last executing test programs:

1m17.934771259s ago: executing program 3 (id=2081):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYRESHEX=r1, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = syz_open_dev$usbfs(&(0x7f00000007c0), 0x1ff, 0x2401)
ioctl$USBDEVFS_CONTROL(r5, 0xc0185500, &(0x7f0000000080)={0x80, 0x8, 0xd, 0x8, 0x0, 0x9, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r2, 0x0, 0xf7}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb8000)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$GTP_CMD_GETPDP(r6, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000200)={0x1c, 0x0, 0x300, 0x70bd29, 0x25dfdbff, {}, [@GTPA_FAMILY={0x5, 0xd, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20040800}, 0x20048001)
r7 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={0x34, r8, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x20009805}, 0x24000004)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x181242, 0x48)
pwrite64(r9, &(0x7f0000000100)='2', 0x1, 0x1fecd)
fallocate(0xffffffffffffffff, 0x0, 0x6, 0x2000402)
pwritev2(r7, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xfffffdd6}], 0x1, 0x9c00, 0x0, 0x3)

1m17.745479327s ago: executing program 3 (id=2088):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x7, 0x4, 0x80, 0x1, 0x28}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
r3 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r3, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="070000000400000080"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000700000018120000", @ANYRES16=0x0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='kmem_cache_free\x00', r4}, 0x18)
r5 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r5, &(0x7f0000000080), 0x10)
sendmmsg(r5, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)
r6 = accept4$unix(r3, 0x0, 0x0, 0x0)
recvfrom$unix(r6, &(0x7f0000000140)=""/263, 0x107, 0x0, 0x0, 0x701)

1m17.697466352s ago: executing program 3 (id=2090):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, 0x0, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x6}, 0x18)
r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x203, 0x8401)
ioctl$USBDEVFS_FREE_STREAMS(r1, 0x8008551d, &(0x7f0000000040)=ANY=[@ANYBLOB="157800020100000003"])

1m17.672501085s ago: executing program 3 (id=2093):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f00000003c0), 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setsig(0x4203, r0, 0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYRES64=r1], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd}, 0x94)
r3 = inotify_init1(0x0)
inotify_add_watch(r3, &(0x7f00000000c0)='.\x00', 0xa4000061)
tkill(0xffffffffffffffff, 0x22)
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x50)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
read(r3, &(0x7f0000000140)=""/68, 0x44)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00"/11], 0x48)
r4 = socket$nl_route(0x10, 0x3, 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r6 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000003bc0)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x43f, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
write$P9_RVERSION(r6, &(0x7f0000000c40)=ANY=[], 0x13)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r7, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000280)='./file0\x00', &(0x7f0000000300)=[0x5], 0x0, 0x0, 0x1, 0x1}}, 0x40)
mmap$xdp(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000006, 0x12, r5, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
creat(0x0, 0x0)
socket$inet6(0xa, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)

1m17.51259483s ago: executing program 3 (id=2102):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x18)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000002080)=ANY=[@ANYBLOB="58000000100005ff00000000000000002200004a1de6ce40c6a847e4b2e5951cd5f1f0b088be785069201fe66967de76a57c72f66e23a650fe13efa5f8fee68904dd6e210af9498a7d580981121e0e96feef0c7a4188ecd9628707bf68de1ed367a255eac08ae045db0a9fdf4bfce2c5c963295a9562a7de2f335022df4319192a0abff253254b4aa26e49a5f20409003f8cec369be16aca001b172668fedb404a51e0319a9a06f8313f04c076c59aac34b164522ebd4baabe27eb418ddb319908c1e3ddee5793eacc3a6ae7991cf56ed39ff2f8c4af1053fde0d2f9dd5ead8736a65360ea0b52c9cc61332895a3aa2580a15cd34f21b8a7a9bd4aacc930a5296d56a6d7ed702f10a4fdd6ff085753788e25d9de76a6c50b7bd9cb885f5760cb61e340179ef611aa18aec4ce409cd68978004718068ad2f584d99af89b72a49da5957089768e862ef8049d539f0121deb41b76beace1b4556f84162f87b801f20cfdb3c4f1edee955fbae3f348d4567cd75416a0ba21f9a6f3b2d3610a50fe881f69a7fbf7d0317db79ba646371445654b06bc58d8841e6142a23d780c", @ANYRES32=0x0, @ANYBLOB="0000000000000000380012800b00010067656e657665000028000280050009000100000005000800000000000500040004000000060005004e22000004000600"], 0x58}}, 0x0)
dup(r0)
r2 = socket(0x29, 0x5, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
ioctl$SIOCX25GFACILITIES(r2, 0x89e2, &(0x7f0000001540))
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$F2FS_IOC_SET_PIN_FILE(r3, 0x4004f50d, &(0x7f0000002280)=0x1)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
open_tree(0xffffffffffffff9c, &(0x7f0000001080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x80001)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000007c0)=ANY=[@ANYBLOB="5800000002060108000000bca3000000000000400500010006000000050005000200000005000400000000000900020073797a31000000000c000780080012400000000211000300686173683a69702c6d61726b"], 0x58}}, 0x0)
syz_emit_ethernet(0x19e, &(0x7f00000000c0)=ANY=[@ANYRES32=r3], 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x39)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x2, 0x4, 0x5}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r6, <r7=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000022c0)=ANY=[@ANYBLOB="1000000000985100000000060000006c774d00"/33, @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
time(0x0)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="480000000906010200000000000000000200ffff200007800c00018008000140a2fd4ebc08000a400000000205000300020000000900020073797a31000000000500010007"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000200)='./file0\x00', 0x8091, &(0x7f0000000080)=ANY=[@ANYBLOB="646f74732c6e66732c646f733178666c6f7070792c6e6f646f74732c6e66733d6e6f7374616c655f726f00006c7573682c007c32e6ed807e489371f36801ce050bf44a544254090f402f7118d54d9ab682086b2837a98d2ba3e5fdafcfdc2299feec75ae06d3eafa38e22c3acf88"], 0x2, 0x1213, &(0x7f00000002c0)="$eJzs3U+LG2UcB/Af+8fdbN111VptLz7oRS/B9uDJQxfZBWlAqY34B4Upm9aQmIRMDol4qAiePHj3HYhHb4L4BvY9eBAvS0H04kEciekfu2YxqU2i7edzyQ++z8w888wQmDA/cvjS5x80rpRiKa5/EbEWK534rSiKSLEUyzFyLZ7/ZO+XUkRc2KlUdi+mtLdz6eyLKaWtp79956Ovnvmud+KNr7e+WYuD7fcOfzr3w8Gpg9OHv196v56nep5a7V7K0uV2u5ddbtbSfj1vlFN6rVnL8lqqt/Ja9478SrPd6QxS1trf3Oh0a3mestYgNWqD1GunXneQsqtZvZXK5XLa3AiOOD/N4OqXvw4vdhTFajwURVEUpdiIE/FwbMZWPBLb8Wg8Fo/HyXgiTsWT8VScjqI4eXV20wcAAAAAAAAAAAAAAAAAAIAH0TH9/ys38zH9/z9Gsdg5AwAAAAAAAAAAAAAAAAAAwP3mbv7/v9D/DwAAAAAAAAAAAAAAAAAAAPfUZP3/6/r/AQAAAAAAAAAAAAAAAAAAYIZef+vtCzuVyu7FlNYjrl/rV/vV0eco33ulsvtC+tP27a1+7very7fys6M83ZmvxcaN/NzYfD2ee3aUD7OXX60cyc/E/uxPHwAAAB4I5XTL2Of7cvm4fFT95feBI8/vK3FmZW6nwV3KBx82smaz1v0/FZuTDV6awdFv3tKTblWKaQ6xHG9++tm7i17e6Yrz/zSmFJPtcO3G0v4tGq75v57qx6tj9jyHYnWqG+A/VCzwS4m5uX3Rjx3y/VwnBAAAAAAAAAAAwETGvv03DO7h64SLPkcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgD3bgWAAAAABAmL91Gh0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwVQAAAP//HwKFiQ==")

1m16.330378206s ago: executing program 3 (id=2130):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x800810, &(0x7f0000000180)={[{@nobh}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
creat(&(0x7f0000000e00)='./mnt\x00', 0xec)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000040000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r0}, &(0x7f00000004c0), &(0x7f0000000500)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='kfree\x00', r1, 0x0, 0x2}, 0x18)
setxattr$system_posix_acl(&(0x7f0000000000)='./mnt\x00', &(0x7f0000000040)='system.posix_acl_access\x00', 0x0, 0x0, 0x2)

1m16.327439447s ago: executing program 32 (id=2130):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x800810, &(0x7f0000000180)={[{@nobh}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
creat(&(0x7f0000000e00)='./mnt\x00', 0xec)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000040000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r0}, &(0x7f00000004c0), &(0x7f0000000500)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='kfree\x00', r1, 0x0, 0x2}, 0x18)
setxattr$system_posix_acl(&(0x7f0000000000)='./mnt\x00', &(0x7f0000000040)='system.posix_acl_access\x00', 0x0, 0x0, 0x2)

2.416706844s ago: executing program 4 (id=3501):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r0}, 0x18)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c00006ffe9fe50400feff00000000000a0000e40900010073797a310000000097000540000000020900020073797a320000000008180a40fffffffc200011800e000100636f6e6e6c696d69740000000c00027b08000200001100010000000009000000000000000a10008c6d1e5f878837f19367b8eb2ce906fe4f772d128327d21ff2b7b582fc9f5eda1f8b49eaad00196617ebbb5da4fa8f7fbd2f30581b0b9f3b656b585282822ad2cfca287e582105dadd385958c7a2e8145eded3d0eeef8b1866c4f9a7dd9f8ab9f84595aa0009f54db35f37633b5464a17926a8e01e8cb88a2ae384e3c2cc2fe367214e64f2925c83a2b1e09133c2cdfb81f39511850c1a90e07785a2", @ANYRESHEX], 0x84}, 0x1, 0x0, 0x0, 0x8d4}, 0x40)
r2 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
writev(r2, &(0x7f0000000300)=[{&(0x7f0000000080)="aefdda9d240103005a90f57f02703aeff0f64eb9ee07962c220852f426072a00"/42, 0x2a}], 0x1)
read(r2, &(0x7f0000000240)=""/28, 0xffd2)
perf_event_open(&(0x7f0000000580)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x444e, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, @perf_config_ext={0xcc, 0x3ff}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0x3, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0x8, 0xffffffffffffffff, 0x2)

2.394600006s ago: executing program 4 (id=3503):
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000004200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x3e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000004100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f00000003c0)="131c8701feaa16bca4ac74ab821d", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)

2.361993269s ago: executing program 4 (id=3504):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x59, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
r7 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000140)={'vxcan1\x00', <r8=>0x0})
bind$can_raw(r7, &(0x7f0000000240)={0x1d, r8}, 0x10)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r9, 0xffffffffffffffff, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r11 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r10}, 0x10)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r13 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='leases_conflict\x00', r12}, 0x18)
r14 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
r15 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f00000013c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES64=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48)
r16 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000340)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r16}, 0x18)
r17 = socket$unix(0x1, 0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r14, 0xc0189379, &(0x7f0000001ac0)={{0x1, 0x1, 0x18, <r18=>r3}, './file1\x00'})
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r14, 0xc0189378, &(0x7f0000001b00)={{0x1, 0x1, 0x18, r1, {<r19=>r0}}, './file1\x00'})
sendmmsg$unix(r1, &(0x7f0000001200)=[{{&(0x7f00000002c0)=@file={0x1, './file1\x00'}, 0x6e, &(0x7f0000000380)=[{&(0x7f0000000340)="8253808277d780d472aa5f54ab338afe6ed7e6c5b5b013c4ae238609071c7bcaf58258cdeecba568bb14232c", 0x2c}, {&(0x7f00000004c0)="423d83929d43127c4b56f89ef976ac111be9789b55ef7a5f0564392f61ad3a9de21a87ce090798be171b0cefbc4694b9b99c74ab965292148e2de6d4b940f86297d3e50ee591c1c378344026ab2fedaef0885ca5a90ec95e374d6520f7d1684c32728c2df0110fc8f5440e2d33856bce5e915f701092bcb0bb7d0591f5533b5d1d794f3741a359055802910acf45af03caec9071c1d406d14ff2451cbd57400f8dc980414fa8217dfcdfce7968704987830a97787b71a97f", 0xb8}], 0x2, &(0x7f0000001440)=ANY=[@ANYBLOB="200000000000029b3023000001000000010000007002542c5e713fe36c135f61e296ef6ae64d66edc079888c475da3f2609d43f7d979d47f99c5a15860b13d754a59", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r14, @ANYRES32], 0x20, 0x40}}, {{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000d00)="b11bc22cdab3059ca616b1a224275036bd28e620caff63f19d0c905fa6d97bba9e9a220f3359125da0d949f426f8647f747e2f793b109ad2046f64c00d96223acc510ae5d63604b5f4c5fbb2aa485516ad646ac4fa7220b0132bab4d7195097199663f95a4e48775e79632ec176732858bc28689568b6c5bc8adb1425c09e7355273c4c789746fc003d018fce49eea8d65e4413e09dafc4bad0d960c78fee55d2b0fabc6886e3fb9590c6d586845ec706b413d996347dc02d2e80df4fabe84c8171684cf48345c7ea3126b7d0790238aaa3aabb6dda873cd2d83f01a6bb5411c0d4b1553f7b8fcc08be05a852618234884a557a082b4248b1d1041c83b5f44", 0xff}, {&(0x7f0000000800)="028b09d789f4bfbe402eeeede24fe0eb19fccc820ddde194fe23269217c35585441a648b9d868db4660b4428b2d5ab55a0371784cf2e8ca2ab6075be46c60db0def64bfdb7deff87c3e442856ea30f3efb6a3a816a8eb3629ce1785ff869db5b87f0cd018f9c7a09ae031a6061afda547a62c116de3fb8251ac58a5a79afd0", 0x7f}, {&(0x7f0000000880)="83cc387e77b2264c984c83473ab6adf32837ae0ca21e57e605ec37a8a481f030fb4f6fb504", 0x25}, {&(0x7f0000000ac0)="a2ca90faec59f5807fc966a2512cf27b3efa06afe9a082644592358af35b45b39d0987e200647ba5c7199da9b0169e996e189fec80ef48d9ea6214412cbee3612bfe", 0x42}], 0x4, &(0x7f0000000c00)=[@rights={{0x20, 0x1, 0x1, [r5, 0xffffffffffffffff, r1, r13]}}, @rights={{0x1c, 0x1, 0x1, [r15, r16, r6]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xffffffffffffffff}}}], 0x60, 0x40808}}, {{&(0x7f0000000c80)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000000b80), 0x0, &(0x7f0000000fc0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [r14]}}, @rights={{0x28, 0x1, 0x1, [r12, r0, r4, r4, r4, r6]}}, @cred={{0x1c}}], 0x98, 0x45}}, {{&(0x7f0000001080)=@file={0x0, './file1\x00'}, 0x6e, &(0x7f0000001100)=[{&(0x7f0000000700)="037d417d89bea47612d1de7737d6f09d7bf7c94ee685409fec4639818afb9bf837f9e0571170f94266459b0756f3489673f8f933cb42fc0c5798991afe1f9db0eff3a835d4cd707bdee92a510c828fd7ce4b628f7ecd956ead74bd3806c603147c0eea9a3b1a8e285a5a1de9ac76ceac05482bcf3f71b99e2ae826c50b09e8837f5d543f86db97fc791252166d8420945adac3019650dac226441511eec58f27d6fa0e1c73e7e478fd00328e44dc603e5aafe7c0029dc624a3968f2c90cc078b0c7564ce24bde38b54336c4a5296dbb3b18f70f13f85b1ed3b74ce928b46c9", 0xdf}, {&(0x7f0000000b40)="28dd2524393fe61936d3ca21bcc28b3cb807b7d5cd448a2d3449dc227a5d514e850bf36182052344c5796d990205c53eb0cb158b77a154995e557d952a83a01f43411cf6ffe045737470c68dc6b135bb046889528aafea7bbbf0bf73880faa28c72e88875223ec99ec3421218adf4decbc19f3aa100b2b7f3a219e24", 0x7c}, {&(0x7f0000000e00)="0e08741e4c0fbc9ffce42cfe35d191872762c74c854946fe33f0c13470102b92539cd6b70a8d6e68c034f84272b3e8025e9e5babe32e624c320fd69e656b54edae0927c725f98cf2b0c3644d7e88ea5e626fa48ac8dc8f1c7ea8473aa75a22f7f695847132eaab24b166791b9ed65883654d61683b9b5cb6f5a786cf231ac880cd9357d3b4930acf9eccadc1e711c917de649f7125ff6db3b63eafd087578aecc6bccbaeb8aaa77f255e1576f6de1db6be3256badb", 0xb5}, {&(0x7f0000000ec0)}, {&(0x7f0000000f00)}], 0x5, 0x0, 0x0, 0x4008040}}, {{0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000001180)="9084d9a1593d223518580aa45a0fe0689f19cc3d9fd92953cc58bc66bcc0633e52a6", 0x22}], 0x1, &(0x7f00000014c0)=ANY=[@ANYBLOB="2400000000000000ffffffff01000000", @ANYRES32=r11, @ANYRES32=r3, @ANYRES32=r3, @ANYRES32=r11, @ANYRES32, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r9, @ANYRES32=r17, @ANYRES32, @ANYRES32=r6, @ANYBLOB="18000000000000000100000001000000", @ANYRES32=r7, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32=r11, @ANYRES32=r0], 0xb8, 0x1}}, {{&(0x7f0000001580)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f00000016c0)=[{&(0x7f0000001600)="08ee7225bef48632d091df7156d048ca59c82d733706ba60bf31e34f084db3793b927c90909e86bc0f1ff2c75a36a873760ec2dd77edfdafe3095736e23481f468568236b86c5788800fe10b8761cfea831386ef02e51cfd8df7d017d39e169c57a3511480c8d31e68eee151233fdda50585446b8bd2a934b39c302871af2ea8568a824577c26b9e7580adc310b149d30960ccd5748764b50a6393f724099167ae73dd7f82", 0xa5}], 0x1, &(0x7f0000001700)=[@rights={{0x24, 0x1, 0x1, [r15, r15, r0, r10, r17]}}], 0x28}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1c000000000000000100000001000000", @ANYRES32, @ANYRES8=r0, @ANYRES32=r1, @ANYRES32=r4, @ANYRES32=r4, @ANYRES32=r6, @ANYRES32=r18, @ANYRES32=r7, @ANYRES32=r0, @ANYRES32=r4, @ANYRES32=r9, @ANYRES32=r19, @ANYRES32=r14, @ANYBLOB="0000009fff04004e00"], 0x58, 0x4000000}}], 0x7, 0x40000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r15}, 0x10)
r20 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r20, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYRESDEC=r4, @ANYRESDEC=r18], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r20, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000002000000000f40600000a14000000020a01"], 0x3c}, 0x1, 0x0, 0x0, 0x4011}, 0x4000094)

2.329979142s ago: executing program 4 (id=3506):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=0xffffffffffffffff, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000280)='kfree\x00', r2}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1d00000004000000020000000000000001020000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="01000000ff70ff00"/27], 0x50)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000300), r3)
sendmsg$NLBL_MGMT_C_ADDDEF(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)={0x44, r5, 0xa01, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private2}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @remote}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}]}, 0x44}, 0x1, 0x0, 0x0, 0x88d3}, 0x4080)
r6 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r6, 0x13, &(0x7f0000000180)=[0xfffffffb, 0x5], 0x2)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000000c0)=ANY=[@ANYRESOCT=r0], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x18)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000001c0), 0x13f, 0x8}}, 0x20)
close(r0)

2.002523194s ago: executing program 4 (id=3515):
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000004200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x3e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000004100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f00000003c0)="131c8701feaa16bca4ac74ab821d", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)

1.937517491s ago: executing program 4 (id=3520):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x102, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000380)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xffffffed, 0x6}, [@TCA_NETEM_CORRUPT={0xc, 0x4, {0xfffffffd, 0xa}}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

1.897461605s ago: executing program 0 (id=3522):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000007c0)={{r0}, &(0x7f0000000740), &(0x7f0000000780)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x22c7, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = add_key$keyring(&(0x7f0000000080), &(0x7f0000001100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)="300e", 0x2, r2)

1.84206539s ago: executing program 0 (id=3524):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$chown(0x4, r1, 0xee00, 0xee01)
keyctl$read(0xb, r1, 0x0, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140)=ANY=[@ANYRESDEC=r1], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000080)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB, @ANYRES16=r1, @ANYRESDEC=r2, @ANYRESDEC=r0], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r3}, 0x10)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
pipe(0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
pread64(r6, &(0x7f00000002c0)=""/124, 0x7c, 0x7)
pipe(&(0x7f0000000000)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
splice(0xffffffffffffffff, 0x0, r8, 0x0, 0xf3a, 0x0)
close(r7)
write$binfmt_script(r8, 0x0, 0xd9)
write(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0x2)
readv(r4, &(0x7f00000001c0)=[{&(0x7f0000001300)=""/238, 0xee}], 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)

1.541808789s ago: executing program 1 (id=3535):
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x20, r0, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x44010}, 0x8880)

1.509193043s ago: executing program 1 (id=3536):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000007c0)={{r0}, &(0x7f0000000740), &(0x7f0000000780)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x22c7, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = add_key$keyring(&(0x7f0000000080), &(0x7f0000001100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)="300e", 0x2, r2)

1.508876863s ago: executing program 1 (id=3537):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0x5fd6, 0x0, 0xffffffff, 0x1b3}, &(0x7f00000001c0)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004000000"], 0x48)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x3000003, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000440))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff0001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x1)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r0, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='0'], 0x30}})
io_uring_enter(r1, 0x3516, 0xddd6, 0x4, 0x0, 0x0)

1.349578178s ago: executing program 2 (id=3539):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r0}, 0x18)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
writev(r1, &(0x7f0000000300)=[{&(0x7f0000000080)="aefdda9d240103005a90f57f02703aeff0f64eb9ee07962c220852f426072a00"/42, 0x2a}], 0x1)
read(r1, &(0x7f0000000240)=""/28, 0xffd2)
perf_event_open(&(0x7f0000000580)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x444e, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, @perf_config_ext={0xcc, 0x3ff}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0x3, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0x8, 0xffffffffffffffff, 0x2)

1.316279942s ago: executing program 2 (id=3540):
syz_read_part_table(0x628, &(0x7f0000000640)="$eJzs1D+LHVUcBuB35v6Zu2b1BrEQBd1PYGGaWCzZgAqSIiGihY2VhRAUAhZW9y5JYaWNIBYqgqBYGAS1MRILydpprMRSgr2NlTAyZ+7cvVoEZCOY8DwsM+ecOef8zuy83HBHm/a3qrvcV5rzRz7reqPFIlmOk8lq5q+TZJm0bdv2YzvJc5+ef/LZM03e2R72O95dxpmWDVdrq5x8sTRGSRb9vHb++I2Mt7JcPvj5T7NhdTW+Wid1cqo/UrVelllG732UcoRhqGg2Xqap+vqHr3Rrzb/5T/F/dGX3+vxS3TaZ7L48XQXuiWqZLlI3u6wuqqoMzoY8TJMT19ZBOqrRkLSqys9d0Rsnu3J1F62D+WrSUOq3EvT9Va9ty9rhXIv11ElGr5TOOp/7hwX3usuX1fZtOT1HVfJ3+eL023H5MufnXRK6ULx6oW6/vtYW+6uQ/NnOkkd3ck9dcuPnBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuJ3GSaYb/RNbycNv1Xupq+THfihbSWbJfpLR5uy3myPXv7J7fX7p8sWtNFU/MJlOMj37+/v3PvbDwWSYdbw/ZF3+yjlmz2fyj6NzB+q//yRvvr77x6SP03aSEob7f/lua/2JR1k88FoXxCxLGHtfbGxVnSpp3nia9Dse+3tNoQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9tTTz+zc+503XTtKhmvhkfD87Yd5aFvXvjkwvenZwcvJWebr7I3PNvY51zT36/WaQ5Hp7n5RvLxu8mHH5TNsqrTtu2ia5459l+/ILf0VwAAAP//QatkeA==")

1.234741109s ago: executing program 1 (id=3541):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000005c0)={[{@barrier_val={'barrier', 0x3d, 0x101}}, {@errors_remount}]}, 0x2, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r4 = open(&(0x7f00000001c0)='./file1\x00', 0x16f07e, 0x88)
copy_file_range(r4, 0x0, r4, 0x0, 0x39ea, 0x0)
connect$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000540)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @loopback}, 0x10)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r5, &(0x7f0000000140)='2', 0x1, 0x8080c61)
r6 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r6, r5, 0x0, 0x800000009)

1.115913601s ago: executing program 2 (id=3542):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x5, 0xb, &(0x7f0000000380)=ANY=[@ANYRES16], &(0x7f0000000080)='GPL\x00', 0xffffffc, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0}, 0xffffffffffffffa0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='kmem_cache_free\x00', r0}, 0x18)
open(0x0, 0x105142, 0x120)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x4)
write(r1, &(0x7f0000000280)="e8bd8a4c56281ba2ba42cfa5b9fe5fc6dcde2ee431f5595ceadb9a2c95e57f15ee4a83f9e7d78ea996f78bd588bedcdbc730d6d15df6d2a26ca4e55e97ed0522a190ce241a37bad3317fba7e4be3dbbfec5e2f401b5658cc8fda", 0xffffffe5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000400)=0xa)
ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000880))
bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="0700000004000000000100000600000028000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000008cbea1c36e1b3b2991f7766191a8d81ebef14356c9255025672b7a8bd2650b42068071ea11144b5d71681aee1f54acb60697d2aab1eb4dbcd7fa116e70a71cadf295be74effc126c65000d10acc98278d9ace9b02ff8e348ea3f1a20f7e44ccefbf2d883aa660946519a63708d4260a1c27c80861daedd8e86b2bb6c619926644ce76a91771432"], 0x50)
syslog(0xa, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$FIBMAP(r3, 0x1, &(0x7f0000000300)=0x7ff)
socketpair(0x2, 0x1, 0x100, &(0x7f0000000440))
openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f00000011c0), 0x2401, 0x0)
lchown(&(0x7f0000000480)='./file0/file0\x00', 0x0, 0x0)

938.585539ms ago: executing program 0 (id=3543):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8ff20c2c10f0093d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x18)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r2, &(0x7f0000000240)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)=@newtfilter={0x88, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xfffa}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x58, 0x2, [@TCA_FLOWER_ACT={0x54, 0x3, [@m_connmark={0x50, 0x1, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x1, 0x8, 0x7, 0xfc, 0x3}, 0xb}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x88}}, 0x24000000)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)

926.71233ms ago: executing program 0 (id=3544):
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x401, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x29}}, './file0\x00'})

889.897674ms ago: executing program 0 (id=3545):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r0, 0x10c000)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000005c0))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000980)='./file1\x00', 0x42, 0xc2)
pwrite64(r2, &(0x7f0000000080)="ce", 0x1, 0x200980)
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r5=>r4], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000300)='./file0\x00', 0x800000, &(0x7f0000000340)=ANY=[@ANYRES32=r5], 0x1, 0x373, &(0x7f00000006c0)="$eJzs3U9rXFUUAPDTsfmr6WQhgop4qRvdDEn8Ag3SghhQYkeqC+HVTHTINBPmDZEpot259XMUl+4E8QtkoXt37rJx2UXpk8yfJpOOKSVOHtXfD8I9yT0nc+883uNuHufw1g93drbz2nbWjcq1FJWIqDyIWO5HA5eGY6Ufz8ZJ9+Kd6q0/3vj4088+WN/YuL6Z0o31m++upZSuvPnL19/8ePXX7ouf/HTl57k4WP788K+1Pw9eOXj18NHNr5p5auZpt91NWbrdbnez261G2mrmO7WUPmo1sryRmrt5ozM2v91q7+31Ura7tbS412nkecp2e2mn0Uvddup2ein7MmvuplqtlpYWg6ep39/czNYH8fwZedcuakFMQaeznh3dw3NPzNTvl7IgAKBU5z3/z/6r5/+ZcP6/SCfP//xXHZ3/Z4f37zjnfwAAAAAAAAAAAAAAeB48KIpqURTV0ViMXhIe/l7y8piyJ67/qZ+y18d0nXhxbz6i9f1+fb8+GAfz69vRjFY0YiWq8fDosTAyiG+8v3F9JfUtx9Kd7/r1V3+LqL8wXr8a1VieXL86qE+P6+NonInFk/VrUY2XJ9evTayfjbffOlFfi2r8/kW0oxVb/cfbcf23qym99+HGqfq5fh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/w+1NPJ6DPre79cjFmJ/2L+/dpywPN4ff1D/uL/+SlTj4eT+/CsT+/Nfjtcul7t3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABjJe3d3slar0bmoYNTzv/+X2VHwz1WXBun3Tk0txHjy3NP+zzmDyjNVLQw3OWHqUVEU01rq/MVeyvMEMxFxRk4x/ALP/1kvRcQZOXMRMf0tV8r/wp85KONpBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOU6bvpd9koAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoU967u5O1Wo3OFIOy9wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA8+TsAAP//S+oM3w==")
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148)

802.357232ms ago: executing program 5 (id=3546):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYRESHEX=r1, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = syz_open_dev$usbfs(&(0x7f00000007c0), 0x1ff, 0x2401)
ioctl$USBDEVFS_CONTROL(r4, 0xc0185500, &(0x7f0000000080)={0x80, 0x8, 0xd, 0x8, 0x0, 0x9, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb8000)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$GTP_CMD_GETPDP(r5, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000200)={0x1c, 0x0, 0x300, 0x70bd29, 0x25dfdbff, {}, [@GTPA_FAMILY={0x5, 0xd, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20040800}, 0x20048001)
r6 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={0x34, r7, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x20009805}, 0x24000004)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x181242, 0x48)
pwrite64(r8, &(0x7f0000000100)='2', 0x1, 0x1fecd)
fallocate(0xffffffffffffffff, 0x0, 0x6, 0x2000402)
pwritev2(r6, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xfffffdd6}], 0x1, 0x9c00, 0x0, 0x3)

737.291458ms ago: executing program 0 (id=3547):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x7, 0x4, 0x80, 0x1, 0x28}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
r2 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0700000004000000800000000400000028"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000700000018120000", @ANYRES16=0x0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='kmem_cache_free\x00', r3}, 0x18)
r4 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r4, &(0x7f0000000080), 0x10)
sendmmsg(r4, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)
r5 = accept4$unix(r2, 0x0, 0x0, 0x0)
recvfrom$unix(r5, &(0x7f0000000140)=""/263, 0x107, 0x0, 0x0, 0x701)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000280)={'dummy0\x00', @random="7b8cf68659c2"})
connect$unix(r6, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
r9 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r9)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)

375.099663ms ago: executing program 1 (id=3548):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000007c0)={{r0}, &(0x7f0000000740), &(0x7f0000000780)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x22c7, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = add_key$keyring(&(0x7f0000000080), &(0x7f0000001100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)="300e", 0x2, r2)

373.666384ms ago: executing program 5 (id=3549):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8ff20c2c10f0093d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r3, &(0x7f0000000240)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)=@newtfilter={0x88, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xfffa}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x58, 0x2, [@TCA_FLOWER_ACT={0x54, 0x3, [@m_connmark={0x50, 0x1, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x1, 0x8, 0x7, 0xfc, 0x3}, 0xb}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x88}}, 0x24000000)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

280.503443ms ago: executing program 5 (id=3550):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000004080)={0xc, 0x0, &(0x7f0000000440)=ANY=[@ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00'}, 0x10)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x16}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00', r4}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
fcntl$lock(r5, 0x26, &(0x7f0000000000)={0x2})
r6 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000240), 0x40900, 0x0)
flistxattr(r2, &(0x7f0000000040)=""/25, 0x19)
syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x5574, 0x8, 0x8000, 0x400250}, &(0x7f0000000080)=<r7=>0x0, &(0x7f0000000400)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
r10 = socket(0x10, 0x2, 0x0)
flock(r10, 0x5)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xd, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="850000002e0000004f0000000000000025000000000000009500000d00000000"], &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x8, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x8000000, 0x10, 0x0, 0xfffffffffffffed8}, 0x3f)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="38000000070a0101"], 0x38}, 0x1, 0x0, 0x0, 0x20040850}, 0x44054)
syz_io_uring_submit(r7, r8, &(0x7f0000000140)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x2007, @fd=r6, 0x1, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})

245.148847ms ago: executing program 2 (id=3551):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000640)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
cachestat(r1, &(0x7f0000001180)={0x5, 0x6}, &(0x7f000009de80), 0x0)

224.606988ms ago: executing program 2 (id=3552):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000004080)={0xc, 0x0, &(0x7f0000000440)=ANY=[@ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x16}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00'}, 0x10)
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000000)={0x2})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
flock(0xffffffffffffffff, 0x5)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x4, 0x1, 0x101, 0x0, 0x0, {0x5, 0x0, 0xa}}, 0x14}}, 0x4)
sendmsg$NFT_MSG_GETRULE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="38000000070a0101"], 0x38}, 0x1, 0x0, 0x0, 0x20040850}, 0x44054)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x2007, @fd, 0x1, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})

192.750301ms ago: executing program 2 (id=3553):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$chown(0x4, r1, 0xee00, 0xee01)
keyctl$read(0xb, r1, 0x0, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140)=ANY=[@ANYRESDEC=r1], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000080)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB, @ANYRES16=r1, @ANYRESDEC=r2, @ANYRESDEC=r0], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r3}, 0x10)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
pipe(0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
pread64(r8, &(0x7f00000002c0)=""/124, 0x7c, 0x7)
pipe(&(0x7f0000000000)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
splice(r6, 0x0, r10, 0x0, 0xf3a, 0x0)
close(r9)
write$binfmt_script(r10, 0x0, 0xd9)
write(r5, 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0x2)
readv(r4, &(0x7f00000001c0)=[{&(0x7f0000001300)=""/238, 0xee}], 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)

191.627262ms ago: executing program 5 (id=3554):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r0, 0x10c000)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000005c0))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000980)='./file1\x00', 0x42, 0xc2)
pwrite64(r2, &(0x7f0000000080)="ce", 0x1, 0x200980)
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000300)='./file0\x00', 0x800000, &(0x7f0000000340)=ANY=[@ANYRES32], 0x1, 0x373, &(0x7f00000006c0)="$eJzs3U9rXFUUAPDTsfmr6WQhgop4qRvdDEn8Ag3SghhQYkeqC+HVTHTINBPmDZEpot259XMUl+4E8QtkoXt37rJx2UXpk8yfJpOOKSVOHtXfD8I9yT0nc+883uNuHufw1g93drbz2nbWjcq1FJWIqDyIWO5HA5eGY6Ufz8ZJ9+Kd6q0/3vj4088+WN/YuL6Z0o31m++upZSuvPnL19/8ePXX7ouf/HTl57k4WP788K+1Pw9eOXj18NHNr5p5auZpt91NWbrdbnez261G2mrmO7WUPmo1sryRmrt5ozM2v91q7+31Ura7tbS412nkecp2e2mn0Uvddup2ein7MmvuplqtlpYWg6ep39/czNYH8fwZedcuakFMQaeznh3dw3NPzNTvl7IgAKBU5z3/z/6r5/+ZcP6/SCfP//xXHZ3/Z4f37zjnfwAAAAAAAAAAAAAAeB48KIpqURTV0ViMXhIe/l7y8piyJ67/qZ+y18d0nXhxbz6i9f1+fb8+GAfz69vRjFY0YiWq8fDosTAyiG+8v3F9JfUtx9Kd7/r1V3+LqL8wXr8a1VieXL86qE+P6+NonInFk/VrUY2XJ9evTayfjbffOlFfi2r8/kW0oxVb/cfbcf23qym99+HGqfq5fh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/w+1NPJ6DPre79cjFmJ/2L+/dpywPN4ff1D/uL/+SlTj4eT+/CsT+/Nfjtcul7t3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABjJe3d3slar0bmoYNTzv/+X2VHwz1WXBun3Tk0txHjy3NP+zzmDyjNVLQw3OWHqUVEU01rq/MVeyvMEMxFxRk4x/ALP/1kvRcQZOXMRMf0tV8r/wp85KONpBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOU6bvpd9koAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoU967u5O1Wo3OFIOy9wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA8+TsAAP//S+oM3w==")
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148)

78.314633ms ago: executing program 5 (id=3555):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8ff20c2c10f0093d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x18)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r2, &(0x7f0000000240)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)=@newtfilter={0x88, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xfffa}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x58, 0x2, [@TCA_FLOWER_ACT={0x54, 0x3, [@m_connmark={0x50, 0x1, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x1, 0x8, 0x7, 0xfc, 0x3}, 0xb}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x88}}, 0x24000000)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.017ms ago: executing program 5 (id=3556):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f00000006c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r3}, 0x10)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400000, 0x0, 0x0, 0x40)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8929, &(0x7f0000001f40)='lo:\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\xf5\a\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'5\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\x06\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5<J\x1f\xba\xfc\x90(\x985\x93\xa8\xd4\xf0\xbdTy\x18\xc8\xa0\xbb\x99\x8c\xe0Q\xffCl\xbdX~3\xa1\xa2\xf4\xd9\xf7\xc7\xfb\xce\x959x\xfeW\r\xf0{\xcaT\xecp)=\x9d\xdfG8\xbf\xe3?d<JN\xcb\xd4H\xb0_jO\xf3\x90\xe8/l\xdfg)\x8d#\xfdo\xa9L\xdeA*\xec\xa1\x14,\xe8\x8d^\xb9r=\xc0\x18\xd4\x11dU[Ry\xed\xd6\x97\x8a\xe8\xca\x99\x10\x8e\xc8P\xa3\xae/\xdaof\x06\x7f\xf7\x80$f\b\x92\xae\xeb\xdd\"\x89\xb8\xf0\xc3\b\x00\x00\x00\x00\fr\xf1\xec\xd9CD\x80\xb4^\x8cw;\x87\xea\x8c\x8bJ\x9a\x0ej\x8f\x8e^\xe6\xa6\xaa\x910\fD\xabFU\xa0D;\xd6\xd1\xeer\x9d\x02\xd9\xf7d`\xbfv\x15.\xe4\x82|)K\x99\x98&?\xcd\xe5\xa8\xba~$;g\t\x02\x84+\x90\xab\x816$/\x92\"\xef\xf7\x18\xfaE\xfe\xf7\n\xb2\x7fC\xbb\xbdg#F\n\vu\xe2\xe9\b\xa2\xf1\x94Fb\x92\xc9\xddP\xf0m35+\xdd\xac3\x00\xdd\xfb\b\xc0\x95\xe8\xa5\xec\x9e\xbfA\x7f\xff\xb8\xe2\xe2HNy$\xd4\xc6\x9dd\t\xf6\xed\x10\x15%\r\x1aD\f>\xdcZ\xb9\xd7Z\x88\x9b\xdff[\x90\xfa\x9a{b\xf4Dq')
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
r5 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x1954, 0x0, 0x4}, &(0x7f0000000300)=<r6=>0x0, &(0x7f0000000580)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r8)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r8, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="01002dbd7000fedbdf2531000000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x2004c890}, 0x2000c800)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x34, r9, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [@ETHTOOL_A_COALESCE_USE_CQE_MODE_TX={0x5}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_IRQ={0x8, 0x9, 0x4}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_LOW={0x8, 0x11, 0x400}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES_IRQ={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x4004080}, 0x40000)
syz_io_uring_submit(r6, r7, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0xf, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r5, 0x6e2, 0x3900, 0x3, 0x0, 0x0)
clock_nanosleep(0x2, 0x1000000, &(0x7f0000000040)={0x77359400}, 0x0)

0s ago: executing program 1 (id=3566):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000280)=ANY=[@ANYRES32=r0, @ANYRESHEX, @ANYRES64=r1, @ANYRESHEX, @ANYRESOCT=r1, @ANYRES32=r1], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000008c0)={r2, r1, 0x25, 0x0, @val=@tcx={@void, @value=r2}}, 0x1c)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x1e, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x609e495c}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000400)='kfree\x00', r3}, 0x18)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r6, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r7, @ANYBLOB="01000000000000001c0012000c00010062"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x70bd2b, 0x10000, {0x0, 0x0, 0x0, r7, {0xc, 0xffff}, {0x0, 0x4}, {0xfff3, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x8014}, 0x0)
syz_emit_ethernet(0xd82, &(0x7f0000000680)=ANY=[], 0x0)
r8 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000580)=[@in={0x2, 0x4e21, @local}], 0x10)
sendmsg$inet_sctp(r8, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0xc048050}, 0x800)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="3000000010000108000000000000db0000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000080004004400000008001b"], 0x30}}, 0x0)
r10 = dup(r8)
write$RDMA_USER_CM_CMD_CREATE_ID(r10, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x2, 0x2}}, 0x20)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0xb, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r11}, 0x10)
r12 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$setstatus(r12, 0x4, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r10, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x2, 0x0, 0x13f, 0x1}}, 0xfed7)

kernel console output (not intermixed with test programs):

 attribute type 10 has an invalid length.
[  169.875494][T11465] bond0: (slave dummy0): Releasing backup interface
[  169.885264][T11465] netlink: 'syz.2.2838': attribute type 10 has an invalid length.
[  169.892980][T11469] loop4: detected capacity change from 0 to 512
[  169.894825][T11465] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  169.911024][T11469] EXT4-fs warning (device loop4): ext4_xattr_inode_get:560: inode #11: comm syz.4.2836: EA inode hash validation failed
[  169.924736][T11469] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #15: comm syz.4.2836: corrupted inode contents
[  169.933536][T11371] 8021q: adding VLAN 0 to HW filter on device batadv0
[  169.943902][T11469] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #15: comm syz.4.2836: mark_inode_dirty error
[  169.955657][T11469] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #15: comm syz.4.2836: corrupted inode contents
[  169.976275][T11469] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2996: inode #15: comm syz.4.2836: mark_inode_dirty error
[  169.988600][T11469] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2999: inode #15: comm syz.4.2836: mark inode dirty (error -117)
[  170.002268][T11469] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  170.011734][T11469] EXT4-fs (loop4): 1 orphan inode deleted
[  170.019743][T11469] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.037454][T11469] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.089603][T11371] veth0_vlan: entered promiscuous mode
[  170.098281][T11371] veth1_vlan: entered promiscuous mode
[  170.116513][T11371] veth0_macvtap: entered promiscuous mode
[  170.124623][T11371] veth1_macvtap: entered promiscuous mode
[  170.136543][T11371] batman_adv: batadv0: Interface activated: batadv_slave_0
[  170.148770][T11371] batman_adv: batadv0: Interface activated: batadv_slave_1
[  170.159864][   T88] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  170.169066][   T88] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  170.178797][   T88] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  170.197106][   T88] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  170.226069][ T3327] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  170.267784][T11482] loop0: detected capacity change from 0 to 512
[  170.285356][T11482] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.326020][T11482] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  170.347935][T11482] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  170.467677][T11490] loop5: detected capacity change from 0 to 128
[  170.483932][T11371] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.504136][T11496] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2845'.
[  170.526560][T11496] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  170.539379][T11495] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  170.648298][T11504] lo speed is unknown, defaulting to 1000
[  170.705615][T11508] loop2: detected capacity change from 0 to 512
[  170.730665][T11508] vfat: Unknown parameter '����'
[  170.789817][T11517] tipc: Started in network mode
[  170.794780][T11517] tipc: Node identity be65f7b32703, cluster identity 4711
[  170.802051][T11517] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  170.810747][T11517] tipc: Resetting bearer <eth:syzkaller0>
[  170.819517][T11516] tipc: Disabling bearer <eth:syzkaller0>
[  170.863892][T11520] loop2: detected capacity change from 0 to 512
[  170.871040][T11520] EXT4-fs: Ignoring removed nomblk_io_submit option
[  170.878395][T11520] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  170.892042][T11520] EXT4-fs (loop2): 1 truncate cleaned up
[  170.892095][T11523] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2857'.
[  170.902275][T11520] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.963903][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.030739][T11533] loop5: detected capacity change from 0 to 512
[  171.037626][T11533] EXT4-fs: Ignoring removed bh option
[  171.043252][T11533] EXT4-fs: Ignoring removed orlov option
[  171.046664][T11535] Invalid logical block size (4608)
[  171.064540][T11533] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  171.072702][T11533] EXT4-fs (loop5): orphan cleanup on readonly fs
[  171.079400][T11533] __quota_error: 206 callbacks suppressed
[  171.079412][T11533] Quota error (device loop5): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  171.095622][T11533] EXT4-fs warning (device loop5): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  171.110546][T11533] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  171.118342][T11533] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2860: bg 0: block 40: padding at end of block bitmap is not set
[  171.132815][T11533] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  171.142958][T11533] EXT4-fs (loop5): 1 truncate cleaned up
[  171.144300][T11541] netlink: 'syz.4.2862': attribute type 10 has an invalid length.
[  171.149176][T11533] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  171.169243][T11541] bond0: (slave dummy0): Releasing backup interface
[  171.181274][T11541] team0: Failed to send options change via netlink (err -105)
[  171.189015][T11541] team0: Port device dummy0 added
[  171.200869][T11541] netlink: 'syz.4.2862': attribute type 10 has an invalid length.
[  171.222221][T11541] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  171.255889][T11541] team0: Failed to send options change via netlink (err -105)
[  171.263635][T11541] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  171.272564][T11541] team0: Port device dummy0 removed
[  171.280715][T11541] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  171.366134][T11544] lo speed is unknown, defaulting to 1000
[  171.434854][T11544] chnl_net:caif_netlink_parms(): no params data found
[  171.483061][T11544] bridge0: port 1(bridge_slave_0) entered blocking state
[  171.490215][T11544] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.498259][T11544] bridge_slave_0: entered allmulticast mode
[  171.505021][T11544] bridge_slave_0: entered promiscuous mode
[  171.511847][T11544] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.519028][T11544] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.526242][T11544] bridge_slave_1: entered allmulticast mode
[  171.532858][T11544] bridge_slave_1: entered promiscuous mode
[  171.552942][T11544] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  171.563780][T11544] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  171.584123][T11544] team0: Port device team_slave_0 added
[  171.591019][T11544] team0: Port device team_slave_1 added
[  171.608509][T11544] batman_adv: batadv0: Adding interface: batadv_slave_0
[  171.615579][T11544] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  171.641662][T11544] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  171.653268][T11544] batman_adv: batadv0: Adding interface: batadv_slave_1
[  171.660235][T11544] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  171.686345][T11544] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  171.717198][T11544] hsr_slave_0: entered promiscuous mode
[  171.723333][T11544] hsr_slave_1: entered promiscuous mode
[  171.729390][T11544] debugfs: 'hsr0' already exists in 'hsr'
[  171.735253][T11544] Cannot create hsr debugfs directory
[  171.795036][T11544] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.847427][T11544] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.885963][   T29] audit: type=1400 audit(1761485828.700:20570): avc:  denied  { prog_load } for  pid=11561 comm="syz.2.2865" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  171.905669][   T29] audit: type=1400 audit(1761485828.700:20571): avc:  denied  { bpf } for  pid=11561 comm="syz.2.2865" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  171.914266][ T9281] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.926525][   T29] audit: type=1400 audit(1761485828.700:20572): avc:  denied  { perfmon } for  pid=11561 comm="syz.2.2865" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  171.956730][   T29] audit: type=1400 audit(1761485828.700:20573): avc:  denied  { unmount } for  pid=9281 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  171.987495][T11544] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.994860][   T29] audit: type=1400 audit(1761485828.790:20574): avc:  denied  { read write } for  pid=9281 comm="syz-executor" name="loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  172.021658][   T29] audit: type=1400 audit(1761485828.790:20575): avc:  denied  { open } for  pid=9281 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  172.045932][   T29] audit: type=1400 audit(1761485828.790:20576): avc:  denied  { ioctl } for  pid=9281 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=105 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  172.071632][   T29] audit: type=1400 audit(1761485828.800:20577): avc:  denied  { map_create } for  pid=11563 comm="syz.5.2866" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  172.091622][   T29] audit: type=1400 audit(1761485828.800:20578): avc:  denied  { map_read map_write } for  pid=11563 comm="syz.5.2866" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  172.194947][T11544] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.285674][T11544] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  172.299251][T11544] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  172.301556][T11544] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  172.304373][T11544] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  172.371527][T11544] 8021q: adding VLAN 0 to HW filter on device bond0
[  172.383733][T11544] 8021q: adding VLAN 0 to HW filter on device team0
[  172.388445][   T88] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.388490][   T88] bridge0: port 1(bridge_slave_0) entered forwarding state
[  172.391285][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[  172.391326][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[  172.416999][T11544] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  172.437205][T11589] loop2: detected capacity change from 0 to 512
[  172.563873][T11544] 8021q: adding VLAN 0 to HW filter on device batadv0
[  172.578095][T11589] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.605146][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.674313][T11544] veth0_vlan: entered promiscuous mode
[  172.678520][T11544] veth1_vlan: entered promiscuous mode
[  172.701150][T11544] veth0_macvtap: entered promiscuous mode
[  172.701222][T11609] loop2: detected capacity change from 0 to 128
[  172.710098][T11544] veth1_macvtap: entered promiscuous mode
[  172.715974][T11609] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  172.726887][T11544] batman_adv: batadv0: Interface activated: batadv_slave_0
[  172.731381][T11609] ext4 filesystem being mounted at /549/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  172.744414][T11544] batman_adv: batadv0: Interface activated: batadv_slave_1
[  172.783014][ T3450] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  172.783051][ T3450] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  172.795115][ T3450] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  172.810047][ T3450] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  172.897554][T11615] loop1: detected capacity change from 0 to 764
[  172.906441][T11615] rock: directory entry would overflow storage
[  172.906454][T11615] rock: sig=0x5245, size=8, remaining=5
[  172.908332][ T3322] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  173.107975][T11634] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2886'.
[  173.165824][T11640] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=11640 comm=syz.2.2888
[  173.268708][T11653] loop5: detected capacity change from 0 to 2048
[  173.309660][T11653] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.525646][T11672] lo speed is unknown, defaulting to 1000
[  173.531836][T11674] syzkaller0: entered promiscuous mode
[  173.537458][T11674] syzkaller0: entered allmulticast mode
[  173.629935][ T9281] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.731540][T11683] loop4: detected capacity change from 0 to 2048
[  173.835801][T11683]  loop4: p2 p3 p7
[  173.907418][T11690] ������: renamed from vlan0 (while UP)
[  174.084449][T11700] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2910'.
[  174.318389][T11703] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  174.397535][T11711] netlink: 'syz.0.2912': attribute type 10 has an invalid length.
[  174.415101][T11711] team0: Port device dummy0 added
[  174.441059][T11711] netlink: 'syz.0.2912': attribute type 10 has an invalid length.
[  174.452459][T11711] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  174.473540][T11711] team0: Failed to send options change via netlink (err -105)
[  174.490759][T11711] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  174.505522][T11711] team0: Port device dummy0 removed
[  174.513712][T11711] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  174.693852][T11736] syzkaller0: entered promiscuous mode
[  174.699390][T11736] syzkaller0: entered allmulticast mode
[  174.890356][T11746] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2929'.
[  174.902998][T11699] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  174.921598][T11746] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2929'.
[  174.997014][T11754] netlink: 'syz.4.2932': attribute type 21 has an invalid length.
[  175.314893][T11758] netlink: 'syz.4.2933': attribute type 10 has an invalid length.
[  175.325452][T11758] bond0: (slave dummy0): Releasing backup interface
[  175.334566][T11758] team0: Failed to send options change via netlink (err -105)
[  175.342075][T11758] team0: Port device dummy0 added
[  175.349492][T11758] netlink: 'syz.4.2933': attribute type 10 has an invalid length.
[  175.357831][T11758] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  175.368494][T11758] team0: Failed to send options change via netlink (err -105)
[  175.376300][T11758] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  175.385479][T11758] team0: Port device dummy0 removed
[  175.393910][T11758] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  175.709546][T11770] syzkaller0: entered promiscuous mode
[  175.715157][T11770] syzkaller0: entered allmulticast mode
[  176.102951][T11783] loop1: detected capacity change from 0 to 512
[  176.115126][T11783] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.129364][T11783] ext4 filesystem being mounted at /10/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  176.139871][   T29] kauditd_printk_skb: 1347 callbacks suppressed
[  176.139889][   T29] audit: type=1400 audit(1761485832.940:21926): avc:  denied  { read write } for  pid=11784 comm="syz.4.2942" name="usbmon6" dev="devtmpfs" ino=160 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  176.170250][   T29] audit: type=1400 audit(1761485832.940:21927): avc:  denied  { open } for  pid=11784 comm="syz.4.2942" path="/dev/usbmon6" dev="devtmpfs" ino=160 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  176.194552][   T29] audit: type=1400 audit(1761485832.960:21928): avc:  denied  { write } for  pid=11782 comm="syz.1.2941" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  176.195191][T11544] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.218493][   T29] audit: type=1400 audit(1761485832.960:21929): avc:  denied  { open } for  pid=11782 comm="syz.1.2941" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  176.251853][   T29] audit: type=1400 audit(1761485832.960:21930): avc:  denied  { ioctl } for  pid=11782 comm="syz.1.2941" path="/dev/sg0" dev="devtmpfs" ino=135 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  176.336366][T11794] loop1: detected capacity change from 0 to 512
[  176.345943][T11794] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.359193][T11794] ext4 filesystem being mounted at /12/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  176.371988][T11794] FAULT_INJECTION: forcing a failure.
[  176.371988][T11794] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  176.385129][T11794] CPU: 0 UID: 0 PID: 11794 Comm: syz.1.2944 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  176.385217][T11794] Tainted: [W]=WARN
[  176.385224][T11794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  176.385235][T11794] Call Trace:
[  176.385242][T11794]  <TASK>
[  176.385248][T11794]  __dump_stack+0x1d/0x30
[  176.385299][T11794]  dump_stack_lvl+0xe8/0x140
[  176.385318][T11794]  dump_stack+0x15/0x1b
[  176.385333][T11794]  should_fail_ex+0x265/0x280
[  176.385387][T11794]  should_fail+0xb/0x20
[  176.385432][T11794]  should_fail_usercopy+0x1a/0x20
[  176.385450][T11794]  _copy_from_user+0x1c/0xb0
[  176.385525][T11794]  sg_new_write+0x71a/0x890
[  176.385561][T11794]  ? do_vfs_ioctl+0x866/0xe10
[  176.385592][T11794]  sg_ioctl+0xb81/0x1360
[  176.385652][T11794]  ? __pfx_sg_ioctl+0x10/0x10
[  176.385675][T11794]  __se_sys_ioctl+0xce/0x140
[  176.385759][T11794]  __x64_sys_ioctl+0x43/0x50
[  176.385777][T11794]  x64_sys_call+0x1816/0x3000
[  176.385797][T11794]  do_syscall_64+0xd2/0x200
[  176.385828][T11794]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  176.385853][T11794]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  176.385882][T11794]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.385902][T11794] RIP: 0033:0x7fa5174eefc9
[  176.385915][T11794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  176.385959][T11794] RSP: 002b:00007fa515f57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  176.385976][T11794] RAX: ffffffffffffffda RBX: 00007fa517745fa0 RCX: 00007fa5174eefc9
[  176.385987][T11794] RDX: 0000200000000040 RSI: 0000000000002285 RDI: 0000000000000006
[  176.385997][T11794] RBP: 00007fa515f57090 R08: 0000000000000000 R09: 0000000000000000
[  176.386034][T11794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  176.386044][T11794] R13: 00007fa517746038 R14: 00007fa517745fa0 R15: 00007ffd7490dd68
[  176.386061][T11794]  </TASK>
[  176.617801][T11544] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.661624][   T29] audit: type=1326 audit(1761485833.470:21931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11806 comm="syz.1.2948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5174eefc9 code=0x7ffc0000
[  176.685559][   T29] audit: type=1326 audit(1761485833.470:21932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11806 comm="syz.1.2948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5174eefc9 code=0x7ffc0000
[  176.711094][   T29] audit: type=1326 audit(1761485833.470:21933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11806 comm="syz.1.2948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa5174eefc9 code=0x7ffc0000
[  176.732633][T11812] loop1: detected capacity change from 0 to 2048
[  176.734925][   T29] audit: type=1326 audit(1761485833.470:21934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11806 comm="syz.1.2948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5174eefc9 code=0x7ffc0000
[  176.764884][   T29] audit: type=1326 audit(1761485833.470:21935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11806 comm="syz.1.2948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fa5174eefc9 code=0x7ffc0000
[  176.795127][T11802] loop5: detected capacity change from 0 to 128
[  176.804954][T11812] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.843283][T11811] Falling back ldisc for ttyS3.
[  176.915930][T11821] loop0: detected capacity change from 0 to 128
[  177.027746][T11821] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  177.040705][T11821] ext4 filesystem being mounted at /24/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  177.105323][T11833] vcan0: entered allmulticast mode
[  177.113782][T11544] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.126336][T11833] pim6reg: entered allmulticast mode
[  177.133265][T11836] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2962'.
[  177.133518][T11835] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2962'.
[  177.172731][T11371] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  177.190896][T11836] loop5: detected capacity change from 0 to 512
[  177.201053][T11836] /dev/loop5: Can't open blockdev
[  177.210160][T11835] netlink: 'syz.5.2962': attribute type 39 has an invalid length.
[  177.290201][T11841] loop1: detected capacity change from 0 to 1024
[  177.297908][T11841] ext4: Unknown parameter 'nouser_xattr'
[  177.308310][T11844] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2964'.
[  177.329030][T11846] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=11846 comm=syz.1.2965
[  177.345848][T11848] loop4: detected capacity change from 0 to 128
[  177.354468][T11848] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  177.372597][T11848] ext4 filesystem being mounted at /598/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  177.423010][T11853] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2968'.
[  177.432368][T11853] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2968'.
[  177.478628][ T3325] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  177.550706][T11864] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2972'.
[  177.564341][T11864] team0: Port device team_slave_1 removed
[  177.636952][T11860] loop4: detected capacity change from 0 to 128
[  177.758648][T11870] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11870 comm=syz.5.2975
[  177.773692][T11870] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=1018 sclass=netlink_tcpdiag_socket pid=11870 comm=syz.5.2975
[  177.788792][T11870] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11870 comm=syz.5.2975
[  177.895762][T11883] FAULT_INJECTION: forcing a failure.
[  177.895762][T11883] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  177.908975][T11883] CPU: 0 UID: 0 PID: 11883 Comm: syz.5.2976 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  177.909018][T11883] Tainted: [W]=WARN
[  177.909026][T11883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  177.909043][T11883] Call Trace:
[  177.909050][T11883]  <TASK>
[  177.909059][T11883]  __dump_stack+0x1d/0x30
[  177.909088][T11883]  dump_stack_lvl+0xe8/0x140
[  177.909115][T11883]  dump_stack+0x15/0x1b
[  177.909138][T11883]  should_fail_ex+0x265/0x280
[  177.909163][T11883]  should_fail+0xb/0x20
[  177.909183][T11883]  should_fail_usercopy+0x1a/0x20
[  177.909282][T11883]  copy_fpstate_to_sigframe+0x628/0x7d0
[  177.909404][T11883]  ? copy_fpstate_to_sigframe+0xe6/0x7d0
[  177.909449][T11883]  ? kmem_cache_free+0xe4/0x3d0
[  177.909488][T11883]  ? x86_task_fpu+0x36/0x60
[  177.909561][T11883]  get_sigframe+0x34d/0x490
[  177.909585][T11883]  ? get_signal+0xdc7/0xf70
[  177.909617][T11883]  x64_setup_rt_frame+0xa8/0x580
[  177.909646][T11883]  arch_do_signal_or_restart+0x23e/0x440
[  177.909721][T11883]  irqentry_exit_to_user_mode+0x5b/0xa0
[  177.909792][T11883]  irqentry_exit+0x12/0x50
[  177.909826][T11883]  exc_general_protection+0x15b/0x1f0
[  177.909869][T11883]  asm_exc_general_protection+0x26/0x30
[  177.909896][T11883] RIP: 0033:0x7f88c51779f9
[  177.909953][T11883] Code: f8 77 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 89 f8 48 89 fa c5 f9 ef c0 25 ff 0f 00 00 3d e0 0f 00 00 0f 87 27 01 00 00 <c5> fd 74 0f c5 fd d7 c1 85 c0 74 5b f3 0f bc c0 e9 30 01 00 00 66
[  177.909976][T11883] RSP: 002b:00007f88c3be57c8 EFLAGS: 00010283
[  177.909996][T11883] RAX: 0000000000000999 RBX: 00007f88c3be5d30 RCX: 00007f88c53b8120
[  177.910012][T11883] RDX: 9999999999999999 RSI: 00007f88c5221ca9 RDI: 9999999999999999
[  177.910028][T11883] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000
[  177.910043][T11883] R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000000073
[  177.910118][T11883] R13: 00007f88c3be5eb0 R14: 9999999999999999 R15: 0000000000000000
[  177.910142][T11883]  </TASK>
[  178.167119][ T3450] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  178.177093][ T3450] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.239096][T11871] lo speed is unknown, defaulting to 1000
[  178.247545][ T3450] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  178.257500][ T3450] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.269084][T11893] loop1: detected capacity change from 0 to 1024
[  178.309363][T11893] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  178.343530][T11890] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.363470][ T3450] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  178.373318][ T3450] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.409207][T11899] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2983'.
[  178.424693][ T3450] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  178.434570][ T3450] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.560423][T11871] chnl_net:caif_netlink_parms(): no params data found
[  178.628498][ T3450] bridge_slave_1: left allmulticast mode
[  178.634323][ T3450] bridge_slave_1: left promiscuous mode
[  178.640046][ T3450] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.673625][ T3450] bridge_slave_0: left allmulticast mode
[  178.679352][ T3450] bridge_slave_0: left promiscuous mode
[  178.685091][ T3450] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.874462][ T3450] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  178.885344][ T3450] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  178.896654][ T3450] bond0 (unregistering): (slave team0): Releasing backup interface
[  178.907231][ T3450] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  178.916646][ T3450] bond0 (unregistering): Released all slaves
[  178.926380][ T3450] bond1 (unregistering): Released all slaves
[  178.999098][ T3450] tipc: Left network mode
[  178.999213][T11871] bridge0: port 1(bridge_slave_0) entered blocking state
[  179.010585][T11871] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.043322][T11871] bridge_slave_0: entered allmulticast mode
[  179.053191][T11871] bridge_slave_0: entered promiscuous mode
[  179.069285][ T3450] hsr_slave_0: left promiscuous mode
[  179.086111][ T3450] hsr_slave_1: left promiscuous mode
[  179.102293][ T3450] veth1_macvtap: left promiscuous mode
[  179.108258][ T3450] veth0_macvtap: left promiscuous mode
[  179.115416][ T3450] veth1_vlan: left promiscuous mode
[  179.120755][ T3450] veth0_vlan: left promiscuous mode
[  179.163662][ T3450] pim6reg (unregistering): left allmulticast mode
[  179.180303][T11929] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2991'.
[  179.208734][ T3450] team0 (unregistering): Port device team_slave_1 removed
[  179.218912][ T3450] team0 (unregistering): Port device team_slave_0 removed
[  179.257155][ T3450] vcan0 (unregistering): left allmulticast mode
[  179.264074][T11924] serio: Serial port ptm0
[  179.271739][T11871] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.278964][T11871] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.290736][T11871] bridge_slave_1: entered allmulticast mode
[  179.297797][T11871] bridge_slave_1: entered promiscuous mode
[  179.318777][T11871] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  179.334210][T11871] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  179.364795][T11871] team0: Port device team_slave_0 added
[  179.371708][T11871] team0: Port device team_slave_1 added
[  179.391744][T11871] batman_adv: batadv0: Adding interface: batadv_slave_0
[  179.398829][T11871] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  179.425140][T11871] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  179.437331][T11871] batman_adv: batadv0: Adding interface: batadv_slave_1
[  179.444420][T11871] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  179.470380][T11871] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  179.496855][T11871] hsr_slave_0: entered promiscuous mode
[  179.503043][T11871] hsr_slave_1: entered promiscuous mode
[  179.508990][T11871] debugfs: 'hsr0' already exists in 'hsr'
[  179.514789][T11871] Cannot create hsr debugfs directory
[  179.568687][ T3450] IPVS: stop unused estimator thread 0...
[  179.642815][T11946] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2995'.
[  179.653579][T11952] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.717909][T11952] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.836492][T11952] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.848879][T11976] 9pnet_fd: Insufficient options for proto=fd
[  179.898045][T11952] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.911564][T11980] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3008'.
[  179.941366][T11871] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  179.960824][T11871] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  179.979021][T11871] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  179.988831][T11871] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  180.025920][ T1084] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  180.042848][  T382] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  180.058879][T11998] loop5: detected capacity change from 0 to 512
[  180.068157][  T382] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  180.080076][  T382] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  180.089630][T11998] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.3012: error while reading EA inode 32 err=-116
[  180.115730][T11998] EXT4-fs (loop5): Remounting filesystem read-only
[  180.127518][T12002] ipvlan2: entered promiscuous mode
[  180.132667][T11998] EXT4-fs (loop5): 1 orphan inode deleted
[  180.143220][T11998] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  180.150754][T11871] 8021q: adding VLAN 0 to HW filter on device bond0
[  180.163034][T11998] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.168466][T11871] 8021q: adding VLAN 0 to HW filter on device team0
[  180.188100][ T1084] bridge0: port 1(bridge_slave_0) entered blocking state
[  180.195237][ T1084] bridge0: port 1(bridge_slave_0) entered forwarding state
[  180.230954][ T1084] bridge0: port 2(bridge_slave_1) entered blocking state
[  180.235180][T12009] loop5: detected capacity change from 0 to 128
[  180.238125][ T1084] bridge0: port 2(bridge_slave_1) entered forwarding state
[  180.261190][T12009] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  180.266889][T11871] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  180.283729][T11871] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  180.298454][T12009] ext4 filesystem being mounted at /138/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  180.347927][T11871] 8021q: adding VLAN 0 to HW filter on device batadv0
[  180.417233][ T9281] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  180.477842][T11871] veth0_vlan: entered promiscuous mode
[  180.485970][T11871] veth1_vlan: entered promiscuous mode
[  180.501626][T11871] veth0_macvtap: entered promiscuous mode
[  180.512487][T11871] veth1_macvtap: entered promiscuous mode
[  180.527158][T12034] vcan0: tx drop: invalid da for name 0x00000000000000ee
[  180.548192][T11871] batman_adv: batadv0: Interface activated: batadv_slave_0
[  180.562774][T11871] batman_adv: batadv0: Interface activated: batadv_slave_1
[  180.578628][   T88] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  180.616000][   T88] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  180.632243][T12040] bridge0: entered promiscuous mode
[  180.637865][T12040] macvtap1: entered allmulticast mode
[  180.643541][T12040] bridge0: entered allmulticast mode
[  180.651117][T12040] batman_adv: batadv0: Adding interface: macvtap1
[  180.657895][T12040] batman_adv: batadv0: The MTU of interface macvtap1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  180.684392][T12040] batman_adv: batadv0: Interface activated: macvtap1
[  180.705803][   T88] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  180.728191][   T88] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  180.839278][T12058] loop4: detected capacity change from 0 to 8192
[  180.879495][T12053] loop5: detected capacity change from 0 to 764
[  180.893726][T12053] iso9660: Unknown parameter '�<<�n�fn�l�;�0����x0j^!�2wq�n'�\;�.�h��;j^��+;�6.�w��%x�c��w��q�>���.���7��G-8h0x0000000000000000'
[  180.969465][T12050] lo speed is unknown, defaulting to 1000
[  181.144262][T12084] ������: renamed from vlan0 (while UP)
[  181.197073][T12086] lo speed is unknown, defaulting to 1000
[  181.265337][T12099] siw: device registration error -23
[  181.366810][T12110] loop5: detected capacity change from 0 to 1024
[  181.375929][T12110] EXT4-fs: Mount option(s) incompatible with ext2
[  181.453397][T12096] serio: Serial port ptm0
[  181.461174][T12108] lo speed is unknown, defaulting to 1000
[  181.518599][   T29] kauditd_printk_skb: 353 callbacks suppressed
[  181.518618][   T29] audit: type=1400 audit(1761485838.330:22289): avc:  denied  { create } for  pid=12115 comm="syz.1.3044" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  181.565706][   T29] audit: type=1400 audit(1761485838.330:22290): avc:  denied  { write } for  pid=12115 comm="syz.1.3044" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  181.638825][   T29] audit: type=1326 audit(1761485838.450:22291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12126 comm="syz.1.3048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5174eefc9 code=0x7ffc0000
[  181.662908][   T29] audit: type=1326 audit(1761485838.450:22292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12126 comm="syz.1.3048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa5174eefc9 code=0x7ffc0000
[  181.686720][   T29] audit: type=1326 audit(1761485838.450:22293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12126 comm="syz.1.3048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5174eefc9 code=0x7ffc0000
[  181.710589][   T29] audit: type=1326 audit(1761485838.450:22294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12126 comm="syz.1.3048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5174eefc9 code=0x7ffc0000
[  181.767598][   T29] audit: type=1326 audit(1761485838.500:22295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12126 comm="syz.1.3048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fa5174eefc9 code=0x7ffc0000
[  181.791291][   T29] audit: type=1326 audit(1761485838.500:22296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12126 comm="syz.1.3048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5174eefc9 code=0x7ffc0000
[  181.815125][   T29] audit: type=1326 audit(1761485838.500:22297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12126 comm="syz.1.3048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa5174eefc9 code=0x7ffc0000
[  181.838743][   T29] audit: type=1326 audit(1761485838.500:22298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12126 comm="syz.1.3048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5174eefc9 code=0x7ffc0000
[  181.885626][T12110] lo speed is unknown, defaulting to 1000
[  181.951600][T12136] syzkaller0: entered promiscuous mode
[  181.957269][T12136] syzkaller0: entered allmulticast mode
[  182.003302][T12142] loop4: detected capacity change from 0 to 128
[  182.026700][T12142] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  182.053617][T12142] ext4 filesystem being mounted at /3/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  182.160119][T12160] __nla_validate_parse: 10 callbacks suppressed
[  182.160137][T12160] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3062'.
[  182.184660][T11871] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  182.232956][T12164] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.247664][T12166] loop4: detected capacity change from 0 to 512
[  182.254627][T12166] EXT4-fs: Ignoring removed orlov option
[  182.263881][T12168] loop2: detected capacity change from 0 to 512
[  182.270908][T12168] journal_path: Non-blockdev passed as './file1'
[  182.277309][T12168] EXT4-fs: error: could not find journal device path
[  182.284962][T12166] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.3064: inode has both inline data and extents flags
[  182.315508][T12166] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.3064: couldn't read orphan inode 15 (err -117)
[  182.330348][T12164] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.352072][T12166] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  182.375890][T12173] syzkaller0: entered promiscuous mode
[  182.381439][T12173] syzkaller0: entered allmulticast mode
[  182.436575][T11871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.447072][T12164] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.529083][T12164] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.545229][T12192] loop0: detected capacity change from 0 to 128
[  182.553310][T12192] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  182.553539][T12192] ext4 filesystem being mounted at /42/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  182.653320][   T31] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  182.668622][ T1084] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  182.686016][T12197] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  182.686046][T12197] vhci_hcd: invalid port number 96
[  182.686058][T12197] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  182.689238][ T1084] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  182.751723][T11371] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  182.768769][ T1084] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  182.794827][T12201] loop4: detected capacity change from 0 to 8192
[  182.813501][T12201] SELinux:  policydb magic number 0xff does not match expected magic number 0xf97cff8c
[  182.823697][T12201] SELinux: failed to load policy
[  182.922300][T12212] loop5: detected capacity change from 0 to 512
[  182.922656][T12212] journal_path: Non-blockdev passed as './file1'
[  182.922674][T12212] EXT4-fs: error: could not find journal device path
[  182.969608][T12216] loop4: detected capacity change from 0 to 512
[  183.001198][T12216] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.028697][T12216] ext4 filesystem being mounted at /9/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  183.253881][T12230] netlink: 'syz.5.3090': attribute type 21 has an invalid length.
[  183.273347][T12230] netlink: 156 bytes leftover after parsing attributes in process `syz.5.3090'.
[  183.282444][T12230] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3090'.
[  183.314289][T12234] loop2: detected capacity change from 0 to 128
[  183.352657][T11871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.363696][T12234] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  183.397350][T12234] ext4 filesystem being mounted at /595/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  183.515519][ T3322] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  183.561116][T12256] lo speed is unknown, defaulting to 1000
[  183.615392][T12264] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3103'.
[  183.648313][T12268] FAULT_INJECTION: forcing a failure.
[  183.648313][T12268] name failslab, interval 1, probability 0, space 0, times 0
[  183.648346][T12268] CPU: 1 UID: 0 PID: 12268 Comm: syz.0.3104 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  183.648432][T12268] Tainted: [W]=WARN
[  183.648440][T12268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  183.648452][T12268] Call Trace:
[  183.648458][T12268]  <TASK>
[  183.648465][T12268]  __dump_stack+0x1d/0x30
[  183.648487][T12268]  dump_stack_lvl+0xe8/0x140
[  183.648506][T12268]  dump_stack+0x15/0x1b
[  183.648523][T12268]  should_fail_ex+0x265/0x280
[  183.648616][T12268]  should_failslab+0x8c/0xb0
[  183.648676][T12268]  __kmalloc_node_noprof+0xaa/0x580
[  183.648718][T12268]  ? __vmalloc_node_range_noprof+0x410/0xed0
[  183.648768][T12268]  __vmalloc_node_range_noprof+0x410/0xed0
[  183.648864][T12268]  ? cred_has_capability+0x210/0x280
[  183.648911][T12268]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[  183.649021][T12268]  __vmalloc_noprof+0x83/0xc0
[  183.649065][T12268]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[  183.649111][T12268]  bpf_prog_alloc_no_stats+0x47/0x3b0
[  183.649233][T12268]  ? bpf_prog_alloc+0x2a/0x150
[  183.649347][T12268]  bpf_prog_alloc+0x3c/0x150
[  183.649399][T12268]  bpf_prog_load+0x506/0x1100
[  183.649440][T12268]  ? security_bpf+0x2b/0x90
[  183.649476][T12268]  __sys_bpf+0x469/0x7c0
[  183.649538][T12268]  __x64_sys_bpf+0x41/0x50
[  183.649597][T12268]  x64_sys_call+0x2aee/0x3000
[  183.649629][T12268]  do_syscall_64+0xd2/0x200
[  183.649655][T12268]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  183.649697][T12268]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  183.649741][T12268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.649770][T12268] RIP: 0033:0x7f4d6183efc9
[  183.649868][T12268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.649891][T12268] RSP: 002b:00007f4d602a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  183.649918][T12268] RAX: ffffffffffffffda RBX: 00007f4d61a95fa0 RCX: 00007f4d6183efc9
[  183.649935][T12268] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005
[  183.649952][T12268] RBP: 00007f4d602a7090 R08: 0000000000000000 R09: 0000000000000000
[  183.649969][T12268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.649986][T12268] R13: 00007f4d61a96038 R14: 00007f4d61a95fa0 R15: 00007ffd58b284e8
[  183.650013][T12268]  </TASK>
[  183.650077][T12268] syz.0.3104: vmalloc error: size 4096, failed to allocated page array size 8, mode:0x500dc2(GFP_HIGHUSER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null)
[  183.725281][T12270] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3105'.
[  183.727856][T12268] ,cpuset=/,mems_allowed=0
[  183.914725][T12268] CPU: 1 UID: 0 PID: 12268 Comm: syz.0.3104 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  183.914765][T12268] Tainted: [W]=WARN
[  183.914775][T12268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  183.914826][T12268] Call Trace:
[  183.914836][T12268]  <TASK>
[  183.914847][T12268]  __dump_stack+0x1d/0x30
[  183.914878][T12268]  dump_stack_lvl+0xe8/0x140
[  183.914908][T12268]  dump_stack+0x15/0x1b
[  183.914933][T12268]  warn_alloc+0x12b/0x1a0
[  183.914985][T12268]  __vmalloc_node_range_noprof+0x4b9/0xed0
[  183.915106][T12268]  ? cred_has_capability+0x210/0x280
[  183.915152][T12268]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[  183.915234][T12268]  __vmalloc_noprof+0x83/0xc0
[  183.915276][T12268]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[  183.915323][T12268]  bpf_prog_alloc_no_stats+0x47/0x3b0
[  183.915416][T12268]  ? bpf_prog_alloc+0x2a/0x150
[  183.915461][T12268]  bpf_prog_alloc+0x3c/0x150
[  183.915506][T12268]  bpf_prog_load+0x506/0x1100
[  183.915613][T12268]  ? security_bpf+0x2b/0x90
[  183.915650][T12268]  __sys_bpf+0x469/0x7c0
[  183.915686][T12268]  __x64_sys_bpf+0x41/0x50
[  183.915797][T12268]  x64_sys_call+0x2aee/0x3000
[  183.915836][T12268]  do_syscall_64+0xd2/0x200
[  183.915863][T12268]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  183.915901][T12268]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  183.915988][T12268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.916017][T12268] RIP: 0033:0x7f4d6183efc9
[  183.916037][T12268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.916062][T12268] RSP: 002b:00007f4d602a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  183.916087][T12268] RAX: ffffffffffffffda RBX: 00007f4d61a95fa0 RCX: 00007f4d6183efc9
[  183.916104][T12268] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005
[  183.916178][T12268] RBP: 00007f4d602a7090 R08: 0000000000000000 R09: 0000000000000000
[  183.916196][T12268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.916213][T12268] R13: 00007f4d61a96038 R14: 00007f4d61a95fa0 R15: 00007ffd58b284e8
[  183.916242][T12268]  </TASK>
[  183.916261][T12268] Mem-Info:
[  184.134300][T12268] active_anon:20108 inactive_anon:0 isolated_anon:0
[  184.134300][T12268]  active_file:22760 inactive_file:2385 isolated_file:0
[  184.134300][T12268]  unevictable:2436 dirty:402 writeback:0
[  184.134300][T12268]  slab_reclaimable:3491 slab_unreclaimable:36587
[  184.134300][T12268]  mapped:32942 shmem:19171 pagetables:1058
[  184.134300][T12268]  sec_pagetables:0 bounce:0
[  184.134300][T12268]  kernel_misc_reclaimable:0
[  184.134300][T12268]  free:1841148 free_pcp:9809 free_cma:0
[  184.134465][T12268] Node 0 active_anon:80432kB inactive_anon:0kB active_file:91040kB inactive_file:9540kB unevictable:9744kB isolated(anon):0kB isolated(file):0kB mapped:131768kB dirty:1608kB writeback:0kB shmem:76684kB kernel_stack:3600kB pagetables:4232kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  184.134556][T12268] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  184.134635][T12268] lowmem_reserve[]: 0 2881 7859 7859
[  184.134670][T12268] Node 0 DMA32 free:2946640kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2950272kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:3528kB free_cma:0kB
[  184.134795][T12268] lowmem_reserve[]: 0 0 4978 4978
[  184.134838][T12268] Node 0 Normal free:4402592kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:80432kB inactive_anon:0kB active_file:91040kB inactive_file:9540kB unevictable:9744kB writepending:1608kB zspages:0kB present:5242880kB managed:5098240kB mlocked:9744kB bounce:0kB free_pcp:35604kB local_pcp:15688kB free_cma:0kB
[  184.134908][T12268] lowmem_reserve[]: 0 0 0 0
[  184.134938][T12268] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  184.135112][T12268] Node 0 DMA32: 2*4kB (M) 1*8kB (M) 4*16kB (M) 2*32kB (M) 3*64kB (M) 2*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2946640kB
[  184.135365][T12268] Node 0 Normal: 670*4kB (UME) 1480*8kB (M) 753*16kB (M) 586*32kB (UME) 306*64kB (UME) 256*128kB (ME) 158*256kB (UME) 171*512kB (UME) 121*1024kB (UME) 39*2048kB (UME) 970*4096kB (UM) = 4402568kB
[  184.346419][T12268] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  184.346441][T12268] 44942 total pagecache pages
[  184.346450][T12268] 0 pages in swap cache
[  184.346458][T12268] Free swap  = 124996kB
[  184.346466][T12268] Total swap = 124996kB
[  184.346473][T12268] 2097051 pages RAM
[  184.346478][T12268] 0 pages HighMem/MovableOnly
[  184.346485][T12268] 81083 pages reserved
[  184.524517][T12306] FAULT_INJECTION: forcing a failure.
[  184.524517][T12306] name failslab, interval 1, probability 0, space 0, times 0
[  184.537316][T12306] CPU: 1 UID: 0 PID: 12306 Comm: wޣ�� Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  184.537353][T12306] Tainted: [W]=WARN
[  184.537388][T12306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  184.537400][T12306] Call Trace:
[  184.537406][T12306]  <TASK>
[  184.537414][T12306]  __dump_stack+0x1d/0x30
[  184.537436][T12306]  dump_stack_lvl+0xe8/0x140
[  184.537471][T12306]  dump_stack+0x15/0x1b
[  184.537492][T12306]  should_fail_ex+0x265/0x280
[  184.537516][T12306]  ? __se_sys_memfd_create+0x1cc/0x590
[  184.537546][T12306]  should_failslab+0x8c/0xb0
[  184.537635][T12306]  __kmalloc_cache_noprof+0x4c/0x4a0
[  184.537671][T12306]  ? fput+0x8f/0xc0
[  184.537752][T12306]  __se_sys_memfd_create+0x1cc/0x590
[  184.537778][T12306]  __x64_sys_memfd_create+0x31/0x40
[  184.537907][T12306]  x64_sys_call+0x2ac2/0x3000
[  184.537937][T12306]  do_syscall_64+0xd2/0x200
[  184.537961][T12306]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  184.538074][T12306]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  184.538114][T12306]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.538141][T12306] RIP: 0033:0x7f4d6183efc9
[  184.538161][T12306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.538184][T12306] RSP: 002b:00007f4d602a6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  184.538267][T12306] RAX: ffffffffffffffda RBX: 000000000000046f RCX: 00007f4d6183efc9
[  184.538283][T12306] RDX: 00007f4d602a6ef0 RSI: 0000000000000000 RDI: 00007f4d618c2960
[  184.538299][T12306] RBP: 0000200000000bc0 R08: 00007f4d602a6bb7 R09: 00007f4d602a6e40
[  184.538315][T12306] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000001c0
[  184.538387][T12306] R13: 00007f4d602a6ef0 R14: 00007f4d602a6eb0 R15: 00002000000007c0
[  184.538412][T12306]  </TASK>
[  184.927066][T12309] loop5: detected capacity change from 0 to 512
[  184.971219][T12326] syzkaller0: entered promiscuous mode
[  184.976934][T12326] syzkaller0: entered allmulticast mode
[  185.044136][T12331] sd 0:0:1:0: device reset
[  185.057298][T12331] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3119'.
[  185.293936][T12319] lo speed is unknown, defaulting to 1000
[  185.456987][   T37] bridge_slave_1: left allmulticast mode
[  185.462701][   T37] bridge_slave_1: left promiscuous mode
[  185.468473][   T37] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.476714][   T37] bridge_slave_0: left allmulticast mode
[  185.482490][   T37] bridge_slave_0: left promiscuous mode
[  185.488201][   T37] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.512606][   T37] dvmrp1 (unregistering): left allmulticast mode
[  185.575036][T12353] FAULT_INJECTION: forcing a failure.
[  185.575036][T12353] name failslab, interval 1, probability 0, space 0, times 0
[  185.588431][T12353] CPU: 1 UID: 0 PID: 12353 Comm: syz.5.3129 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  185.588475][T12353] Tainted: [W]=WARN
[  185.588482][T12353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  185.588493][T12353] Call Trace:
[  185.588499][T12353]  <TASK>
[  185.588566][T12353]  __dump_stack+0x1d/0x30
[  185.588629][T12353]  dump_stack_lvl+0xe8/0x140
[  185.588766][T12353]  dump_stack+0x15/0x1b
[  185.588782][T12353]  should_fail_ex+0x265/0x280
[  185.588799][T12353]  should_failslab+0x8c/0xb0
[  185.588825][T12353]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  185.588852][T12353]  ? __alloc_skb+0x101/0x320
[  185.588931][T12353]  __alloc_skb+0x101/0x320
[  185.588957][T12353]  netlink_alloc_large_skb+0xbf/0xf0
[  185.588987][T12353]  netlink_sendmsg+0x3cf/0x6b0
[  185.589005][T12353]  ? __pfx_netlink_sendmsg+0x10/0x10
[  185.589073][T12353]  __sock_sendmsg+0x145/0x180
[  185.589101][T12353]  ____sys_sendmsg+0x31e/0x4e0
[  185.589162][T12353]  ___sys_sendmsg+0x17b/0x1d0
[  185.589253][T12353]  __x64_sys_sendmsg+0xd4/0x160
[  185.589287][T12353]  x64_sys_call+0x191e/0x3000
[  185.589383][T12353]  do_syscall_64+0xd2/0x200
[  185.589458][T12353]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  185.589523][T12353]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  185.589552][T12353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.589571][T12353] RIP: 0033:0x7f88c519efc9
[  185.589585][T12353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  185.589671][T12353] RSP: 002b:00007f88c3c07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  185.589747][T12353] RAX: ffffffffffffffda RBX: 00007f88c53f5fa0 RCX: 00007f88c519efc9
[  185.589757][T12353] RDX: 0000000020040040 RSI: 0000200000009b40 RDI: 0000000000000006
[  185.589768][T12353] RBP: 00007f88c3c07090 R08: 0000000000000000 R09: 0000000000000000
[  185.589778][T12353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  185.589788][T12353] R13: 00007f88c53f6038 R14: 00007f88c53f5fa0 R15: 00007fff32486f98
[  185.589824][T12353]  </TASK>
[  185.822180][T12355] loop5: detected capacity change from 0 to 512
[  185.829484][T12355] journal_path: Non-blockdev passed as './file1'
[  185.836008][T12355] EXT4-fs: error: could not find journal device path
[  185.954760][T12369] netlink: 'syz.0.3132': attribute type 10 has an invalid length.
[  185.973485][T12370] loop4: detected capacity change from 0 to 2048
[  185.980439][   T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  185.990005][   T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  186.000093][   T37] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  186.008354][T12372] netlink: 'syz.0.3132': attribute type 10 has an invalid length.
[  186.017998][   T37] bond0 (unregistering): Released all slaves
[  186.027006][   T37] bond1 (unregistering): Released all slaves
[  186.033470][T12370]  loop4: p1 p2 < > p3 < p5 > p4
[  186.038580][T12370] loop4: partition table partially beyond EOD, truncated
[  186.046198][T12370] loop4: p1 size 917504 extends beyond EOD, truncated
[  186.053918][T12370] loop4: p2 start 50331648 is beyond EOD, truncated
[  186.064248][T12370] loop4: p4 size 8192 extends beyond EOD, truncated
[  186.071461][T12370] loop4: p5 size 917504 extends beyond EOD, truncated
[  186.705394][   T29] kauditd_printk_skb: 424 callbacks suppressed
[  186.705408][   T29] audit: type=1326 audit(1761485843.520:22723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12363 comm="syz.4.3134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e336aefc9 code=0x7ffc0000
[  186.735443][   T29] audit: type=1326 audit(1761485843.520:22724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12363 comm="syz.4.3134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e336aefc9 code=0x7ffc0000
[  186.736458][T12369] bond0: (slave dummy0): Releasing backup interface
[  186.769079][T12369] team0: Port device dummy0 added
[  186.777808][T12372] team0: Port device dummy0 removed
[  186.786335][T12372] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  186.795221][T12373] syzkaller0: entered promiscuous mode
[  186.800790][T12373] syzkaller0: entered allmulticast mode
[  186.809280][   T37] tipc: Left network mode
[  186.828256][   T37] hsr_slave_0: left promiscuous mode
[  186.858836][   T29] audit: type=1326 audit(1761485843.660:22725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12378 comm="syz.1.3137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5174eefc9 code=0x7ffc0000
[  186.882543][   T29] audit: type=1326 audit(1761485843.660:22726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12378 comm="syz.1.3137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5174eefc9 code=0x7ffc0000
[  186.923335][   T37] hsr_slave_1: left promiscuous mode
[  186.993053][T12393] loop0: detected capacity change from 0 to 128
[  187.001835][T12392] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3142'.
[  187.013377][T12393] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  187.013631][T12393] ext4 filesystem being mounted at /54/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  187.123598][T11371] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  187.199916][T12319] chnl_net:caif_netlink_parms(): no params data found
[  187.228157][   T29] audit: type=1400 audit(1761485844.020:22727): avc:  denied  { create } for  pid=12408 comm="syz.4.3140" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  187.259626][T12409] loop9: detected capacity change from 0 to 7
[  187.266066][T12409] Buffer I/O error on dev loop9, logical block 0, async page read
[  187.274079][T12409] Buffer I/O error on dev loop9, logical block 0, async page read
[  187.281958][T12409]  loop9: unable to read partition table
[  187.287892][T12409] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ���
[  187.287892][T12409] 
) failed (rc=-5)
[  187.305122][T12409] $H�: renamed from bond0 (while UP)
[  187.312975][T12409] $H�: entered promiscuous mode
[  187.318149][T12409] bond_slave_0: entered promiscuous mode
[  187.323936][T12409] bond_slave_1: entered promiscuous mode
[  187.355682][   T29] audit: type=1326 audit(1761485844.160:22728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12411 comm="syz.0.3148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d6183efc9 code=0x7ffc0000
[  187.379394][   T29] audit: type=1326 audit(1761485844.160:22729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12411 comm="syz.0.3148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d6183efc9 code=0x7ffc0000
[  187.403119][   T29] audit: type=1326 audit(1761485844.160:22730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12411 comm="syz.0.3148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d6183efc9 code=0x7ffc0000
[  187.427002][   T29] audit: type=1326 audit(1761485844.160:22731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12411 comm="syz.0.3148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d6183efc9 code=0x7ffc0000
[  187.450651][   T29] audit: type=1326 audit(1761485844.160:22732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12411 comm="syz.0.3148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d6183efc9 code=0x7ffc0000
[  187.482492][T12423] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3152'.
[  187.502592][T12425] bond0: (slave bond_slave_0): Releasing backup interface
[  187.519662][T12425] team0: Port device team_slave_0 removed
[  187.528757][T12425] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  187.558339][T12319] bridge0: port 1(bridge_slave_0) entered blocking state
[  187.565621][T12319] bridge0: port 1(bridge_slave_0) entered disabled state
[  187.573676][T12319] bridge_slave_0: entered allmulticast mode
[  187.580332][T12319] bridge_slave_0: entered promiscuous mode
[  187.591953][T12319] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.599283][T12319] bridge0: port 2(bridge_slave_1) entered disabled state
[  187.612294][T12319] bridge_slave_1: entered allmulticast mode
[  187.619969][T12319] bridge_slave_1: entered promiscuous mode
[  187.662668][T12319] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  187.678666][T12319] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  187.701438][T12434] loop4: detected capacity change from 0 to 512
[  187.712869][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  187.724588][T12319] team0: Port device team_slave_0 added
[  187.732276][T12319] team0: Port device team_slave_1 added
[  187.739976][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  187.754080][T12434] EXT4-fs (loop4): get root inode failed
[  187.759752][T12434] EXT4-fs (loop4): mount failed
[  187.776668][T12439] loop5: detected capacity change from 0 to 1024
[  187.780445][T12434] loop4: detected capacity change from 0 to 512
[  187.784241][T12439] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  187.801036][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  187.804136][T12319] batman_adv: batadv0: Adding interface: batadv_slave_0
[  187.814561][T12319] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  187.840559][T12319] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  187.847050][T12439] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  187.859818][T12439] EXT4-fs (loop5): orphan cleanup on readonly fs
[  187.864900][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  187.866663][T12439] EXT4-fs warning (device loop5): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  187.880386][T12434] EXT4-fs (loop4): get root inode failed
[  187.894094][T12439] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  187.894556][T12439] EXT4-fs error (device loop5): ext4_free_blocks:6706: comm syz.5.3156: Freeing blocks not in datazone - block = 0, count = 4096
[  187.899890][T12434] EXT4-fs (loop4): mount failed
[  187.907457][T12439] EXT4-fs (loop5): 1 orphan inode deleted
[  187.931741][T12319] batman_adv: batadv0: Adding interface: batadv_slave_1
[  187.935540][T12434] loop4: detected capacity change from 0 to 512
[  187.938780][T12319] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  187.945629][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  187.970992][T12319] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  187.995832][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  188.009906][T12434] EXT4-fs (loop4): get root inode failed
[  188.015626][T12434] EXT4-fs (loop4): mount failed
[  188.028808][T12434] loop4: detected capacity change from 0 to 512
[  188.035698][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  188.044129][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  188.046121][T12319] hsr_slave_0: entered promiscuous mode
[  188.058053][T12434] EXT4-fs (loop4): get root inode failed
[  188.064152][T12319] hsr_slave_1: entered promiscuous mode
[  188.068806][T12434] EXT4-fs (loop4): mount failed
[  188.085028][T12434] loop4: detected capacity change from 0 to 512
[  188.091742][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  188.103988][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  188.117602][T12434] EXT4-fs (loop4): get root inode failed
[  188.123420][T12434] EXT4-fs (loop4): mount failed
[  188.135190][T12434] loop4: detected capacity change from 0 to 512
[  188.141954][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  188.156811][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  188.182721][T12434] EXT4-fs (loop4): get root inode failed
[  188.188446][T12434] EXT4-fs (loop4): mount failed
[  188.270440][T12434] loop4: detected capacity change from 0 to 512
[  188.283750][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  188.314854][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  188.330004][T12434] EXT4-fs (loop4): get root inode failed
[  188.335752][T12434] EXT4-fs (loop4): mount failed
[  188.350890][T12434] loop4: detected capacity change from 0 to 512
[  188.351148][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  188.354489][T12471] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3163'.
[  188.361000][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  188.408864][T12434] EXT4-fs (loop4): get root inode failed
[  188.414624][T12434] EXT4-fs (loop4): mount failed
[  188.433265][T12478] ������: renamed from vlan0 (while UP)
[  188.440246][T12434] loop4: detected capacity change from 0 to 512
[  188.457307][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  188.494237][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  188.507779][T12434] EXT4-fs (loop4): get root inode failed
[  188.507798][T12434] EXT4-fs (loop4): mount failed
[  188.522996][T12434] loop4: detected capacity change from 0 to 512
[  188.523257][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  188.539800][T12482] FAULT_INJECTION: forcing a failure.
[  188.539800][T12482] name failslab, interval 1, probability 0, space 0, times 0
[  188.539831][T12482] CPU: 0 UID: 0 PID: 12482 Comm: syz.0.3166 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  188.539934][T12482] Tainted: [W]=WARN
[  188.539942][T12482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  188.539957][T12482] Call Trace:
[  188.539964][T12482]  <TASK>
[  188.539973][T12482]  __dump_stack+0x1d/0x30
[  188.539999][T12482]  dump_stack_lvl+0xe8/0x140
[  188.540023][T12482]  dump_stack+0x15/0x1b
[  188.540044][T12482]  should_fail_ex+0x265/0x280
[  188.540107][T12482]  should_failslab+0x8c/0xb0
[  188.540209][T12482]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  188.540248][T12482]  ? __alloc_skb+0x101/0x320
[  188.540336][T12482]  __alloc_skb+0x101/0x320
[  188.540385][T12482]  ? mntput_no_expire+0x6f/0x440
[  188.540412][T12482]  alloc_skb_with_frags+0x7d/0x470
[  188.540450][T12482]  ? mntput+0x4b/0x80
[  188.540471][T12482]  ? terminate_walk+0x27f/0x2a0
[  188.540574][T12482]  virtio_transport_alloc_skb+0x91/0x710
[  188.540598][T12482]  ? __rcu_read_unlock+0x4f/0x70
[  188.540747][T12482]  virtio_transport_send_pkt_info+0x434/0x860
[  188.540787][T12482]  virtio_transport_connect+0x49/0x70
[  188.540817][T12482]  vsock_connect+0x793/0x820
[  188.540846][T12482]  ? __pfx_virtio_transport_stream_allow+0x10/0x10
[  188.540874][T12482]  ? __pfx_autoremove_wake_function+0x10/0x10
[  188.540961][T12482]  ? __pfx_vsock_connect+0x10/0x10
[  188.541028][T12482]  __sys_connect+0x1f2/0x2b0
[  188.541137][T12482]  __x64_sys_connect+0x3f/0x50
[  188.541172][T12482]  x64_sys_call+0x2c0c/0x3000
[  188.541200][T12482]  do_syscall_64+0xd2/0x200
[  188.541240][T12482]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  188.541345][T12482]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  188.541397][T12482]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.541428][T12482] RIP: 0033:0x7f4d6183efc9
[  188.541493][T12482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.541517][T12482] RSP: 002b:00007f4d602a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  188.541543][T12482] RAX: ffffffffffffffda RBX: 00007f4d61a95fa0 RCX: 00007f4d6183efc9
[  188.541560][T12482] RDX: 0000000000000010 RSI: 0000200000000100 RDI: 0000000000000005
[  188.541578][T12482] RBP: 00007f4d602a7090 R08: 0000000000000000 R09: 0000000000000000
[  188.541653][T12482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  188.541669][T12482] R13: 00007f4d61a96038 R14: 00007f4d61a95fa0 R15: 00007ffd58b284e8
[  188.541695][T12482]  </TASK>
[  188.581952][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  188.825080][T12491] loop0: detected capacity change from 0 to 1024
[  188.825365][T12491] EXT4-fs: inline encryption not supported
[  188.825499][T12491] EXT4-fs: Ignoring removed nomblk_io_submit option
[  188.825575][T12491] EXT4-fs: Ignoring removed bh option
[  188.832201][T12434] EXT4-fs (loop4): get root inode failed
[  188.832218][T12434] EXT4-fs (loop4): mount failed
[  188.854832][T12434] loop4: detected capacity change from 0 to 512
[  188.854998][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  188.865517][T12491] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.3169: Allocating blocks 385-513 which overlap fs metadata
[  188.879926][T12319] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  188.923635][T12496] EXT4-fs (loop0): pa ffff888106e24850: logic 16, phys. 129, len 24
[  188.923665][T12496] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 8
[  188.927088][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  188.927257][T12434] EXT4-fs (loop4): get root inode failed
[  188.927271][T12434] EXT4-fs (loop4): mount failed
[  188.942733][T12434] loop4: detected capacity change from 0 to 512
[  188.943122][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  188.950950][T12319] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  188.953278][T12319] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  188.961419][T12319] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  188.964286][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  188.964990][T12434] EXT4-fs (loop4): get root inode failed
[  188.965006][T12434] EXT4-fs (loop4): mount failed
[  188.978992][T12434] loop4: detected capacity change from 0 to 512
[  188.979172][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  189.023735][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  189.023970][T12434] EXT4-fs (loop4): get root inode failed
[  189.023981][T12434] EXT4-fs (loop4): mount failed
[  189.028705][T12434] loop4: detected capacity change from 0 to 512
[  189.028861][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  189.034138][T12319] 8021q: adding VLAN 0 to HW filter on device bond0
[  189.036158][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  189.036320][T12434] EXT4-fs (loop4): get root inode failed
[  189.036335][T12434] EXT4-fs (loop4): mount failed
[  189.048272][T12319] 8021q: adding VLAN 0 to HW filter on device team0
[  189.053940][  T382] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.053988][  T382] bridge0: port 1(bridge_slave_0) entered forwarding state
[  189.054941][T12434] loop4: detected capacity change from 0 to 512
[  189.055148][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  189.062765][  T382] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.239258][  T382] bridge0: port 2(bridge_slave_1) entered forwarding state
[  189.253441][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  189.296966][T12434] EXT4-fs (loop4): get root inode failed
[  189.302673][T12434] EXT4-fs (loop4): mount failed
[  189.338978][T12520] syzkaller0: entered promiscuous mode
[  189.344607][T12520] syzkaller0: entered allmulticast mode
[  189.347320][T12434] loop4: detected capacity change from 0 to 512
[  189.359430][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  189.393475][T12526] rdma_op ffff88811e4dc980 conn xmit_rdma 0000000000000000
[  189.412629][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  189.429133][T12434] EXT4-fs (loop4): get root inode failed
[  189.434882][T12434] EXT4-fs (loop4): mount failed
[  189.452044][T12434] loop4: detected capacity change from 0 to 512
[  189.458984][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  189.480095][T12319] 8021q: adding VLAN 0 to HW filter on device batadv0
[  189.496804][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  189.517044][T12434] EXT4-fs (loop4): get root inode failed
[  189.522747][T12434] EXT4-fs (loop4): mount failed
[  189.554348][T12434] loop4: detected capacity change from 0 to 512
[  189.582072][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  189.629768][T12547] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3178'.
[  189.639919][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  189.663489][T12434] EXT4-fs (loop4): get root inode failed
[  189.669175][T12434] EXT4-fs (loop4): mount failed
[  189.681796][T12319] veth0_vlan: entered promiscuous mode
[  189.712837][T12319] veth1_vlan: entered promiscuous mode
[  189.718120][T12434] loop4: detected capacity change from 0 to 512
[  189.727070][T12552] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3179'.
[  189.743378][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  189.763943][T12319] veth0_macvtap: entered promiscuous mode
[  189.784948][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  189.785775][T12319] veth1_macvtap: entered promiscuous mode
[  189.805089][T12434] EXT4-fs (loop4): get root inode failed
[  189.810797][T12434] EXT4-fs (loop4): mount failed
[  189.820971][T12434] loop4: detected capacity change from 0 to 512
[  189.827887][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  189.847783][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  189.873287][T12434] EXT4-fs (loop4): get root inode failed
[  189.878986][T12434] EXT4-fs (loop4): mount failed
[  189.885447][T12556] loop0: detected capacity change from 0 to 1024
[  189.898262][T12556] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  189.919153][T12434] loop4: detected capacity change from 0 to 512
[  189.920534][T12319] batman_adv: batadv0: Interface activated: batadv_slave_0
[  189.954701][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  189.955824][T12319] batman_adv: batadv0: Interface activated: batadv_slave_1
[  189.970185][T12556] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.3180: Invalid block bitmap block 0 in block_group 0
[  189.983986][T12556] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.3180: Failed to acquire dquot type 0
[  190.021792][T12556] EXT4-fs error (device loop0): ext4_free_blocks:6706: comm syz.0.3180: Freeing blocks not in datazone - block = 0, count = 4096
[  190.036106][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  190.061905][T12556] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.3180: Invalid inode bitmap blk 0 in block_group 0
[  190.076122][ T1084] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:6: Failed to release dquot type 0
[  190.076232][T12434] EXT4-fs (loop4): get root inode failed
[  190.093759][T12434] EXT4-fs (loop4): mount failed
[  190.112916][T12434] loop4: detected capacity change from 0 to 512
[  190.128104][T12556] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  190.143326][T12556] EXT4-fs (loop0): 1 orphan inode deleted
[  190.149532][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  190.173889][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  190.195599][   T37] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  190.213767][T12434] EXT4-fs (loop4): get root inode failed
[  190.219697][T12434] EXT4-fs (loop4): mount failed
[  190.230650][T12434] loop4: detected capacity change from 0 to 512
[  190.240114][   T37] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  190.244570][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  190.267685][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  190.294743][T12434] EXT4-fs (loop4): get root inode failed
[  190.300473][T12434] EXT4-fs (loop4): mount failed
[  190.308589][T12573] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.321780][   T37] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  190.330807][T12434] loop4: detected capacity change from 0 to 512
[  190.339131][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  190.378005][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  190.382845][   T37] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  190.403921][T12573] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.413970][T12434] EXT4-fs (loop4): get root inode failed
[  190.419643][T12434] EXT4-fs (loop4): mount failed
[  190.429863][T12434] loop4: detected capacity change from 0 to 512
[  190.447570][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  190.467769][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  190.488714][T12573] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.500589][T12592] loop0: detected capacity change from 0 to 128
[  190.507929][T12434] EXT4-fs (loop4): get root inode failed
[  190.513661][T12434] EXT4-fs (loop4): mount failed
[  190.524399][T12592] ext4 filesystem being mounted at /74/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  190.562306][T12434] loop4: detected capacity change from 0 to 512
[  190.569100][T12434] EXT4-fs: Ignoring removed mblk_io_submit option
[  190.577408][T12573] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.613314][T12434] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.3157: inode has both inline data and extents flags
[  190.642204][T12434] EXT4-fs (loop4): get root inode failed
[  190.648032][T12434] EXT4-fs (loop4): mount failed
[  190.654023][ T1084] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  190.667735][ T1084] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  190.678477][T12434] loop4: detected capacity change from 0 to 512
[  190.697903][ T1084] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  190.706819][ T1084] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  190.856502][T12616] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3198'.
[  190.865687][T12616] netem: unknown loss type 13
[  190.870474][T12616] netem: change failed
[  190.887900][T12618] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3199'.
[  190.928799][T12616] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  190.940698][T12616] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  190.991841][T12608] loop0: detected capacity change from 0 to 128
[  191.003048][T12622] loop2: detected capacity change from 0 to 128
[  191.186061][T12640] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3204'.
[  191.195629][T12640] IPVS: Error connecting to the multicast addr
[  191.249866][T12650] ������: renamed from vlan0 (while UP)
[  191.264606][T12653] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.315126][T12657] loop2: detected capacity change from 0 to 128
[  191.328677][T12653] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.374897][T12653] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.446002][T12653] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.523441][   T12] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  191.540802][   T12] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  191.550450][T12670] loop0: detected capacity change from 0 to 8192
[  191.568363][   T12] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  191.586299][ T1084] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  192.017659][   T29] kauditd_printk_skb: 347 callbacks suppressed
[  192.017677][   T29] audit: type=1326 audit(1761485848.830:23076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12695 comm="syz.4.3226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e336aefc9 code=0x7ffc0000
[  192.048113][   T29] audit: type=1326 audit(1761485848.830:23077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12695 comm="syz.4.3226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7f3e336aefc9 code=0x7ffc0000
[  192.071841][   T29] audit: type=1326 audit(1761485848.830:23078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12695 comm="syz.4.3226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e336aefc9 code=0x7ffc0000
[  192.076394][T12698] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3226'.
[  192.095475][   T29] audit: type=1326 audit(1761485848.830:23079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12695 comm="syz.4.3226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f3e336aefc9 code=0x7ffc0000
[  192.095567][   T29] audit: type=1326 audit(1761485848.830:23080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12695 comm="syz.4.3226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3e336af003 code=0x7ffc0000
[  192.151414][   T29] audit: type=1326 audit(1761485848.830:23081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12695 comm="syz.4.3226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3e336af003 code=0x7ffc0000
[  192.174903][   T29] audit: type=1326 audit(1761485848.830:23082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12695 comm="syz.4.3226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e336aefc9 code=0x7ffc0000
[  192.198641][   T29] audit: type=1326 audit(1761485848.830:23083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12695 comm="syz.4.3226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7f3e336aefc9 code=0x7ffc0000
[  192.222243][   T29] audit: type=1326 audit(1761485848.830:23084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12695 comm="syz.4.3226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e336aefc9 code=0x7ffc0000
[  192.245968][   T29] audit: type=1326 audit(1761485848.830:23085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12695 comm="syz.4.3226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3e336aefc9 code=0x7ffc0000
[  192.502045][T12715] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3233'.
[  192.637474][T12729] loop5: detected capacity change from 0 to 512
[  192.655424][T12729] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  192.686094][T12729] EXT4-fs (loop5): 1 truncate cleaned up
[  192.694690][T12729] EXT4-fs mount: 8 callbacks suppressed
[  192.694772][T12729] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.764633][T12713] loop2: detected capacity change from 0 to 128
[  192.843296][ T9281] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.888210][T12748] loop5: detected capacity change from 0 to 1024
[  192.900631][T12748] EXT4-fs: Ignoring removed nomblk_io_submit option
[  192.914584][T12749] loop5: detected capacity change from 0 to 512
[  192.923786][T12748] /dev/loop5: Can't open blockdev
[  192.929869][T12749] /dev/loop5: Can't open blockdev
[  192.933489][T12754] netlink: 'syz.1.3245': attribute type 10 has an invalid length.
[  192.939013][T12752] loop5: detected capacity change from 0 to 128
[  192.952560][T12754] team0: Port device dummy0 added
[  192.955968][T12752] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  192.961328][T12757] loop0: detected capacity change from 0 to 128
[  192.969704][T12752] FAT-fs (loop5): unable to read boot sector
[  192.980054][T12754] netlink: 'syz.1.3245': attribute type 10 has an invalid length.
[  192.990653][T12754] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  193.000633][T12755] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3247'.
[  193.013408][T12748] netlink: 'syz.5.3244': attribute type 1 has an invalid length.
[  193.023626][T12757] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  193.036827][T12754] team0: Failed to send options change via netlink (err -105)
[  193.037111][T12757] ext4 filesystem being mounted at /85/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  193.045863][T12754] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  193.079936][T12749] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3244'.
[  193.094116][T12754] team0: Port device dummy0 removed
[  193.101927][T12754] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  193.126142][T12748] 8021q: adding VLAN 0 to HW filter on device bond3
[  193.137353][T12749] bond3 (unregistering): Released all slaves
[  193.182301][T11371] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  193.189103][T12768] syzkaller0: entered promiscuous mode
[  193.197050][T12768] syzkaller0: entered allmulticast mode
[  193.395572][T12795] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3261'.
[  193.395656][T12795] IPVS: Error connecting to the multicast addr
[  193.497287][T12785] serio: Serial port ptm0
[  193.532288][T12787] loop2: detected capacity change from 0 to 128
[  193.886466][T12819] SELinux:  policydb magic number 0x10 does not match expected magic number 0xf97cff8c
[  193.886627][T12819] SELinux: failed to load policy
[  194.099061][T12836] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3277'.
[  194.112943][T12835] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3277'.
[  194.174246][T12848] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3282'.
[  194.176148][T12850] loop2: detected capacity change from 0 to 128
[  194.203331][T12850] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  194.215673][T12850] ext4 filesystem being mounted at /25/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  194.325924][T12319] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  194.447508][T12882] loop4: detected capacity change from 0 to 512
[  194.453357][T12882] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  194.468727][T12871] loop2: detected capacity change from 0 to 2048
[  194.480501][T12882] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3296: bg 0: block 272: padding at end of block bitmap is not set
[  194.498492][T12882] EXT4-fs (loop4): 1 truncate cleaned up
[  194.498855][T12882] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.500148][T12882] netlink: 84 bytes leftover after parsing attributes in process `syz.4.3296'.
[  194.507732][T12871]  loop2: p4 < >
[  194.577998][T11871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.210742][T12905] netlink: 224 bytes leftover after parsing attributes in process `wޣ�'.
[  195.219803][T12905] netlink: 16 bytes leftover after parsing attributes in process `wޣ�'.
[  195.232699][T12910] loop2: detected capacity change from 0 to 128
[  195.257640][T12910] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  195.278493][T12910] ext4 filesystem being mounted at /27/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  195.375845][T12319] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  195.468070][T12927] loop5: detected capacity change from 0 to 128
[  195.604617][T12935] netlink: 'syz.4.3313': attribute type 10 has an invalid length.
[  195.611831][T12935] team0: Port device dummy0 added
[  195.616105][T12935] netlink: 'syz.4.3313': attribute type 10 has an invalid length.
[  195.668478][T12935] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  195.680753][T12935] team0: Failed to send options change via netlink (err -105)
[  195.680803][T12935] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  195.681074][T12935] team0: Port device dummy0 removed
[  195.682697][T12935] dummy0: entered promiscuous mode
[  195.683052][T12935] $H�: (slave dummy0): Enslaving as an active interface with an up link
[  195.815004][T12942] netlink: 'syz.5.3316': attribute type 10 has an invalid length.
[  195.846198][T12942] team0: Port device dummy0 added
[  195.857167][T12942] netlink: 'syz.5.3316': attribute type 10 has an invalid length.
[  195.857795][T12942] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  195.865997][T12942] team0: Failed to send options change via netlink (err -105)
[  195.882507][T12942] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  195.882897][T12942] team0: Port device dummy0 removed
[  195.886976][T12942] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  196.324182][T12949] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.369262][T12949] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.418909][T12949] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.463736][T12949] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.597315][   T37] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  196.609753][   T37] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  196.618259][   T37] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  196.626854][   T37] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  196.643517][T12967] IPVS: Error connecting to the multicast addr
[  196.770836][T12988] loop9: detected capacity change from 0 to 7
[  196.777232][T12988] Buffer I/O error on dev loop9, logical block 0, async page read
[  196.785244][T12988] Buffer I/O error on dev loop9, logical block 0, async page read
[  196.793264][T12988]  loop9: unable to read partition table
[  196.799184][T12988] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ���
[  196.799184][T12988] 
) failed (rc=-5)
[  196.830329][T12992] netlink: 'syz.4.3337': attribute type 1 has an invalid length.
[  196.838746][T12993] netlink: 'syz.4.3337': attribute type 1 has an invalid length.
[  196.853642][T12992] bond0: entered promiscuous mode
[  196.858733][T12992] bond0: entered allmulticast mode
[  196.868060][T12992] 8021q: adding VLAN 0 to HW filter on device bond0
[  196.891848][T12992] bond0: (slave gretap1): making interface the new active one
[  196.899565][T12992] gretap1: entered promiscuous mode
[  196.905026][T12992] gretap1: entered allmulticast mode
[  196.928327][T12992] bond0: (slave gretap1): Enslaving as an active interface with an up link
[  196.940130][T12993] vlan0: entered allmulticast mode
[  196.946152][T12993] bond0: (slave vlan0): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  196.970036][T13008] vlan0: entered allmulticast mode
[  196.976616][T13008] bond0: (slave vlan0): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  197.017304][T12996] serio: Serial port ptm0
[  197.062436][   T29] kauditd_printk_skb: 435 callbacks suppressed
[  197.062454][   T29] audit: type=1400 audit(1761485853.870:23521): avc:  denied  { create } for  pid=13006 comm="syz.5.3342" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  197.090638][   T29] audit: type=1400 audit(1761485853.870:23522): avc:  denied  { write } for  pid=13006 comm="syz.5.3342" name="file0" dev="tmpfs" ino=1131 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  197.113647][   T29] audit: type=1400 audit(1761485853.870:23523): avc:  denied  { open } for  pid=13006 comm="syz.5.3342" path="/204/file0" dev="tmpfs" ino=1131 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  197.123718][T13016] 8021q: VLANs not supported on vcan0
[  197.136686][   T29] audit: type=1326 audit(1761485853.880:23524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13006 comm="syz.5.3342" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c519efc9 code=0x0
[  197.370438][   T29] audit: type=1326 audit(1761485854.180:23525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13034 comm="syz.1.3353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5174eefc9 code=0x7ffc0000
[  197.394199][   T29] audit: type=1326 audit(1761485854.180:23526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13034 comm="syz.1.3353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5174eefc9 code=0x7ffc0000
[  197.417890][   T29] audit: type=1326 audit(1761485854.180:23527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13034 comm="syz.1.3353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa5174eefc9 code=0x7ffc0000
[  197.441516][   T29] audit: type=1326 audit(1761485854.180:23528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13034 comm="syz.1.3353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5174eefc9 code=0x7ffc0000
[  197.465257][   T29] audit: type=1326 audit(1761485854.180:23529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13034 comm="syz.1.3353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fa5174eefc9 code=0x7ffc0000
[  197.490105][   T29] audit: type=1326 audit(1761485854.180:23530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13034 comm="syz.1.3353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5174eefc9 code=0x7ffc0000
[  197.562621][T13049] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.605055][T13049] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.664883][T13049] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.754835][T13049] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.902094][T13086] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  197.924444][T13086] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  197.954955][T13075] loop4: detected capacity change from 0 to 128
[  198.194617][T13106] loop0: detected capacity change from 0 to 128
[  198.238141][T13106] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  198.238324][T13106] ext4 filesystem being mounted at /108/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  198.289183][T13110] serio: Serial port ptm0
[  198.318909][T11371] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  198.373556][T13112] loop0: detected capacity change from 0 to 128
[  198.396170][T13112] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  198.398091][T13112] ext4 filesystem being mounted at /109/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  198.464313][T11371] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  198.525813][T13115] __nla_validate_parse: 6 callbacks suppressed
[  198.525832][T13115] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3380'.
[  198.870554][T13126] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3385'.
[  198.879776][T13126] IPVS: Unknown mcast interface: ipvlan1
[  198.989113][T13132] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  199.070656][T13143] loop4: detected capacity change from 0 to 128
[  199.078912][T13143] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  199.101544][T13143] ext4 filesystem being mounted at /73/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  199.197443][T13152] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3397'.
[  199.197549][T13152] IPVS: Error connecting to the multicast addr
[  199.233635][T13157] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3399'.
[  199.276583][T11871] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  199.295519][T13162] lo speed is unknown, defaulting to 1000
[  199.295543][T13162] lo speed is unknown, defaulting to 1000
[  199.295702][T13162] lo speed is unknown, defaulting to 1000
[  199.296252][T13165] loop4: detected capacity change from 0 to 128
[  199.296675][T13162] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  199.303905][T13165] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  199.311974][T13162] lo speed is unknown, defaulting to 1000
[  199.314300][T13165] ext4 filesystem being mounted at /74/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  199.321535][T13162] lo speed is unknown, defaulting to 1000
[  199.393003][T13169] serio: Serial port ptm0
[  199.424288][T11871] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  199.425364][T13162] lo speed is unknown, defaulting to 1000
[  199.445706][T13162] lo speed is unknown, defaulting to 1000
[  199.446145][T13162] lo speed is unknown, defaulting to 1000
[  199.446563][T13162] lo speed is unknown, defaulting to 1000
[  199.837641][T13190] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=13190 comm=syz.1.3407
[  199.871749][T13192] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3410'.
[  199.908430][T13196] loop4: detected capacity change from 0 to 128
[  199.910596][T13196] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  199.927432][T13196] ext4 filesystem being mounted at /82/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  199.990566][T13200] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  200.024698][T11871] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  200.155714][T13219] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3421'.
[  200.185937][T13223] loop5: detected capacity change from 0 to 128
[  200.196059][T13223] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  200.216905][T13223] ext4 filesystem being mounted at /214/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  200.227517][T13227] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  200.264131][T13227] syzkaller0: entered promiscuous mode
[  200.269731][T13227] syzkaller0: entered allmulticast mode
[  200.302856][ T9281] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  200.342018][T13229] loop4: detected capacity change from 0 to 128
[  200.350620][T13229] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  200.363191][T13229] ext4 filesystem being mounted at /85/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  200.433917][T11871] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  200.629020][T13246] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.675886][T13246] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.687294][T13255] netlink: 19 bytes leftover after parsing attributes in process `syz.0.3434'.
[  200.698846][T13255] FAULT_INJECTION: forcing a failure.
[  200.698846][T13255] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  200.698885][T13255] CPU: 0 UID: 0 PID: 13255 Comm: +}[@ Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  200.698992][T13255] Tainted: [W]=WARN
[  200.699001][T13255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  200.699017][T13255] Call Trace:
[  200.699025][T13255]  <TASK>
[  200.699034][T13255]  __dump_stack+0x1d/0x30
[  200.699062][T13255]  dump_stack_lvl+0xe8/0x140
[  200.699170][T13255]  dump_stack+0x15/0x1b
[  200.699200][T13255]  should_fail_ex+0x265/0x280
[  200.699225][T13255]  should_fail+0xb/0x20
[  200.699245][T13255]  should_fail_usercopy+0x1a/0x20
[  200.699318][T13255]  _copy_from_user+0x1c/0xb0
[  200.699346][T13255]  __sys_sendto+0x19e/0x330
[  200.699403][T13255]  __x64_sys_sendto+0x76/0x90
[  200.699441][T13255]  x64_sys_call+0x2d14/0x3000
[  200.699505][T13255]  do_syscall_64+0xd2/0x200
[  200.699528][T13255]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  200.699565][T13255]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  200.699682][T13255]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.699714][T13255] RIP: 0033:0x7f4d61840e5c
[  200.699736][T13255] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  200.699760][T13255] RSP: 002b:00007f4d602a5ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  200.699818][T13255] RAX: ffffffffffffffda RBX: 00007f4d602a5fc0 RCX: 00007f4d61840e5c
[  200.699836][T13255] RDX: 0000000000000020 RSI: 00007f4d602a6010 RDI: 000000000000000d
[  200.699854][T13255] RBP: 0000000000000000 R08: 00007f4d602a5f14 R09: 000000000000000c
[  200.699871][T13255] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000000d
[  200.699888][T13255] R13: 00007f4d602a5f68 R14: 00007f4d602a6010 R15: 0000000000000000
[  200.699984][T13255]  </TASK>
[  200.714755][T13246] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.738061][   T37] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  200.804490][T13258] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3435'.
[  200.813958][   T37] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  200.927883][T13258] team0: No ports can be present during mode change
[  200.938508][   T37] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  200.941964][   T37] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  200.945847][T13246] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.973986][T13261] loop0: detected capacity change from 0 to 128
[  200.976611][T13261] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  200.994771][T13261] ext4 filesystem being mounted at /130/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  201.053460][T11371] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  201.069423][ T1084] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  201.085136][ T1084] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  201.085174][ T1084] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  201.088792][ T1084] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  201.102377][T13265] loop2: detected capacity change from 0 to 512
[  201.134337][T13265] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.3437: invalid indirect mapped block 256 (level 2)
[  201.148416][T13265] EXT4-fs (loop2): 2 truncates cleaned up
[  201.148900][T13265] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.174597][T13270] netlink: 19 bytes leftover after parsing attributes in process `syz.1.3439'.
[  201.375958][T13296] 9pnet_fd: Insufficient options for proto=fd
[  201.386633][T13294] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.457032][T13294] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.496319][T13287] loop5: detected capacity change from 0 to 128
[  201.504732][T13309] netlink: 'syz.4.3450': attribute type 10 has an invalid length.
[  201.514765][T13309] $H�: (slave dummy0): Releasing backup interface
[  201.522560][T13309] dummy0: left promiscuous mode
[  201.536418][T13309] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  201.545551][T13309] team0: Failed to send options change via netlink (err -105)
[  201.553205][T13309] team0: Port device dummy0 added
[  201.559594][T13313] netlink: 'syz.4.3450': attribute type 10 has an invalid length.
[  201.580153][T13294] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.617912][T13313] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  201.640807][T13313] team0: Failed to send options change via netlink (err -105)
[  201.651857][T13313] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  201.661785][T13313] team0: Port device dummy0 removed
[  201.669762][T13313] dummy0: entered promiscuous mode
[  201.675654][T13313] $H�: (slave dummy0): Enslaving as an active interface with an up link
[  201.700390][T13294] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.795615][   T31] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  201.808107][   T31] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  201.821253][   T31] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  201.834809][   T31] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  201.899745][T12319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.344873][T13352] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3468'.
[  202.344971][T13352] IPVS: Error connecting to the multicast addr
[  202.416708][   T29] kauditd_printk_skb: 424 callbacks suppressed
[  202.416725][   T29] audit: type=1326 audit(1761485859.230:23955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13358 comm="syz.0.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d6183efc9 code=0x7ffc0000
[  202.446612][   T29] audit: type=1326 audit(1761485859.230:23956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13358 comm="syz.0.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d6183efc9 code=0x7ffc0000
[  202.470290][   T29] audit: type=1326 audit(1761485859.230:23957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13358 comm="syz.0.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7f4d6183efc9 code=0x7ffc0000
[  202.494020][   T29] audit: type=1326 audit(1761485859.230:23958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13358 comm="syz.0.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d6183efc9 code=0x7ffc0000
[  202.494056][   T29] audit: type=1326 audit(1761485859.230:23959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13358 comm="syz.0.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d6183efc9 code=0x7ffc0000
[  202.495179][T13346] loop2: detected capacity change from 0 to 128
[  202.569976][   T29] audit: type=1326 audit(1761485859.330:23960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13357 comm="syz.4.3470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e336aefc9 code=0x7ffc0000
[  202.570025][   T29] audit: type=1326 audit(1761485859.330:23961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13357 comm="syz.4.3470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e336aefc9 code=0x7ffc0000
[  202.570101][   T29] audit: type=1326 audit(1761485859.330:23962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13357 comm="syz.4.3470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3e336aefc9 code=0x7ffc0000
[  202.570182][   T29] audit: type=1326 audit(1761485859.330:23963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13357 comm="syz.4.3470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e336aefc9 code=0x7ffc0000
[  202.570218][   T29] audit: type=1326 audit(1761485859.330:23964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13357 comm="syz.4.3470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e336aefc9 code=0x7ffc0000
[  202.780732][T13374] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.825232][T13376] loop2: detected capacity change from 0 to 2048
[  202.847544][T13374] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.861918][T13376] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  202.916405][T13374] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.983934][T13374] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.038552][T12319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.071946][ T1084] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  203.083737][ T1084] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  203.106967][ T1084] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  203.133211][ T1084] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  203.249326][T13388] loop5: detected capacity change from 0 to 128
[  203.574680][T13420] sd 0:0:1:0: device reset
[  203.587719][T13420] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3493'.
[  204.005996][T13426] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3498'.
[  204.015655][T13426] IPVS: Error connecting to the multicast addr
[  204.045542][T13434] loop2: detected capacity change from 0 to 512
[  204.054038][T13434] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  204.066127][T13434] EXT4-fs (loop2): 1 truncate cleaned up
[  204.072323][T13434] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  204.126187][T12319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.201842][T13448] lo speed is unknown, defaulting to 1000
[  204.318362][T13446] serio: Serial port ptm0
[  204.401405][T13465] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3513'.
[  204.420881][T13465] IPVS: Error connecting to the multicast addr
[  204.456207][T13469] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3516'.
[  204.538296][T13482] syzkaller0: entered promiscuous mode
[  204.544027][T13482] syzkaller0: entered allmulticast mode
[  204.592029][T13479] loop5: detected capacity change from 0 to 2048
[  204.618223][T13490] serio: Serial port ptm1
[  204.648083][T13479]  loop5: p1 p2 < > p3 < p5 > p4
[  204.653070][T13479] loop5: partition table partially beyond EOD, truncated
[  204.660570][T13479] loop5: p1 size 917504 extends beyond EOD, truncated
[  204.669659][T13479] loop5: p2 start 50331648 is beyond EOD, truncated
[  204.677156][T13479] loop5: p4 size 8192 extends beyond EOD, truncated
[  204.684541][T13479] loop5: p5 size 917504 extends beyond EOD, truncated
[  205.160184][T13528] loop2: detected capacity change from 0 to 2048
[  205.223494][T13528]  loop2: p1 p2 < > p3 < p5 > p4
[  205.228495][T13528] loop2: partition table partially beyond EOD, truncated
[  205.246884][T13528] loop2: p1 size 917504 extends beyond EOD, truncated
[  205.263556][T13528] loop2: p2 start 50331648 is beyond EOD, truncated
[  205.281531][T13528] loop2: p4 size 8192 extends beyond EOD, truncated
[  205.291404][T13528] loop2: p5 size 917504 extends beyond EOD, truncated
[  205.569052][T13539] loop0: detected capacity change from 0 to 128
[  205.579125][T13539] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  205.606891][T13539] ext4 filesystem being mounted at /146/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  205.681145][T13542] loop5: detected capacity change from 0 to 2048
[  205.710320][T11371] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  205.723272][T13542] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  206.074801][ T9281] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.214041][T13551] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3550'.
[  206.229925][T13555] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3552'.
[  206.260352][T13557] loop5: detected capacity change from 0 to 128
[  206.268234][T13557] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  206.280767][T13557] ext4 filesystem being mounted at /237/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  206.369439][ T9281] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  206.426372][T13559] serio: Serial port ptm0
[  206.452367][T13569] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3566'.
[  206.463833][T13569] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3566'.
[  206.533771][ T3400] lo speed is unknown, defaulting to 1000
[  206.566803][T13573] ==================================================================
[  206.574928][T13573] BUG: KCSAN: data-race in io_flush_timeouts / io_issue_sqe
[  206.582233][T13573] 
[  206.584559][T13573] read-write to 0xffff888118fbca10 of 4 bytes by task 13576 on cpu 1:
[  206.592702][T13573]  io_issue_sqe+0x1f9/0xa80
[  206.597213][T13573]  io_wq_submit_work+0x3f7/0x5f0
[  206.602170][T13573]  io_worker_handle_work+0x44e/0x9b0
[  206.607464][T13573]  io_wq_worker+0x22e/0x860
[  206.611982][T13573]  ret_from_fork+0x122/0x1b0
[  206.616581][T13573]  ret_from_fork_asm+0x1a/0x30
[  206.621347][T13573] 
[  206.623682][T13573] read to 0xffff888118fbca10 of 4 bytes by task 13573 on cpu 0:
[  206.631308][T13573]  io_flush_timeouts+0x56/0x1d0
[  206.636168][T13573]  __io_commit_cqring_flush+0xeb/0x100
[  206.641643][T13573]  io_issue_sqe+0x8ab/0xa80
[  206.646155][T13573]  io_wq_submit_work+0x3f7/0x5f0
[  206.651196][T13573]  io_worker_handle_work+0x44e/0x9b0
[  206.656488][T13573]  io_wq_worker+0x22e/0x860
[  206.661088][T13573]  ret_from_fork+0x122/0x1b0
[  206.665686][T13573]  ret_from_fork_asm+0x1a/0x30
[  206.670531][T13573] 
[  206.672868][T13573] value changed: 0x000004fd -> 0x000004fe
[  206.678613][T13573] 
[  206.680944][T13573] Reported by Kernel Concurrency Sanitizer on:
[  206.687092][T13573] CPU: 0 UID: 0 PID: 13573 Comm: iou-wrk-13571 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  206.698720][T13573] Tainted: [W]=WARN
[  206.702517][T13573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  206.712568][T13573] ==================================================================