entered allmulticast mode
[   92.716034][ T5567] veth0_vlan: entered allmulticast mode
[   92.736520][ T5567] team0: Device ipvlan0 failed to register rx_handler
[   92.995195][ T5593] loop0: detected capacity change from 0 to 1024
[   93.003349][ T5593] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   93.014587][ T5593] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   93.029652][ T5593] JBD2: no valid journal superblock found
[   93.035492][ T5593] EXT4-fs (loop0): Could not load journal inode
[   93.088137][ T5598] loop5: detected capacity change from 0 to 8192
[   93.127412][ T5598] FAULT_INJECTION: forcing a failure.
[   93.127412][ T5598] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   93.141188][ T5598] CPU: 0 UID: 0 PID: 5598 Comm: syz.5.694 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   93.141229][ T5598] Tainted: [W]=WARN
[   93.141236][ T5598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   93.141253][ T5598] Call Trace:
[   93.141261][ T5598]  <TASK>
[   93.141271][ T5598]  __dump_stack+0x1d/0x30
[   93.141370][ T5598]  dump_stack_lvl+0xe8/0x140
[   93.141398][ T5598]  dump_stack+0x15/0x1b
[   93.141427][ T5598]  should_fail_ex+0x265/0x280
[   93.141601][ T5598]  should_fail+0xb/0x20
[   93.141629][ T5598]  should_fail_usercopy+0x1a/0x20
[   93.141677][ T5598]  _copy_from_user+0x1c/0xb0
[   93.141705][ T5598]  memdup_user+0x5e/0xd0
[   93.141730][ T5598]  strndup_user+0x68/0xb0
[   93.141755][ T5598]  __se_sys_mount+0x4d/0x2e0
[   93.141844][ T5598]  ? fput+0x8f/0xc0
[   93.141920][ T5598]  ? ksys_write+0x192/0x1a0
[   93.141941][ T5598]  __x64_sys_mount+0x67/0x80
[   93.141974][ T5598]  x64_sys_call+0x2b51/0x3000
[   93.142010][ T5598]  do_syscall_64+0xd2/0x200
[   93.142091][ T5598]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   93.142117][ T5598]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   93.142152][ T5598]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.142241][ T5598] RIP: 0033:0x7f3dd2d9efc9
[   93.142260][ T5598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.142293][ T5598] RSP: 002b:00007f3dd1807038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   93.142316][ T5598] RAX: ffffffffffffffda RBX: 00007f3dd2ff5fa0 RCX: 00007f3dd2d9efc9
[   93.142331][ T5598] RDX: 0000200000000280 RSI: 00002000000002c0 RDI: 0000000000000000
[   93.142346][ T5598] RBP: 00007f3dd1807090 R08: 0000200000000540 R09: 0000000000000000
[   93.142361][ T5598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.142376][ T5598] R13: 00007f3dd2ff6038 R14: 00007f3dd2ff5fa0 R15: 00007fff4d0871e8
[   93.142409][ T5598]  </TASK>
[   93.376319][ T5605] netlink: 'syz.3.697': attribute type 8 has an invalid length.
[   93.378719][ T5604] netlink: 'syz.5.696': attribute type 1 has an invalid length.
[   93.472423][ T5608] loop4: detected capacity change from 0 to 1024
[   93.473440][ T5605] SELinux:  policydb version -1206845312 does not match my version range 15-35
[   93.489101][ T5605] SELinux: failed to load policy
[   93.495042][ T5608] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   93.506282][ T5611] __nla_validate_parse: 13 callbacks suppressed
[   93.506304][ T5611] netlink: 20 bytes leftover after parsing attributes in process `syz.5.699'.
[   93.506468][ T5608] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   93.541156][ T5608] JBD2: no valid journal superblock found
[   93.547011][ T5608] EXT4-fs (loop4): Could not load journal inode
[   93.587154][ T5613] geneve2: entered promiscuous mode
[   93.688399][ T5633] loop4: detected capacity change from 0 to 512
[   93.759347][ T5633] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   93.828691][ T5639] FAULT_INJECTION: forcing a failure.
[   93.828691][ T5639] name failslab, interval 1, probability 0, space 0, times 0
[   93.841571][ T5639] CPU: 0 UID: 0 PID: 5639 Comm: syz.0.705 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   93.841643][ T5639] Tainted: [W]=WARN
[   93.841650][ T5639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   93.841662][ T5639] Call Trace:
[   93.841732][ T5639]  <TASK>
[   93.841742][ T5639]  __dump_stack+0x1d/0x30
[   93.841773][ T5639]  dump_stack_lvl+0xe8/0x140
[   93.841800][ T5639]  dump_stack+0x15/0x1b
[   93.841829][ T5639]  should_fail_ex+0x265/0x280
[   93.841927][ T5639]  should_failslab+0x8c/0xb0
[   93.841949][ T5639]  kmem_cache_alloc_noprof+0x50/0x480
[   93.841976][ T5639]  ? getname_flags+0x80/0x3b0
[   93.842079][ T5639]  getname_flags+0x80/0x3b0
[   93.842110][ T5639]  do_sys_openat2+0x60/0x110
[   93.842148][ T5639]  __x64_sys_openat+0xf2/0x120
[   93.842259][ T5639]  x64_sys_call+0x2eab/0x3000
[   93.842288][ T5639]  do_syscall_64+0xd2/0x200
[   93.842366][ T5639]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   93.842393][ T5639]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   93.842428][ T5639]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.842531][ T5639] RIP: 0033:0x7fbe506eefc9
[   93.842549][ T5639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.842576][ T5639] RSP: 002b:00007fbe4f157038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   93.842595][ T5639] RAX: ffffffffffffffda RBX: 00007fbe50945fa0 RCX: 00007fbe506eefc9
[   93.842646][ T5639] RDX: 0000000000105142 RSI: 0000200000000080 RDI: ffffffffffffff9c
[   93.842662][ T5639] RBP: 00007fbe4f157090 R08: 0000000000000000 R09: 0000000000000000
[   93.842676][ T5639] R10: 000000000000002c R11: 0000000000000246 R12: 0000000000000001
[   93.842748][ T5639] R13: 00007fbe50946038 R14: 00007fbe50945fa0 R15: 00007ffd93a677d8
[   93.842773][ T5639]  </TASK>
[   94.133822][ T5650] netlink: 'syz.2.709': attribute type 1 has an invalid length.
[   94.179553][ T5656] IPv6: NLM_F_CREATE should be specified when creating new route
[   94.234457][ T5660] loop0: detected capacity change from 0 to 1024
[   94.241880][ T5660] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   94.253003][ T5660] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   94.265292][ T5660] JBD2: no valid journal superblock found
[   94.271519][ T5660] EXT4-fs (loop0): Could not load journal inode
[   94.636963][ T5672] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   95.021316][ T5685] loop4: detected capacity change from 0 to 512
[   95.079299][ T5692] loop0: detected capacity change from 0 to 2048
[   95.114050][ T5685] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.174648][ T5692]  loop0: p1 < > p4 < >
[   95.197294][   T29] kauditd_printk_skb: 1948 callbacks suppressed
[   95.197310][   T29] audit: type=1400 audit(95.176:10606): avc:  denied  { write } for  pid=5691 comm="syz.0.723" name="loop0p1" dev="devtmpfs" ino=679 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   95.231416][ T5699] loop3: detected capacity change from 0 to 1024
[   95.289928][ T5699] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   95.301093][ T5699] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   95.362063][ T5702] netlink: 'syz.2.725': attribute type 10 has an invalid length.
[   95.372628][   T29] audit: type=1326 audit(95.216:10607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5684 comm="syz.4.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3e10efc9 code=0x7ffc0000
[   95.395692][   T29] audit: type=1326 audit(95.216:10608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5684 comm="syz.4.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f9c3e10f003 code=0x7ffc0000
[   95.418818][   T29] audit: type=1326 audit(95.216:10609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5684 comm="syz.4.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f9c3e10f087 code=0x7ffc0000
[   95.441854][   T29] audit: type=1326 audit(95.216:10610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5684 comm="syz.4.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f9c3e0c644d code=0x7ffc0000
[   95.466034][   T29] audit: type=1326 audit(95.216:10611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5684 comm="syz.4.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f9c3e143709 code=0x7ffc0000
[   95.489344][   T29] audit: type=1326 audit(95.216:10612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5684 comm="syz.4.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f9c3e0c64b7 code=0x7ffc0000
[   95.514411][   T29] audit: type=1326 audit(95.216:10613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5684 comm="syz.4.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f9c3e0c5bc7 code=0x7ffc0000
[   95.537651][   T29] audit: type=1326 audit(95.216:10614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5684 comm="syz.4.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f9c3e0c5c26 code=0x7ffc0000
[   95.560944][   T29] audit: type=1326 audit(95.216:10615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5684 comm="syz.4.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3e10efc9 code=0x7ffc0000
[   95.614591][ T5702] team0: Device ipvlan0 failed to register rx_handler
[   95.704962][ T5699] JBD2: no valid journal superblock found
[   95.711644][ T5699] EXT4-fs (loop3): Could not load journal inode
[   96.000151][ T5719] SELinux: security_context_str_to_sid (ô�a`yv©—-”|J+0lè8G[økT—ƒ_È×|nœÉUÓ5
[   96.000151][ T5719] M9) failed with errno=-22
[   96.032914][ T5719] SELinux: security_context_str_to_sid (--^$-) failed with errno=-22
[   96.084047][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.094513][ T5724] netlink: 'syz.3.735': attribute type 21 has an invalid length.
[   96.110813][ T5724] netlink: 132 bytes leftover after parsing attributes in process `syz.3.735'.
[   96.110954][ T5724] netlink: 20 bytes leftover after parsing attributes in process `syz.3.735'.
[   96.169369][ T5729] netlink: 4 bytes leftover after parsing attributes in process `syz.4.736'.
[   96.291604][ T5734] loop4: detected capacity change from 0 to 1024
[   96.336085][ T5734] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   96.347074][ T5734] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   96.404499][ T5734] JBD2: no valid journal superblock found
[   96.410371][ T5734] EXT4-fs (loop4): Could not load journal inode
[   96.547264][ T5722] loop0: detected capacity change from 0 to 32768
[   96.607408][ T5722]  loop0: p1 p3 < >
[   96.846374][ T5752] FAULT_INJECTION: forcing a failure.
[   96.846374][ T5752] name failslab, interval 1, probability 0, space 0, times 0
[   96.859436][ T5752] CPU: 1 UID: 0 PID: 5752 Comm: syz.0.745 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   96.859518][ T5752] Tainted: [W]=WARN
[   96.859525][ T5752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   96.859537][ T5752] Call Trace:
[   96.859543][ T5752]  <TASK>
[   96.859551][ T5752]  __dump_stack+0x1d/0x30
[   96.859623][ T5752]  dump_stack_lvl+0xe8/0x140
[   96.859660][ T5752]  dump_stack+0x15/0x1b
[   96.859692][ T5752]  should_fail_ex+0x265/0x280
[   96.859790][ T5752]  should_failslab+0x8c/0xb0
[   96.859811][ T5752]  kmem_cache_alloc_noprof+0x50/0x480
[   96.859832][ T5752]  ? getname_flags+0x80/0x3b0
[   96.859859][ T5752]  getname_flags+0x80/0x3b0
[   96.859889][ T5752]  do_sys_openat2+0x60/0x110
[   96.859926][ T5752]  __x64_sys_openat+0xf2/0x120
[   96.860030][ T5752]  x64_sys_call+0x2eab/0x3000
[   96.860065][ T5752]  do_syscall_64+0xd2/0x200
[   96.860168][ T5752]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   96.860201][ T5752]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   96.860228][ T5752]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.860253][ T5752] RIP: 0033:0x7fbe506eefc9
[   96.860283][ T5752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.860307][ T5752] RSP: 002b:00007fbe4f157038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   96.860331][ T5752] RAX: ffffffffffffffda RBX: 00007fbe50945fa0 RCX: 00007fbe506eefc9
[   96.860347][ T5752] RDX: 0000000000084d03 RSI: 0000200000000380 RDI: ffffffffffffff9c
[   96.860362][ T5752] RBP: 00007fbe4f157090 R08: 0000000000000000 R09: 0000000000000000
[   96.860441][ T5752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.860464][ T5752] R13: 00007fbe50946038 R14: 00007fbe50945fa0 R15: 00007ffd93a677d8
[   96.860516][ T5752]  </TASK>
[   97.272631][ T5757] random: crng reseeded on system resumption
[   97.334138][ T5762] random: crng reseeded on system resumption
[   97.379370][ T5768] netlink: 4 bytes leftover after parsing attributes in process `syz.4.752'.
[   97.388362][ T5768] netlink: 4 bytes leftover after parsing attributes in process `syz.4.752'.
[   97.397522][ T5768] netlink: 4 bytes leftover after parsing attributes in process `syz.4.752'.
[   97.397641][ T5766] FAULT_INJECTION: forcing a failure.
[   97.397641][ T5766] name failslab, interval 1, probability 0, space 0, times 0
[   97.419512][ T5766] CPU: 0 UID: 0 PID: 5766 Comm: syz.0.751 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   97.419554][ T5766] Tainted: [W]=WARN
[   97.419563][ T5766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   97.419588][ T5766] Call Trace:
[   97.419596][ T5766]  <TASK>
[   97.419605][ T5766]  __dump_stack+0x1d/0x30
[   97.419642][ T5766]  dump_stack_lvl+0xe8/0x140
[   97.419678][ T5766]  dump_stack+0x15/0x1b
[   97.419794][ T5766]  should_fail_ex+0x265/0x280
[   97.419834][ T5766]  should_failslab+0x8c/0xb0
[   97.419858][ T5766]  __kmalloc_noprof+0xa5/0x570
[   97.419886][ T5766]  ? process_preds+0x2ce/0x2bb0
[   97.419938][ T5766]  process_preds+0x2ce/0x2bb0
[   97.419968][ T5766]  ? terminate_walk+0x27f/0x2a0
[   97.420029][ T5766]  ? path_openat+0x1bf8/0x2170
[   97.420067][ T5766]  ? avc_has_perm_noaudit+0x1b1/0x200
[   97.420170][ T5766]  ? should_fail_ex+0xdb/0x280
[   97.420217][ T5766]  ? ftrace_profile_set_filter+0xc2/0x1b0
[   97.420257][ T5766]  ? should_failslab+0x8c/0xb0
[   97.420286][ T5766]  ? __kmalloc_cache_noprof+0x249/0x4a0
[   97.420370][ T5766]  ftrace_profile_set_filter+0xff/0x1b0
[   97.420406][ T5766]  perf_ioctl+0x7b3/0x12e0
[   97.420426][ T5766]  ? ioctl_has_perm+0x289/0x2a0
[   97.420457][ T5766]  ? do_vfs_ioctl+0x866/0xe10
[   97.420567][ T5766]  ? selinux_file_ioctl+0x308/0x3a0
[   97.420594][ T5766]  ? __fget_files+0x184/0x1c0
[   97.420700][ T5766]  ? __pfx_perf_ioctl+0x10/0x10
[   97.420725][ T5766]  __se_sys_ioctl+0xce/0x140
[   97.420758][ T5766]  __x64_sys_ioctl+0x43/0x50
[   97.420797][ T5766]  x64_sys_call+0x1816/0x3000
[   97.420899][ T5766]  do_syscall_64+0xd2/0x200
[   97.420937][ T5766]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   97.420983][ T5766]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   97.421020][ T5766]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.421049][ T5766] RIP: 0033:0x7fbe506eefc9
[   97.421096][ T5766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.421114][ T5766] RSP: 002b:00007fbe4f157038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   97.421134][ T5766] RAX: ffffffffffffffda RBX: 00007fbe50945fa0 RCX: 00007fbe506eefc9
[   97.421150][ T5766] RDX: 00002000000001c0 RSI: 0000000040082406 RDI: 0000000000000004
[   97.421166][ T5766] RBP: 00007fbe4f157090 R08: 0000000000000000 R09: 0000000000000000
[   97.421210][ T5766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.421226][ T5766] R13: 00007fbe50946038 R14: 00007fbe50945fa0 R15: 00007ffd93a677d8
[   97.421252][ T5766]  </TASK>
[   97.443914][ T5772] loop5: detected capacity change from 0 to 1024
[   97.688780][ T5778] loop3: detected capacity change from 0 to 512
[   97.696191][ T5772] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   97.707351][ T5772] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   97.713175][ T5778] EXT4-fs: Ignoring removed nobh option
[   97.720205][ T5779] netlink: 'syz.2.755': attribute type 10 has an invalid length.
[   97.722940][ T5778] ext4: Unknown parameter 'noacl'
[   97.732972][ T5779] team0: Device ipvlan0 failed to register rx_handler
[   97.743186][ T5772] JBD2: no valid journal superblock found
[   97.748951][ T5772] EXT4-fs (loop5): Could not load journal inode
[   97.750964][ T5768] netlink: 4 bytes leftover after parsing attributes in process `syz.4.752'.
[   97.764203][ T5768] netlink: 4 bytes leftover after parsing attributes in process `syz.4.752'.
[   97.798445][ T5768] netlink: 4 bytes leftover after parsing attributes in process `syz.4.752'.
[   97.907527][ T5791] tipc: Enabling of bearer <et:s> rejected, media not registered
[   97.932879][ T5794] netlink: 'syz.0.759': attribute type 4 has an invalid length.
[   97.933157][ T5792] SELinux:  Context @ is not valid (left unmapped).
[   98.146764][ T5818] loop5: detected capacity change from 0 to 1024
[   98.209996][ T5818] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   98.221271][ T5818] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   98.258040][ T5818] JBD2: no valid journal superblock found
[   98.264055][ T5818] EXT4-fs (loop5): Could not load journal inode
[   98.506937][ T5828] loop0: detected capacity change from 0 to 2048
[   98.518764][ T5828] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.537868][ T5828] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.771: bg 0: block 345: padding at end of block bitmap is not set
[   98.552837][ T5828] EXT4-fs (loop0): Remounting filesystem read-only
[   99.013874][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.066518][ T1691] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.119603][ T5836] IPv6: NLM_F_CREATE should be specified when creating new route
[   99.165437][ T1691] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.231253][ T1691] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.274043][ T5850] loop3: detected capacity change from 0 to 2048
[   99.325458][ T1691] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.363261][ T5850]  loop3: unable to read partition table
[   99.369266][ T5850] loop3: partition table beyond EOD, truncated
[   99.375713][ T5850] loop_reread_partitions: partition scan of loop3 () failed (rc=-5)
[   99.431993][ T1691] bridge_slave_1: left allmulticast mode
[   99.437884][ T1691] bridge_slave_1: left promiscuous mode
[   99.443678][ T1691] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.452124][ T1691] bridge_slave_0: left allmulticast mode
[   99.457876][ T1691] bridge_slave_0: left promiscuous mode
[   99.463667][ T1691] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.511682][ T5864] loop4: detected capacity change from 0 to 1024
[   99.519387][ T5864] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   99.530509][ T5864] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   99.541220][ T5864] JBD2: no valid journal superblock found
[   99.546972][ T5864] EXT4-fs (loop4): Could not load journal inode
[   99.572795][ T1691] .` (unregistering): (slave bond_slave_0): Releasing backup interface
[   99.582346][ T1691] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[   99.592472][ T1691] .` (unregistering): (slave dummy0): Releasing backup interface
[   99.601320][ T1691] .` (unregistering): Released all slaves
[   99.620750][ T3422] syû: Port: 1 Link DOWN
[   99.683775][ T5842] chnl_net:caif_netlink_parms(): no params data found
[   99.732599][ T1691] hsr_slave_0: left promiscuous mode
[   99.746531][ T1691] hsr_slave_1: left promiscuous mode
[   99.754089][ T1691] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   99.761558][ T1691] batman_adv: batadv0: Removing interface: batadv_slave_0
[   99.770584][ T1691] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   99.778079][ T1691] batman_adv: batadv0: Removing interface: batadv_slave_1
[   99.787785][ T1691] veth1_macvtap: left promiscuous mode
[   99.793407][ T1691] veth0_macvtap: left promiscuous mode
[   99.799111][ T1691] veth1_vlan: left promiscuous mode
[   99.804592][ T1691] veth0_vlan: left promiscuous mode
[   99.884663][ T1691] team0 (unregistering): Port device team_slave_1 removed
[   99.895939][ T1691] team0 (unregistering): Port device team_slave_0 removed
[   99.907842][  T152] smc: removing ib device syû
[  100.117036][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.124663][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.182908][ T5842] bridge_slave_0: entered allmulticast mode
[  100.207712][ T5842] bridge_slave_0: entered promiscuous mode
[  100.233025][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.240441][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.250874][   T29] kauditd_printk_skb: 530 callbacks suppressed
[  100.250891][   T29] audit: type=1326 audit(100.224:11146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5887 comm="syz.3.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36dc4efc9 code=0x7ffc0000
[  100.283022][   T29] audit: type=1326 audit(100.224:11147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5887 comm="syz.3.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7ff36dc4efc9 code=0x7ffc0000
[  100.306662][   T29] audit: type=1326 audit(100.224:11148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5887 comm="syz.3.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36dc4efc9 code=0x7ffc0000
[  100.330111][   T29] audit: type=1326 audit(100.224:11149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5887 comm="syz.3.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff36dc4efc9 code=0x7ffc0000
[  100.353539][   T29] audit: type=1326 audit(100.234:11150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5887 comm="syz.3.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36dc4efc9 code=0x7ffc0000
[  100.376682][   T29] audit: type=1326 audit(100.234:11151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5887 comm="syz.3.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7ff36dc4efc9 code=0x7ffc0000
[  100.399549][   T29] audit: type=1326 audit(100.234:11152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5887 comm="syz.3.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36dc4efc9 code=0x7ffc0000
[  100.446671][ T5842] bridge_slave_1: entered allmulticast mode
[  100.459553][ T5842] bridge_slave_1: entered promiscuous mode
[  100.476956][ T5890] netlink: 'syz.4.792': attribute type 8 has an invalid length.
[  100.494903][   T29] audit: type=1326 audit(100.414:11153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5887 comm="syz.3.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7ff36dc4efc9 code=0x7ffc0000
[  100.518714][   T29] audit: type=1326 audit(100.414:11154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5887 comm="syz.3.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36dc4efc9 code=0x7ffc0000
[  100.542522][   T29] audit: type=1326 audit(100.414:11155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5887 comm="syz.3.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff36dc4efc9 code=0x7ffc0000
[  100.570007][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  100.584928][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  100.603175][ T5892] __nla_validate_parse: 14 callbacks suppressed
[  100.603190][ T5892] netlink: 4 bytes leftover after parsing attributes in process `syz.5.793'.
[  100.618502][ T5892] netlink: 4 bytes leftover after parsing attributes in process `syz.5.793'.
[  100.628930][ T5892] netlink: 4 bytes leftover after parsing attributes in process `syz.5.793'.
[  100.631765][ T5842] team0: Port device team_slave_0 added
[  100.645816][ T5842] team0: Port device team_slave_1 added
[  100.659862][ T5892] netlink: 4 bytes leftover after parsing attributes in process `syz.5.793'.
[  100.668849][ T5892] netlink: 4 bytes leftover after parsing attributes in process `syz.5.793'.
[  100.681412][ T5892] netlink: 4 bytes leftover after parsing attributes in process `syz.5.793'.
[  100.713227][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0
[  100.720400][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  100.747234][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  100.771055][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1
[  100.778298][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  100.804378][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  100.847906][ T5892] netlink: 4 bytes leftover after parsing attributes in process `syz.5.793'.
[  100.856805][ T5892] netlink: 4 bytes leftover after parsing attributes in process `syz.5.793'.
[  100.866094][ T5892] netlink: 4 bytes leftover after parsing attributes in process `syz.5.793'.
[  100.883432][ T5842] hsr_slave_0: entered promiscuous mode
[  100.889945][ T5842] hsr_slave_1: entered promiscuous mode
[  100.896231][ T5842] debugfs: 'hsr0' already exists in 'hsr'
[  100.902218][ T5842] Cannot create hsr debugfs directory
[  100.942997][ T5908] netlink: 'syz.5.797': attribute type 8 has an invalid length.
[  101.113250][ T5918] FAULT_INJECTION: forcing a failure.
[  101.113250][ T5918] name failslab, interval 1, probability 0, space 0, times 0
[  101.126050][ T5918] CPU: 0 UID: 0 PID: 5918 Comm: syz.4.802 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  101.126157][ T5918] Tainted: [W]=WARN
[  101.126166][ T5918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  101.126183][ T5918] Call Trace:
[  101.126192][ T5918]  <TASK>
[  101.126202][ T5918]  __dump_stack+0x1d/0x30
[  101.126233][ T5918]  dump_stack_lvl+0xe8/0x140
[  101.126278][ T5918]  dump_stack+0x15/0x1b
[  101.126357][ T5918]  should_fail_ex+0x265/0x280
[  101.126398][ T5918]  should_failslab+0x8c/0xb0
[  101.126424][ T5918]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  101.126453][ T5918]  ? __alloc_skb+0x101/0x320
[  101.126506][ T5918]  ? plist_check_list+0x1e4/0x210
[  101.126532][ T5918]  __alloc_skb+0x101/0x320
[  101.126570][ T5918]  alloc_skb_with_frags+0x7d/0x470
[  101.126600][ T5918]  ? __schedule+0x6b9/0xb30
[  101.126631][ T5918]  sock_alloc_send_pskb+0x430/0x4e0
[  101.126674][ T5918]  ? avc_has_perm+0xf7/0x180
[  101.126768][ T5918]  j1939_sk_sendmsg+0x517/0xc00
[  101.126807][ T5918]  ? __pfx_j1939_sk_sendmsg+0x10/0x10
[  101.126837][ T5918]  __sock_sendmsg+0x145/0x180
[  101.126911][ T5918]  ____sys_sendmsg+0x31e/0x4e0
[  101.126960][ T5918]  ___sys_sendmsg+0x17b/0x1d0
[  101.127069][ T5918]  __x64_sys_sendmsg+0xd4/0x160
[  101.127114][ T5918]  x64_sys_call+0x191e/0x3000
[  101.127146][ T5918]  do_syscall_64+0xd2/0x200
[  101.127240][ T5918]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  101.127267][ T5918]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  101.127294][ T5918]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.127321][ T5918] RIP: 0033:0x7f9c3e10efc9
[  101.127388][ T5918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.127405][ T5918] RSP: 002b:00007f9c3cb6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  101.127428][ T5918] RAX: ffffffffffffffda RBX: 00007f9c3e365fa0 RCX: 00007f9c3e10efc9
[  101.127444][ T5918] RDX: 00000000000000ee RSI: 00002000000001c0 RDI: 0000000000000006
[  101.127514][ T5918] RBP: 00007f9c3cb6f090 R08: 0000000000000000 R09: 0000000000000000
[  101.127527][ T5918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.127542][ T5918] R13: 00007f9c3e366038 R14: 00007f9c3e365fa0 R15: 00007ffc0334ddf8
[  101.127581][ T5918]  </TASK>
[  101.475601][ T5924] netlink: 'syz.5.803': attribute type 8 has an invalid length.
[  101.756607][ T5842] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  101.766652][ T5842] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  101.777046][ T5842] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  101.787581][ T5842] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  101.834280][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0
[  101.849562][ T5842] 8021q: adding VLAN 0 to HW filter on device team0
[  101.873176][  T152] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.880442][  T152] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.896932][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.904240][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.925363][ T5842] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  101.937173][ T5842] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  102.014523][ T5965] netlink: 'syz.4.817': attribute type 8 has an invalid length.
[  102.056455][ T5962] SELinux: ebitmap start bit (50331840) is beyond the end of the bitmap (1472)
[  102.071532][ T5962] SELinux: failed to load policy
[  102.077182][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0
[  102.130782][ T5977] capability: warning: `syz.3.818' uses deprecated v2 capabilities in a way that may be insecure
[  102.153419][ T5962] netlink: 12 bytes leftover after parsing attributes in process `syz.3.818'.
[  102.250027][ T5842] veth0_vlan: entered promiscuous mode
[  102.258608][ T5842] veth1_vlan: entered promiscuous mode
[  102.276579][ T5842] veth0_macvtap: entered promiscuous mode
[  102.285170][ T5842] veth1_macvtap: entered promiscuous mode
[  102.296204][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0
[  102.307602][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1
[  102.318663][   T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.327949][   T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.337259][   T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.346476][   T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.467190][ T5995] FAULT_INJECTION: forcing a failure.
[  102.467190][ T5995] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  102.480533][ T5995] CPU: 1 UID: 0 PID: 5995 Comm: syz.6.823 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  102.480625][ T5995] Tainted: [W]=WARN
[  102.480631][ T5995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  102.480642][ T5995] Call Trace:
[  102.480647][ T5995]  <TASK>
[  102.480653][ T5995]  __dump_stack+0x1d/0x30
[  102.480740][ T5995]  dump_stack_lvl+0xe8/0x140
[  102.480807][ T5995]  dump_stack+0x15/0x1b
[  102.480829][ T5995]  should_fail_ex+0x265/0x280
[  102.480859][ T5995]  should_fail+0xb/0x20
[  102.480882][ T5995]  should_fail_usercopy+0x1a/0x20
[  102.480933][ T5995]  _copy_from_user+0x1c/0xb0
[  102.481022][ T5995]  memdup_user+0x5e/0xd0
[  102.481039][ T5995]  autofs_dev_ioctl+0x167/0x6a0
[  102.481066][ T5995]  ? __pfx_autofs_dev_ioctl+0x10/0x10
[  102.481095][ T5995]  __se_sys_ioctl+0xce/0x140
[  102.481121][ T5995]  __x64_sys_ioctl+0x43/0x50
[  102.481147][ T5995]  x64_sys_call+0x1816/0x3000
[  102.481173][ T5995]  do_syscall_64+0xd2/0x200
[  102.481247][ T5995]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  102.481264][ T5995]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  102.481355][ T5995]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.481380][ T5995] RIP: 0033:0x7f086e99efc9
[  102.481394][ T5995] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.481409][ T5995] RSP: 002b:00007f086d407038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  102.481426][ T5995] RAX: ffffffffffffffda RBX: 00007f086ebf5fa0 RCX: 00007f086e99efc9
[  102.481466][ T5995] RDX: 0000200000000200 RSI: 00000000c018937e RDI: 0000000000000006
[  102.481479][ T5995] RBP: 00007f086d407090 R08: 0000000000000000 R09: 0000000000000000
[  102.481493][ T5995] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.481503][ T5995] R13: 00007f086ebf6038 R14: 00007f086ebf5fa0 R15: 00007ffdfd6e93d8
[  102.481522][ T5995]  </TASK>
[  102.759155][ T6011] netlink: 'syz.5.829': attribute type 8 has an invalid length.
[  102.880518][ T6027] loop3: detected capacity change from 0 to 1024
[  102.887832][ T6027] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  102.899147][ T6027] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  102.914236][ T6027] JBD2: no valid journal superblock found
[  102.920679][ T6027] EXT4-fs (loop3): Could not load journal inode
[  102.924311][ T6030] netlink: 'syz.5.838': attribute type 21 has an invalid length.
[  102.975808][ T6032] netlink: 'syz.6.839': attribute type 21 has an invalid length.
[  102.992649][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811c11d200: rx timeout, send abort
[  103.003657][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811c11d400: rx timeout, send abort
[  103.014620][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88811c11d200: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  103.031250][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88811c11d400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  103.147297][ T6035] loop4: detected capacity change from 0 to 1024
[  103.176240][ T6035] EXT4-fs: Ignoring removed mblk_io_submit option
[  103.226993][ T6035] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.263130][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.286998][ T6042] FAULT_INJECTION: forcing a failure.
[  103.286998][ T6042] name failslab, interval 1, probability 0, space 0, times 0
[  103.299912][ T6042] CPU: 0 UID: 0 PID: 6042 Comm: syz.4.841 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  103.299953][ T6042] Tainted: [W]=WARN
[  103.300046][ T6042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  103.300072][ T6042] Call Trace:
[  103.300078][ T6042]  <TASK>
[  103.300129][ T6042]  __dump_stack+0x1d/0x30
[  103.300173][ T6042]  dump_stack_lvl+0xe8/0x140
[  103.300280][ T6042]  dump_stack+0x15/0x1b
[  103.300311][ T6042]  should_fail_ex+0x265/0x280
[  103.300349][ T6042]  should_failslab+0x8c/0xb0
[  103.300376][ T6042]  __kmalloc_cache_node_noprof+0x54/0x4a0
[  103.300410][ T6042]  ? __get_vm_area_node+0x106/0x1d0
[  103.300494][ T6042]  __get_vm_area_node+0x106/0x1d0
[  103.300520][ T6042]  __vmalloc_node_range_noprof+0x28c/0xed0
[  103.300628][ T6042]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[  103.300663][ T6042]  ? __rcu_read_unlock+0x4f/0x70
[  103.300709][ T6042]  ? cred_has_capability+0x210/0x280
[  103.300789][ T6042]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[  103.300820][ T6042]  __vmalloc_noprof+0x83/0xc0
[  103.300843][ T6042]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[  103.300871][ T6042]  bpf_prog_alloc_no_stats+0x47/0x3b0
[  103.300983][ T6042]  ? bpf_prog_alloc+0x2a/0x150
[  103.301018][ T6042]  bpf_prog_alloc+0x3c/0x150
[  103.301065][ T6042]  bpf_prog_load+0x506/0x1100
[  103.301138][ T6042]  ? security_bpf+0x2b/0x90
[  103.301237][ T6042]  __sys_bpf+0x469/0x7c0
[  103.301306][ T6042]  __x64_sys_bpf+0x41/0x50
[  103.301338][ T6042]  x64_sys_call+0x2aee/0x3000
[  103.301377][ T6042]  do_syscall_64+0xd2/0x200
[  103.301436][ T6042]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  103.301463][ T6042]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  103.301497][ T6042]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.301538][ T6042] RIP: 0033:0x7f9c3e10efc9
[  103.301554][ T6042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.301574][ T6042] RSP: 002b:00007f9c3cb6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  103.301598][ T6042] RAX: ffffffffffffffda RBX: 00007f9c3e365fa0 RCX: 00007f9c3e10efc9
[  103.301614][ T6042] RDX: 0000000000000094 RSI: 0000200000000500 RDI: 0000000000000005
[  103.301645][ T6042] RBP: 00007f9c3cb6f090 R08: 0000000000000000 R09: 0000000000000000
[  103.301661][ T6042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.301674][ T6042] R13: 00007f9c3e366038 R14: 00007f9c3e365fa0 R15: 00007ffc0334ddf8
[  103.301696][ T6042]  </TASK>
[  103.547160][ T6042] syz.4.841: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0
[  103.563669][ T6042] CPU: 0 UID: 0 PID: 6042 Comm: syz.4.841 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  103.563711][ T6042] Tainted: [W]=WARN
[  103.563719][ T6042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  103.563737][ T6042] Call Trace:
[  103.563746][ T6042]  <TASK>
[  103.563755][ T6042]  __dump_stack+0x1d/0x30
[  103.563803][ T6042]  dump_stack_lvl+0xe8/0x140
[  103.563840][ T6042]  dump_stack+0x15/0x1b
[  103.563872][ T6042]  warn_alloc+0x12b/0x1a0
[  103.563958][ T6042]  __vmalloc_node_range_noprof+0x2b1/0xed0
[  103.563987][ T6042]  ? __rcu_read_unlock+0x4f/0x70
[  103.564028][ T6042]  ? cred_has_capability+0x210/0x280
[  103.564122][ T6042]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[  103.564158][ T6042]  __vmalloc_noprof+0x83/0xc0
[  103.564190][ T6042]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[  103.564224][ T6042]  bpf_prog_alloc_no_stats+0x47/0x3b0
[  103.564315][ T6042]  ? bpf_prog_alloc+0x2a/0x150
[  103.564406][ T6042]  bpf_prog_alloc+0x3c/0x150
[  103.564430][ T6042]  bpf_prog_load+0x506/0x1100
[  103.564473][ T6042]  ? security_bpf+0x2b/0x90
[  103.564499][ T6042]  __sys_bpf+0x469/0x7c0
[  103.564597][ T6042]  __x64_sys_bpf+0x41/0x50
[  103.564682][ T6042]  x64_sys_call+0x2aee/0x3000
[  103.564723][ T6042]  do_syscall_64+0xd2/0x200
[  103.564757][ T6042]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  103.564904][ T6042]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  103.564941][ T6042]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.564969][ T6042] RIP: 0033:0x7f9c3e10efc9
[  103.564989][ T6042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.565045][ T6042] RSP: 002b:00007f9c3cb6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  103.565069][ T6042] RAX: ffffffffffffffda RBX: 00007f9c3e365fa0 RCX: 00007f9c3e10efc9
[  103.565083][ T6042] RDX: 0000000000000094 RSI: 0000200000000500 RDI: 0000000000000005
[  103.565178][ T6042] RBP: 00007f9c3cb6f090 R08: 0000000000000000 R09: 0000000000000000
[  103.565194][ T6042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.565210][ T6042] R13: 00007f9c3e366038 R14: 00007f9c3e365fa0 R15: 00007ffc0334ddf8
[  103.565236][ T6042]  </TASK>
[  103.565381][ T6042] Mem-Info:
[  103.680760][ T6048] netlink: 'syz.5.844': attribute type 8 has an invalid length.
[  103.681376][ T6042] active_anon:3817 inactive_anon:0 isolated_anon:0
[  103.681376][ T6042]  active_file:17989 inactive_file:2272 isolated_file:0
[  103.681376][ T6042]  unevictable:0 dirty:364 writeback:0
[  103.681376][ T6042]  slab_reclaimable:3384 slab_unreclaimable:18125
[  103.681376][ T6042]  mapped:29403 shmem:435 pagetables:1243
[  103.681376][ T6042]  sec_pagetables:0 bounce:0
[  103.681376][ T6042]  kernel_misc_reclaimable:0
[  103.681376][ T6042]  free:1839786 free_pcp:6193 free_cma:0
[  103.844580][ T6042] Node 0 active_anon:15280kB inactive_anon:0kB active_file:71956kB inactive_file:9112kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:117672kB dirty:1472kB writeback:0kB shmem:1740kB kernel_stack:3184kB pagetables:5340kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  103.872332][ T6042] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  103.902748][ T6042] lowmem_reserve[]: 0 2879 7858 7858
[  103.908415][ T6042] Node 0 DMA32 free:2945420kB boost:0kB min:4128kB low:7056kB high:9984kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2949052kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:104kB free_cma:0kB
[  103.931113][ T6050] lo: entered promiscuous mode
[  103.941471][ T6042] lowmem_reserve[]: 0 0 4978 4978
[  103.949317][ T6050] tunl0: entered promiscuous mode
[  103.953112][ T6042] Node 0 Normal free:4398348kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:15280kB inactive_anon:0kB active_file:71956kB inactive_file:9112kB unevictable:0kB writepending:1588kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:20656kB local_pcp:8676kB free_cma:0kB
[  103.959437][ T6050] gre0: entered promiscuous mode
[  103.991256][ T6042] lowmem_reserve[]: 0 0 0 0
[  103.991297][ T6042] Node 0 DMA: 0*4kB 
[  103.998579][ T6050] gretap0: entered promiscuous mode
[  104.000992][ T6042] 0*8kB 
[  104.006300][ T6050] erspan0: entered promiscuous mode
[  104.010123][ T6042] 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB 
[  104.015328][ T6050] ip_vti0: entered promiscuous mode
[  104.018409][ T6042] (M) 3*4096kB (M) = 15360kB
[  104.028397][ T6050] ip6_vti0: entered promiscuous mode
[  104.031935][ T6042] Node 0 DMA32: 3*4kB (M) 2*8kB (M) 3*16kB (M) 2*32kB 
[  104.040127][ T6050] sit0: entered promiscuous mode
[  104.042010][ T6042] (M) 2*64kB (M) 3*128kB 
[  104.050968][ T6050] ip6tnl0: entered promiscuous mode
[  104.053976][ T6042] (M) 
[  104.060029][ T6050] ip6gre0: entered promiscuous mode
[  104.063783][ T6042] 3*256kB 
[  104.068824][ T6050] syz_tun: entered promiscuous mode
[  104.071712][ T6042] (M) 4*512kB (M) 3*1024kB (M) 3*2048kB (M) 716*4096kB (M) 
[  104.077503][ T6050] ip6gretap0: entered promiscuous mode
[  104.080040][ T6042] = 2945420kB
[  104.080053][ T6042] Node 0 Normal: 463*4kB (UME) 840*8kB (UME) 
[  104.089145][ T6050] bridge0: entered promiscuous mode
[  104.093316][ T6042] 763*16kB (UME) 261*32kB (UM) 496*64kB (UM) 348*128kB (UME) 
[  104.098850][ T6050] bond0: entered promiscuous mode
[  104.103139][ T6042] 237*256kB (UME) 58*512kB (UME) 20*1024kB (UM) 10*2048kB 
[  104.108422][ T6050] bond_slave_0: entered promiscuous mode
[  104.116392][ T6042] (UM) 
[  104.121680][ T6050] bond_slave_1: entered promiscuous mode
[  104.128775][ T6042] 1016*4096kB (UM) = 4398284kB
[  104.128801][ T6042] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  104.157597][ T6042] 20697 total pagecache pages
[  104.160904][ T6050] team0: entered promiscuous mode
[  104.162342][ T6042] 0 pages in swap cache
[  104.167371][ T6050] team_slave_0: entered promiscuous mode
[  104.171547][ T6042] Free swap  = 124996kB
[  104.171558][ T6042] Total swap = 124996kB
[  104.171567][ T6042] 2097051 pages RAM
[  104.171575][ T6042] 0 pages HighMem/MovableOnly
[  104.171583][ T6042] 81388 pages reserved
[  104.199368][ T6050] team_slave_1: entered promiscuous mode
[  104.209062][ T6050] dummy0: entered promiscuous mode
[  104.215557][ T6050] nlmon0: entered promiscuous mode
[  104.225239][ T6050] caif0: entered promiscuous mode
[  104.230666][ T6050] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  104.284800][ T6066] netlink: 'syz.6.852': attribute type 21 has an invalid length.
[  104.399828][ T6074] loop4: detected capacity change from 0 to 512
[  104.450973][ T6074] EXT4-fs: Ignoring removed nobh option
[  104.491767][ T6070] veth1_to_batadv: entered promiscuous mode
[  104.516373][ T6074] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #3: comm syz.4.856: corrupted inode contents
[  104.560620][ T6074] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #3: comm syz.4.856: mark_inode_dirty error
[  104.577624][ T6074] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #3: comm syz.4.856: corrupted inode contents
[  104.639958][ T6090] netlink: 'syz.3.861': attribute type 10 has an invalid length.
[  104.662300][ T6074] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #3: comm syz.4.856: mark_inode_dirty error
[  104.676290][ T6090] team0: Device ipvlan0 failed to register rx_handler
[  104.697897][ T6074] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.856: Failed to acquire dquot type 0
[  104.719922][ T6075] IPVS: Unknown mcast interface: 
[  104.774595][ T6074] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.856: corrupted inode contents
[  104.795543][ T6074] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #16: comm syz.4.856: mark_inode_dirty error
[  104.812025][ T6074] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.856: corrupted inode contents
[  104.833326][ T6074] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #16: comm syz.4.856: mark_inode_dirty error
[  104.854921][ T6074] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.856: corrupted inode contents
[  104.886513][ T6074] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem
[  104.906446][ T6074] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.856: corrupted inode contents
[  104.929027][ T6074] EXT4-fs error (device loop4): ext4_truncate:4637: inode #16: comm syz.4.856: mark_inode_dirty error
[  104.946425][ T6074] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem
[  104.961690][ T6074] EXT4-fs (loop4): 1 truncate cleaned up
[  104.970831][ T6074] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.001328][ T6074] geneve0: entered promiscuous mode
[  105.006626][ T6074] geneve0: entered allmulticast mode
[  105.065965][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.133796][ T6128] FAULT_INJECTION: forcing a failure.
[  105.133796][ T6128] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  105.147243][ T6128] CPU: 0 UID: 0 PID: 6128 Comm: syz.5.879 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  105.147280][ T6128] Tainted: [W]=WARN
[  105.147286][ T6128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  105.147299][ T6128] Call Trace:
[  105.147306][ T6128]  <TASK>
[  105.147316][ T6128]  __dump_stack+0x1d/0x30
[  105.147355][ T6128]  dump_stack_lvl+0xe8/0x140
[  105.147434][ T6128]  dump_stack+0x15/0x1b
[  105.147509][ T6128]  should_fail_ex+0x265/0x280
[  105.147548][ T6128]  should_fail+0xb/0x20
[  105.147577][ T6128]  should_fail_usercopy+0x1a/0x20
[  105.147678][ T6128]  _copy_from_iter+0xd2/0xe80
[  105.147700][ T6128]  ? __build_skb_around+0x1ab/0x200
[  105.147729][ T6128]  ? __alloc_skb+0x223/0x320
[  105.147791][ T6128]  netlink_sendmsg+0x471/0x6b0
[  105.147880][ T6128]  ? __pfx_netlink_sendmsg+0x10/0x10
[  105.147910][ T6128]  __sock_sendmsg+0x145/0x180
[  105.147987][ T6128]  ____sys_sendmsg+0x31e/0x4e0
[  105.148021][ T6128]  ___sys_sendmsg+0x17b/0x1d0
[  105.148077][ T6128]  __x64_sys_sendmsg+0xd4/0x160
[  105.148177][ T6128]  x64_sys_call+0x191e/0x3000
[  105.148266][ T6128]  do_syscall_64+0xd2/0x200
[  105.148306][ T6128]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  105.148331][ T6128]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  105.148366][ T6128]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.148393][ T6128] RIP: 0033:0x7f3dd2d9efc9
[  105.148499][ T6128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.148522][ T6128] RSP: 002b:00007f3dd1807038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  105.148546][ T6128] RAX: ffffffffffffffda RBX: 00007f3dd2ff5fa0 RCX: 00007f3dd2d9efc9
[  105.148562][ T6128] RDX: 000000002000c000 RSI: 00002000000002c0 RDI: 0000000000000003
[  105.148578][ T6128] RBP: 00007f3dd1807090 R08: 0000000000000000 R09: 0000000000000000
[  105.148592][ T6128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  105.148604][ T6128] R13: 00007f3dd2ff6038 R14: 00007f3dd2ff5fa0 R15: 00007fff4d0871e8
[  105.148666][ T6128]  </TASK>
[  105.511638][ T6132] netlink: 'syz.2.877': attribute type 10 has an invalid length.
[  105.604628][ T6126] veth1_to_batadv: entered promiscuous mode
[  105.721419][ T6138] loop5: detected capacity change from 0 to 256
[  105.730645][ T6131] IPVS: Unknown mcast interface: 
[  105.737102][ T6132] team0: Device ipvlan0 failed to register rx_handler
[  105.780493][   T29] kauditd_printk_skb: 1110 callbacks suppressed
[  105.780541][   T29] audit: type=1326 audit(105.764:12262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6141 comm="syz.4.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3e10efc9 code=0x7ffc0000
[  105.853553][   T29] audit: type=1326 audit(105.794:12263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6137 comm="syz.5.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dd2d9efc9 code=0x7ffc0000
[  105.877145][   T29] audit: type=1326 audit(105.794:12264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6137 comm="syz.5.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3dd2d9efc9 code=0x7ffc0000
[  105.900826][   T29] audit: type=1326 audit(105.794:12265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6137 comm="syz.5.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dd2d9efc9 code=0x7ffc0000
[  105.925693][   T29] audit: type=1326 audit(105.794:12266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6137 comm="syz.5.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f3dd2d9efc9 code=0x7ffc0000
[  105.949935][   T29] audit: type=1326 audit(105.794:12267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6137 comm="syz.5.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dd2d9efc9 code=0x7ffc0000
[  105.973745][   T29] audit: type=1326 audit(105.794:12268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6137 comm="syz.5.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f3dd2d9efc9 code=0x7ffc0000
[  105.974144][ T3636] FAT-fs (loop5): error, corrupted file size (i_pos 196, 2097152)
[  105.997077][   T29] audit: type=1326 audit(105.794:12269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6137 comm="syz.5.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dd2d9efc9 code=0x7ffc0000
[  106.004983][ T3636] FAT-fs (loop5): Filesystem has been set read-only
[  106.028558][   T29] audit: type=1326 audit(105.794:12270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6137 comm="syz.5.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f3dd2d9efc9 code=0x7ffc0000
[  106.058580][   T29] audit: type=1326 audit(105.794:12271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6137 comm="syz.5.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dd2d9efc9 code=0x7ffc0000
[  106.082009][ T3636] FAT-fs (loop5): error, corrupted file size (i_pos 196, 2097152)
[  106.092868][ T6154] loop6: detected capacity change from 0 to 512
[  106.093180][ T6154] EXT4-fs: Ignoring removed nobh option
[  106.117870][ T6153] netlink: 'syz.4.889': attribute type 21 has an invalid length.
[  106.117972][ T6153] __nla_validate_parse: 14 callbacks suppressed
[  106.117988][ T6153] netlink: 156 bytes leftover after parsing attributes in process `syz.4.889'.
[  106.118066][ T6153] netlink: 4 bytes leftover after parsing attributes in process `syz.4.889'.
[  106.159209][ T6154] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #3: comm syz.6.886: corrupted inode contents
[  106.179150][ T6154] EXT4-fs error (device loop6): ext4_dirty_inode:6517: inode #3: comm syz.6.886: mark_inode_dirty error
[  106.179481][ T6154] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #3: comm syz.6.886: corrupted inode contents
[  106.179621][ T6154] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #3: comm syz.6.886: mark_inode_dirty error
[  106.179900][ T6154] EXT4-fs error (device loop6): ext4_acquire_dquot:6945: comm syz.6.886: Failed to acquire dquot type 0
[  106.180314][ T6154] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm syz.6.886: corrupted inode contents
[  106.180450][ T6154] EXT4-fs error (device loop6): ext4_dirty_inode:6517: inode #16: comm syz.6.886: mark_inode_dirty error
[  106.180624][ T6154] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm syz.6.886: corrupted inode contents
[  106.180781][ T6154] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #16: comm syz.6.886: mark_inode_dirty error
[  106.180986][ T6154] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm syz.6.886: corrupted inode contents
[  106.181076][ T6154] EXT4-fs error (device loop6) in ext4_orphan_del:301: Corrupt filesystem
[  106.181226][ T6154] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm syz.6.886: corrupted inode contents
[  106.181354][ T6154] EXT4-fs error (device loop6): ext4_truncate:4637: inode #16: comm syz.6.886: mark_inode_dirty error
[  106.181453][ T6154] EXT4-fs error (device loop6) in ext4_process_orphan:343: Corrupt filesystem
[  106.181830][ T6154] EXT4-fs (loop6): 1 truncate cleaned up
[  106.182225][ T6154] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.184963][ T6154] netlink: 56 bytes leftover after parsing attributes in process `syz.6.886'.
[  106.185120][ T6154] geneve0: entered promiscuous mode
[  106.185135][ T6154] geneve0: entered allmulticast mode
[  106.186264][ T6154] netlink: 56 bytes leftover after parsing attributes in process `syz.6.886'.
[  106.206072][   T12] FAT-fs (loop5): error, corrupted file size (i_pos 196, 2097152)
[  106.206143][   T12] FAT-fs (loop5): error, corrupted file size (i_pos 196, 2097152)
[  106.260258][ T5842] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.262088][ T6165] netlink: 'syz.4.894': attribute type 8 has an invalid length.
[  106.322867][ T6171] netlink: 'syz.6.893': attribute type 1 has an invalid length.
[  106.338286][ T6169] unsupported nla_type 52263
[  106.392732][ T6177] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6177 comm=syz.4.898
[  106.414982][ T6179] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  106.415010][ T6179] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  106.415042][ T6179] vhci_hcd vhci_hcd.0: Device attached
[  106.427642][ T6178] netlink: 60 bytes leftover after parsing attributes in process `syz.5.895'.
[  106.427828][ T6183] vhci_hcd: connection closed
[  106.427925][   T37] vhci_hcd: stop threads
[  106.427936][   T37] vhci_hcd: release socket
[  106.427943][   T37] vhci_hcd: disconnect device
[  106.640812][ T6178] IPVS: Unknown mcast interface: 
[  106.707517][ T6194] loop6: detected capacity change from 0 to 512
[  106.716057][ T6194] EXT4-fs: Ignoring removed nobh option
[  106.743153][ T6194] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #3: comm syz.6.903: corrupted inode contents
[  106.755296][ T6194] EXT4-fs error (device loop6): ext4_dirty_inode:6517: inode #3: comm syz.6.903: mark_inode_dirty error
[  106.793522][ T6207] netlink: 4 bytes leftover after parsing attributes in process `syz.2.908'.
[  106.811131][ T6194] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #3: comm syz.6.903: corrupted inode contents
[  106.838352][ T6194] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #3: comm syz.6.903: mark_inode_dirty error
[  106.850222][ T6194] EXT4-fs error (device loop6): ext4_acquire_dquot:6945: comm syz.6.903: Failed to acquire dquot type 0
[  106.864092][ T6194] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm syz.6.903: corrupted inode contents
[  106.876535][ T6194] EXT4-fs error (device loop6): ext4_dirty_inode:6517: inode #16: comm syz.6.903: mark_inode_dirty error
[  106.888639][ T6194] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm syz.6.903: corrupted inode contents
[  106.961848][ T6194] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #16: comm syz.6.903: mark_inode_dirty error
[  106.998647][ T6194] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm syz.6.903: corrupted inode contents
[  107.014892][ T6225] netlink: 60 bytes leftover after parsing attributes in process `syz.5.915'.
[  107.018059][ T6194] EXT4-fs error (device loop6) in ext4_orphan_del:301: Corrupt filesystem
[  107.027731][ T6225] IPVS: Unknown mcast interface: 
[  107.034422][ T6194] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm syz.6.903: corrupted inode contents
[  107.078124][ T6194] EXT4-fs error (device loop6): ext4_truncate:4637: inode #16: comm syz.6.903: mark_inode_dirty error
[  107.103231][ T6194] EXT4-fs error (device loop6) in ext4_process_orphan:343: Corrupt filesystem
[  107.113207][ T6234] netlink: 4 bytes leftover after parsing attributes in process `syz.5.918'.
[  107.125462][ T6234] bridge_slave_1: left allmulticast mode
[  107.131327][ T6234] bridge_slave_1: left promiscuous mode
[  107.137126][ T6234] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.147058][ T6234] bridge_slave_0: left allmulticast mode
[  107.150545][ T6194] EXT4-fs (loop6): 1 truncate cleaned up
[  107.153152][ T6234] bridge_slave_0: left promiscuous mode
[  107.159149][ T6194] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.164394][ T6234] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.186872][ T6194] netlink: 56 bytes leftover after parsing attributes in process `syz.6.903'.
[  107.236583][ T6239] loop5: detected capacity change from 0 to 1024
[  107.243466][ T6240] netlink: 56 bytes leftover after parsing attributes in process `syz.6.903'.
[  107.256539][ T6239] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.918: Failed to acquire dquot type 0
[  107.279357][ T6239] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  107.290816][ T5842] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.294414][ T6239] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #13: comm syz.5.918: corrupted inode contents
[  107.315584][ T6239] EXT4-fs error (device loop5): ext4_dirty_inode:6517: inode #13: comm syz.5.918: mark_inode_dirty error
[  107.327563][ T6239] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #13: comm syz.5.918: corrupted inode contents
[  107.348401][ T6239] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #13: comm syz.5.918: mark_inode_dirty error
[  107.360879][ T6239] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #13: comm syz.5.918: corrupted inode contents
[  107.374016][ T6239] EXT4-fs error (device loop5) in ext4_orphan_del:301: Corrupt filesystem
[  107.385678][ T6239] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #13: comm syz.5.918: corrupted inode contents
[  107.398046][ T6239] EXT4-fs error (device loop5): ext4_truncate:4637: inode #13: comm syz.5.918: mark_inode_dirty error
[  107.409474][ T6239] EXT4-fs error (device loop5) in ext4_process_orphan:343: Corrupt filesystem
[  107.420229][ T6239] EXT4-fs (loop5): 1 truncate cleaned up
[  107.426689][ T6239] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.448517][ T6234] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  107.459614][ T6234] SELinux:  Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  107.529354][ T3691] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.672668][ T6260] 0ªX¹¦À: renamed from caif0
[  107.680130][ T6260] 0ªX¹¦À: entered allmulticast mode
[  107.685670][ T6260] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  107.725661][ T6262] IPVS: Unknown mcast interface: 
[  107.865221][ T6273] validate_nla: 3 callbacks suppressed
[  107.865240][ T6273] netlink: 'syz.2.934': attribute type 8 has an invalid length.
[  107.903112][ T6279] netlink: 'syz.3.935': attribute type 8 has an invalid length.
[  107.999468][ T6284] FAULT_INJECTION: forcing a failure.
[  107.999468][ T6284] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  108.012869][ T6284] CPU: 1 UID: 0 PID: 6284 Comm: syz.3.938 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  108.012950][ T6284] Tainted: [W]=WARN
[  108.012957][ T6284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  108.012971][ T6284] Call Trace:
[  108.012976][ T6284]  <TASK>
[  108.012985][ T6284]  __dump_stack+0x1d/0x30
[  108.013023][ T6284]  dump_stack_lvl+0xe8/0x140
[  108.013087][ T6284]  dump_stack+0x15/0x1b
[  108.013119][ T6284]  should_fail_ex+0x265/0x280
[  108.013157][ T6284]  should_fail+0xb/0x20
[  108.013249][ T6284]  should_fail_usercopy+0x1a/0x20
[  108.013288][ T6284]  _copy_from_user+0x1c/0xb0
[  108.013314][ T6284]  ___sys_sendmsg+0xc1/0x1d0
[  108.013410][ T6284]  __x64_sys_sendmsg+0xd4/0x160
[  108.013468][ T6284]  x64_sys_call+0x191e/0x3000
[  108.013502][ T6284]  do_syscall_64+0xd2/0x200
[  108.013535][ T6284]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  108.013610][ T6284]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  108.013636][ T6284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.013691][ T6284] RIP: 0033:0x7ff36dc4efc9
[  108.013709][ T6284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.013730][ T6284] RSP: 002b:00007ff36c6b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  108.013751][ T6284] RAX: ffffffffffffffda RBX: 00007ff36dea5fa0 RCX: 00007ff36dc4efc9
[  108.013764][ T6284] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  108.013775][ T6284] RBP: 00007ff36c6b7090 R08: 0000000000000000 R09: 0000000000000000
[  108.013818][ T6284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  108.013832][ T6284] R13: 00007ff36dea6038 R14: 00007ff36dea5fa0 R15: 00007fff4539a108
[  108.013856][ T6284]  </TASK>
[  108.275280][ T6291] netlink: 'syz.3.942': attribute type 21 has an invalid length.
[  108.291273][ T6289] IPVS: Unknown mcast interface: 
[  108.825136][ T6312] netlink: 'syz.5.949': attribute type 10 has an invalid length.
[  108.839631][ T6312] team0: Device ipvlan0 failed to register rx_handler
[  108.879619][ T6318] SELinux: ebitmap start bit (50331840) is beyond the end of the bitmap (1472)
[  108.892174][ T6318] SELinux: failed to load policy
[  108.913733][ T6321] netlink: 'syz.5.953': attribute type 8 has an invalid length.
[  108.963809][ T6324] IPVS: Unknown mcast interface: 
[  109.141833][ T6342] loop3: detected capacity change from 0 to 2048
[  109.150532][ T6342] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[  109.246237][ T6351] netlink: 'syz.6.974': attribute type 8 has an invalid length.
[  109.440294][ T6357] IPVS: Unknown mcast interface: 
[  109.508126][ T6339] Set syz1 is full, maxelem 65536 reached
[  109.588051][ T6364] netlink: 'syz.6.968': attribute type 4 has an invalid length.
[  109.721497][ T6382] loop4: detected capacity change from 0 to 2048
[  109.752612][ T6382] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.779982][ T6382] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.977: bg 0: block 345: padding at end of block bitmap is not set
[  109.817850][ T6382] EXT4-fs (loop4): Remounting filesystem read-only
[  109.879682][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.979709][ T6397] netlink: 'syz.5.982': attribute type 8 has an invalid length.
[  110.100927][ T6403] bridge: RTM_NEWNEIGH with invalid ether address
[  110.382319][ T6427] netlink: 'syz.4.995': attribute type 8 has an invalid length.
[  110.394347][ T6429] xt_TPROXY: Can be used only with -p tcp or -p udp
[  110.413980][ T6430] netlink: 'syz.2.997': attribute type 1 has an invalid length.
[  110.588098][ T6444] loop6: detected capacity change from 0 to 2048
[  110.603035][ T6444] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.666087][ T6444] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.1003: bg 0: block 345: padding at end of block bitmap is not set
[  110.721157][ T6444] EXT4-fs (loop6): Remounting filesystem read-only
[  110.768700][ T6460] RDS: rds_bind could not find a transport for ::ffff:100.1.1.0, load rds_tcp or rds_rdma?
[  110.792807][   T29] kauditd_printk_skb: 4452 callbacks suppressed
[  110.792825][   T29] audit: type=1326 audit(110.774:16716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6426 comm="syz.4.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9c3e0ab099 code=0x7ffc0000
[  110.824221][   T29] audit: type=1326 audit(110.774:16717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6426 comm="syz.4.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9c3e105e67 code=0x7ffc0000
[  110.849693][   T29] audit: type=1326 audit(110.774:16718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6426 comm="syz.4.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9c3e0ab099 code=0x7ffc0000
[  110.872812][   T29] audit: type=1326 audit(110.774:16719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6426 comm="syz.4.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9c3e105e67 code=0x7ffc0000
[  110.896154][   T29] audit: type=1326 audit(110.774:16720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6426 comm="syz.4.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9c3e0ab099 code=0x7ffc0000
[  110.920009][   T29] audit: type=1326 audit(110.774:16721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6426 comm="syz.4.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9c3e105e67 code=0x7ffc0000
[  110.943853][   T29] audit: type=1326 audit(110.774:16722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6426 comm="syz.4.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9c3e0ab099 code=0x7ffc0000
[  110.967122][   T29] audit: type=1326 audit(110.774:16723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6426 comm="syz.4.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9c3e105e67 code=0x7ffc0000
[  110.989945][   T29] audit: type=1326 audit(110.774:16724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6426 comm="syz.4.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9c3e0ab099 code=0x7ffc0000
[  111.013072][   T29] audit: type=1326 audit(110.774:16725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6426 comm="syz.4.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9c3e105e67 code=0x7ffc0000
[  111.041210][ T5842] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.090194][ T6476] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  111.401105][ T6478] loop3: detected capacity change from 0 to 128
[  111.616549][ T6478] __nla_validate_parse: 8 callbacks suppressed
[  111.616653][ T6478] netlink: 388 bytes leftover after parsing attributes in process `syz.3.1017'.
[  111.993113][ T6513] SELinux: failed to load policy
[  112.049087][ T6520] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1034'.
[  112.106766][ T6525] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1034'.
[  112.157041][ T6529] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1037'.
[  112.185941][ T6499] Set syz1 is full, maxelem 65536 reached
[  112.200032][ T6529] IPVS: Error connecting to the multicast addr
[  112.407711][ T6547] FAULT_INJECTION: forcing a failure.
[  112.407711][ T6547] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  112.421171][ T6547] CPU: 1 UID: 0 PID: 6547 Comm: syz.6.1044 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  112.421259][ T6547] Tainted: [W]=WARN
[  112.421265][ T6547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  112.421277][ T6547] Call Trace:
[  112.421282][ T6547]  <TASK>
[  112.421290][ T6547]  __dump_stack+0x1d/0x30
[  112.421407][ T6547]  dump_stack_lvl+0xe8/0x140
[  112.421436][ T6547]  dump_stack+0x15/0x1b
[  112.421542][ T6547]  should_fail_ex+0x265/0x280
[  112.421579][ T6547]  should_fail+0xb/0x20
[  112.421612][ T6547]  should_fail_usercopy+0x1a/0x20
[  112.421651][ T6547]  _copy_from_user+0x1c/0xb0
[  112.421675][ T6547]  io_register_pbuf_ring+0x4e/0x390
[  112.421709][ T6547]  ? __fget_files+0x184/0x1c0
[  112.421758][ T6547]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  112.421794][ T6547]  __se_sys_io_uring_register+0xb0b/0xf30
[  112.421861][ T6547]  ? fput+0x8f/0xc0
[  112.421885][ T6547]  ? ksys_write+0x192/0x1a0
[  112.421904][ T6547]  __x64_sys_io_uring_register+0x55/0x70
[  112.421996][ T6547]  x64_sys_call+0x18a3/0x3000
[  112.422054][ T6547]  do_syscall_64+0xd2/0x200
[  112.422088][ T6547]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  112.422110][ T6547]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  112.422188][ T6547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.422253][ T6547] RIP: 0033:0x7f086e99efc9
[  112.422268][ T6547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.422333][ T6547] RSP: 002b:00007f086d407038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[  112.422356][ T6547] RAX: ffffffffffffffda RBX: 00007f086ebf5fa0 RCX: 00007f086e99efc9
[  112.422371][ T6547] RDX: 0000200000000040 RSI: 0000000000000016 RDI: 0000000000000003
[  112.422385][ T6547] RBP: 00007f086d407090 R08: 0000000000000000 R09: 0000000000000000
[  112.422397][ T6547] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  112.422408][ T6547] R13: 00007f086ebf6038 R14: 00007f086ebf5fa0 R15: 00007ffdfd6e93d8
[  112.422431][ T6547]  </TASK>
[  112.452690][ T6545] vlan2: entered allmulticast mode
[  112.642127][ T6545] hsr0: entered allmulticast mode
[  112.647159][ T6545] hsr_slave_0: entered allmulticast mode
[  112.653175][ T6545] hsr_slave_1: entered allmulticast mode
[  112.660817][ T6551] loop4: detected capacity change from 0 to 128
[  112.674470][ T6551] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  112.718802][ T6556] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1048'.
[  112.727975][ T6556] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1048'.
[  112.740378][   T12] bio_check_eod: 101 callbacks suppressed
[  112.740396][   T12] kworker/u8:0: attempt to access beyond end of device
[  112.740396][   T12] loop4: rw=1, sector=249, nr_sectors = 1 limit=128
[  112.800148][ T6554] SELinux:  policydb magic number 0x6572666b does not match expected magic number 0xf97cff8c
[  112.819053][ T6554] SELinux: failed to load policy
[  112.886392][ T6566] validate_nla: 5 callbacks suppressed
[  112.886410][ T6566] netlink: 'syz.6.1053': attribute type 1 has an invalid length.
[  112.959653][ T6571] netlink: 'syz.4.1050': attribute type 10 has an invalid length.
[  112.980236][ T6571] team0: Device ipvlan0 failed to register rx_handler
[  113.016436][ T6574] netlink: 'syz.6.1056': attribute type 8 has an invalid length.
[  113.122146][ T6580] veth0: entered promiscuous mode
[  113.127257][ T6580] veth0: entered allmulticast mode
[  113.199255][ T6589] SELinux:  policydb magic number 0x6572666b does not match expected magic number 0xf97cff8c
[  113.210633][ T6589] SELinux: failed to load policy
[  113.268618][ T6595] netlink: 'syz.5.1066': attribute type 1 has an invalid length.
[  113.333979][ T6591] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1060'.
[  113.359826][ T6603] loop4: detected capacity change from 0 to 2048
[  113.397773][ T6603] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.463539][ T6603] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1068: bg 0: block 345: padding at end of block bitmap is not set
[  113.538738][ T6603] EXT4-fs (loop4): Remounting filesystem read-only
[  113.578924][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.979748][ T6645] loop5: detected capacity change from 0 to 2048
[  114.015817][ T6649] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  114.080991][ T6645] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.102946][ T6645] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1083: bg 0: block 345: padding at end of block bitmap is not set
[  114.117848][ T6645] EXT4-fs (loop5): Remounting filesystem read-only
[  114.138037][ T3691] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.422776][ T6682] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1095'.
[  114.533446][ T6685] netlink: 'syz.2.1098': attribute type 8 has an invalid length.
[  114.609900][ T6668] loop6: detected capacity change from 0 to 512
[  114.632928][ T6668] EXT4-fs: Ignoring removed orlov option
[  114.687628][ T6668] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  114.695089][ T6691] SELinux: failed to load policy
[  114.714885][ T6668] EXT4-fs error (device loop6): ext4_iget_extra_inode:5075: inode #15: comm syz.6.1093: corrupted in-inode xattr: e_value size too large
[  114.729704][ T6668] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.1093: couldn't read orphan inode 15 (err -117)
[  114.742623][ T6668] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.036827][   T37] ==================================================================
[  115.044991][   T37] BUG: KCSAN: data-race in __bpf_get_stackid / bcmp
[  115.051803][   T37] 
[  115.054144][   T37] write to 0xffff888109ad0ca0 of 96 bytes by task 6713 on cpu 0:
[  115.061973][   T37]  __bpf_get_stackid+0x761/0x800
[  115.066963][   T37]  bpf_get_stackid+0xe9/0x120
[  115.071682][   T37]  bpf_get_stackid_raw_tp+0xf6/0x120
[  115.077506][   T37]  bpf_prog_53f0063d4d7f65ce+0x2a/0x32
[  115.082979][   T37]  bpf_trace_run2+0x107/0x1c0
[  115.087668][   T37]  __traceiter_kfree+0x2e/0x50
[  115.092664][   T37]  kfree+0x351/0x400
[  115.096776][   T37]  __bpf_prog_put_noref+0xac/0x230
[  115.101915][   T37]  bpf_prog_load+0x105a/0x1100
[  115.106701][   T37]  __sys_bpf+0x469/0x7c0
[  115.111052][   T37]  __x64_sys_bpf+0x41/0x50
[  115.115599][   T37]  x64_sys_call+0x2aee/0x3000
[  115.120396][   T37]  do_syscall_64+0xd2/0x200
[  115.124931][   T37]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.130846][   T37] 
[  115.133183][   T37] read to 0xffff888109ad0ce0 of 8 bytes by task 37 on cpu 1:
[  115.140617][   T37]  bcmp+0x23/0x90
[  115.144284][   T37]  __bpf_get_stackid+0x371/0x800
[  115.149342][   T37]  bpf_get_stackid+0xe9/0x120
[  115.154304][   T37]  bpf_get_stackid_raw_tp+0xf6/0x120
[  115.159703][   T37]  bpf_prog_53f0063d4d7f65ce+0x2a/0x32
[  115.165358][   T37]  bpf_trace_run2+0x107/0x1c0
[  115.170309][   T37]  __traceiter_kfree+0x2e/0x50
[  115.175097][   T37]  kfree+0x351/0x400
[  115.179092][   T37]  __io_cqring_overflow_flush+0x386/0x630
[  115.184849][   T37]  io_ring_exit_work+0x10c/0x560
[  115.189814][   T37]  process_scheduled_works+0x4ce/0x9d0
[  115.195295][   T37]  worker_thread+0x582/0x770
[  115.199902][   T37]  kthread+0x489/0x510
[  115.204081][   T37]  ret_from_fork+0x122/0x1b0
[  115.208719][   T37]  ret_from_fork_asm+0x1a/0x30
[  115.213504][   T37] 
[  115.215858][   T37] value changed: 0xffffffff813d5382 -> 0xffffffff8161b6b1
[  115.223064][   T37] 
[  115.225484][   T37] Reported by Kernel Concurrency Sanitizer on:
[  115.231661][   T37] CPU: 1 UID: 0 PID: 37 Comm: kworker/u8:2 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  115.243404][   T37] Tainted: [W]=WARN
[  115.247216][   T37] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  115.257371][   T37] Workqueue: iou_exit io_ring_exit_work
[  115.263081][   T37] ==================================================================
[  115.376401][ T5842] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.