last executing test programs:

42.050148159s ago: executing program 1 (id=182):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="05000000070000000800000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x18)
listen(0xffffffffffffffff, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000004000000000000000000000850000003d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000740)=ANY=[@ANYRES32=r3, @ANYRES32=r2, @ANYBLOB='\a'], 0x10)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000340)=ANY=[], 0xff2e)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r4)
sendmsg$NLBL_CIPSOV4_C_ADD(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB="d0000000", @ANYRES16=r5, @ANYBLOB="010000000000000000000100000008000100000000010400048008000c8004000b800800020001000000a00008801c000780080077144ebb00000800060000000000080005000000000024000780080005"], 0xd0}}, 0x0)

41.799902209s ago: executing program 1 (id=183):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xd, 0x0, &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='kfree\x00', r0, 0x0, 0x20}, 0x18)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0x0, 0x0, 'queue0\x00', 0x200000})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000100)={0x0, 0x0, {0x3, 0x7, 0x6, 0x2}, 0x9})

41.758561691s ago: executing program 1 (id=184):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000800000000000070000000900010073797a30000000007c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d38001280140001800c000100636f756e7465720004000280200001800e000100636f6e6e6c696d69740000000c000280080001400000000808000340000001"], 0xc4}}, 0x20050890)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf583"], 0x0}, 0x94)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="0107000000000000000020000000040003"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x400)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000780)=@raw={'raw\x00', 0x8, 0x3, 0x4d0, 0x368, 0xa, 0x148, 0x0, 0x60, 0x438, 0x2a8, 0x2a8, 0x438, 0x2a8, 0x7fffffe, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x2f8, 0x368, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'veth1_to_team\x00', {0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x8601, 0x6, './file0\x00'}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f2f7b9f28413d9d8ad470ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc2d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x0, 0x4, 0x1, 0x1, 0x0, 0x1], 0x3}, {0x3, [0x2, 0x6, 0x1, 0x0, 0x0, 0x3], 0x4}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x530)

41.628189917s ago: executing program 1 (id=188):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000240)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100000}}, {@resuid}, {@jqfmt_vfsv1}, {@errors_remount}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@usrjquota, 0x2e}], [], 0x2e}, 0x1, 0x472, &(0x7f0000000580)="$eJzs20tvG0UcAPD/OnH6JqGURx9AoCAiHkmTFuiBCwikXpCQ4FCOIU2r0rRBTZBoVdGAUDmifgLgiMQn4AQXBJxAXEHigoSQKtQLhQNatPZu6ya28Stxi38/ye3M7mxm/rs79uyMHcDAGs/+SSK2R8RPIxGj1ezNBcar/127emHur6sX5pJI01f/SCrl/rx6Ya4oWhy3Lc9MlCJKHySxt069S+fOn5pdWJg/m+enlk+/NbV07vxTJ0/Pnpg/MX9m5vDhQwenn31m5umexLkja+uedxf37T7y+uWX545efuPbz7Pt2/P9tXFUjXVd53iM33wuazwa8Wuapl3XcavYUZNOhvvYENoyFBHZ5Spn/T9GYyhuXLzReOn9vjYOWFdpmqab1mwdKhIrKfA/lkS/WwD0R/FBnz3/Fq8NHH703ZXnqw9AWdzX8ld1z3CU8jLlVc+3vTQeEUdX/v44e0XdeQgAgN76Mhv/PFlv/FeKe2rK3RHVtaGxiLgzInZGxF0RsSsi7o6olL03Iu5rs/7xVfm1458ftnQUWIuy8d9z+drWzeO/YvQXY0N5bkcl/nJy/OTC/IH8nExEeVOWn25Sx1cv/vhRo32147/sldVfjAXzdvw+vGqC7tjs8mw3Mde68l7EnuF68SfXVwKSiNgdEXs6+PvZOTv5+Gf7Gu3/7/ib6ME6U/ppxGPV678Sq+IvJM3XJ6c2x8L8ganirljru+8vvdKo/q7i74Hs+m+te/9fj38sqV2vXWq/jks/f9jwmabT+38kea2SHsm3vTO7vHx2OmIkWVm7febGsUW+KJ/FP7G/fv/fGfHPJ/lxeyMiu4nvj4gHIuLBvO0PRcTDEbG/SfzfvPDIm53Hv76y+I+1df3bTwyd+vqLRvW3dv0PVVIT+ZZW3v9abWA35w4AAABuF0nlO/BJaTKf49wepdLkZPU7/Ltia2lhcWn5ieOLb585Vv2u/FiUS8VM12jNfOh0Pjdc5GdW5Q9W5o3TNE23VPKTc4sL67WmDrRmW4P+n/ltqN+tA9ZdW+tojX7RBtyW/F4TBpf+D4Or1f5fXud2ABvP5z8Mrnr9/2LEtT40BdhgPv9hcOn/MLj0fxhc+j8MpG5+198ssfNIx4enXdW+OQ+sw8N/WZez0SwxtIF19TIRpbq7yhFxi7SwSaJ0azSjmtgUEa0Wvtjpjd12os9vTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3ybwAAAP//pCzokA==")
r2 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
write$binfmt_register(r2, &(0x7f0000000440)={0x3a, 'syz2', 0x3a, 'M', 0x3a, 0x0, 0x3a, 'usrjquota=', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x32)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010028bd70000000000008000000180001801400020073797a5f74756e0000000000000000001c0002801800038010"], 0x48}}, 0x0)

41.377603218s ago: executing program 1 (id=197):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
mount_setattr(0xffffffffffffff9c, 0x0, 0x0, &(0x7f0000000180)={0x2, 0x100000, 0x80000}, 0x20)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x3, 0x20132, 0xffffffffffffffff, 0xb299b000)
mremap(&(0x7f0000006000/0x3000)=nil, 0x3000, 0xf000, 0x3, &(0x7f0000009000/0xf000)=nil)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
r2 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000200))
r3 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0xfa09c4119783e9d)
syz_usb_disconnect(r3)
syz_usb_connect(0x3, 0x2d, &(0x7f0000000000)=ANY=[], 0x0)
ioctl$EVIOCRMFF(r3, 0x550c, 0x0)
r4 = open$dir(&(0x7f0000000000)='./file0\x00', 0x2, 0x0)
getdents(r4, &(0x7f00000000c0)=""/39, 0x27)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
tgkill(r5, r5, 0x1b)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket(0x10, 0x3, 0x0)
connect$netlink(r7, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r7, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x31, 0x829, 0x0, 0x25dfdbfe, {}, [{0x4}]}, 0x18}}, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
r8 = syz_open_pts(0xffffffffffffffff, 0x484001)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r8, 0xc0096616, 0x0)
move_pages(r5, 0x4, &(0x7f0000000100)=[&(0x7f0000004000/0x8000)=nil, &(0x7f000000c000/0x4000)=nil, &(0x7f000000f000/0x1000)=nil, &(0x7f0000002000/0x2000)=nil], &(0x7f0000000140)=[0xffff, 0xf81, 0x8, 0x5, 0x0, 0x7ff, 0x81], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x4)
ioctl$USBDEVFS_IOCTL(r2, 0x80045505, &(0x7f0000000040)=@usbdevfs_disconnect={0xffffffff})

40.517819354s ago: executing program 1 (id=205):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000600)=@filter={'filter\x00', 0xc, 0x4, 0x268, 0xffffffff, 0x130, 0x98, 0x98, 0x98, 0xffffffff, 0x1d0, 0x98, 0x1d0, 0x98, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}, {{@ip={@local, @broadcast, 0x0, 0x0, 'ip6tnl0\x00', 'hsr0\x00'}, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2c8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x10, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=[0x0], 0x0, 0x0, 0x1, 0x1}}, 0x40)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={r4, 0x0, 0x0}, 0x10)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = shmget$private(0x0, 0x400000, 0x184, &(0x7f0000c00000/0x400000)=nil)
r8 = shmat(r7, &(0x7f0000ffd000/0x2000)=nil, 0x6000)
shmat(r7, &(0x7f0000d6f000/0x3000)=nil, 0x6000)
shmdt(r8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000500)='kfree\x00', r6, 0x0, 0xfffffffffffffffd}, 0x18)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r10}, 0x9)
r11 = inotify_init1(0x0)
inotify_add_watch(r11, &(0x7f0000000200)='.\x00', 0x10000a0)
r12 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
close_range(r12, 0xffffffffffffffff, 0x0)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r13, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000900)=ANY=[@ANYBLOB="2c0000003f00070dfeffffff00000000017c0000040077000c00038006"], 0x2c}, 0x1, 0x0, 0x0, 0x4048011}, 0x4044000)
writev(0xffffffffffffffff, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff81004e230e22ac1414aa925aa80020", 0x25}], 0x1)
r14 = socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r1)
sendmsg$nl_route(r14, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000000c0)=ANY=[@ANYBLOB="28000000120001528047b19a0f1feeffff00ffff", @ANYRESHEX=r14, @ANYRES32=r14], 0x28}}, 0x0)

40.497384954s ago: executing program 32 (id=205):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000600)=@filter={'filter\x00', 0xc, 0x4, 0x268, 0xffffffff, 0x130, 0x98, 0x98, 0x98, 0xffffffff, 0x1d0, 0x98, 0x1d0, 0x98, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}, {{@ip={@local, @broadcast, 0x0, 0x0, 'ip6tnl0\x00', 'hsr0\x00'}, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2c8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x10, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=[0x0], 0x0, 0x0, 0x1, 0x1}}, 0x40)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={r4, 0x0, 0x0}, 0x10)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = shmget$private(0x0, 0x400000, 0x184, &(0x7f0000c00000/0x400000)=nil)
r8 = shmat(r7, &(0x7f0000ffd000/0x2000)=nil, 0x6000)
shmat(r7, &(0x7f0000d6f000/0x3000)=nil, 0x6000)
shmdt(r8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000500)='kfree\x00', r6, 0x0, 0xfffffffffffffffd}, 0x18)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r10}, 0x9)
r11 = inotify_init1(0x0)
inotify_add_watch(r11, &(0x7f0000000200)='.\x00', 0x10000a0)
r12 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
close_range(r12, 0xffffffffffffffff, 0x0)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r13, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000900)=ANY=[@ANYBLOB="2c0000003f00070dfeffffff00000000017c0000040077000c00038006"], 0x2c}, 0x1, 0x0, 0x0, 0x4048011}, 0x4044000)
writev(0xffffffffffffffff, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff81004e230e22ac1414aa925aa80020", 0x25}], 0x1)
r14 = socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r1)
sendmsg$nl_route(r14, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000000c0)=ANY=[@ANYBLOB="28000000120001528047b19a0f1feeffff00ffff", @ANYRESHEX=r14, @ANYRES32=r14], 0x28}}, 0x0)

2.096158841s ago: executing program 3 (id=849):
bpf$MAP_CREATE(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r1, 0x4b47, &(0x7f0000000380)={0x0, 0x7f, 0x708})

1.954503107s ago: executing program 3 (id=854):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10)
r1 = socket$rds(0x15, 0x5, 0x0)
connect$rds(r1, &(0x7f0000000080)={0x2, 0x4e22, @rand_addr=0x64010102}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r4}, 0x10)
symlink(&(0x7f0000000000)='.\x00', &(0x7f0000000100)='./file0\x00')
clock_gettime(0x0, &(0x7f0000000780)={<r5=>0x0, <r6=>0x0})
recvmmsg(0xffffffffffffffff, &(0x7f0000000700)=[{{&(0x7f0000000380)=@ethernet={0x0, @broadcast}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000140)=""/29, 0x1d}, {&(0x7f0000000400)=""/74, 0x4a}, {&(0x7f0000000200)=""/38, 0x26}], 0x3, &(0x7f00000011c0)=""/4096, 0x1000}, 0x1}, {{&(0x7f0000000480)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private1}}}, 0x80, &(0x7f0000000640)=[{&(0x7f0000000500)=""/177, 0xb1}, {&(0x7f00000005c0)=""/82, 0x52}], 0x2, &(0x7f0000000800)=""/96, 0x60}, 0x3}], 0x2, 0x62, &(0x7f00000007c0)={r5, r6+10000000})
syz_open_dev$tty20(0xc, 0x4, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r7, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})

1.931442868s ago: executing program 0 (id=857):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xffd, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e85"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000002c0)='afs_make_fs_call2\x00', r0}, 0x18)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
creat(&(0x7f00000000c0)='./bus\x00', 0x182)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r3 = socket$netlink(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r6, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)=ANY=[@ANYBLOB='5\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000fbdbdf25250000000e0001006e657464657673696d0000000f0002006e657464657673696d300000"], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r8 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r8, &(0x7f0000000000)={&(0x7f0000000140)={0x2, 0x4e20, @empty}, 0x10, 0x0}, 0x30006041)
close(r8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x94)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r10, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c)
socket$packet(0x11, 0x2, 0x300)
sendto$inet6(r10, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
shutdown(r10, 0x1)
splice(r10, 0x0, r9, 0x0, 0x406f413, 0x0)

1.930990938s ago: executing program 4 (id=858):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0)
socket$inet6(0xa, 0x2, 0x0)
getsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000140)=0x4)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
waitid(0x0, 0x0, 0x0, 0xe, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x9, 0x4, 0xfffffffffffffffd, 0x100000669a, 0x1, 0x6, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x4, 0x2800000000000, 0x6, 0x3, 0x0, 0x7fbfffff}, 0x0, 0x0)
pipe2(&(0x7f0000000040), 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfc, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002120207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$inet6(r2, &(0x7f0000002280)={&(0x7f0000001e40)={0xa, 0x4e24, 0x0, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="b005000000000000290000003600000000b2"], 0x5b0}, 0x20008001)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00'}, 0x18)
sendmsg$inet6(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000001c0)="e5f1fddfe175759743a2d6055bef6ad67f4806ff6a", 0x15}], 0x1}, 0x20000044)
r3 = open_tree(0xffffffffffffff9c, 0x0, 0x0)
accept4$llc(r3, &(0x7f0000000280), &(0x7f0000000340)=0x10, 0x80000)
getpid()
setns(0xffffffffffffffff, 0x24020000)

1.88730327s ago: executing program 3 (id=860):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r0}, &(0x7f0000004000), &(0x7f00000003c0)}, 0x20)
readahead(0xffffffffffffffff, 0x12, 0x3)

1.88581013s ago: executing program 0 (id=861):
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/rcu_expedited', 0x18d0c3, 0x40)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000000040), 0x4)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x2}, 0x0, 0xfffbffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r3, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r3, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f0000004100)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000340)=""/84, 0x54}], 0x1}, 0xa2b3}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x6, 0xfc, 0x0, 0x0, 0x0, 0x12524, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x1, @perf_bp={0x0, 0x3}, 0x0, 0xc8, 0x0, 0x1, 0x100000000000008, 0x0, 0x6, 0x0, 0x8, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000000f80)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r6, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce8102033200fe08000e40000200875a65969ff57bea000000000000000000000000ac1414aa"], 0xfdef)
socket$kcm(0x10, 0x2, 0x0)

1.865096401s ago: executing program 3 (id=862):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000001880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000200000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040), 0x10)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x10000})
listen(r1, 0x5)
r2 = socket(0x28, 0x5, 0x0)
setrlimit(0x40000000000008, &(0x7f0000000000))
connect$vsock_stream(r2, &(0x7f0000000080), 0x10)
sendmsg$nl_route_sched(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000002480)=@deltfilter={0x24, 0x2d, 0x4, 0x70bd2f, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff2}, {0x1, 0x2}, {0x4, 0xd}}}, 0x24}, 0x1, 0x0, 0x0, 0x4004885}, 0x40004)
setsockopt$sock_linger(r2, 0x1, 0x3c, &(0x7f00000000c0)={0x1, 0x79e}, 0x8)
sendmmsg(r2, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x44000}], 0x1}}], 0x1, 0x24008094)

1.864125561s ago: executing program 0 (id=863):
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x1000000009, 0x640b9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x4, @perf_config_ext={0x8, 0x3fff8000}, 0xa00, 0x800000000081, 0x43a1bd76, 0x7, 0x9, 0x6, 0x6, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xe, 0xffffffffffffffff, 0xa)
r0 = socket$key(0xf, 0x3, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000001200)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32], 0xe0, 0x4000000}}], 0x2, 0x800) (async)
unshare(0x26020480) (async)
r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000280), 0x206100, 0x0)
io_uring_setup(0x263, &(0x7f0000000040)={0x0, 0x973, 0x20, 0x8000, 0x103, 0x0, r2})
sendmsg$key(r0, &(0x7f0000000080)={0x2, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="020a00000300000000000000000000000100110002190000f11725519f5e5ae1bab5b80c04b378de389d7f8b341d81d631bd5d264260f740428d3014346f61351a7c3ce2441c0000b5606b865a38e8f691a257018774c0b6e7c95169d5e7f224baae87c72b59b7dc94efd16edf6f6775800a7117c9b0d9ce7e28954bef394ab23715886df891c375176c8ae0e2e5fbc5dd133e8684a0205a9e192feed5feb8dc90840b7b47b3631ead2f"], 0x18}}, 0x24000004)
socket$nl_route(0x10, 0x3, 0x0) (async)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000007000000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='kfree\x00', r3}, 0x10)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x80010, 0xffffffffffffffff, 0x0) (async)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000fbe000)={0x0, 0x0}, 0x10) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xa, 0xfb, 0x7ffc1ffb}]})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYRESOCT=r4], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r5, &(0x7f0000000340), &(0x7f0000000280)=@tcp, 0x1}, 0x20) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='kmem_cache_free\x00', r6}, 0x18)
io_cancel(0x0, 0x0, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) (async)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sys_enter\x00', r8}, 0x18) (async)
r9 = gettid()
rt_sigtimedwait(&(0x7f0000000100)={[0x3ff]}, 0x0, 0x0, 0x8) (async)
tkill(r9, 0x7)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x40)

1.837808822s ago: executing program 3 (id=864):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x244}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000680)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16, @ANYRESOCT=0x0], 0x30}, 0x1, 0x0, 0x0, 0x94}, 0x8808)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000003c0)="a9850350d72411885e", 0x9}, {&(0x7f0000000100)="08000000246837f73199aee6fdb9291b3091ec1a2d41d227975ad8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fe8befc0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff126", 0xfe}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e", 0xdba}], 0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40000, &(0x7f0000000080)={[{@usrquota}, {@noblock_validity}, {@bh}, {@max_batch_time={'max_batch_time', 0x3d, 0x5}}, {@debug}, {@inlinecrypt}]}, 0x6, 0x5fa, &(0x7f0000000c00)="$eJzs3c9rHFUcAPDvTH6YtNG0ImKLYsBDC9I0qcWqF9t6sAfBgj2IeGhokhq6/UGTgq0FU/CgoCDiVaQX/wHv0rs3EdSbZ6GKVBRUujKzs+0m2U1jmt1JM58P7Gbem9l977svL/NmJm8ngMoay57SiF0Rt08mEaMt60aisXKs2O7W71dPZY8k6vU3fksiKfKa2yfFz+1FYigivjsa8WjfynLnL185M1WrN7wfsX/h7IX985ev7Js7O3V65vTMuckDLxw8NPHi5MHJDYkzr1PUI+L1Jz/54J3nZ7+v7UvicJwYeG86lsWxUcZiLG4XIbZkD2RPh7KnNp/Lg2YLhFBpWfv1F7+Uj8do9OWphtGY+7jUygFdVe+LqAMVlej/UFHNcUDz2H5tx8Enujwq6Z2bRxoHQCvj72+cG4mh/Nho262k5ciocW5jxwaUn5Xx79XdX2SPWHIe4q87rdO/AeV0sngtIp5oF3+S121HHmkWf7qkHklETETEYFG/V+6jDknLcjfOw6xmvfGnEXG4+JnlH11n+WPL0r2OH4BqunGk2JEvZqm7+79s7NEc/0Sb8c9Im33XepS9/+s8/mvu74fyc+TpsnFYNmY53v4tB5Zn/PzRsc86ld86/sseWfnNsWAv3LwWsXtZ/B9mwRbjnyz+pE37Z5ucPLy2Ml794ddjndaVHX/9esSetsc/d0el2dIq1yf3z87VZiYaz23L+Obbt7/qVH7Z8Wftv61D/C3tny5/XfaZXFhjGV8fv36207qRe8af/jKYNI43B4ucd6cWFi5ORgwmrxWbtOQfWL0uzW2a75HFv/eZ9v1/ye//taXvM9z8k7kGF948c6vTuvW0f8vF5Nv1Ndahkyz+6Xu3/4r+n+V9usYy/nzr0lOd1q0W//D9BAYAAAAAAAAVlObXYJN0/M5ymo6PN+bLPhbb0tr5+YVnZ89fOjcdsTf/f8iBtHmle7SRTrL0ZPH/sM30gWXp5yJiZ0R83jecp8dPna9Nlx08AAAAAAAAAAAAAAAAAAAAbBLbi/n/zftU/9HXmP8PVEQ3bzAHbG76P1RX3v9X3OIJqAL7f6gu/R+qS/+H6tL/obr0f6gu/R+qS/+H6tL/AQAAAGBL2vn0jZ+SiFh8aTh/ZAaLdWYEwdY2UHYFgNL0lV0BoDR3Lv0b7EPlrGn8/3fx5YDdrw5QgqRdZj44qK/e+W+0fSUAAAAAAAAAAAAA0AV7dnWe/29uMGxtpv1Bdd3H/H9fHQAPOF/9D9XlGB+41yz+oU4rzP8HAAAAAAAAAAAAgJ4ZyR9JOl7MBR6JNB0fj3g4InbEQDI7V5uZiIhHIuLHvoGHsvRk2ZUGAAAAAAAAAAAAAAAAAACALWb+8pUzU7XazMXWhX9W5GztheZdUHtQ1svxP18VSe8/luGIKL1RurbQ35KTRCxmLb8pKnZxPjZHNfKFkv8wAQAAAAAAAAAAAAAAAABABbXMPW5v95c9rhEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9N7d+/93b6HsGAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAB9N/AQAA///UhkCY")
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x1a, 0xf, &(0x7f0000000580)=ANY=[@ANYBLOB="0000000000000000000000181100000000000000", @ANYRESHEX=r6, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r7}, 0x10)
unshare(0x62040200)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x8000, &(0x7f0000000080)=ANY=[@ANYBLOB="666c7573682c757466383d312c6e6f6e756d7461696c3d302c726f6469722c757466383d312c6e6f6e756d7461696c3d302c756e695f786c6174653d312c6e6f6e756d7461696c3d302c756e695f786c6174653d302c757466383d312c756e695f786c6174653d302c757466383d312c756e695f786c6174653d312c6e6f6e756d7461696c3d302c646f733178666c6f7070792c726f6469722c73686f72746e616d653d77696e6e742c71756965742c0094f8a04f0973c43c7bcea227ba87b349831c01bc3220ec43c16881ca5a7eb4c441b475069a19ed5992542160cfb3116e6b98cb32f0c11a1425599a6e9e6112e8ccec10c22c03ee6158bae8a13f6c3b4c6a28b970ccddefe85485144c95ae43328f492ad74f0d68df2d1fb7eed626acbfd66c627c439a6358168da3754739b94ec5550af56d20754c3be005251ae53ba42f"], 0x0, 0x305, &(0x7f0000000200)="$eJzs3c9rE00YwPFn86NJ2rdve3h5EVEYKogiXdqANw8WaUEMKG0jWEHY2q2GbJOSDYUUsT0IXj176MGjCCJ48yLitRf/ArXeeunNHoIrm91Nk2YbEyT9od/PoZndZ56d6c6kpdPs7vaVZ0v5xaSIaBJwt4YlIlF/e10uftz4cnbmwz/etlJTE7PjaaUiInL30auR9+WB22//fZeQzeF72zvpb5tnZkV+zD6UiMrZquA4ylDzxWLZbUIt5Oy8rtQtyzRsU+UKtlkq+3Fj3jLVolVcXq4oo7Aw2L9cMm1bGYWKypsVVS6qcqmijAdGrqB0XVeD/YLaYAUiLTGtXWL25a7jyI7jOE5iXRzHCam9HhTi/mvi9zqL42Tf+Let2zI5or3sGQ7DrhPrePzx5/He/1+fdzb+ztohdQuHZObO3I2JTGZyWqmkyNLTlexK1nv14p8HJCeWmLIxfWmuKu4c8Ynmfp26npkcUzXDcn5pzc9fW8l6vxwmFmv5W0FSQ74E+eNevmrOj0v/Xr4paRmS/yQ0Px3kS6Qhv08unGvI12VIPt2Xoliy4M7khvzH40pdu5nZ136qVg8AAAAAAAAAgJNIV3V76/da/V+9KV1P1D7xUY+n3N1uPa9CfX19TIakGr4+Pxa6vh+T07Ej/MYBAAAAAPiL2JXVvGFZZqk3heiLVJsm4iLiFkSejLidaXvA//0ed9Z6n4i0hqLtm2gqpC577b2e9jsmvTxRQSHZRQ9DCsHFGnmj+iYIpSSscqSrCTDaF3rmkyVNejp/mgpyYCi1t6d29VJ3E1uL2ZXVRMdTqyW9Guw5FVrH0X59HMew4t4eqY9g+6yrXb0dDiwk95+o0S3vuFabHxrf60t8AAAAAE6Qhj+cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAEalf/6/5T/rv5OZhwX37m0PiPyK+JavlOfHc9x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAMfQzAAD//5dmsuw=")

1.275728446s ago: executing program 2 (id=871):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f0000000200)='./file0\x00', 0x100)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0, 0x8}, 0x11c167, 0x0, 0xfffffffa, 0xb95b5ec032cc8e84}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x17, 0x2000000000000242, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)

1.086637254s ago: executing program 2 (id=874):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000080000000d"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x19, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000a17000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_GET(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x2c, r3, 0x1, 0x70bd2d, 0x0, {0x1b}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x2c}}, 0x0)

1.047118866s ago: executing program 4 (id=875):
getresuid(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x3000010, &(0x7f0000000100)={[{@resuid}, {@nobh}]}, 0x1, 0x519, &(0x7f00000009c0)="$eJzs3cFvI1cZAPBvJvE2u5tiFxAqlSgVLcpWsHbS0DZCCMoFTpWA5b6ExImi2HEUO2UTVZCK/wAhgcSJExck/gCkqgfEGVWqBBfEAQECIdjCAQnoII/HJevYSaBJnI1/P+mt35sZz/e9ifw8M56dCWBiPRURL0XEVEQ8GxHlYnpalDjole5yb99/daVbksiyO39JIimm9dfVbU9HxM3ibTMR8ZUvRnw9ORq3vbe/udxo1HeKdq3T3K619/ZvbzSX1+vr9a3FxYUXll5cen5pPiu8p35W+pUffeGzr3/yG7+9+6db3+ym9ZkPRSkG+nGWel0v5duir7uNds4j2BhMFf0pjTsRAABOpbuP//6I+Fi+/1+OqXxvbsDUODIDAAAAzkr2udn4VxKRAQAAAFdWGhGzkaTV4lqA2UjTa8W5gQ/GjbTRanc+sdba3VrtzouoRCld22jU54trhStRSrrtheIa2377uYH2YkQ8FhHfLV/P29WVVmN1zOc+AAAAYFLcHDj+/3s5zesnG/L/BAAAAIDLqzKyAQAAAFwVDvkBAADg6hs8/n99THkAAAAA5+JLL7/cLVn/+derr+ztbrZeub1ab29Wm7sr1ZXWznZ1vdVaz+/Z1zxpfY1Wa/tTsbV7r9aptzu19t7+3WZrd6tzd+OBR2ADAAAAF+ixj77xqyQiDj59PS9R3AcQ4AG/H3cCwFmaGncCwNi4izdMrlK/cm28eQDjk5ww38U7AADw8Jv78NHf//unAkpjzQw4b671AYDJ4/d/mFwlVwDCREsj4n296iOjlhn5+/8vThslyyLeLB+e4vwiAABcrNm8JGm1OA6YjTStViMejUgrUUrWNhr1+eL44Jfl0iPd9kL+zuTEa4YBAAAAAAAAAAAAAAAAAAAAAAAAgJ4sSyIDAAAArrSI9I9Jfjf/iLnyM7OD5weuJf8oxx+Kxg/ufO/ecqezs9Cd/tf8WV7XIqLz/TulfPpzIx8fBgAAAJy15GDkrN5xevG6cKFZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAB3r7/6kq/XGTcP38+IirD4k/HTP46E6WIuPG3JKYPvS+JiKkziH/wWkQ8Pix+Eu9kWVYpshgW//o5x6/km2Z4/DQibp5BfJhkb3THn5eGff7SeCp/Hf75my7KezV6/EuLyI/n49yw8efRI2trDo3xxFs/qY2M/1rEE9PDx5/++JuMiP/0kbX9M8uyozG+9tX9/VHxsx9GzA39/kkeiFXrNLdr7b392xvN5fX6en1rcXHhhaUXl55fmq+tbTTqxb9DY3znIz9957j+3xgS/ze/7o2/x/X/mVErHfDvt+7d/0CvWhoW/9bTQ79/Z2JE/LT47vt4Ue/On+vXD3r1w5788ZtPHtf/1RHb/6S//61T9v/ZL3/7d6dcFAC4AO29/c3lRqO+c0xl5hTLPIyVn81cijT+x0r2rd5f7rLk8/9Wunur/53S79UlSOxQJbuwWFNxSbr8bmWswxIAAHAOfv7uTv+4MwEAAAAAAAAAAAAAAAAAAIDJdRG3ExuMeTCergIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHOs/AQAA//9GB9/T")
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r1 = socket$kcm(0x29, 0xb, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, &(0x7f0000000300)={r0, r3})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb3a}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
setuid(0xee01)
syz_open_dev$usbmon(&(0x7f00000003c0), 0x9, 0x200)
bind$netlink(r0, &(0x7f0000000380)={0x10, 0x0, 0x25dfdbfd, 0x20}, 0xc)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x6)
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
unshare(0x26040600)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPVS_CMD_ZERO(r6, &(0x7f00000000c0)={0x0, 0xfffffffffffffd95, &(0x7f00000002c0)={&(0x7f00000000c0)=ANY=[], 0xd0}, 0x1, 0x0, 0x0, 0x4001}, 0x0)
stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000200))

936.71359ms ago: executing program 0 (id=877):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xb, &(0x7f0000000900)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x9}, 0x18)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)=@rxrpc=@in4={0x21, 0x1, 0x2, 0xffffffffffffff7a, {0x2, 0x4e23, @multicast2}}, 0x80, 0x0}, 0x4004090)
r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x101201, 0x0)
ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f0000000600)=0x14)
ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f0000000080)=0x14)
close(r1)

929.77805ms ago: executing program 2 (id=879):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r1, &(0x7f0000000080)={0x0, 0x1, &(0x7f00000000c0)={0x0, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x884)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000840)={0x8, 0x800, 0x40, 0x1000, 0x10, "a85ada3b2b2e7760"})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8000}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000780)={'veth1_vlan\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=@getchain={0x24, 0x11, 0x839, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r6, {0x1, 0x6}, {0xd}, {0x11, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x0)

883.875733ms ago: executing program 5 (id=880):
socket$packet(0x11, 0xa, 0x300)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0xf)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000200000000"], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

882.704283ms ago: executing program 4 (id=881):
getresuid(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x3000010, &(0x7f0000000100)={[{@resuid}, {@nobh}]}, 0x1, 0x519, &(0x7f00000009c0)="$eJzs3cFvI1cZAPBvJvE2u5tiFxAqlSgVLcpWsHbS0DZCCMoFTpWA5b6ExImi2HEUO2UTVZCK/wAhgcSJExck/gCkqgfEGVWqBBfEAQECIdjCAQnoII/HJevYSaBJnI1/P+mt35sZz/e9ifw8M56dCWBiPRURL0XEVEQ8GxHlYnpalDjole5yb99/daVbksiyO39JIimm9dfVbU9HxM3ibTMR8ZUvRnw9ORq3vbe/udxo1HeKdq3T3K619/ZvbzSX1+vr9a3FxYUXll5cen5pPiu8p35W+pUffeGzr3/yG7+9+6db3+ym9ZkPRSkG+nGWel0v5duir7uNds4j2BhMFf0pjTsRAABOpbuP//6I+Fi+/1+OqXxvbsDUODIDAAAAzkr2udn4VxKRAQAAAFdWGhGzkaTV4lqA2UjTa8W5gQ/GjbTRanc+sdba3VrtzouoRCld22jU54trhStRSrrtheIa2377uYH2YkQ8FhHfLV/P29WVVmN1zOc+AAAAYFLcHDj+/3s5zesnG/L/BAAAAIDLqzKyAQAAAFwVDvkBAADg6hs8/n99THkAAAAA5+JLL7/cLVn/+derr+ztbrZeub1ab29Wm7sr1ZXWznZ1vdVaz+/Z1zxpfY1Wa/tTsbV7r9aptzu19t7+3WZrd6tzd+OBR2ADAAAAF+ixj77xqyQiDj59PS9R3AcQ4AG/H3cCwFmaGncCwNi4izdMrlK/cm28eQDjk5ww38U7AADw8Jv78NHf//unAkpjzQw4b671AYDJ4/d/mFwlVwDCREsj4n296iOjlhn5+/8vThslyyLeLB+e4vwiAABcrNm8JGm1OA6YjTStViMejUgrUUrWNhr1+eL44Jfl0iPd9kL+zuTEa4YBAAAAAAAAAAAAAAAAAAAAAAAAgJ4sSyIDAAAArrSI9I9Jfjf/iLnyM7OD5weuJf8oxx+Kxg/ufO/ecqezs9Cd/tf8WV7XIqLz/TulfPpzIx8fBgAAAJy15GDkrN5xevG6cKFZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAB3r7/6kq/XGTcP38+IirD4k/HTP46E6WIuPG3JKYPvS+JiKkziH/wWkQ8Pix+Eu9kWVYpshgW//o5x6/km2Z4/DQibp5BfJhkb3THn5eGff7SeCp/Hf75my7KezV6/EuLyI/n49yw8efRI2trDo3xxFs/qY2M/1rEE9PDx5/++JuMiP/0kbX9M8uyozG+9tX9/VHxsx9GzA39/kkeiFXrNLdr7b392xvN5fX6en1rcXHhhaUXl55fmq+tbTTqxb9DY3znIz9957j+3xgS/ze/7o2/x/X/mVErHfDvt+7d/0CvWhoW/9bTQ79/Z2JE/LT47vt4Ue/On+vXD3r1w5788ZtPHtf/1RHb/6S//61T9v/ZL3/7d6dcFAC4AO29/c3lRqO+c0xl5hTLPIyVn81cijT+x0r2rd5f7rLk8/9Wunur/53S79UlSOxQJbuwWFNxSbr8bmWswxIAAHAOfv7uTv+4MwEAAAAAAAAAAAAAAAAAAIDJdRG3ExuMeTCergIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHOs/AQAA//9GB9/T")
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r1 = socket$kcm(0x29, 0xb, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, &(0x7f0000000300)={r0, r3})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb3a}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
setuid(0xee01)
syz_open_dev$usbmon(&(0x7f00000003c0), 0x9, 0x200)
bind$netlink(r0, &(0x7f0000000380)={0x10, 0x0, 0x25dfdbfd, 0x20}, 0xc)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x6)
socket$nl_route(0x10, 0x3, 0x0)
stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000200))

836.615134ms ago: executing program 0 (id=882):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xffd, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e85"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000002c0)='afs_make_fs_call2\x00', r0}, 0x18)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
creat(&(0x7f00000000c0)='./bus\x00', 0x182)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r3 = socket$netlink(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r6, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)=ANY=[@ANYBLOB='5\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000fbdbdf25250000000e0001006e657464657673696d0000000f0002006e657464657673696d300000"], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r8 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r8, &(0x7f0000000000)={&(0x7f0000000140)={0x2, 0x4e20, @empty}, 0x10, 0x0}, 0x30006041)
close(r8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x94)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$packet(0x11, 0x2, 0x300)
sendto$inet6(r10, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r10, &(0x7f0000000080)='D', 0x1, 0x0, 0x0, 0x0)
shutdown(r10, 0x1)
splice(r10, 0x0, r9, 0x0, 0x406f413, 0x0)

791.030576ms ago: executing program 5 (id=883):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000940)=ANY=[], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000001000080000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="4c000000020603000000000000000000000000001400078008001240000000000500150002000000050001000600000005000500020000000500040000000000090002"], 0x4c}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x27, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$AUTOFS_IOC_SETTIMEOUT(r2, 0x80049367, &(0x7f0000000280)=0x96)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x40, 0x0, 0x8, 0x0, 0x0, 0x61000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x8001, 0xc}, 0xa100, 0xc8, 0x3, 0x0, 0xfffffffffffffffd, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8000000000000001}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$unix(r7, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r6, &(0x7f0000001ac0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r8, &(0x7f00000004c0)=ANY=[], 0xfdef)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r9}, 0x10)
perf_event_open(&(0x7f00000004c0)={0x4, 0x80, 0xfe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x2, @perf_config_ext={0x100, 0x7}, 0x481a, 0x0, 0x0, 0x7, 0xffffffffffffffff, 0x0, 0xf392, 0x0, 0xffffffff, 0x0, 0x2000000000000000}, 0x0, 0x0, r5, 0x2)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000004c0)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd630080fc02082c00db5b6861589bcfe8875a060300000023000000000000000000000000ac1414aa"], 0xfdef)
write$cgroup_subtree(r8, &(0x7f00000004c0)=ANY=[], 0xfdef)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000080)='kfree\x00', r4}, 0x18)
ioctl$KDSKBENT(r3, 0x4b47, &(0x7f0000000380)={0x0, 0x7f, 0x708})

790.148067ms ago: executing program 2 (id=884):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='setgroups\x00')
close_range(r2, 0xffffffffffffffff, 0x0)
r3 = openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000bc0)='/proc/sys/fs/binfmt_misc/syz3\x00', 0x2, 0x0)
ioctl$F2FS_IOC_ABORT_ATOMIC_WRITE(r3, 0xf505, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDFONTOP_SET(r4, 0x4b72, &(0x7f0000000080)={0x0, 0x0, 0x8, 0x1b, 0x100, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f189afae3530db6dd493f28fd988721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef495689092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003a3db08e500c2fb07e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1f7a1e850ecb3421143c5c4ded0f083a0c524dcf320827266819b6a952db5bc96141b26c54db857edbcbbc81c7af7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa02863be90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695ef060000001bbe1b649f42f310859122c0d2c1e558dc6586958a28374f386ecf369274e43003a09b5159ea515eb44521901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc509254a12cece59181fcb5bad8c24bd9f8f78d17ab01831325501e80d899e9252f99d3a2666343392fda115048e4f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd3330000000000000009a3237aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b5b66ab89d2d6333f699b16db68986ab3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9b647ba812f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d14df8aa9df6f40a80ace2bb8a2aad3b0c66915927db4173181943d88c0c76d5969e2043db5bd77fd60ba0f012139929ccfec965c1f769785a4d23332d71f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fdc1bc31152538db50f47dc38ba908a0d808687e478a609fe0daa0000000000000000e7f2e98597e27f3e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d4794ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e8fd4e71929f918b98c4cbfcb11a90139264a9ee807c973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d174d2465380b1a00ddc42915e4f3a5db640600000095a3d63904c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e04c93a5470774975b42091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00000000ddffffff00"})
r5 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r5)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r6, &(0x7f0000000c80)=""/4079, 0xfef)
pread64(r3, 0x0, 0x0, 0x9)

777.182827ms ago: executing program 4 (id=885):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012"], 0x3c}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x22c7, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='kfree\x00', r5, 0x0, 0x2}, 0x18)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x3548}}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x5c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x2c, 0x2, [@TCA_BASIC_EMATCHES={0x28, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_META={0x18, 0x1, 0x0, 0x0, {{0x0, 0x4, 0x6}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x0, 0x2}, {0x4, 0x9, 0x1}}}]}}]}]}]}}]}, 0x5c}}, 0x0)

732.850499ms ago: executing program 5 (id=886):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x8b7, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006000000"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r3 = io_uring_setup(0x56ab, &(0x7f0000000040)={0x0, 0x371, 0xc000, 0x2c, 0xa0002f5})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0xfffffffffffffda2, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x24, &(0x7f0000000000)=0xa, 0x4)
io_uring_enter(r3, 0x2218, 0x7721, 0x16, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x40000, &(0x7f0000000180)={0xa, 0x4e20, 0x8041, @ipv4={'\x00', '\xff\xff', @local}, 0x627bcafb}, 0x1c)

731.212629ms ago: executing program 0 (id=887):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10208}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYRESDEC=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
lremovexattr(0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x400, 0x0, 0x8000021e}, &(0x7f00000001c0)=<r4=>0x0, &(0x7f0000000040)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x7ff, 0x0, 0x1})
io_uring_enter(r3, 0x47f8, 0x0, 0x2, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r6}, 0x10)
getrusage(0x1, &(0x7f0000000900))
r7 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
writev(r7, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}, {0x0, 0x900}], 0x2)
rt_tgsigqueueinfo(0x0, 0x0, 0x41, &(0x7f0000000040)={0x28, 0x8, 0x1})

682.209871ms ago: executing program 2 (id=888):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002}, 0x44000)

647.569652ms ago: executing program 5 (id=889):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='kfree\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x7, 0x1c, &(0x7f0000000d80)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bc8900000000000035090100000500009500000000000000b7080000000100007b9a00fe00000000b509ffffff1f0000c3aaf0fff1000000bf8600000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018220000", @ANYRES32, @ANYBLOB="0000000000000000b7050000080000004608ebff76000000bf9800000000000056080000000000008500000000000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)

624.390943ms ago: executing program 4 (id=890):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close(r0)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x110e22fff6)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0xfe, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_config_ext={0x100000001, 0xdd5}, 0x1004, 0x0, 0x10000, 0x0, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'hsr0\x00', <r4=>0x0})
r5 = syz_open_dev$usbmon(&(0x7f0000000000), 0x6, 0x200)
read$usbmon(r5, 0x0, 0x0)
ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f00000003c0)=ANY=[@ANYBLOB="ff00"])
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000050b6850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r6, 0x0, 0x80}, 0x18)
r7 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f0000000bc0)="0100000200373a4541062101a59ea940d2cb0b36b8f5020000a00000050000000000eb000000a5e5be21c44e328e68f3922af831e4e51bfb30f7788fd57e51bc464355bd646d037ccc16ddb08a7b3a697aedb66ddd793acf37119e61f502d8bbb016f701890700000068d945af468c1c9090c76906b94e0f27761c75e58c82da54d010078660684a4106855beaf5e813ed18aa4acabb5bee7f082d24a16b01fc91471eba59152e716af8776ab90ac48bcbee6570df22513808ecab7a9680aa613a56aa11bfa73af4c4e94b5cfc855f0e910186d7e68ac24f8b125140ac5f7f4819168ce1c25550c6773b41011999d8d9827757d96c5e8aa4617cc54c5e67060a92661f84e698d1fe3cee10a85882cbecb29f2a22535ac50e64d95ecbab66f54373b94475e05b79a0a61bc2ae1e", 0x12d, r7)
ioctl$MON_IOCH_MFLUSH(r5, 0x9208, 0x2)
syz_open_dev$usbfs(&(0x7f0000000240), 0x10, 0x80100)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYRES16=r6], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x18)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
tkill(0x0, 0x16)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x2000, {0x0, 0x0, 0x74, r4, {0xfffd, 0x1}, {0x9, 0x4}, {0x6, 0x3}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x14004804}, 0x8804)

605.396854ms ago: executing program 2 (id=891):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x50)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000110b0008850000007000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @sched_cls=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r3, 0x0, 0x36, 0x0, &(0x7f0000000180)="f6f18e19b95d02ff4284860186dd9be5c8556053e57975511f7eea21e7a9ca6f8670a5774c744479f096f4c08d717e24d6970481c93c", 0x0, 0x343, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(r1, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000740)=@newtaction={0x98, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x84, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x80d, 0x0, 0x10000000, 0x5, 0x4}, 0x1, r4}}]}, {0x0, 0xa}, {0xc}, {0xc, 0x8, {0x2}}}}, @m_mpls={0x30, 0x2, 0x0, 0x0, {{0x9}, {0x1}, {0x4}, {0xc}, {0xc}}}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x4008001}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r6 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
pwrite64(r6, &(0x7f0000000140)="4f4c3ecc9de7e500c24ab1", 0xb, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ec0)={&(0x7f0000000bc0)='kfree\x00', r5, 0x0, 0xfffffffffffffff4}, 0x18)
r7 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(r7, 0x0, 0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
r9 = openat$zero(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
read(r9, &(0x7f0000000040)=""/148, 0xffffff96)
fchdir(r8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
openat2(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', &(0x7f0000000280)={0x591002, 0x1, 0xc}, 0x18)

604.939114ms ago: executing program 5 (id=892):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xb, &(0x7f0000000900)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x9}, 0x18)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)=@rxrpc=@in4={0x21, 0x1, 0x2, 0xffffffffffffff7a, {0x2, 0x4e23, @multicast2}}, 0x80, 0x0}, 0x4004090)
r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x101201, 0x0)
ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f0000000600)=0x14)
ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f0000000080)=0x14)
close(r1)

467.75404ms ago: executing program 5 (id=893):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028000000", @ANYRES32, @ANYBLOB="00000000001000"/17, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000400)='sys_enter\x00', r1}, 0x18)
bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
mlockall(0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='kfree\x00', r3, 0x0, 0x801}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x11e)
renameat2(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file0\x00', 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r2, <r4=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r7, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xa}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)

7.341319ms ago: executing program 3 (id=894):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
pipe(&(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = openat$selinux_policy(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x1010, r4, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000000)={'team0\x00', <r5=>0x0})
r6 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400, 0x6}, 0x100002, 0x0, 0x9, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xfffffffffffffffb, 0xffffffffffffffff, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="04000000040086f73bbea5f2d0a89780301f0bbb32ab8cfb731db314a955d6de30fb3de1a2b55f95201b8e4b9e9362b9505f1664a9ff00"/74], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x7, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESHEX=r1, @ANYBLOB="0000000000000000b70800000000e7057b8a0000bfa200000000000006020000f8341affb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r7}, &(0x7f0000000180), &(0x7f00000001c0)=r6}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
r9 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r10 = fcntl$dupfd(r9, 0x0, r9)
ioctl$USBDEVFS_SUBMITURB(r10, 0x8038550a, &(0x7f0000000540)=@urb_type_control={0x2, {}, 0x0, 0x4, &(0x7f0000000080)={0x80, 0x13, 0x0, 0x4000, 0x7995}, 0x8, 0x1, 0x0, 0x48000000, 0x0, 0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b0000007f000000450000000300000002010400", @ANYRES32=r4, @ANYBLOB="0500"/20, @ANYRES32=r5, @ANYRES32=r2, @ANYBLOB="0300000005000000011e0000000000ff070000000004000000000000"], 0x50)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r13 = socket$inet_udp(0x2, 0x2, 0x0)
sendto$inet(r4, &(0x7f00000002c0)="fff7448e3e5b742b174eeda22ef6d35ca5de538161e1a31e23b21dc4dc77abb4adbb16a257238a4926039e822a9f965080b0ccc06c7a14d0c2bf51a0e73891640d8b6545a3977d15908aa2c8c96010b1bbdb65fa83678c9af3c289f151ffdee8a624044b20eb08d8b2c24f03962fe08c476f7a601250bfd4834c7e70488516119129", 0x82, 0x10, &(0x7f00000001c0)={0x2, 0x4e23, @multicast1}, 0x10)
clock_settime(0x0, &(0x7f00000000c0)={0x7, 0xffffffff000})
setsockopt$SO_TIMESTAMPING(r13, 0x1, 0x25, &(0x7f0000000040)=0x4f8a, 0x4)
sendmmsg$unix(r13, &(0x7f00000029c0)=[{{&(0x7f0000000600)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000c00)=[@cred={{0x1c, 0x1, 0x51}}], 0x20, 0x24000010}}], 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r12}, 0x10)
splice(r1, 0x0, r3, 0x0, 0x7, 0x9)

0s ago: executing program 4 (id=895):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000001000080000000000000000018120000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r2, 0x4b47, &(0x7f0000000380)={0x0, 0x7f, 0x708})

kernel console output (not intermixed with test programs):

[   39.417934][ T3906]  <TASK>
[   39.417940][ T3906]  __dump_stack+0x1d/0x30
[   39.418004][ T3906]  dump_stack_lvl+0xe8/0x140
[   39.418021][ T3906]  dump_stack+0x15/0x1b
[   39.418036][ T3906]  should_fail_ex+0x265/0x280
[   39.418065][ T3906]  should_fail+0xb/0x20
[   39.418161][ T3906]  should_fail_usercopy+0x1a/0x20
[   39.418179][ T3906]  _copy_from_user+0x1c/0xb0
[   39.418200][ T3906]  vmemdup_user+0x5e/0xd0
[   39.418224][ T3906]  path_setxattrat+0x1b6/0x310
[   39.418316][ T3906]  __x64_sys_lsetxattr+0x71/0x90
[   39.418342][ T3906]  x64_sys_call+0x287b/0x3000
[   39.418360][ T3906]  do_syscall_64+0xd2/0x200
[   39.418376][ T3906]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   39.418414][ T3906]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   39.418446][ T3906]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   39.418518][ T3906] RIP: 0033:0x7f8284c6f749
[   39.418531][ T3906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   39.418586][ T3906] RSP: 002b:00007f82836d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[   39.418666][ T3906] RAX: ffffffffffffffda RBX: 00007f8284ec5fa0 RCX: 00007f8284c6f749
[   39.418679][ T3906] RDX: 0000200000000280 RSI: 0000200000000000 RDI: 0000200000000400
[   39.418690][ T3906] RBP: 00007f82836d7090 R08: 0000000000000000 R09: 0000000000000000
[   39.418702][ T3906] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000001
[   39.418713][ T3906] R13: 00007f8284ec6038 R14: 00007f8284ec5fa0 R15: 00007ffee091ade8
[   39.418731][ T3906]  </TASK>
[   39.688551][ T3922] loop2: detected capacity change from 0 to 128
[   39.716965][ T3922] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   39.738839][ T3922] ext4 filesystem being mounted at /27/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   39.759692][ T3319] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   40.074179][ T3939] loop2: detected capacity change from 0 to 128
[   40.084601][ T3939] vfat: Unknown parameter 'GPL'
[   40.124286][ T3939] loop2: detected capacity change from 0 to 2048
[   40.150869][ T3498] Alternate GPT is invalid, using primary GPT.
[   40.157211][ T3498]  loop2: p2 p3 p7
[   40.167505][ T3939] Alternate GPT is invalid, using primary GPT.
[   40.173925][ T3939]  loop2: p2 p3 p7
[   40.209026][ T3307] udevd[3307]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory
[   40.233058][ T3498] udevd[3498]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[   40.247093][ T3947] __nla_validate_parse: 18 callbacks suppressed
[   40.247107][ T3947] netlink: 4 bytes leftover after parsing attributes in process `syz.0.131'.
[   40.254222][ T3686] udevd[3686]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[   40.266695][ T3498] udevd[3498]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[   40.274682][ T3307] udevd[3307]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory
[   40.284842][ T3947] netlink: 100 bytes leftover after parsing attributes in process `syz.0.131'.
[   40.312861][ T3947] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=3947 comm=syz.0.131
[   40.340516][ T3947] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=36 sclass=netlink_audit_socket pid=3947 comm=syz.0.131
[   40.356985][ T3947] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=21 sclass=netlink_audit_socket pid=3947 comm=syz.0.131
[   40.495840][ T3964] netlink: 'syz.4.138': attribute type 3 has an invalid length.
[   40.507138][ T3964] Cannot find add_set index 0 as target
[   40.547630][   T29] kauditd_printk_skb: 392 callbacks suppressed
[   40.547689][   T29] audit: type=1326 audit(1763780197.440:829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3961 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83073cf749 code=0x7ffc0000
[   40.588110][ T3962] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   40.601774][   T29] audit: type=1326 audit(1763780197.480:830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3961 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83073cf749 code=0x7ffc0000
[   40.625129][   T29] audit: type=1326 audit(1763780197.480:831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3961 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f83073cf749 code=0x7ffc0000
[   40.648968][   T29] audit: type=1326 audit(1763780197.550:832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3961 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83073cf749 code=0x7ffc0000
[   40.672286][   T29] audit: type=1326 audit(1763780197.550:833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3961 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83073cf749 code=0x7ffc0000
[   40.739721][   T29] audit: type=1326 audit(1763780197.600:834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3961 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f83073cf749 code=0x7ffc0000
[   40.762957][   T29] audit: type=1326 audit(1763780197.600:835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3961 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83073cf749 code=0x7ffc0000
[   40.786206][   T29] audit: type=1326 audit(1763780197.600:836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3961 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83073cf749 code=0x7ffc0000
[   40.809467][   T29] audit: type=1326 audit(1763780197.600:837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3961 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f83073cf749 code=0x7ffc0000
[   40.864697][   T29] audit: type=1326 audit(1763780197.760:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3961 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83073cf749 code=0x7ffc0000
[   40.912235][ T3976] loop1: detected capacity change from 0 to 512
[   40.918915][ T3976] EXT4-fs: Ignoring removed i_version option
[   40.924921][ T3976] EXT4-fs: Ignoring removed bh option
[   40.944543][ T3976] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.975536][ T3976] ext4 filesystem being mounted at /34/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   41.094703][ T3984] loop0: detected capacity change from 0 to 2048
[   41.102251][ T3322] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.130567][ T3984] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.150822][ T3990] loop4: detected capacity change from 0 to 1024
[   41.199292][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.236861][ T3993] netlink: 92 bytes leftover after parsing attributes in process `syz.1.148'.
[   41.246349][ T3993] netlink: 24 bytes leftover after parsing attributes in process `syz.1.148'.
[   41.285336][ T3996] netlink: 4 bytes leftover after parsing attributes in process `syz.0.150'.
[   41.323154][ T3996] netlink: 12 bytes leftover after parsing attributes in process `syz.0.150'.
[   41.411180][ T3999] loop4: detected capacity change from 0 to 128
[   41.609863][ T4006] FAULT_INJECTION: forcing a failure.
[   41.609863][ T4006] name failslab, interval 1, probability 0, space 0, times 0
[   41.622594][ T4006] CPU: 0 UID: 0 PID: 4006 Comm: syz.0.154 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   41.622617][ T4006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   41.622683][ T4006] Call Trace:
[   41.622689][ T4006]  <TASK>
[   41.622696][ T4006]  __dump_stack+0x1d/0x30
[   41.622719][ T4006]  dump_stack_lvl+0xe8/0x140
[   41.622737][ T4006]  dump_stack+0x15/0x1b
[   41.622760][ T4006]  should_fail_ex+0x265/0x280
[   41.622793][ T4006]  should_failslab+0x8c/0xb0
[   41.622861][ T4006]  kmem_cache_alloc_noprof+0x50/0x480
[   41.622923][ T4006]  ? security_inode_alloc+0x37/0x100
[   41.622942][ T4006]  security_inode_alloc+0x37/0x100
[   41.622977][ T4006]  inode_init_always_gfp+0x4b7/0x500
[   41.623004][ T4006]  ? __pfx_sock_alloc_inode+0x10/0x10
[   41.623029][ T4006]  alloc_inode+0x58/0x170
[   41.623172][ T4006]  __sock_create+0x122/0x5b0
[   41.623193][ T4006]  ? idr_alloc_u32+0x125/0x180
[   41.623216][ T4006]  sock_create_kern+0x38/0x50
[   41.623242][ T4006]  l2tp_tunnel_register+0x2b2/0xbf0
[   41.623300][ T4006]  l2tp_nl_cmd_tunnel_create+0x1f8/0x570
[   41.623324][ T4006]  genl_family_rcv_msg_doit+0x143/0x1b0
[   41.623358][ T4006]  genl_rcv_msg+0x422/0x460
[   41.623404][ T4006]  ? __pfx_l2tp_nl_cmd_tunnel_create+0x10/0x10
[   41.623458][ T4006]  netlink_rcv_skb+0x123/0x220
[   41.623516][ T4006]  ? __pfx_genl_rcv_msg+0x10/0x10
[   41.623540][ T4006]  genl_rcv+0x28/0x40
[   41.623592][ T4006]  netlink_unicast+0x5c0/0x690
[   41.623622][ T4006]  netlink_sendmsg+0x58b/0x6b0
[   41.623643][ T4006]  ? __pfx_netlink_sendmsg+0x10/0x10
[   41.623660][ T4006]  __sock_sendmsg+0x145/0x180
[   41.623679][ T4006]  ____sys_sendmsg+0x31e/0x4e0
[   41.623743][ T4006]  ___sys_sendmsg+0x17b/0x1d0
[   41.623770][ T4006]  __x64_sys_sendmsg+0xd4/0x160
[   41.623792][ T4006]  x64_sys_call+0x191e/0x3000
[   41.623823][ T4006]  do_syscall_64+0xd2/0x200
[   41.623839][ T4006]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   41.623866][ T4006]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   41.623897][ T4006]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.623957][ T4006] RIP: 0033:0x7f83073cf749
[   41.623972][ T4006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.623990][ T4006] RSP: 002b:00007f8305e37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   41.624010][ T4006] RAX: ffffffffffffffda RBX: 00007f8307625fa0 RCX: 00007f83073cf749
[   41.624029][ T4006] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[   41.624039][ T4006] RBP: 00007f8305e37090 R08: 0000000000000000 R09: 0000000000000000
[   41.624103][ T4006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   41.624113][ T4006] R13: 00007f8307626038 R14: 00007f8307625fa0 R15: 00007ffc358a82d8
[   41.624128][ T4006]  </TASK>
[   41.624137][ T4006] socket: no more sockets
[   42.087509][ T4014] loop2: detected capacity change from 0 to 512
[   42.094383][ T4014] EXT4-fs: Ignoring removed i_version option
[   42.100429][ T4014] EXT4-fs: Ignoring removed bh option
[   42.119441][ T4012] netlink: 28 bytes leftover after parsing attributes in process `syz.1.157'.
[   42.128391][ T4012] netlink: 32 bytes leftover after parsing attributes in process `syz.1.157'.
[   42.137270][ T4012] netlink: 28 bytes leftover after parsing attributes in process `syz.1.157'.
[   42.158314][ T4012] netlink: 32 bytes leftover after parsing attributes in process `syz.1.157'.
[   42.168808][ T4014] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.194448][ T4014] ext4 filesystem being mounted at /36/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   42.262606][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.409480][ T4027] loop0: detected capacity change from 0 to 764
[   42.429364][ T4027] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   42.440396][ T4028] loop2: detected capacity change from 0 to 512
[   42.447020][ T4028] EXT4-fs: Ignoring removed nobh option
[   42.458022][ T4028] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   42.518925][ T4028] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #3: comm syz.2.162: corrupted inode contents
[   42.539703][ T4028] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #3: comm syz.2.162: mark_inode_dirty error
[   42.559143][ T4028] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #3: comm syz.2.162: corrupted inode contents
[   42.612646][ T4028] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #3: comm syz.2.162: mark_inode_dirty error
[   42.652488][ T4031] Symlink component flag not implemented
[   42.660852][ T4028] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.162: Failed to acquire dquot type 0
[   42.673080][ T4031] Symlink component flag not implemented (7)
[   42.690141][ T4028] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.162: corrupted inode contents
[   42.714718][ T4028] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #16: comm syz.2.162: mark_inode_dirty error
[   42.738496][ T4028] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.162: corrupted inode contents
[   42.766305][ T4028] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.162: mark_inode_dirty error
[   42.796281][ T4034] lo speed is unknown, defaulting to 1000
[   42.802236][ T4028] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.162: corrupted inode contents
[   42.814371][ T4034] lo speed is unknown, defaulting to 1000
[   42.820417][ T4034] lo speed is unknown, defaulting to 1000
[   42.826301][ T4028] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem
[   42.835442][ T4034] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   42.842845][ T4028] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.162: corrupted inode contents
[   42.856272][ T4034] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   42.865283][ T4028] EXT4-fs error (device loop2): ext4_truncate:4637: inode #16: comm syz.2.162: mark_inode_dirty error
[   42.888331][ T4034] lo speed is unknown, defaulting to 1000
[   42.902595][ T4028] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem
[   42.915628][ T4034] lo speed is unknown, defaulting to 1000
[   42.922484][ T4028] EXT4-fs (loop2): 1 truncate cleaned up
[   42.928551][ T4034] lo speed is unknown, defaulting to 1000
[   42.934881][ T4028] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.943139][ T4034] lo speed is unknown, defaulting to 1000
[   42.953349][ T4034] lo speed is unknown, defaulting to 1000
[   42.970585][ T4038] loop4: detected capacity change from 0 to 512
[   42.971852][ T4028] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   42.997240][ T4038] EXT4-fs error (device loop4): ext4_init_orphan_info:581: comm syz.4.165: inode #0: comm syz.4.165: iget: illegal inode #
[   43.015112][ T4028] syz.2.162 (4028) used greatest stack depth: 9680 bytes left
[   43.030444][ T4038] EXT4-fs (loop4): get orphan inode failed
[   43.037085][ T4038] EXT4-fs (loop4): mount failed
[   43.043542][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.252163][ T4054] syzkaller0: entered promiscuous mode
[   43.257677][ T4054] syzkaller0: entered allmulticast mode
[   43.295709][ T4060] loop0: detected capacity change from 0 to 512
[   43.473337][ T4060] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.493248][ T4060] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   43.585155][ T4068] lo speed is unknown, defaulting to 1000
[   44.274097][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.525305][ T4088] FAULT_INJECTION: forcing a failure.
[   44.525305][ T4088] name failslab, interval 1, probability 0, space 0, times 0
[   44.537966][ T4088] CPU: 0 UID: 0 PID: 4088 Comm: syz.2.181 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   44.537993][ T4088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   44.538004][ T4088] Call Trace:
[   44.538009][ T4088]  <TASK>
[   44.538015][ T4088]  __dump_stack+0x1d/0x30
[   44.538105][ T4088]  dump_stack_lvl+0xe8/0x140
[   44.538123][ T4088]  dump_stack+0x15/0x1b
[   44.538140][ T4088]  should_fail_ex+0x265/0x280
[   44.538225][ T4088]  should_failslab+0x8c/0xb0
[   44.538320][ T4088]  __kvmalloc_node_noprof+0x12e/0x670
[   44.538383][ T4088]  ? nf_tables_newset+0xde3/0x14e0
[   44.538404][ T4088]  nf_tables_newset+0xde3/0x14e0
[   44.538433][ T4088]  nfnetlink_rcv+0xbc9/0x16c0
[   44.538460][ T4088]  ? kmem_cache_free+0xe4/0x3d0
[   44.538520][ T4088]  netlink_unicast+0x5c0/0x690
[   44.538544][ T4088]  netlink_sendmsg+0x58b/0x6b0
[   44.538611][ T4088]  ? __pfx_netlink_sendmsg+0x10/0x10
[   44.538632][ T4088]  __sock_sendmsg+0x145/0x180
[   44.538658][ T4088]  ____sys_sendmsg+0x31e/0x4e0
[   44.538679][ T4088]  ___sys_sendmsg+0x17b/0x1d0
[   44.538735][ T4088]  __x64_sys_sendmsg+0xd4/0x160
[   44.538754][ T4088]  x64_sys_call+0x191e/0x3000
[   44.538795][ T4088]  do_syscall_64+0xd2/0x200
[   44.538837][ T4088]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   44.538860][ T4088]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   44.538891][ T4088]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.538913][ T4088] RIP: 0033:0x7f90f0c7f749
[   44.538996][ T4088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   44.539010][ T4088] RSP: 002b:00007f90ef6e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   44.539078][ T4088] RAX: ffffffffffffffda RBX: 00007f90f0ed5fa0 RCX: 00007f90f0c7f749
[   44.539090][ T4088] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[   44.539134][ T4088] RBP: 00007f90ef6e7090 R08: 0000000000000000 R09: 0000000000000000
[   44.539144][ T4088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   44.539154][ T4088] R13: 00007f90f0ed6038 R14: 00007f90f0ed5fa0 R15: 00007ffc2821cb88
[   44.539168][ T4088]  </TASK>
[   44.830935][ T4095] netlink: 'syz.1.184': attribute type 3 has an invalid length.
[   44.865381][ T4095] Cannot find add_set index 0 as target
[   44.948475][ T4100] netlink: 'syz.2.186': attribute type 3 has an invalid length.
[   44.961076][ T4105] loop0: detected capacity change from 0 to 512
[   44.962248][ T4102] loop1: detected capacity change from 0 to 512
[   44.973957][ T4105] EXT4-fs: Ignoring removed i_version option
[   44.980083][ T4105] EXT4-fs: Ignoring removed bh option
[   44.993777][ T4102] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[   45.002836][ T4102] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.188: attempt to clear invalid blocks 1 len 1
[   45.032371][ T4102] EXT4-fs (loop1): Remounting filesystem read-only
[   45.041469][ T4102] EXT4-fs (loop1): 1 truncate cleaned up
[   45.043854][ T4105] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.047689][ T4102] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.074391][ T4105] ext4 filesystem being mounted at /32/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   45.123719][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.179420][ T4122] netlink: 'syz.4.196': attribute type 6 has an invalid length.
[   45.211251][ T4123] netlink: 'syz.0.194': attribute type 7 has an invalid length.
[   45.240119][ T4127] FAULT_INJECTION: forcing a failure.
[   45.240119][ T4127] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   45.253355][ T4127] CPU: 1 UID: 0 PID: 4127 Comm: syz.0.199 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   45.253377][ T4127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   45.253387][ T4127] Call Trace:
[   45.253392][ T4127]  <TASK>
[   45.253478][ T4127]  __dump_stack+0x1d/0x30
[   45.253496][ T4127]  dump_stack_lvl+0xe8/0x140
[   45.253517][ T4127]  dump_stack+0x15/0x1b
[   45.253531][ T4127]  should_fail_ex+0x265/0x280
[   45.253560][ T4127]  should_fail_alloc_page+0xf2/0x100
[   45.253598][ T4127]  __alloc_frozen_pages_noprof+0xff/0x360
[   45.253688][ T4127]  alloc_pages_mpol+0xb3/0x260
[   45.253708][ T4127]  alloc_pages_noprof+0x90/0x130
[   45.253724][ T4127]  get_free_pages_noprof+0xc/0x40
[   45.253739][ T4127]  selinux_genfs_get_sid+0x33/0x180
[   45.253810][ T4127]  inode_doinit_with_dentry+0x5fe/0x7a0
[   45.253833][ T4127]  selinux_d_instantiate+0x27/0x40
[   45.253849][ T4127]  security_d_instantiate+0x7a/0xa0
[   45.253869][ T4127]  d_instantiate+0x3f/0x80
[   45.253901][ T4127]  __debugfs_create_file+0x1c1/0x330
[   45.253920][ T4127]  debugfs_create_file_full+0x3f/0x60
[   45.254002][ T4127]  ? __pfx_vlan_setup+0x10/0x10
[   45.254093][ T4127]  ref_tracker_dir_debugfs+0x100/0x1e0
[   45.254135][ T4127]  alloc_netdev_mqs+0x1a7/0xa50
[   45.254157][ T4127]  rtnl_create_link+0x239/0x710
[   45.254247][ T4127]  rtnl_newlink_create+0x14c/0x620
[   45.254322][ T4127]  ? security_capable+0x83/0x90
[   45.254352][ T4127]  ? netlink_ns_capable+0x86/0xa0
[   45.254430][ T4127]  rtnl_newlink+0xf29/0x12d0
[   45.254458][ T4127]  ? xas_load+0x413/0x430
[   45.254477][ T4127]  ? __memcg_slab_free_hook+0x135/0x230
[   45.254544][ T4127]  ? __rcu_read_unlock+0x4f/0x70
[   45.254605][ T4127]  ? avc_has_perm_noaudit+0x1b1/0x200
[   45.254625][ T4127]  ? cred_has_capability+0x210/0x280
[   45.254653][ T4127]  ? selinux_capable+0x31/0x40
[   45.254676][ T4127]  ? security_capable+0x83/0x90
[   45.254742][ T4127]  ? ns_capable+0x7d/0xb0
[   45.254765][ T4127]  ? __pfx_rtnl_newlink+0x10/0x10
[   45.254788][ T4127]  rtnetlink_rcv_msg+0x5fe/0x6d0
[   45.254815][ T4127]  netlink_rcv_skb+0x123/0x220
[   45.254901][ T4127]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   45.254924][ T4127]  rtnetlink_rcv+0x1c/0x30
[   45.254943][ T4127]  netlink_unicast+0x5c0/0x690
[   45.255042][ T4127]  netlink_sendmsg+0x58b/0x6b0
[   45.255064][ T4127]  ? __pfx_netlink_sendmsg+0x10/0x10
[   45.255081][ T4127]  __sock_sendmsg+0x145/0x180
[   45.255101][ T4127]  ____sys_sendmsg+0x31e/0x4e0
[   45.255163][ T4127]  ___sys_sendmsg+0x17b/0x1d0
[   45.255195][ T4127]  __x64_sys_sendmsg+0xd4/0x160
[   45.255218][ T4127]  x64_sys_call+0x191e/0x3000
[   45.255252][ T4127]  do_syscall_64+0xd2/0x200
[   45.255269][ T4127]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   45.255290][ T4127]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   45.255354][ T4127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.255375][ T4127] RIP: 0033:0x7f83073cf749
[   45.255447][ T4127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.255461][ T4127] RSP: 002b:00007f8305e37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   45.255477][ T4127] RAX: ffffffffffffffda RBX: 00007f8307625fa0 RCX: 00007f83073cf749
[   45.255488][ T4127] RDX: 0000000008000002 RSI: 0000200000000080 RDI: 0000000000000003
[   45.255499][ T4127] RBP: 00007f8305e37090 R08: 0000000000000000 R09: 0000000000000000
[   45.255512][ T4127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   45.255522][ T4127] R13: 00007f8307626038 R14: 00007f8307625fa0 R15: 00007ffc358a82d8
[   45.255546][ T4127]  </TASK>
[   45.644855][   T29] kauditd_printk_skb: 279 callbacks suppressed
[   45.644869][   T29] audit: type=1400 audit(1763780202.540:1116): avc:  denied  { create } for  pid=4129 comm="syz.3.200" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   45.670721][   T29] audit: type=1326 audit(1763780202.540:1117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4129 comm="syz.3.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09cdd5f749 code=0x7ffc0000
[   45.682660][ T4128] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=34313 sclass=netlink_route_socket pid=4128 comm=syz.4.198
[   45.694024][   T29] audit: type=1326 audit(1763780202.540:1118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4129 comm="syz.3.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f09cdd5f749 code=0x7ffc0000
[   45.730164][   T29] audit: type=1326 audit(1763780202.540:1119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4129 comm="syz.3.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09cdd5f749 code=0x7ffc0000
[   45.737811][ T4128] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=34313 sclass=netlink_route_socket pid=4128 comm=syz.4.198
[   45.753651][   T29] audit: type=1326 audit(1763780202.540:1120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4129 comm="syz.3.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f09cdd5f749 code=0x7ffc0000
[   45.789443][   T29] audit: type=1326 audit(1763780202.540:1121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4129 comm="syz.3.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09cdd5f749 code=0x7ffc0000
[   45.812799][   T29] audit: type=1326 audit(1763780202.540:1122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4129 comm="syz.3.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f09cdd5f749 code=0x7ffc0000
[   45.836107][   T29] audit: type=1326 audit(1763780202.540:1123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4129 comm="syz.3.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09cdd5f749 code=0x7ffc0000
[   45.859402][   T29] audit: type=1326 audit(1763780202.540:1124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4129 comm="syz.3.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f09cdd5f749 code=0x7ffc0000
[   45.860934][ T4139] netlink: 'syz.0.203': attribute type 6 has an invalid length.
[   45.882611][   T29] audit: type=1326 audit(1763780202.540:1125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4129 comm="syz.3.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09cdd5f749 code=0x7ffc0000
[   45.883053][ T4128] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=34313 sclass=netlink_route_socket pid=4128 comm=syz.4.198
[   45.921806][ T4136] netlink: 'syz.3.200': attribute type 6 has an invalid length.
[   45.926554][ T4128] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=34313 sclass=netlink_route_socket pid=4128 comm=syz.4.198
[   45.934435][ T4128] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=34313 sclass=netlink_route_socket pid=4128 comm=syz.4.198
[   45.949547][ T4128] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=34313 sclass=netlink_route_socket pid=4128 comm=syz.4.198
[   45.972637][ T4128] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=34313 sclass=netlink_route_socket pid=4128 comm=syz.4.198
[   45.985358][ T4128] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=34313 sclass=netlink_route_socket pid=4128 comm=syz.4.198
[   45.998037][ T4128] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=34313 sclass=netlink_route_socket pid=4128 comm=syz.4.198
[   46.010706][ T4128] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=34313 sclass=netlink_route_socket pid=4128 comm=syz.4.198
[   46.031587][ T3540] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.107298][ T3540] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.158310][ T4151] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   46.183872][ T3540] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.243542][ T4161] lo speed is unknown, defaulting to 1000
[   46.264634][ T4154] lo speed is unknown, defaulting to 1000
[   46.276619][ T3540] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.381485][ T4166] C: renamed from team_slave_0 (while UP)
[   46.406395][ T4166] netlink: 'syz.2.210': attribute type 3 has an invalid length.
[   46.414098][ T4166] netlink: 'syz.2.210': attribute type 1 has an invalid length.
[   46.421769][ T4166] __nla_validate_parse: 18 callbacks suppressed
[   46.421780][ T4166] netlink: 116 bytes leftover after parsing attributes in process `syz.2.210'.
[   46.437237][ T4166] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   46.461125][ T3540] bridge_slave_1: left allmulticast mode
[   46.466796][ T3540] bridge_slave_1: left promiscuous mode
[   46.472485][ T3540] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.488584][ T3540] bridge_slave_0: left allmulticast mode
[   46.494279][ T3540] bridge_slave_0: left promiscuous mode
[   46.499987][ T3540] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.532335][ T4173] netlink: 4 bytes leftover after parsing attributes in process `syz.4.211'.
[   46.612234][ T3540] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   46.628908][ T3540] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   46.657848][ T3540] bond0 (unregistering): Released all slaves
[   46.755410][ T3540] hsr_slave_0: left promiscuous mode
[   46.770652][ T3540] hsr_slave_1: left promiscuous mode
[   46.779314][ T3540] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   46.786753][ T3540] batman_adv: batadv0: Removing interface: batadv_slave_0
[   46.795548][ T3540] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   46.802960][ T3540] batman_adv: batadv0: Removing interface: batadv_slave_1
[   46.819977][ T3540] veth1_macvtap: left promiscuous mode
[   46.825858][ T3540] veth0_macvtap: left promiscuous mode
[   46.884452][ T3540] team0 (unregistering): Port device team_slave_1 removed
[   46.897111][ T3540] team0 (unregistering): Port device team_slave_0 removed
[   46.953177][ T4154] chnl_net:caif_netlink_parms(): no params data found
[   46.962044][ T4186] netlink: 28 bytes leftover after parsing attributes in process `syz.2.216'.
[   46.971003][ T4186] netlink: 32 bytes leftover after parsing attributes in process `syz.2.216'.
[   46.979911][ T4186] netlink: 28 bytes leftover after parsing attributes in process `syz.2.216'.
[   46.989449][ T4186] netlink: 32 bytes leftover after parsing attributes in process `syz.2.216'.
[   46.999211][    T9] lo speed is unknown, defaulting to 1000
[   47.004961][    T9] infiniband syz2: ib_query_port failed (-19)
[   47.064935][ T4192] loop3: detected capacity change from 0 to 512
[   47.076738][ T4192] EXT4-fs: Ignoring removed bh option
[   47.091819][ T4192] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   47.100925][ T4192] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[   47.113912][ T4197] loop2: detected capacity change from 0 to 512
[   47.129285][ T4154] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.136357][ T4154] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.152839][ T4197] EXT4-fs: Ignoring removed i_version option
[   47.158930][ T4197] EXT4-fs: Ignoring removed bh option
[   47.164750][ T4154] bridge_slave_0: entered allmulticast mode
[   47.166645][ T4192] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[   47.171370][ T4154] bridge_slave_0: entered promiscuous mode
[   47.186929][ T4154] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.194265][ T4154] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.205419][ T4154] bridge_slave_1: entered allmulticast mode
[   47.213424][ T4154] bridge_slave_1: entered promiscuous mode
[   47.222139][ T4197] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.235854][ T4197] ext4 filesystem being mounted at /54/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   47.248912][ T4192] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[   47.257780][ T4192] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   47.285934][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.359095][ T4205] loop3: detected capacity change from 0 to 1024
[   47.449973][ T4203] netlink: 'syz.4.220': attribute type 6 has an invalid length.
[   47.494358][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.507974][ T4154] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   47.532533][ T4154] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   47.574973][ T4154] team0: Port device team_slave_0 added
[   47.586383][ T4154] team0: Port device team_slave_1 added
[   47.684475][ T4208] loop3: detected capacity change from 0 to 128
[   47.797561][ T4154] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.804591][ T4154] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   47.830566][ T4154] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.891745][ T4213] FAULT_INJECTION: forcing a failure.
[   47.891745][ T4213] name failslab, interval 1, probability 0, space 0, times 0
[   47.904455][ T4213] CPU: 1 UID: 0 PID: 4213 Comm: syz.0.224 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   47.904481][ T4213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   47.904493][ T4213] Call Trace:
[   47.904499][ T4213]  <TASK>
[   47.904505][ T4213]  __dump_stack+0x1d/0x30
[   47.904554][ T4213]  dump_stack_lvl+0xe8/0x140
[   47.904575][ T4213]  dump_stack+0x15/0x1b
[   47.904592][ T4213]  should_fail_ex+0x265/0x280
[   47.904656][ T4213]  should_failslab+0x8c/0xb0
[   47.904772][ T4213]  kmem_cache_alloc_noprof+0x50/0x480
[   47.904801][ T4213]  ? getname_flags+0x80/0x3b0
[   47.904831][ T4213]  getname_flags+0x80/0x3b0
[   47.904865][ T4213]  __x64_sys_renameat2+0x6c/0x90
[   47.904887][ T4213]  x64_sys_call+0x3f9/0x3000
[   47.904905][ T4213]  do_syscall_64+0xd2/0x200
[   47.904926][ T4213]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   47.905027][ T4213]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   47.905179][ T4213]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.905200][ T4213] RIP: 0033:0x7f83073cf749
[   47.905215][ T4213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.905233][ T4213] RSP: 002b:00007f8305e37038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[   47.905253][ T4213] RAX: ffffffffffffffda RBX: 00007f8307625fa0 RCX: 00007f83073cf749
[   47.905266][ T4213] RDX: ffffffffffffff9c RSI: 0000200000000600 RDI: ffffffffffffff9c
[   47.905356][ T4213] RBP: 00007f8305e37090 R08: 0000000000000000 R09: 0000000000000000
[   47.905369][ T4213] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001
[   47.905381][ T4213] R13: 00007f8307626038 R14: 00007f8307625fa0 R15: 00007ffc358a82d8
[   47.905400][ T4213]  </TASK>
[   48.079336][ T4154] batman_adv: batadv0: Adding interface: batadv_slave_1
[   48.086311][ T4154] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   48.112250][ T4154] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   48.415716][ T4154] hsr_slave_0: entered promiscuous mode
[   48.433678][ T4154] hsr_slave_1: entered promiscuous mode
[   48.448194][ T4154] debugfs: 'hsr0' already exists in 'hsr'
[   48.454043][ T4154] Cannot create hsr debugfs directory
[   48.466168][ T4223] netlink: 28 bytes leftover after parsing attributes in process `syz.4.229'.
[   48.475048][ T4223] netlink: 32 bytes leftover after parsing attributes in process `syz.4.229'.
[   48.483947][ T4223] netlink: 28 bytes leftover after parsing attributes in process `syz.4.229'.
[   48.555760][ T4223] netlink: 32 bytes leftover after parsing attributes in process `syz.4.229'.
[   48.591922][ T4229] loop2: detected capacity change from 0 to 512
[   48.611799][ T4229] EXT4-fs: Ignoring removed i_version option
[   48.617910][ T4229] EXT4-fs: Ignoring removed bh option
[   48.702110][ T4229] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.754405][ T4229] ext4 filesystem being mounted at /56/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   48.854147][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.867481][ T4154] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   48.906189][ T4242] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   48.907762][ T4154] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   48.927942][ T4242] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   48.938252][ T4154] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   48.947799][ T4154] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   48.987479][ T4252] capability: warning: `syz.2.235' uses deprecated v2 capabilities in a way that may be insecure
[   49.023165][ T4252] GUP no longer grows the stack in syz.2.235 (4252): 200000004000-20000000a000 (200000002000)
[   49.033579][ T4252] CPU: 0 UID: 0 PID: 4252 Comm: syz.2.235 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   49.033600][ T4252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   49.033611][ T4252] Call Trace:
[   49.033616][ T4252]  <TASK>
[   49.033631][ T4252]  __dump_stack+0x1d/0x30
[   49.033654][ T4252]  dump_stack_lvl+0xe8/0x140
[   49.033674][ T4252]  dump_stack+0x15/0x1b
[   49.033690][ T4252]  __get_user_pages+0x1968/0x1ed0
[   49.033722][ T4252]  get_user_pages_remote+0x1d5/0x6c0
[   49.033820][ T4252]  __access_remote_vm+0x15c/0x590
[   49.033847][ T4252]  access_remote_vm+0x32/0x40
[   49.033871][ T4252]  proc_pid_cmdline_read+0x32b/0x6c0
[   49.033901][ T4252]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[   49.033949][ T4252]  vfs_readv+0x3fb/0x690
[   49.033987][ T4252]  __x64_sys_preadv+0xfd/0x1c0
[   49.034080][ T4252]  x64_sys_call+0x282e/0x3000
[   49.034167][ T4252]  do_syscall_64+0xd2/0x200
[   49.034186][ T4252]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   49.034208][ T4252]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   49.034267][ T4252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.034288][ T4252] RIP: 0033:0x7f90f0c7f749
[   49.034303][ T4252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.034320][ T4252] RSP: 002b:00007f90ef6e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[   49.034339][ T4252] RAX: ffffffffffffffda RBX: 00007f90f0ed5fa0 RCX: 00007f90f0c7f749
[   49.034453][ T4252] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003
[   49.034464][ T4252] RBP: 00007f90ef6e7090 R08: 0000000000000000 R09: 0000000000000000
[   49.034473][ T4252] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000001
[   49.034483][ T4252] R13: 00007f90f0ed6038 R14: 00007f90f0ed5fa0 R15: 00007ffc2821cb88
[   49.034501][ T4252]  </TASK>
[   49.091245][ T4252] FAULT_INJECTION: forcing a failure.
[   49.091245][ T4252] name failslab, interval 1, probability 0, space 0, times 0
[   49.204657][ T4154] 8021q: adding VLAN 0 to HW filter on device bond0
[   49.205279][ T4252] CPU: 1 UID: 0 PID: 4252 Comm: syz.2.235 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   49.205302][ T4252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   49.205312][ T4252] Call Trace:
[   49.205317][ T4252]  <TASK>
[   49.205324][ T4252]  __dump_stack+0x1d/0x30
[   49.205345][ T4252]  dump_stack_lvl+0xe8/0x140
[   49.205363][ T4252]  dump_stack+0x15/0x1b
[   49.205378][ T4252]  should_fail_ex+0x265/0x280
[   49.205407][ T4252]  should_failslab+0x8c/0xb0
[   49.205433][ T4252]  kmem_cache_alloc_noprof+0x50/0x480
[   49.205458][ T4252]  ? mas_alloc_nodes+0x1a2/0x210
[   49.205477][ T4252]  mas_alloc_nodes+0x1a2/0x210
[   49.205494][ T4252]  mas_preallocate+0x2ca/0x510
[   49.205515][ T4252]  expand_downwards+0x27f/0x710
[   49.205538][ T4252]  ? mt_find+0x21b/0x330
[   49.205561][ T4252]  expand_stack_locked+0x1d/0x30
[   49.205578][ T4252]  lock_mm_and_find_vma+0x22e/0x400
[   49.205605][ T4252]  do_user_addr_fault+0x278/0x1080
[   49.205625][ T4252]  ? up_write+0x18/0x60
[   49.205646][ T4252]  ? expand_stack+0x2c5/0x320
[   49.205664][ T4252]  exc_page_fault+0x62/0xa0
[   49.205691][ T4252]  asm_exc_page_fault+0x26/0x30
[   49.205708][ T4252] RIP: 0010:rep_movs_alternative+0x4a/0x90
[   49.205734][ T4252] Code: f9 01 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 0f f9 01 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[   49.205749][ T4252] RSP: 0018:ffffc90010d3fcf8 EFLAGS: 00050206
[   49.205763][ T4252] RAX: ffff88810c556da0 RBX: 0000000000000d00 RCX: 0000000000000140
[   49.205774][ T4252] RDX: 0000000000000000 RSI: ffff88811c583bc0 RDI: 0000200000002000
[   49.205785][ T4252] RBP: 0000000000000000 R08: 0000000000000337 R09: 0000000000000000
[   49.205796][ T4252] R10: 000188811c583000 R11: 000188811c583cff R12: 0000200000002140
[   49.205806][ T4252] R13: 00007ffffffff000 R14: 0000200000001440 R15: ffff88811c583000
[   49.205823][ T4252]  _copy_to_user+0x7c/0xa0
[   49.205846][ T4252]  proc_pid_cmdline_read+0x363/0x6c0
[   49.205873][ T4252]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[   49.205897][ T4252]  vfs_readv+0x3fb/0x690
[   49.205931][ T4252]  __x64_sys_preadv+0xfd/0x1c0
[   49.205956][ T4252]  x64_sys_call+0x282e/0x3000
[   49.205975][ T4252]  do_syscall_64+0xd2/0x200
[   49.205992][ T4252]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   49.206023][ T4252]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   49.206052][ T4252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.206069][ T4252] RIP: 0033:0x7f90f0c7f749
[   49.206082][ T4252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.206096][ T4252] RSP: 002b:00007f90ef6e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[   49.206112][ T4252] RAX: ffffffffffffffda RBX: 00007f90f0ed5fa0 RCX: 00007f90f0c7f749
[   49.206123][ T4252] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003
[   49.206133][ T4252] RBP: 00007f90ef6e7090 R08: 0000000000000000 R09: 0000000000000000
[   49.206144][ T4252] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000001
[   49.206154][ T4252] R13: 00007f90f0ed6038 R14: 00007f90f0ed5fa0 R15: 00007ffc2821cb88
[   49.206171][ T4252]  </TASK>
[   49.556893][ T4154] 8021q: adding VLAN 0 to HW filter on device team0
[   49.567031][ T3554] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.574110][ T3554] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.594409][ T4154] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   49.604846][ T4154] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   49.620077][ T3554] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.627223][ T3554] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.765859][ T4270] loop0: detected capacity change from 0 to 512
[   49.797443][ T4270] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.811003][ T4154] 8021q: adding VLAN 0 to HW filter on device batadv0
[   49.819272][ T4270] ext4 filesystem being mounted at /45/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   49.871332][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.948443][ T4154] veth0_vlan: entered promiscuous mode
[   49.959846][ T4154] veth1_vlan: entered promiscuous mode
[   49.979291][ T4154] veth0_macvtap: entered promiscuous mode
[   49.998066][ T4154] veth1_macvtap: entered promiscuous mode
[   50.009550][ T4154] batman_adv: batadv0: Interface activated: batadv_slave_0
[   50.023689][ T4154] batman_adv: batadv0: Interface activated: batadv_slave_1
[   50.041889][ T1374] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   50.065367][ T1374] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   50.074285][ T1374] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   50.085625][ T1374] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   50.109573][ T4308] netlink: 'syz.0.248': attribute type 6 has an invalid length.
[   50.164103][ T4314] loop2: detected capacity change from 0 to 1024
[   50.345409][ T4326] loop3: detected capacity change from 0 to 512
[   50.359392][ T4326] EXT4-fs: Ignoring removed nobh option
[   50.491432][ T4330] loop2: detected capacity change from 0 to 128
[   50.591440][ T4326] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #3: comm syz.3.255: corrupted inode contents
[   50.651383][   T29] kauditd_printk_skb: 737 callbacks suppressed
[   50.651397][   T29] audit: type=1326 audit(1763780207.550:1861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4305 comm="syz.0.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f83073c65e7 code=0x7ffc0000
[   50.716217][ T4326] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #3: comm syz.3.255: mark_inode_dirty error
[   50.787771][ T4326] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #3: comm syz.3.255: corrupted inode contents
[   50.853345][   T29] audit: type=1326 audit(1763780207.550:1862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4305 comm="syz.0.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f830736b829 code=0x7ffc0000
[   50.876822][   T29] audit: type=1326 audit(1763780207.580:1863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4305 comm="syz.0.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f83073c65e7 code=0x7ffc0000
[   50.900304][   T29] audit: type=1326 audit(1763780207.580:1864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4305 comm="syz.0.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f830736b829 code=0x7ffc0000
[   50.923591][   T29] audit: type=1326 audit(1763780207.580:1865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4305 comm="syz.0.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83073cf749 code=0x7ffc0000
[   50.947103][   T29] audit: type=1326 audit(1763780207.590:1866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4305 comm="syz.0.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f83073c65e7 code=0x7ffc0000
[   50.970384][   T29] audit: type=1326 audit(1763780207.590:1867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4305 comm="syz.0.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f830736b829 code=0x7ffc0000
[   50.993677][   T29] audit: type=1326 audit(1763780207.590:1868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4305 comm="syz.0.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83073cf749 code=0x7ffc0000
[   51.016968][   T29] audit: type=1326 audit(1763780207.600:1869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4305 comm="syz.0.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f83073c65e7 code=0x7ffc0000
[   51.040173][   T29] audit: type=1326 audit(1763780207.600:1870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4305 comm="syz.0.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f830736b829 code=0x7ffc0000
[   51.319290][ T4326] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.255: mark_inode_dirty error
[   51.331517][ T4326] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.255: Failed to acquire dquot type 0
[   51.376122][ T4326] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.255: corrupted inode contents
[   51.435344][ T4326] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #16: comm syz.3.255: mark_inode_dirty error
[   51.462024][ T4326] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.255: corrupted inode contents
[   51.518946][ T4326] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.255: mark_inode_dirty error
[   51.583127][ T4326] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.255: corrupted inode contents
[   51.633813][ T4326] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem
[   51.659677][ T4326] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.255: corrupted inode contents
[   51.703499][ T4326] EXT4-fs error (device loop3): ext4_truncate:4637: inode #16: comm syz.3.255: mark_inode_dirty error
[   51.728463][ T4326] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem
[   51.732625][ T4377] __nla_validate_parse: 1 callbacks suppressed
[   51.732636][ T4377] netlink: 8 bytes leftover after parsing attributes in process `syz.5.276'.
[   51.744177][ T4326] EXT4-fs (loop3): 1 truncate cleaned up
[   51.758549][ T4326] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.771481][ T4326] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   51.784207][ T4378] netlink: 'ÿ': attribute type 3 has an invalid length.
[   51.808187][ T4378] netlink: 'ÿ': attribute type 3 has an invalid length.
[   52.196219][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.419407][ T4405] netlink: 'syz.3.284': attribute type 6 has an invalid length.
[   52.458611][ T4412] netlink: 'syz.5.287': attribute type 6 has an invalid length.
[   52.501664][ T4414] selinux_netlink_send: 3 callbacks suppressed
[   52.501676][ T4414] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4414 comm=syz.4.291
[   52.522122][ T4414] netlink: 40 bytes leftover after parsing attributes in process `syz.4.291'.
[   52.566840][ T4420] loop0: detected capacity change from 0 to 512
[   52.576137][ T4422] netlink: 4 bytes leftover after parsing attributes in process `syz.2.294'.
[   52.586531][ T4422] netlink: 12 bytes leftover after parsing attributes in process `syz.2.294'.
[   52.597806][ T4420] EXT4-fs: Ignoring removed nobh option
[   52.636862][ T4420] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #3: comm syz.0.293: corrupted inode contents
[   52.677735][ T4420] EXT4-fs error (device loop0): ext4_dirty_inode:6517: inode #3: comm syz.0.293: mark_inode_dirty error
[   52.689993][ T4420] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #3: comm syz.0.293: corrupted inode contents
[   52.718673][ T4420] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.293: mark_inode_dirty error
[   52.733081][ T4420] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.293: Failed to acquire dquot type 0
[   52.745208][ T4420] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.293: corrupted inode contents
[   52.765613][ T4420] EXT4-fs error (device loop0): ext4_dirty_inode:6517: inode #16: comm syz.0.293: mark_inode_dirty error
[   52.787139][ T4420] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.293: corrupted inode contents
[   52.796848][ T4441] netlink: 'syz.4.300': attribute type 6 has an invalid length.
[   52.801999][ T4420] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.293: mark_inode_dirty error
[   52.822198][ T4420] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.293: corrupted inode contents
[   52.834638][ T4420] EXT4-fs error (device loop0) in ext4_orphan_del:301: Corrupt filesystem
[   52.843944][ T4420] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.293: corrupted inode contents
[   52.856829][ T4420] EXT4-fs error (device loop0): ext4_truncate:4637: inode #16: comm syz.0.293: mark_inode_dirty error
[   52.868415][ T4420] EXT4-fs error (device loop0) in ext4_process_orphan:343: Corrupt filesystem
[   52.878274][ T4420] EXT4-fs (loop0): 1 truncate cleaned up
[   52.884517][ T4420] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.898333][ T4420] ext4 filesystem being mounted at /58/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   52.928206][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.975325][ T4443] netlink: 4 bytes leftover after parsing attributes in process `syz.2.302'.
[   53.000721][ T4452] loop0: detected capacity change from 0 to 512
[   53.010359][ T4452] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   53.033368][ T4452] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   53.046642][ T4452] EXT4-fs (loop0): 1 truncate cleaned up
[   53.055570][ T4452] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.081060][ T4452] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.141347][ T4452] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.191927][ T4452] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.206334][ T4463] loop3: detected capacity change from 0 to 512
[   53.243457][ T4463] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.258368][ T4463] ext4 filesystem being mounted at /31/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.271596][ T4452] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.351371][ T4474] loop2: detected capacity change from 0 to 764
[   53.372941][ T3572] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   53.411275][ T3572] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   53.424092][ T4474] Symlink component flag not implemented
[   53.429810][ T4474] Symlink component flag not implemented
[   53.435063][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.445359][ T4474] Symlink component flag not implemented (129)
[   53.451644][ T4474] Symlink component flag not implemented (6)
[   53.458095][ T3562] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   53.458416][ T4474] rock: directory entry would overflow storage
[   53.472648][ T4474] rock: sig=0x4f50, size=4, remaining=3
[   53.472937][ T3562] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   53.478297][ T4474] iso9660: Corrupted directory entry in block 6 of inode 1792
[   53.510624][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.512064][ T4480] netlink: 4 bytes leftover after parsing attributes in process `syz.5.317'.
[   53.545547][ T4480] netlink: 12 bytes leftover after parsing attributes in process `syz.5.317'.
[   53.567725][ T4485] Cannot find add_set index 0 as target
[   53.611549][ T4484] netlink: 'syz.3.316': attribute type 18 has an invalid length.
[   53.619327][ T4484] netlink: 4 bytes leftover after parsing attributes in process `syz.3.316'.
[   53.632347][ T4484] netlink: 'syz.3.316': attribute type 18 has an invalid length.
[   53.640291][ T4484] netlink: 4 bytes leftover after parsing attributes in process `syz.3.316'.
[   53.649402][ T3537] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   53.658698][ T3562] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   53.666872][ T3562] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   53.737284][ T3562] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   54.677984][ T4506] loop5: detected capacity change from 0 to 512
[   54.708237][ T4508] netlink: 28 bytes leftover after parsing attributes in process `syz.2.327'.
[   54.719072][ T4506] EXT4-fs: Ignoring removed i_version option
[   54.725127][ T4506] EXT4-fs: Ignoring removed bh option
[   54.786480][ T4506] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.841107][ T4506] ext4 filesystem being mounted at /26/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   54.890719][ T4490] hsr_slave_0: left promiscuous mode
[   54.897705][ T4490] hsr_slave_1: left promiscuous mode
[   54.934372][ T4154] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.097614][ T4499] loop0: detected capacity change from 0 to 32768
[   55.159249][ T3498]  loop0: p1 p2 p3 < p5 > p4 < p6 p7 p8 >
[   55.180519][ T3498] loop0: p1 start 460800 is beyond EOD, truncated
[   55.187067][ T3498] loop0: p2 size 83886080 extends beyond EOD, truncated
[   55.233606][ T4525] FAULT_INJECTION: forcing a failure.
[   55.233606][ T4525] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   55.246732][ T4525] CPU: 0 UID: 0 PID: 4525 Comm: syz.5.333 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   55.246755][ T4525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   55.246778][ T4525] Call Trace:
[   55.246787][ T4525]  <TASK>
[   55.246794][ T4525]  __dump_stack+0x1d/0x30
[   55.246820][ T4525]  dump_stack_lvl+0xe8/0x140
[   55.246878][ T4525]  dump_stack+0x15/0x1b
[   55.246893][ T4525]  should_fail_ex+0x265/0x280
[   55.247003][ T4525]  should_fail+0xb/0x20
[   55.247015][ T4525]  should_fail_usercopy+0x1a/0x20
[   55.247102][ T4525]  _copy_from_user+0x1c/0xb0
[   55.247166][ T4525]  memdup_user+0x5e/0xd0
[   55.247191][ T4525]  con_font_op+0x603/0x930
[   55.247210][ T4525]  ? selinux_capable+0x31/0x40
[   55.247296][ T4525]  ? should_fail_ex+0xdb/0x280
[   55.247326][ T4525]  vt_ioctl+0x153d/0x18a0
[   55.247349][ T4525]  tty_ioctl+0x7d8/0xb80
[   55.247370][ T4525]  ? __pfx_tty_ioctl+0x10/0x10
[   55.247447][ T4525]  __se_sys_ioctl+0xce/0x140
[   55.247470][ T4525]  __x64_sys_ioctl+0x43/0x50
[   55.247490][ T4525]  x64_sys_call+0x1816/0x3000
[   55.247589][ T4525]  do_syscall_64+0xd2/0x200
[   55.247614][ T4525]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   55.247697][ T4525]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   55.247726][ T4525]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.247748][ T4525] RIP: 0033:0x7fc0bf2ef749
[   55.247763][ T4525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.247795][ T4525] RSP: 002b:00007fc0bdd4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   55.247810][ T4525] RAX: ffffffffffffffda RBX: 00007fc0bf545fa0 RCX: 00007fc0bf2ef749
[   55.247820][ T4525] RDX: 0000200000000040 RSI: 0000000000004b72 RDI: 0000000000000003
[   55.247895][ T4525] RBP: 00007fc0bdd4f090 R08: 0000000000000000 R09: 0000000000000000
[   55.247905][ T4525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.247915][ T4525] R13: 00007fc0bf546038 R14: 00007fc0bf545fa0 R15: 00007ffee1726f88
[   55.247998][ T4525]  </TASK>
[   55.504419][ T3498] loop0: p5 size 33488896 extends beyond EOD, truncated
[   55.535695][ T3498] loop0: p6 start 460800 is beyond EOD, truncated
[   55.542192][ T3498] loop0: p7 size 83886080 extends beyond EOD, truncated
[   55.571445][ T3498] loop0: p8 size 33488896 extends beyond EOD, truncated
[   55.586849][ T4530] SELinux:  Context system_u:object_r:netutils_exec_t:s0 is not valid (left unmapped).
[   55.611613][ T4499]  loop0: p1 p2 p3 < > p4 < p5 p6 p7 >
[   55.617181][ T4499] loop0: p1 start 460800 is beyond EOD, truncated
[   55.623681][ T4499] loop0: p2 size 83886080 extends beyond EOD, truncated
[   55.647129][ T4534] loop3: detected capacity change from 0 to 1024
[   55.657200][ T4499] loop0: p5 start 460800 is beyond EOD, truncated
[   55.663728][ T4499] loop0: p6 size 83886080 extends beyond EOD, truncated
[   55.673695][   T29] kauditd_printk_skb: 973 callbacks suppressed
[   55.673706][   T29] audit: type=1400 audit(1763780212.570:2840): avc:  denied  { mounton } for  pid=4533 comm="syz.3.337" path="/35/file0" dev="tmpfs" ino=204 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   55.687048][ T4499] loop0: p7 size 33488896 extends beyond EOD, truncated
[   55.720235][ T4534] loop3: detected capacity change from 0 to 128
[   55.741476][ T4537] loop2: detected capacity change from 0 to 512
[   55.748117][ T4537] EXT4-fs: Ignoring removed oldalloc option
[   55.758861][ T4537] EXT4-fs: quotafile must be on filesystem root
[   55.766367][ T4536] Cannot find add_set index 0 as target
[   55.769902][   T29] audit: type=1400 audit(1763780212.610:2841): avc:  denied  { create } for  pid=4535 comm="syz.4.338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   55.792546][   T29] audit: type=1400 audit(1763780212.640:2842): avc:  denied  { mounton } for  pid=4514 comm="syz.2.328" path="/80/bus" dev="tmpfs" ino=441 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   55.799205][ T3004]  loop0: p1 p2 p3 < p5 > p4 < p6 p7 p8 >
[   55.814907][   T29] audit: type=1400 audit(1763780212.650:2843): avc:  denied  { write } for  pid=4535 comm="syz.4.338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   55.840991][   T29] audit: type=1400 audit(1763780212.650:2844): avc:  denied  { open } for  pid=4535 comm="syz.4.338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   55.841077][ T3004] loop0: p1 start 460800 is beyond EOD, 
[   55.860101][   T29] audit: type=1400 audit(1763780212.650:2845): avc:  denied  { kernel } for  pid=4535 comm="syz.4.338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   55.860122][   T29] audit: type=1400 audit(1763780212.650:2846): avc:  denied  { tracepoint } for  pid=4535 comm="syz.4.338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   55.865765][ T3004] truncated
[   55.865772][ T3004] loop0: p2 size 83886080 extends beyond EOD, truncated
[   55.918858][ T4537] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[   55.927082][ T4537] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[   55.937813][ T3004] loop0: p5 size 33488896 extends beyond EOD, truncated
[   55.945120][ T3004] loop0: p6 start 460800 is beyond EOD, truncated
[   55.952143][ T3004] loop0: p7 size 83886080 extends beyond EOD, truncated
[   55.963362][ T3004] loop0: p8 size 33488896 extends beyond EOD, truncated
[   56.045805][ T3498] udevd[3498]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[   56.057963][ T3686] udevd[3686]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[   56.069939][ T3307] udevd[3307]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   56.085238][ T4548] udevd[4548]: inotify_add_watch(7, /dev/loop0p7, 10) failed: No such file or directory
[   56.132068][ T4554] Cannot find add_set index 0 as target
[   56.171171][ T3300] udevd[3300]: inotify_add_watch(7, /dev/loop0p5, 10) failed: No such file or directory
[   56.236926][ T4549] udevd[4549]: inotify_add_watch(7, /dev/loop0p8, 10) failed: No such file or directory
[   56.240868][   T29] audit: type=1400 audit(1763780212.820:2847): avc:  denied  { create } for  pid=4538 comm="syz.5.339" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   56.266239][   T29] audit: type=1400 audit(1763780212.840:2848): avc:  denied  { ioctl } for  pid=4538 comm="syz.5.339" path="socket:[7896]" dev="sockfs" ino=7896 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   56.290911][   T29] audit: type=1400 audit(1763780212.840:2849): avc:  denied  { module_request } for  pid=4538 comm="syz.5.339" kmod="netdev-syzkaller1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   56.347290][ T3498] udevd[3498]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[   56.357351][ T4549] udevd[4549]: inotify_add_watch(7, /dev/loop0p6, 10) failed: No such file or directory
[   56.361442][ T3686] udevd[3686]: inotify_add_watch(7, /dev/loop0p7, 10) failed: No such file or directory
[   56.368421][ T4553] udevd[4553]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[   56.434470][ T4563] Cannot find add_set index 0 as target
[   56.549066][ T4570] loop0: detected capacity change from 0 to 512
[   56.669261][ T4570] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.691347][ T4570] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.883576][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.006360][ T4599] loop3: detected capacity change from 0 to 1024
[   57.139878][ T4603] Cannot find add_set index 0 as target
[   57.145705][ T4605] __nla_validate_parse: 11 callbacks suppressed
[   57.145718][ T4605] netlink: 4 bytes leftover after parsing attributes in process `syz.0.359'.
[   57.162203][ T4605] hsr_slave_0: left promiscuous mode
[   57.182804][ T4605] hsr_slave_1: left promiscuous mode
[   57.302773][ T4611] loop3: detected capacity change from 0 to 128
[   58.091381][ T4617] loop5: detected capacity change from 0 to 512
[   58.356817][ T4630] netlink: 'syz.4.369': attribute type 3 has an invalid length.
[   58.364613][ T4630] netlink: 'syz.4.369': attribute type 3 has an invalid length.
[   58.768589][ T4643] netlink: 92 bytes leftover after parsing attributes in process `syz.3.372'.
[   58.778024][ T4643] netlink: 24 bytes leftover after parsing attributes in process `syz.3.372'.
[   59.023207][ T4652] netlink: 4 bytes leftover after parsing attributes in process `syz.2.376'.
[   59.032172][ T4652] hsr_slave_0: left promiscuous mode
[   59.037917][ T4652] hsr_slave_1: left promiscuous mode
[   59.078155][ T4653] ref_ctr_offset mismatch. inode: 0x1df offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000
[   59.116084][ T4657] loop2: detected capacity change from 0 to 764
[   59.123285][ T4657] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   59.132783][ T4657] netlink: 12 bytes leftover after parsing attributes in process `syz.2.377'.
[   59.229608][ T4659] Symlink component flag not implemented
[   59.235659][ T4659] Symlink component flag not implemented (7)
[   59.652604][ T4674] FAULT_INJECTION: forcing a failure.
[   59.652604][ T4674] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   59.665957][ T4674] CPU: 1 UID: 0 PID: 4674 Comm: syz.3.384 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   59.665984][ T4674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   59.666070][ T4674] Call Trace:
[   59.666076][ T4674]  <TASK>
[   59.666083][ T4674]  __dump_stack+0x1d/0x30
[   59.666120][ T4674]  dump_stack_lvl+0xe8/0x140
[   59.666138][ T4674]  dump_stack+0x15/0x1b
[   59.666154][ T4674]  should_fail_ex+0x265/0x280
[   59.666208][ T4674]  should_fail+0xb/0x20
[   59.666221][ T4674]  should_fail_usercopy+0x1a/0x20
[   59.666238][ T4674]  _copy_from_user+0x1c/0xb0
[   59.666322][ T4674]  do_ipv6_setsockopt+0x124/0x2160
[   59.666352][ T4674]  ? kstrtoull+0x111/0x140
[   59.666451][ T4674]  ? avc_has_perm_noaudit+0x1b1/0x200
[   59.666470][ T4674]  ? selinux_netlbl_socket_setsockopt+0x1f9/0x2d0
[   59.666519][ T4674]  ipv6_setsockopt+0x59/0x130
[   59.666549][ T4674]  udpv6_setsockopt+0x99/0xb0
[   59.666619][ T4674]  sock_common_setsockopt+0x69/0x80
[   59.666643][ T4674]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   59.666731][ T4674]  __sys_setsockopt+0x184/0x200
[   59.666756][ T4674]  __x64_sys_setsockopt+0x64/0x80
[   59.666781][ T4674]  x64_sys_call+0x20ec/0x3000
[   59.666801][ T4674]  do_syscall_64+0xd2/0x200
[   59.666859][ T4674]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   59.667045][ T4674]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   59.667078][ T4674]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.667116][ T4674] RIP: 0033:0x7f09cdd5f749
[   59.667153][ T4674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.667167][ T4674] RSP: 002b:00007f09cc7c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   59.667183][ T4674] RAX: ffffffffffffffda RBX: 00007f09cdfb5fa0 RCX: 00007f09cdd5f749
[   59.667193][ T4674] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[   59.667205][ T4674] RBP: 00007f09cc7c7090 R08: 0000000000000060 R09: 0000000000000000
[   59.667217][ T4674] R10: 00002000000006c0 R11: 0000000000000246 R12: 0000000000000001
[   59.667275][ T4674] R13: 00007f09cdfb6038 R14: 00007f09cdfb5fa0 R15: 00007ffce8ea56f8
[   59.667290][ T4674]  </TASK>
[   59.916558][ T4678] loop3: detected capacity change from 0 to 512
[   59.932257][ T4678] EXT4-fs: Ignoring removed i_version option
[   59.938285][ T4678] EXT4-fs: Ignoring removed bh option
[   59.967143][ T4678] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   59.980482][ T4678] ext4 filesystem being mounted at /49/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   60.035064][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.159610][ T4698] loop3: detected capacity change from 0 to 512
[   60.221856][ T4698] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   60.238900][ T4698] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.305375][ T4712] loop5: detected capacity change from 0 to 512
[   60.312933][ T4712] EXT4-fs: Ignoring removed i_version option
[   60.318991][ T4712] EXT4-fs: Ignoring removed bh option
[   60.351173][ T4712] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   60.367572][ T4712] ext4 filesystem being mounted at /49/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   60.414668][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.424529][ T4154] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.437348][ T4720] netlink: 28 bytes leftover after parsing attributes in process `syz.4.402'.
[   60.446381][ T4720] netlink: 32 bytes leftover after parsing attributes in process `syz.4.402'.
[   60.455292][ T4720] netlink: 28 bytes leftover after parsing attributes in process `syz.4.402'.
[   60.499251][ T4720] netlink: 32 bytes leftover after parsing attributes in process `syz.4.402'.
[   60.596337][ T4731] loop3: detected capacity change from 0 to 512
[   60.609659][ T4731] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   60.653965][ T4731] EXT4-fs (loop3): 1 truncate cleaned up
[   60.679961][ T4731] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   60.713685][   T29] kauditd_printk_skb: 571 callbacks suppressed
[   60.713777][   T29] audit: type=1400 audit(1763780217.610:3421): avc:  denied  { read write } for  pid=4732 comm="syz.5.407" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   60.744585][   T29] audit: type=1400 audit(1763780217.610:3422): avc:  denied  { open } for  pid=4732 comm="syz.5.407" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   60.778979][   T29] audit: type=1400 audit(1763780217.610:3423): avc:  denied  { ioctl } for  pid=4732 comm="syz.5.407" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   60.833581][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.900503][   T29] audit: type=1400 audit(1763780217.700:3424): avc:  denied  { create } for  pid=4728 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   60.919538][   T29] audit: type=1400 audit(1763780217.720:3425): avc:  denied  { create } for  pid=4741 comm="syz.4.409" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   60.939655][   T29] audit: type=1400 audit(1763780217.750:3426): avc:  denied  { write } for  pid=4741 comm="syz.4.409" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   60.959670][   T29] audit: type=1400 audit(1763780217.750:3427): avc:  denied  { ioctl } for  pid=4741 comm="syz.4.409" path="socket:[10317]" dev="sockfs" ino=10317 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   60.995278][ T4750] netlink: 4 bytes leftover after parsing attributes in process `syz.4.409'.
[   61.033311][   T29] audit: type=1400 audit(1763780217.920:3428): avc:  denied  { write } for  pid=4746 comm="syz.0.412" name="mISDNtimer" dev="devtmpfs" ino=248 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   61.056390][   T29] audit: type=1400 audit(1763780217.920:3429): avc:  denied  { open } for  pid=4746 comm="syz.0.412" path="/dev/mISDNtimer" dev="devtmpfs" ino=248 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   61.080419][   T29] audit: type=1400 audit(1763780217.920:3430): avc:  denied  { ioctl } for  pid=4746 comm="syz.0.412" path="/dev/mISDNtimer" dev="devtmpfs" ino=248 ioctlcmd=0x4940 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   61.273097][ T4767] loop0: detected capacity change from 0 to 512
[   61.296444][ T4767] EXT4-fs: Ignoring removed nobh option
[   61.389184][ T4767] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #3: comm syz.0.419: corrupted inode contents
[   61.411460][ T4767] EXT4-fs error (device loop0): ext4_dirty_inode:6517: inode #3: comm syz.0.419: mark_inode_dirty error
[   61.442211][ T4767] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #3: comm syz.0.419: corrupted inode contents
[   61.474447][ T4767] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.419: mark_inode_dirty error
[   61.504426][ T4767] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.419: Failed to acquire dquot type 0
[   61.548775][ T4767] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.419: corrupted inode contents
[   61.608928][ T4767] EXT4-fs error (device loop0): ext4_dirty_inode:6517: inode #16: comm syz.0.419: mark_inode_dirty error
[   61.629228][ T4767] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.419: corrupted inode contents
[   61.643442][ T4767] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.419: mark_inode_dirty error
[   61.658323][ T4767] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.419: corrupted inode contents
[   61.682045][ T4767] EXT4-fs error (device loop0) in ext4_orphan_del:301: Corrupt filesystem
[   61.691557][ T4767] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.419: corrupted inode contents
[   61.705994][ T4767] EXT4-fs error (device loop0): ext4_truncate:4637: inode #16: comm syz.0.419: mark_inode_dirty error
[   61.721759][ T4767] EXT4-fs error (device loop0) in ext4_process_orphan:343: Corrupt filesystem
[   61.735103][ T4767] EXT4-fs (loop0): 1 truncate cleaned up
[   61.748977][ T4767] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   61.784839][ T4767] ext4 filesystem being mounted at /73/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   61.873671][ T4806] loop5: detected capacity change from 0 to 512
[   61.899973][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.902490][ T4806] netlink: 'syz.5.434': attribute type 3 has an invalid length.
[   61.956814][ T4806] loop5: detected capacity change from 0 to 164
[   61.982329][ T4806] process 'syz.5.434' launched '/dev/fd/8' with NULL argv: empty string added
[   62.000856][ T4806] bio_check_eod: 18 callbacks suppressed
[   62.000868][ T4806] syz.5.434: attempt to access beyond end of device
[   62.000868][ T4806] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   62.041006][ T4806] syz.5.434: attempt to access beyond end of device
[   62.041006][ T4806] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[   62.278328][ T4826] loop5: detected capacity change from 0 to 512
[   62.292564][ T4826] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   62.316426][ T4826] EXT4-fs (loop5): 1 truncate cleaned up
[   62.330912][ T4826] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.402400][ T4154] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.472831][ T4834] loop2: detected capacity change from 0 to 512
[   62.486930][ T4834] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.503923][ T4834] ext4 filesystem being mounted at /97/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.542075][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.705959][ T4839] __nla_validate_parse: 3 callbacks suppressed
[   62.706034][ T4839] netlink: 4 bytes leftover after parsing attributes in process `syz.5.445'.
[   62.708423][ T4844] netlink: 'syz.2.447': attribute type 29 has an invalid length.
[   62.729660][ T4839] hsr_slave_0: left promiscuous mode
[   62.735254][ T4839] hsr_slave_1: left promiscuous mode
[   62.751769][ T4844] netlink: 'syz.2.447': attribute type 29 has an invalid length.
[   62.773452][ T4850] netlink: 12 bytes leftover after parsing attributes in process `syz.3.449'.
[   62.939849][ T4861] loop3: detected capacity change from 0 to 512
[   62.946692][ T4861] EXT4-fs: Ignoring removed nobh option
[   62.961675][ T4861] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #3: comm syz.3.454: corrupted inode contents
[   62.973548][ T4861] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #3: comm syz.3.454: mark_inode_dirty error
[   62.985375][ T4861] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #3: comm syz.3.454: corrupted inode contents
[   62.998205][ T4861] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.454: mark_inode_dirty error
[   63.009844][ T4861] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.454: Failed to acquire dquot type 0
[   63.021583][ T4861] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.454: corrupted inode contents
[   63.033686][ T4861] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #16: comm syz.3.454: mark_inode_dirty error
[   63.045161][ T4861] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.454: corrupted inode contents
[   63.057327][ T4861] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.454: mark_inode_dirty error
[   63.069430][ T4861] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.454: corrupted inode contents
[   63.082194][ T4861] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem
[   63.091293][ T4861] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.454: corrupted inode contents
[   63.103220][ T4861] EXT4-fs error (device loop3): ext4_truncate:4637: inode #16: comm syz.3.454: mark_inode_dirty error
[   63.114493][ T4861] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem
[   63.123845][ T4861] EXT4-fs (loop3): 1 truncate cleaned up
[   63.130159][ T4861] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   63.143084][ T4861] ext4 filesystem being mounted at /63/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.180603][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   64.112519][ T4908] loop3: detected capacity change from 0 to 1024
[   64.210039][ T4910] netlink: 28 bytes leftover after parsing attributes in process `syz.0.469'.
[   64.218969][ T4910] netlink: 28 bytes leftover after parsing attributes in process `syz.0.469'.
[   64.375997][ T4920] loop3: detected capacity change from 0 to 128
[   64.861161][ T4939] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(9)
[   64.867713][ T4939] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   64.875407][ T4939] vhci_hcd vhci_hcd.0: Device attached
[   64.897025][ T4944] loop2: detected capacity change from 0 to 512
[   64.905006][ T4944] EXT4-fs: Ignoring removed nobh option
[   64.982586][ T4945] netlink: 64 bytes leftover after parsing attributes in process `syz.5.481'.
[   65.000058][ T4944] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #3: comm syz.2.482: corrupted inode contents
[   65.022600][ T4944] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #3: comm syz.2.482: mark_inode_dirty error
[   65.037613][ T4939] loop5: detected capacity change from 0 to 2048
[   65.067875][ T4944] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #3: comm syz.2.482: corrupted inode contents
[   65.098752][ T4939] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   65.128062][ T4944] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #3: comm syz.2.482: mark_inode_dirty error
[   65.139190][ T3402] usb 11-1: new high-speed USB device number 2 using vhci_hcd
[   65.161914][ T4941] vhci_hcd: connection reset by peer
[   65.167647][ T4944] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.482: Failed to acquire dquot type 0
[   65.182707][ T3546] vhci_hcd: stop threads
[   65.186948][ T3546] vhci_hcd: release socket
[   65.191417][ T3546] vhci_hcd: disconnect device
[   65.203707][ T4944] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.482: corrupted inode contents
[   65.228237][ T4944] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #16: comm syz.2.482: mark_inode_dirty error
[   65.240295][ T4944] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.482: corrupted inode contents
[   65.261664][ T4958] ref_ctr_offset mismatch. inode: 0x1f9 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000
[   65.296957][ T4944] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.482: mark_inode_dirty error
[   65.357125][ T4944] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.482: corrupted inode contents
[   65.385556][ T4944] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem
[   65.403946][ T4944] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.482: corrupted inode contents
[   65.432485][ T4944] EXT4-fs error (device loop2): ext4_truncate:4637: inode #16: comm syz.2.482: mark_inode_dirty error
[   65.456033][ T4944] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem
[   65.482150][ T4944] EXT4-fs (loop2): 1 truncate cleaned up
[   65.492017][ T4944] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   65.528197][ T4944] ext4 filesystem being mounted at /104/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.566657][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.736204][ T4154] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.795077][ T4973] loop5: detected capacity change from 0 to 512
[   65.822079][ T4973] EXT4-fs: Ignoring removed i_version option
[   65.828143][ T4973] EXT4-fs: Ignoring removed bh option
[   65.835543][   T29] kauditd_printk_skb: 501 callbacks suppressed
[   65.835556][   T29] audit: type=1404 audit(1763780222.730:3926): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[   65.837539][ T4975] netlink: 4 bytes leftover after parsing attributes in process `syz.3.493'.
[   65.837659][   T29] audit: type=1404 audit(1763780222.730:3927): enforcing=0 old_enforcing=1 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[   65.839965][   T29] audit: type=1400 audit(1763780222.730:3928): avc:  denied  { map_create } for  pid=4974 comm="syz.3.493" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   65.840020][   T29] audit: type=1400 audit(1763780222.740:3929): avc:  denied  { allowed } for  pid=4956 comm="syz.4.486" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   65.840039][   T29] audit: type=1400 audit(1763780222.740:3930): avc:  denied  { sqpoll } for  pid=4956 comm="syz.4.486" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   65.840058][   T29] audit: type=1400 audit(1763780222.740:3931): avc:  denied  { bpf } for  pid=4974 comm="syz.3.493" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   65.840078][   T29] audit: type=1400 audit(1763780222.740:3932): avc:  denied  { map_read map_write } for  pid=4974 comm="syz.3.493" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   65.842724][   T29] audit: type=1400 audit(1763780222.740:3933): avc:  denied  { prog_load } for  pid=4974 comm="syz.3.493" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   65.842747][   T29] audit: type=1400 audit(1763780222.740:3934): avc:  denied  { perfmon } for  pid=4974 comm="syz.3.493" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   65.885845][   T29] audit: type=1400 audit(1763780222.780:3935): avc:  denied  { read write } for  pid=3321 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   65.898893][ T4973] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   65.899199][ T4973] ext4 filesystem being mounted at /69/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   65.925895][ T4154] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.963999][ T4983] netlink: 4 bytes leftover after parsing attributes in process `syz.3.494'.
[   66.275104][    C1] vcan0: j1939_tp_rxtimer: 0xffff888110fd0a00: rx timeout, send abort
[   66.551267][ T5005] netlink: 4 bytes leftover after parsing attributes in process `syz.5.495'.
[   66.565486][ T5004] netlink: 4 bytes leftover after parsing attributes in process `syz.4.504'.
[   66.578174][ T5011] FAULT_INJECTION: forcing a failure.
[   66.578174][ T5011] name failslab, interval 1, probability 0, space 0, times 0
[   66.581034][ T5007] loop3: detected capacity change from 0 to 512
[   66.590803][ T5011] CPU: 1 UID: 0 PID: 5011 Comm: syz.2.507 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   66.590854][ T5011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   66.590863][ T5011] Call Trace:
[   66.590868][ T5011]  <TASK>
[   66.590874][ T5011]  __dump_stack+0x1d/0x30
[   66.590893][ T5011]  dump_stack_lvl+0xe8/0x140
[   66.590911][ T5011]  dump_stack+0x15/0x1b
[   66.590928][ T5011]  should_fail_ex+0x265/0x280
[   66.591035][ T5011]  should_failslab+0x8c/0xb0
[   66.591062][ T5011]  kmem_cache_alloc_noprof+0x50/0x480
[   66.591088][ T5011]  ? audit_log_start+0x342/0x720
[   66.591109][ T5011]  audit_log_start+0x342/0x720
[   66.591127][ T5011]  ? inode_maybe_inc_iversion+0xde/0x100
[   66.591175][ T5011]  audit_seccomp+0x48/0x100
[   66.591204][ T5011]  ? __seccomp_filter+0x82d/0x1250
[   66.591304][ T5011]  __seccomp_filter+0x83e/0x1250
[   66.591331][ T5011]  ? up_write+0x18/0x60
[   66.591352][ T5011]  ? __rcu_read_unlock+0x4f/0x70
[   66.591464][ T5011]  ? mntput_no_expire+0x6f/0x440
[   66.591486][ T5011]  __secure_computing+0x82/0x150
[   66.591511][ T5011]  syscall_trace_enter+0xcf/0x1e0
[   66.591536][ T5011]  do_syscall_64+0xac/0x200
[   66.591633][ T5011]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   66.591658][ T5011]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   66.591861][ T5011]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.591881][ T5011] RIP: 0033:0x7f90f0c7e15c
[   66.591895][ T5011] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   66.591944][ T5011] RSP: 002b:00007f90ef6e7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   66.591962][ T5011] RAX: ffffffffffffffda RBX: 00007f90f0ed5fa0 RCX: 00007f90f0c7e15c
[   66.591973][ T5011] RDX: 000000000000000f RSI: 00007f90ef6e70a0 RDI: 0000000000000006
[   66.591985][ T5011] RBP: 00007f90ef6e7090 R08: 0000000000000000 R09: 0000000000000000
[   66.591996][ T5011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.592008][ T5011] R13: 00007f90f0ed6038 R14: 00007f90f0ed5fa0 R15: 00007ffc2821cb88
[   66.592025][ T5011]  </TASK>
[   66.658897][ T5004] netlink: 12 bytes leftover after parsing attributes in process `syz.4.504'.
[   66.660726][ T5007] EXT4-fs: Ignoring removed i_version option
[   66.816808][ T5007] EXT4-fs: Ignoring removed bh option
[   66.832775][ T5007] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.848976][ T5007] ext4 filesystem being mounted at /76/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   66.889542][ T5024] loop5: detected capacity change from 0 to 512
[   66.945204][ T5024] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.964730][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.974585][ T5024] ext4 filesystem being mounted at /72/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.403719][ T4154] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.888938][ T5081] __nla_validate_parse: 7 callbacks suppressed
[   67.888951][ T5081] netlink: 92 bytes leftover after parsing attributes in process `syz.3.530'.
[   67.904511][ T5081] netlink: 24 bytes leftover after parsing attributes in process `syz.3.530'.
[   67.922667][ T5083] netlink: 28 bytes leftover after parsing attributes in process `syz.4.531'.
[   67.931552][ T5083] netlink: 32 bytes leftover after parsing attributes in process `syz.4.531'.
[   67.940436][ T5083] netlink: 28 bytes leftover after parsing attributes in process `syz.4.531'.
[   67.951582][ T5083] netlink: 32 bytes leftover after parsing attributes in process `syz.4.531'.
[   68.197676][ T5092] netlink: 4 bytes leftover after parsing attributes in process `syz.2.534'.
[   68.206892][ T5092] netlink: 12 bytes leftover after parsing attributes in process `syz.2.534'.
[   68.280513][ T5100] loop2: detected capacity change from 0 to 512
[   68.287162][ T5100] EXT4-fs: Ignoring removed nobh option
[   68.361004][ T5100] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #3: comm syz.2.537: corrupted inode contents
[   68.384503][ T5100] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #3: comm syz.2.537: mark_inode_dirty error
[   68.419242][ T5100] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #3: comm syz.2.537: corrupted inode contents
[   68.440913][ T5100] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #3: comm syz.2.537: mark_inode_dirty error
[   68.465008][ T5100] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.537: Failed to acquire dquot type 0
[   68.477001][ T5100] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.537: corrupted inode contents
[   68.490735][ T5100] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #16: comm syz.2.537: mark_inode_dirty error
[   68.505448][ T5100] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.537: corrupted inode contents
[   68.518106][ T5100] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.537: mark_inode_dirty error
[   68.531791][ T5100] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.537: corrupted inode contents
[   68.543874][ T5100] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem
[   68.556785][ T5100] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.537: corrupted inode contents
[   68.568907][ T5100] EXT4-fs error (device loop2): ext4_truncate:4637: inode #16: comm syz.2.537: mark_inode_dirty error
[   68.583271][ T5100] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem
[   68.593039][ T5100] EXT4-fs (loop2): 1 truncate cleaned up
[   68.604250][ T5100] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.619890][ T5100] ext4 filesystem being mounted at /119/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.649179][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.749951][ T5120] netlink: 4 bytes leftover after parsing attributes in process `syz.3.543'.
[   69.371726][ T5152] netlink: 4 bytes leftover after parsing attributes in process `syz.4.555'.
[   69.437834][ T5167] FAULT_INJECTION: forcing a failure.
[   69.437834][ T5167] name failslab, interval 1, probability 0, space 0, times 0
[   69.450514][ T5167] CPU: 1 UID: 0 PID: 5167 Comm: syz.0.558 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   69.450537][ T5167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   69.450548][ T5167] Call Trace:
[   69.450622][ T5167]  <TASK>
[   69.450629][ T5167]  __dump_stack+0x1d/0x30
[   69.450649][ T5167]  dump_stack_lvl+0xe8/0x140
[   69.450676][ T5167]  dump_stack+0x15/0x1b
[   69.450816][ T5167]  should_fail_ex+0x265/0x280
[   69.450844][ T5167]  should_failslab+0x8c/0xb0
[   69.450880][ T5167]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[   69.450907][ T5167]  ? sidtab_sid2str_get+0xa0/0x130
[   69.451036][ T5167]  ? skb_put+0xa9/0xf0
[   69.451075][ T5167]  kmemdup_noprof+0x2b/0x70
[   69.451096][ T5167]  sidtab_sid2str_get+0xa0/0x130
[   69.451157][ T5167]  security_sid_to_context_core+0x1eb/0x2e0
[   69.451186][ T5167]  security_sid_to_context+0x27/0x40
[   69.451210][ T5167]  avc_audit_post_callback+0x9d/0x520
[   69.451249][ T5167]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   69.451343][ T5167]  common_lsm_audit+0x1bb/0x230
[   69.451364][ T5167]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   69.451418][ T5167]  slow_avc_audit+0x104/0x140
[   69.451451][ T5167]  avc_has_perm+0x13a/0x180
[   69.451468][ T5167]  ? __pfx_perf_ioctl+0x10/0x10
[   69.451489][ T5167]  selinux_perf_event_write+0x97/0xb0
[   69.451572][ T5167]  security_perf_event_write+0x36/0x70
[   69.451598][ T5167]  perf_ioctl+0x4f/0x12e0
[   69.451622][ T5167]  ? ioctl_has_perm+0x289/0x2a0
[   69.451771][ T5167]  ? do_vfs_ioctl+0x866/0xe10
[   69.451789][ T5167]  ? selinux_file_ioctl+0x308/0x3a0
[   69.451846][ T5167]  ? __fget_files+0x184/0x1c0
[   69.451869][ T5167]  ? __pfx_perf_ioctl+0x10/0x10
[   69.451897][ T5167]  __se_sys_ioctl+0xce/0x140
[   69.451941][ T5167]  __x64_sys_ioctl+0x43/0x50
[   69.451960][ T5167]  x64_sys_call+0x1816/0x3000
[   69.451980][ T5167]  do_syscall_64+0xd2/0x200
[   69.452047][ T5167]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   69.452074][ T5167]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   69.452102][ T5167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.452192][ T5167] RIP: 0033:0x7f83073cf749
[   69.452207][ T5167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.452221][ T5167] RSP: 002b:00007f8305e37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   69.452237][ T5167] RAX: ffffffffffffffda RBX: 00007f8307625fa0 RCX: 00007f83073cf749
[   69.452308][ T5167] RDX: 0000200000000180 RSI: 0000000040082406 RDI: 0000000000000003
[   69.452320][ T5167] RBP: 00007f8305e37090 R08: 0000000000000000 R09: 0000000000000000
[   69.452330][ T5167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   69.452373][ T5167] R13: 00007f8307626038 R14: 00007f8307625fa0 R15: 00007ffc358a82d8
[   69.452389][ T5167]  </TASK>
[   69.993686][ T5198] loop2: detected capacity change from 0 to 512
[   70.010663][ T5198] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   70.051568][ T5198] EXT4-fs (loop2): 1 truncate cleaned up
[   70.057853][ T5198] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.113202][ T5198] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.151946][ T5198] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.201491][ T5198] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.258767][ T3402] vhci_hcd: vhci_device speed not set
[   70.318690][ T5198] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.368099][ T3559] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   70.378897][ T5230] loop5: detected capacity change from 0 to 512
[   70.385908][ T3559] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   70.395175][ T4231] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   70.404610][ T4231] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   70.419931][ T5230] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.432744][ T5230] ext4 filesystem being mounted at /84/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   70.443624][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.445324][    C0] vcan0: j1939_tp_rxtimer: 0xffff888109590000: rx timeout, send abort
[   70.503652][ T5230] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.585: corrupted inode contents
[   70.515909][ T5230] EXT4-fs error (device loop5): ext4_dirty_inode:6517: inode #2: comm syz.5.585: mark_inode_dirty error
[   70.528595][ T5230] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.585: corrupted inode contents
[   70.588898][ T4154] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.892183][ T5259] loop5: detected capacity change from 0 to 512
[   70.925629][ T5259] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   70.925697][   T29] kauditd_printk_skb: 468 callbacks suppressed
[   70.925708][   T29] audit: type=1400 audit(1763780227.820:4400): avc:  denied  { bind } for  pid=5263 comm="syz.3.600" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   70.945340][    C0] vcan0: j1939_tp_rxtimer: 0xffff888109590c00: rx timeout, send abort
[   70.970269][    C0] vcan0: j1939_tp_rxtimer: 0xffff888109590000: abort rx timeout. Force session deactivation
[   70.992382][ T5266] loop2: detected capacity change from 0 to 1024
[   71.000683][   T29] audit: type=1400 audit(1763780227.900:4401): avc:  denied  { mounton } for  pid=5265 comm="syz.2.599" path="/132/file0" dev="tmpfs" ino=714 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   71.098204][ T5259] EXT4-fs (loop5): 1 truncate cleaned up
[   71.105545][   T29] audit: type=1400 audit(1763780227.920:4402): avc:  denied  { read } for  pid=5265 comm="syz.2.599" dev="nsfs" ino=4026532510 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   71.126777][   T29] audit: type=1400 audit(1763780227.920:4403): avc:  denied  { open } for  pid=5265 comm="syz.2.599" path="net:[4026532510]" dev="nsfs" ino=4026532510 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   71.127296][ T5259] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.149968][   T29] audit: type=1400 audit(1763780227.990:4404): avc:  denied  { name_bind } for  pid=5272 comm="syz.4.603" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   71.150000][   T29] audit: type=1400 audit(1763780227.990:4405): avc:  denied  { node_bind } for  pid=5272 comm="syz.4.603" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   71.226956][ T5259] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.310905][ T5259] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.470151][    C0] vcan0: j1939_tp_rxtimer: 0xffff888109590c00: abort rx timeout. Force session deactivation
[   71.486831][ T5259] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.558867][ T5287] hsr_slave_0: left promiscuous mode
[   71.610094][ T5287] hsr_slave_1: left promiscuous mode
[   71.692993][ T5259] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.852111][   T52] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.870571][   T52] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.905020][   T52] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.949230][   T52] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.019314][ T4154] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.354698][ T5303] loop5: detected capacity change from 0 to 512
[   72.385119][ T5303] EXT4-fs: Ignoring removed nobh option
[   72.404747][ T5307] audit: audit_lost=3 audit_rate_limit=0 audit_backlog_limit=64
[   72.412435][ T5307] audit: out of memory in audit_log_start
[   72.440689][ T5303] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #3: comm syz.5.611: corrupted inode contents
[   72.463312][ T5303] EXT4-fs error (device loop5): ext4_dirty_inode:6517: inode #3: comm syz.5.611: mark_inode_dirty error
[   72.491446][   T29] audit: type=1400 audit(1763780229.380:4406): avc:  denied  { create } for  pid=5310 comm="syz.0.614" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   72.532985][ T5303] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #3: comm syz.5.611: corrupted inode contents
[   72.568776][ T5303] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #3: comm syz.5.611: mark_inode_dirty error
[   72.716781][   T36] kernel write not supported for file bpf-prog (pid: 36 comm: kworker/1:1)
[   72.725943][ T5303] Quota error (device loop5): write_blk: dquota write failed
[   72.750467][ T5303] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.611: Failed to acquire dquot type 0
[   72.931513][ T5303] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #16: comm syz.5.611: corrupted inode contents
[   72.950682][ T5303] EXT4-fs error (device loop5): ext4_dirty_inode:6517: inode #16: comm syz.5.611: mark_inode_dirty error
[   73.049589][ T5303] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #16: comm syz.5.611: corrupted inode contents
[   73.117712][ T5303] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #16: comm syz.5.611: mark_inode_dirty error
[   73.214928][ T5303] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #16: comm syz.5.611: corrupted inode contents
[   73.322942][ T5303] EXT4-fs error (device loop5) in ext4_orphan_del:301: Corrupt filesystem
[   73.397977][ T5303] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #16: comm syz.5.611: corrupted inode contents
[   73.616100][ T5303] EXT4-fs error (device loop5): ext4_truncate:4637: inode #16: comm syz.5.611: mark_inode_dirty error
[   73.657723][ T5303] EXT4-fs error (device loop5) in ext4_process_orphan:343: Corrupt filesystem
[   73.688112][ T5303] EXT4-fs (loop5): 1 truncate cleaned up
[   73.696560][ T5342] SELinux:  Context system_u:object_r:restorecond_var_run_t:s0 is not valid (left unmapped).
[   73.718524][ T5303] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.765956][ T5303] ext4 filesystem being mounted at /89/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   73.848838][ T5350] __nla_validate_parse: 32 callbacks suppressed
[   73.848853][ T5350] netlink: 4 bytes leftover after parsing attributes in process `syz.0.629'.
[   73.952387][ T4154] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.971242][ T5340] netlink: 4 bytes leftover after parsing attributes in process `syz.2.626'.
[   74.525608][ T5376] netlink: 'syz.2.638': attribute type 21 has an invalid length.
[   74.546078][ T5376] netlink: 'syz.2.638': attribute type 1 has an invalid length.
[   74.553800][ T5376] netlink: 144 bytes leftover after parsing attributes in process `syz.2.638'.
[   74.612780][ T5376] netlink: 20 bytes leftover after parsing attributes in process `+}[@'.
[   74.621327][ T5376] netlink: 20 bytes leftover after parsing attributes in process `+}[@'.
[   74.698082][ T5376] netlink: 20 bytes leftover after parsing attributes in process `+}[@'.
[   74.706568][ T5376] netlink: 20 bytes leftover after parsing attributes in process `+}[@'.
[   74.757199][ T5376] netlink: 20 bytes leftover after parsing attributes in process `+}[@'.
[   74.765757][ T5376] netlink: 20 bytes leftover after parsing attributes in process `+}[@'.
[   74.826328][ T5371] netlink: 4 bytes leftover after parsing attributes in process `syz.4.636'.
[   75.761634][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811a21a600: rx timeout, send abort
[   76.709512][   T29] kauditd_printk_skb: 106 callbacks suppressed
[   76.709526][   T29] audit: type=1326 audit(1763780233.610:4512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5511 comm="syz.0.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83073cf749 code=0x7ffc0000
[   76.826841][   T29] audit: type=1326 audit(1763780233.650:4513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5511 comm="syz.0.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83073cf749 code=0x7ffc0000
[   76.850186][   T29] audit: type=1326 audit(1763780233.650:4514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5511 comm="syz.0.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83073cf749 code=0x7ffc0000
[   76.873574][   T29] audit: type=1326 audit(1763780233.650:4515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5511 comm="syz.0.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83073cf749 code=0x7ffc0000
[   76.896900][   T29] audit: type=1326 audit(1763780233.650:4516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5511 comm="syz.0.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83073cf749 code=0x7ffc0000
[   76.920201][   T29] audit: type=1326 audit(1763780233.660:4517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5511 comm="syz.0.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83073cf749 code=0x7ffc0000
[   76.943523][   T29] audit: type=1326 audit(1763780233.660:4518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5511 comm="syz.0.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83073cf749 code=0x7ffc0000
[   76.966883][   T29] audit: type=1326 audit(1763780233.680:4519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5511 comm="syz.0.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f83073cf749 code=0x7ffc0000
[   76.990160][   T29] audit: type=1326 audit(1763780233.680:4520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5511 comm="syz.0.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83073cf749 code=0x7ffc0000
[   77.013514][   T29] audit: type=1326 audit(1763780233.680:4521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5511 comm="syz.0.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=224 compat=0 ip=0x7f83073cf749 code=0x7ffc0000
[   78.002969][ T5572] FAULT_INJECTION: forcing a failure.
[   78.002969][ T5572] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   78.016165][ T5572] CPU: 0 UID: 0 PID: 5572 Comm: syz.5.709 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   78.016188][ T5572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   78.016199][ T5572] Call Trace:
[   78.016205][ T5572]  <TASK>
[   78.016212][ T5572]  __dump_stack+0x1d/0x30
[   78.016276][ T5572]  dump_stack_lvl+0xe8/0x140
[   78.016297][ T5572]  dump_stack+0x15/0x1b
[   78.016313][ T5572]  should_fail_ex+0x265/0x280
[   78.016339][ T5572]  should_fail+0xb/0x20
[   78.016385][ T5572]  should_fail_usercopy+0x1a/0x20
[   78.016474][ T5572]  _copy_from_user+0x1c/0xb0
[   78.016498][ T5572]  __sys_bind+0x106/0x2a0
[   78.016529][ T5572]  __x64_sys_bind+0x3f/0x50
[   78.016550][ T5572]  x64_sys_call+0x2b72/0x3000
[   78.016646][ T5572]  do_syscall_64+0xd2/0x200
[   78.016667][ T5572]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   78.016695][ T5572]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   78.016721][ T5572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.016845][ T5572] RIP: 0033:0x7fc0bf2ef749
[   78.016858][ T5572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.016872][ T5572] RSP: 002b:00007fc0bdd4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[   78.016888][ T5572] RAX: ffffffffffffffda RBX: 00007fc0bf545fa0 RCX: 00007fc0bf2ef749
[   78.016898][ T5572] RDX: 0000000000000014 RSI: 0000200000000040 RDI: 0000000000000003
[   78.016908][ T5572] RBP: 00007fc0bdd4f090 R08: 0000000000000000 R09: 0000000000000000
[   78.016919][ T5572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   78.016928][ T5572] R13: 00007fc0bf546038 R14: 00007fc0bf545fa0 R15: 00007ffee1726f88
[   78.017023][ T5572]  </TASK>
[   78.319001][ T5590] syzkaller0: entered promiscuous mode
[   78.324487][ T5590] syzkaller0: entered allmulticast mode
[   79.051959][ T5640] __nla_validate_parse: 20 callbacks suppressed
[   79.051995][ T5640] netlink: 4 bytes leftover after parsing attributes in process `syz.0.733'.
[   79.058038][ T5644] netlink: 4 bytes leftover after parsing attributes in process `syz.5.734'.
[   79.101435][ T5650] netlink: 28 bytes leftover after parsing attributes in process `syz.3.735'.
[   79.110405][ T5650] netlink: 32 bytes leftover after parsing attributes in process `syz.3.735'.
[   79.119310][ T5650] netlink: 28 bytes leftover after parsing attributes in process `syz.3.735'.
[   79.211347][ T5660] FAULT_INJECTION: forcing a failure.
[   79.211347][ T5660] name failslab, interval 1, probability 0, space 0, times 0
[   79.224013][ T5660] CPU: 0 UID: 0 PID: 5660 Comm: syz.5.740 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   79.224110][ T5660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   79.224121][ T5660] Call Trace:
[   79.224127][ T5660]  <TASK>
[   79.224133][ T5660]  __dump_stack+0x1d/0x30
[   79.224158][ T5660]  dump_stack_lvl+0xe8/0x140
[   79.224194][ T5660]  dump_stack+0x15/0x1b
[   79.224211][ T5660]  should_fail_ex+0x265/0x280
[   79.224241][ T5660]  should_failslab+0x8c/0xb0
[   79.224269][ T5660]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   79.224314][ T5660]  ? __alloc_skb+0x101/0x320
[   79.224342][ T5660]  __alloc_skb+0x101/0x320
[   79.224371][ T5660]  netlink_alloc_large_skb+0xbf/0xf0
[   79.224401][ T5660]  netlink_sendmsg+0x3cf/0x6b0
[   79.224450][ T5660]  ? __pfx_netlink_sendmsg+0x10/0x10
[   79.224469][ T5660]  __sock_sendmsg+0x145/0x180
[   79.224494][ T5660]  ____sys_sendmsg+0x31e/0x4e0
[   79.224516][ T5660]  ___sys_sendmsg+0x17b/0x1d0
[   79.224540][ T5660]  __x64_sys_sendmsg+0xd4/0x160
[   79.224621][ T5660]  x64_sys_call+0x191e/0x3000
[   79.224639][ T5660]  do_syscall_64+0xd2/0x200
[   79.224656][ T5660]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   79.224739][ T5660]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   79.224767][ T5660]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.224785][ T5660] RIP: 0033:0x7fc0bf2ef749
[   79.224797][ T5660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.224814][ T5660] RSP: 002b:00007fc0bdd4f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   79.224844][ T5660] RAX: ffffffffffffffda RBX: 00007fc0bf545fa0 RCX: 00007fc0bf2ef749
[   79.224858][ T5660] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[   79.224869][ T5660] RBP: 00007fc0bdd4f090 R08: 0000000000000000 R09: 0000000000000000
[   79.224879][ T5660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   79.224915][ T5660] R13: 00007fc0bf546038 R14: 00007fc0bf545fa0 R15: 00007ffee1726f88
[   79.224934][ T5660]  </TASK>
[   79.451957][ T5669] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[   79.464389][ T5669] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   79.485859][ T5668] vlan0: entered allmulticast mode
[   79.491067][ T5668] bridge_slave_0: entered allmulticast mode
[   79.706416][ T5674] netlink: 4 bytes leftover after parsing attributes in process `syz.0.742'.
[   79.709988][ T5692] netlink: 4 bytes leftover after parsing attributes in process `syz.5.750'.
[   79.932175][ T5711] FAULT_INJECTION: forcing a failure.
[   79.932175][ T5711] name failslab, interval 1, probability 0, space 0, times 0
[   79.944963][ T5711] CPU: 0 UID: 0 PID: 5711 Comm: syz.2.761 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   79.944985][ T5711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   79.945010][ T5711] Call Trace:
[   79.945015][ T5711]  <TASK>
[   79.945021][ T5711]  __dump_stack+0x1d/0x30
[   79.945039][ T5711]  dump_stack_lvl+0xe8/0x140
[   79.945055][ T5711]  dump_stack+0x15/0x1b
[   79.945106][ T5711]  should_fail_ex+0x265/0x280
[   79.945191][ T5711]  ? u32_init+0x25d/0x3d0
[   79.945209][ T5711]  should_failslab+0x8c/0xb0
[   79.945249][ T5711]  __kmalloc_cache_noprof+0x4c/0x4a0
[   79.945274][ T5711]  u32_init+0x25d/0x3d0
[   79.945292][ T5711]  ? __pfx_u32_reoffload+0x10/0x10
[   79.945311][ T5711]  tcf_proto_create+0x130/0x1a0
[   79.945384][ T5711]  tc_new_tfilter+0x95c/0x10a0
[   79.945398][ T5711]  ? __rcu_read_unlock+0x4f/0x70
[   79.945426][ T5711]  ? ns_capable+0x7d/0xb0
[   79.945444][ T5711]  ? __pfx_tc_new_tfilter+0x10/0x10
[   79.945459][ T5711]  rtnetlink_rcv_msg+0x5fe/0x6d0
[   79.945526][ T5711]  netlink_rcv_skb+0x123/0x220
[   79.945618][ T5711]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   79.945640][ T5711]  rtnetlink_rcv+0x1c/0x30
[   79.945714][ T5711]  netlink_unicast+0x5c0/0x690
[   79.945739][ T5711]  netlink_sendmsg+0x58b/0x6b0
[   79.945755][ T5711]  ? __pfx_netlink_sendmsg+0x10/0x10
[   79.945834][ T5711]  __sock_sendmsg+0x145/0x180
[   79.945853][ T5711]  ____sys_sendmsg+0x31e/0x4e0
[   79.945870][ T5711]  ___sys_sendmsg+0x17b/0x1d0
[   79.945894][ T5711]  __x64_sys_sendmsg+0xd4/0x160
[   79.945911][ T5711]  x64_sys_call+0x191e/0x3000
[   79.945982][ T5711]  do_syscall_64+0xd2/0x200
[   79.945999][ T5711]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   79.946072][ T5711]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   79.946097][ T5711]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.946114][ T5711] RIP: 0033:0x7f90f0c7f749
[   79.946126][ T5711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.946140][ T5711] RSP: 002b:00007f90ef6e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   79.946185][ T5711] RAX: ffffffffffffffda RBX: 00007f90f0ed5fa0 RCX: 00007f90f0c7f749
[   79.946195][ T5711] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000009
[   79.946204][ T5711] RBP: 00007f90ef6e7090 R08: 0000000000000000 R09: 0000000000000000
[   79.946214][ T5711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   79.946224][ T5711] R13: 00007f90f0ed6038 R14: 00007f90f0ed5fa0 R15: 00007ffc2821cb88
[   79.946238][ T5711]  </TASK>
[   80.247003][ T5703] netlink: 4 bytes leftover after parsing attributes in process `syz.4.756'.
[   80.276354][ T5703] netlink: 12 bytes leftover after parsing attributes in process `syz.4.756'.
[   80.362818][ T5730] netlink: 4 bytes leftover after parsing attributes in process `syz.0.765'.
[   80.776886][ T5768] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   80.786782][ T5768] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.870719][ T5777] FAULT_INJECTION: forcing a failure.
[   80.870719][ T5777] name failslab, interval 1, probability 0, space 0, times 0
[   80.883487][ T5777] CPU: 1 UID: 0 PID: 5777 Comm: syz.5.787 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   80.883546][ T5777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   80.883556][ T5777] Call Trace:
[   80.883561][ T5777]  <TASK>
[   80.883567][ T5777]  __dump_stack+0x1d/0x30
[   80.883587][ T5777]  dump_stack_lvl+0xe8/0x140
[   80.883603][ T5777]  dump_stack+0x15/0x1b
[   80.883617][ T5777]  should_fail_ex+0x265/0x280
[   80.883762][ T5777]  should_failslab+0x8c/0xb0
[   80.883790][ T5777]  kmem_cache_alloc_noprof+0x50/0x480
[   80.883833][ T5777]  ? skb_clone+0x151/0x1f0
[   80.883901][ T5777]  skb_clone+0x151/0x1f0
[   80.883916][ T5777]  __netlink_deliver_tap+0x2c9/0x500
[   80.883937][ T5777]  netlink_unicast+0x66b/0x690
[   80.883992][ T5777]  netlink_sendmsg+0x58b/0x6b0
[   80.884010][ T5777]  ? __pfx_netlink_sendmsg+0x10/0x10
[   80.884025][ T5777]  __sock_sendmsg+0x145/0x180
[   80.884090][ T5777]  ____sys_sendmsg+0x31e/0x4e0
[   80.884108][ T5777]  ___sys_sendmsg+0x17b/0x1d0
[   80.884134][ T5777]  __x64_sys_sendmsg+0xd4/0x160
[   80.884153][ T5777]  x64_sys_call+0x191e/0x3000
[   80.884181][ T5777]  do_syscall_64+0xd2/0x200
[   80.884218][ T5777]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   80.884310][ T5777]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   80.884342][ T5777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.884364][ T5777] RIP: 0033:0x7fc0bf2ef749
[   80.884378][ T5777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.884396][ T5777] RSP: 002b:00007fc0bdd4f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   80.884459][ T5777] RAX: ffffffffffffffda RBX: 00007fc0bf545fa0 RCX: 00007fc0bf2ef749
[   80.884469][ T5777] RDX: 0000000000000000 RSI: 00002000000012c0 RDI: 0000000000000007
[   80.884493][ T5777] RBP: 00007fc0bdd4f090 R08: 0000000000000000 R09: 0000000000000000
[   80.884577][ T5777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.884589][ T5777] R13: 00007fc0bf546038 R14: 00007fc0bf545fa0 R15: 00007ffee1726f88
[   80.884609][ T5777]  </TASK>
[   80.885665][ T5768] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   81.098947][ T5768] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.190133][ T5768] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   81.199974][ T5768] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.266035][ T5768] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   81.275859][ T5768] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.365091][ T4231] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   81.373362][ T4231] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.439174][ T4231] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   81.447367][ T4231] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.525093][ T4231] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   81.533387][ T4231] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.542045][ T4231] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   81.550616][ T4231] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.812602][   T29] kauditd_printk_skb: 369 callbacks suppressed
[   81.812621][   T29] audit: type=1400 audit(1763780238.710:4891): avc:  denied  { setopt } for  pid=5848 comm="syz.4.819" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   81.848735][   T29] audit: type=1326 audit(1763780238.740:4892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5851 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09cdd5f749 code=0x7ffc0000
[   81.872111][   T29] audit: type=1326 audit(1763780238.740:4893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5851 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09cdd5f749 code=0x7ffc0000
[   81.895442][   T29] audit: type=1326 audit(1763780238.740:4894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5851 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f09cdd5f749 code=0x7ffc0000
[   81.957555][   T29] audit: type=1326 audit(1763780238.750:4895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5851 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09cdd5f749 code=0x7ffc0000
[   81.981079][   T29] audit: type=1326 audit(1763780238.750:4896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5851 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f09cdd5f749 code=0x7ffc0000
[   82.004639][   T29] audit: type=1326 audit(1763780238.750:4897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5851 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09cdd5f749 code=0x7ffc0000
[   82.027954][   T29] audit: type=1326 audit(1763780238.750:4898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5851 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f09cdd5f749 code=0x7ffc0000
[   82.051249][   T29] audit: type=1326 audit(1763780238.820:4899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5851 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09cdd5f749 code=0x7ffc0000
[   82.074730][   T29] audit: type=1326 audit(1763780238.820:4900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5851 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09cdd5f749 code=0x7ffc0000
[   82.150145][ T5857] sch_fq: defrate 4294967295 ignored.
[   82.159647][ T5857] netlink: 'syz.0.823': attribute type 1 has an invalid length.
[   82.167281][ T5857] netlink: 'syz.0.823': attribute type 4 has an invalid length.
[   82.210434][ T5874] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5874 comm=syz.0.831
[   82.287348][ T3559] Bluetooth: hci0: Frame reassembly failed (-84)
[   84.438839][ T3690] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   84.669554][ T5945] xt_hashlimit: max too large, truncated to 1048576
[   85.013053][ T5967] __nla_validate_parse: 19 callbacks suppressed
[   85.013160][ T5967] netlink: 4 bytes leftover after parsing attributes in process `syz.2.855'.
[   85.705611][ T5997] netlink: 4 bytes leftover after parsing attributes in process `syz.2.879'.
[   85.809252][ T6011] netlink: 4 bytes leftover after parsing attributes in process `syz.4.885'.
[   85.850919][ T6011] netlink: 24 bytes leftover after parsing attributes in process `syz.4.885'.
[   86.002686][ T6022] netlink: 28 bytes leftover after parsing attributes in process `syz.2.891'.
[   86.011740][ T6022] netlink: 32 bytes leftover after parsing attributes in process `syz.2.891'.
[   86.020688][ T6022] netlink: 28 bytes leftover after parsing attributes in process `syz.2.891'.
[   86.118759][ T6022] netlink: 32 bytes leftover after parsing attributes in process `syz.2.891'.
[   86.331996][ T6024] netlink: 4 bytes leftover after parsing attributes in process `syz.4.890'.
[   86.376688][ T6032] netlink: 12 bytes leftover after parsing attributes in process `syz.5.893'.
[   86.679067][    T9] ==================================================================
[   86.687181][    T9] BUG: KCSAN: data-race in kick_pool / wq_worker_running
[   86.694186][    T9] 
[   86.696488][    T9] read-write to 0xffff888237d29de4 of 4 bytes by task 3382 on cpu 1:
[   86.704522][    T9]  wq_worker_running+0x95/0x120
[   86.709351][    T9]  schedule_timeout+0xb7/0x170
[   86.714090][    T9]  msleep+0x50/0x90
[   86.717876][    T9]  nsim_fib_event_work+0x42e6/0x4790
[   86.723155][    T9]  process_scheduled_works+0x4ce/0x9d0
[   86.728594][    T9]  worker_thread+0x582/0x770
[   86.733156][    T9]  kthread+0x489/0x510
[   86.737197][    T9]  ret_from_fork+0x122/0x1b0
[   86.741761][    T9]  ret_from_fork_asm+0x1a/0x30
[   86.746498][    T9] 
[   86.748794][    T9] read to 0xffff888237d29de4 of 4 bytes by task 9 on cpu 0:
[   86.756044][    T9]  kick_pool+0x49/0x2d0
[   86.760170][    T9]  __queue_work+0x8cb/0xb50
[   86.764643][    T9]  queue_work_on+0xd1/0x160
[   86.769116][    T9]  wg_packet_encrypt_worker+0xc0a/0xe10
[   86.774648][    T9]  process_scheduled_works+0x4ce/0x9d0
[   86.780093][    T9]  worker_thread+0x582/0x770
[   86.784668][    T9]  kthread+0x489/0x510
[   86.788721][    T9]  ret_from_fork+0x122/0x1b0
[   86.793289][    T9]  ret_from_fork_asm+0x1a/0x30
[   86.798036][    T9] 
[   86.800423][    T9] value changed: 0x00000000 -> 0x00000001
[   86.806109][    T9] 
[   86.808413][    T9] Reported by Kernel Concurrency Sanitizer on:
[   86.814539][    T9] CPU: 0 UID: 0 PID: 9 Comm: kworker/0:0 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   86.824056][    T9] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   86.834086][    T9] Workqueue: wg-crypt-wg0 wg_packet_encrypt_worker
[   86.840574][    T9] ==================================================================
[   86.869273][   T29] kauditd_printk_skb: 160 callbacks suppressed
[   86.869287][   T29] audit: type=1326 audit(1763780243.750:5061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.4.896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8284c6f749 code=0x7ffc0000
[   86.898792][   T29] audit: type=1326 audit(1763780243.750:5062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.4.896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7f8284c6f749 code=0x7ffc0000
[   86.901144][ T6040] 8021q: adding VLAN 0 to HW filter on device bond1
[   86.922164][   T29] audit: type=1326 audit(1763780243.750:5063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.4.896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8284c6f749 code=0x7ffc0000
[   86.952025][   T29] audit: type=1326 audit(1763780243.750:5064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.4.896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8284c6f749 code=0x7ffc0000
[   86.975234][   T29] audit: type=1326 audit(1763780243.750:5065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.4.896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8284c6f749 code=0x7ffc0000
[   86.998584][   T29] audit: type=1326 audit(1763780243.750:5066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.4.896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8284c6f749 code=0x7ffc0000
[   87.021891][   T29] audit: type=1326 audit(1763780243.750:5067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.4.896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8284c6f749 code=0x7ffc0000
[   87.045327][   T29] audit: type=1326 audit(1763780243.750:5068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.4.896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7f8284c6f749 code=0x7ffc0000
[   87.068554][   T29] audit: type=1326 audit(1763780243.750:5069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.4.896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8284c6f749 code=0x7ffc0000
[   87.092003][   T29] audit: type=1326 audit(1763780243.750:5070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.4.896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f8284c6f749 code=0x7ffc0000