last executing test programs:

17.322066724s ago: executing program 2 (id=1358):
mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'sit0\x00', @remote})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x105042, 0x189)
pwrite64(r1, &(0x7f00000003c0)='\x00\x00', 0xfffffe97, 0x1)
perf_event_open(&(0x7f00000012c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1fc, 0x420, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x10001}, 0x3890, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x0, 0x9af}, 0x0, 0x102, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffbfffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x6, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000050000000000000000000024000a20000000000a1f000000000000000000010000000900010073797a300000000058000000030a0104000000000000000001000000090003803d2175fbe782c2002c00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a300000000088000000060a010400000000000000000100000008000b400000000014000480100001800b0001006e756d67656e00000900010073797a30000000004c0004804800018008000100666962003c000280080003400000000c08000140000000020800014000000030080002400000000308000140000000120800034000000000080003400000000a"], 0x122}}, 0x10)

16.81562245s ago: executing program 2 (id=1361):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0xb0, 0x7fff0000}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x2800, 0x2b)
mknodat$null(r1, &(0x7f0000000300)='./file0/file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd'])
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x4800)
vmsplice(r2, &(0x7f00000005c0)=[{0x0}], 0x1, 0xa)
stat(0x0, 0x0)

16.723061402s ago: executing program 2 (id=1364):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000300)={0x80000002, 0x1000, 0x0, 'queue1\x00', 0xff})
r1 = perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x7, 0x0, 0x1e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, @perf_bp={&(0x7f00000003c0), 0x6}, 0x0, 0x2, 0xfffffff0, 0x0, 0x12, 0x4, 0x1, 0x0, 0x0, 0x0, 0x9f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="180000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x1)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x7fff, 0x0, 0x5, 0xd, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
write$selinux_load(r3, &(0x7f0000000440)=ANY=[@ANYBLOB="10344cf0b88d038cff7cf9080000005345204c696e7578dc36b797cdcdac247abf"], 0x21)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="00000000000000000100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70200001f0000000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b7002001000000009500000000000000"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
readahead(0xffffffffffffffff, 0xc, 0x5)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_HARDIF(r6, 0x0, 0x40000)
syz_genetlink_get_family_id$nl80211(0x0, r6)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b00000000000000000000000000d87700000000", @ANYRESDEC=r1, @ANYRES8=r2, @ANYRES8=r5, @ANYRES8=r2, @ANYBLOB="00000000000000000000000000202d143b60f3651d71dc47a5a48a31"], 0x50)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=@newtaction={0x18, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x4}]}, 0x18}}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000070000000000b702000014000000b70300000000fe008500000083000000bf09000065000000000000000000000095000000000000bf91000000000000b70200850000008400fb00b70000000000000095000000000000009edb014989bff73eebe18759507e3a12ccf9b9ffd7d37a1fb093bbb5f0e3106f263cfcbc10b7dbe2"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x10)
r9 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r9, 0x5453, 0x0)
io_setup(0xd6, &(0x7f0000000240))
socket$inet6(0x10, 0x3, 0x0)

16.632509753s ago: executing program 2 (id=1367):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x51f, &(0x7f0000000700)="$eJzs3W1rZFcdAPD/vcnsZndTM1WRtWBbbGVXdGeSxrZBpF1B9FVBre/XmExCyCQTMpO6CUVT/ACCiAp+AN8IfgBB+hFEKOh7UVHEbvWl7pU7c6NJZiaZTSaZNPn94GTOuQ/nf84lc+c+HO4N4Mp6PiLuR8RYRHw2IqaK6WmRYreT8uU+ePT2Qp6SyLI3/5FEUkzbqysvj0fErWK1iYj45tcivpN0x21u76zO1+u1zaJcba1tVJvbO/dW1uaXa8u19dnZmVfmXp17eW46K5yqn+WIeO0rf/nJD3/x1dd+8/nv/vHB3+5+L2/Wlz7RaXdELAxQzdiTxu3UXWpviz35Ntp80oousLw/pSfeMgAAjEJ+jP/RiPh0+/h/KsbaR3MAAADAZZK9Phn/TiIyAAAA4NJKI2IykrRSjAWYjDStVDpjeD8eN9N6o9n63FJja30xnxdRjlK6tFKvTRdjhctRSvLyTDHGdq/80qHybEQ8HRE/nrrRLlcWGvXFUV/8AAAAgCvi1nMHz///NZW2893uT5574wAAAIDhKfctAAAAAJeFU34AAAC4/Jz/AwAAwKX29TfeyFO29x7vxbe2t1Ybb91brDVXK2tbC5WFxuZGZbnRWG4/s2/tuPrqjcbGF2J962G1VWu2qs3tnQdrja311oOVA6/ABgAAAM7R08+9+4ckIna/eKOdongOIMABfx51A4BhGht1A4CRGR91A4CRKR27RO89xI0zaAswGskx87sH7xR7gN+eTXsAAIDhu/PJ7vv/14p5x18bAD7MjPUBgKvH/X+4ukonHQF4e9gtAUblI52P6/3m9314xwD3/zvXGLLsRA0DAACGZrKdkrRSHKdPRppWKhFPtV8LUEqWVuq16eL84PdTpet5eaa9ZnLsmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCPLksgAAACASy0i/WvSfpp/xJ2pFycPXh049Navn7/504fzrdbmTMS15P2pfNK1iGj9rJj+UuaVAAAAAHABdM7T43oU5/EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMEwfPHp7YS+dZ9y/fzkiyr3ij8dE+3MiShFx859JjO9bL4mIsSHE330nIm73ip/E4yzLykUresW/ccbxy+1N0zt+GhG3hhAfrrJ38/3P/V7fvzSeb3/2/v6NF+m0+u//0v/t/8b67H+eOlTu55n3flXtG/+diGfGe+9/9uInnfgHQuSFFwbs47e/tbPTc8a+KnvF3x+r2lrbqDa3d+6trM0v15Zr67OzM6/MvTr38tx0dWmlXiv+9gzzo0/9+vFR/b/ZJ375YP+7tv+LA/U+i/+89/DRxzqFUq/4d1/o/ft7u0/8tPjt+0yRz+ff2cvvdvL7PfvL3z17VP8Xe/c/mTim/3cH6n+8n33jB3/qOadrawAA56G5vbM6X6/XNo/ITAywzDlnXr8YzRhiJi5GM0aVyb7f+X88XT2nXL0rk51m9fEYQjOudX1Px+KkFSYRu3ldA/5DAgAAl8z/D/qPuoMEAAAAAAAAAAAAAAAAAAAAnKUTPpZsIiIGXvhwzN3RdBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ej/DQAA//9kR9Lv")
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) (async)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x40400)
read(r1, &(0x7f0000000240)=""/195, 0xc3)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='pids.events\x00', 0x275a, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000080)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0}}, 0x20)
fadvise64(r2, 0x7, 0x4, 0x4)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(r3, &(0x7f0000000000)='map_files\x00') (async)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50) (async, rerun: 64)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 64)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x109) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xb, 0x6, 0x5, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x201, @void, @value}, 0x94) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0xffffff11, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket(0x10, 0x3, 0x9)
connect$netlink(r6, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc) (async, rerun: 32)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r6, &(0x7f0000000480)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000280)={0x14, 0x0, 0x400, 0x70bd2d, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40488c0}, 0x40044) (async, rerun: 32)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_setup(0x8, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) (async)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

16.312086466s ago: executing program 2 (id=1374):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={<r0=>0x0}, &(0x7f0000000040)=0xc)
prlimit64(r0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000940)="2e00000010008188e6b62aa73772cc9f1ba1f848310000005e140602000000000e000a001000000002800000128c", 0x2e}], 0x1}, 0x0)

15.067242382s ago: executing program 2 (id=1392):
socket$kcm(0x10, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, 0x0, 0x40c0080)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESDEC=r0, @ANYBLOB="0000000000000000b708000090b71d917b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400800000000085000000030000009500000000000000"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x85, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e22, 0x4, @remote, 0x7dd}}, 0x8, 0x1}, &(0x7f0000001280)=0x90)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000500)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000540)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0xfffffffc, 0x0, 0x0, 0x40f00, 0x4, '\x00', r4, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value=0x2000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='dlm_send\x00', r2, 0x0, 0x9}, 0x18)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_udp_int(r5, 0x11, 0xa, 0x0, &(0x7f0000000200))
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r6, 0x6, 0xe, &(0x7f00000005c0)={@in6={{0xa, 0x4e22, 0x7a0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7}}, 0x0, 0x0, 0x2e, 0x0, "39364c96b27816f6b1f4060e51d5a3871deaeac952613fa251702c16aa22e71e275a6b01c4c188d89f75a07380f79abf8fd9bc83dd4e96f52f8325623c3337dd77115ed8c1e39333ed5f45e0c5fabf0a"}, 0xd8)
mlock2(&(0x7f0000ff6000/0x9000)=nil, 0x9000, 0x0)
r7 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
fallocate(r7, 0x0, 0x0, 0x1001f0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r8}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="000800000000002da1947a24eb23000000", @ANYRES32=r7, @ANYBLOB, @ANYRES32=r8, @ANYBLOB, @ANYRES64=0x0], 0x20)
r9 = syz_genetlink_get_family_id$gtp(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$GTP_CMD_NEWPDP(r7, &(0x7f0000000980)={&(0x7f0000000340), 0xc, &(0x7f0000000940)={&(0x7f0000000800)={0x30, r9, 0x800, 0x70bd26, 0x25dfdbff, {}, [@GTPA_FAMILY={0x5, 0xd, 0x11}, @GTPA_PEER_ADDR6={0x14, 0xb, @dev={0xfe, 0x80, '\x00', 0x15}}]}, 0x30}, 0x1, 0x0, 0x0, 0x20008880}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x48, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

14.976095283s ago: executing program 32 (id=1392):
socket$kcm(0x10, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, 0x0, 0x40c0080)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESDEC=r0, @ANYBLOB="0000000000000000b708000090b71d917b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400800000000085000000030000009500000000000000"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x85, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e22, 0x4, @remote, 0x7dd}}, 0x8, 0x1}, &(0x7f0000001280)=0x90)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000500)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000540)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0xfffffffc, 0x0, 0x0, 0x40f00, 0x4, '\x00', r4, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value=0x2000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='dlm_send\x00', r2, 0x0, 0x9}, 0x18)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_udp_int(r5, 0x11, 0xa, 0x0, &(0x7f0000000200))
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r6, 0x6, 0xe, &(0x7f00000005c0)={@in6={{0xa, 0x4e22, 0x7a0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7}}, 0x0, 0x0, 0x2e, 0x0, "39364c96b27816f6b1f4060e51d5a3871deaeac952613fa251702c16aa22e71e275a6b01c4c188d89f75a07380f79abf8fd9bc83dd4e96f52f8325623c3337dd77115ed8c1e39333ed5f45e0c5fabf0a"}, 0xd8)
mlock2(&(0x7f0000ff6000/0x9000)=nil, 0x9000, 0x0)
r7 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
fallocate(r7, 0x0, 0x0, 0x1001f0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r8}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="000800000000002da1947a24eb23000000", @ANYRES32=r7, @ANYBLOB, @ANYRES32=r8, @ANYBLOB, @ANYRES64=0x0], 0x20)
r9 = syz_genetlink_get_family_id$gtp(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$GTP_CMD_NEWPDP(r7, &(0x7f0000000980)={&(0x7f0000000340), 0xc, &(0x7f0000000940)={&(0x7f0000000800)={0x30, r9, 0x800, 0x70bd26, 0x25dfdbff, {}, [@GTPA_FAMILY={0x5, 0xd, 0x11}, @GTPA_PEER_ADDR6={0x14, 0xb, @dev={0xfe, 0x80, '\x00', 0x15}}]}, 0x30}, 0x1, 0x0, 0x0, 0x20008880}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x48, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

3.696152864s ago: executing program 5 (id=1575):
r0 = eventfd2(0x0, 0x0)
read$eventfd(r0, &(0x7f0000000040), 0x8)

2.830504804s ago: executing program 5 (id=1596):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000300)={0x80000002, 0x1000, 0x0, 'queue1\x00', 0xff})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x7, 0x0, 0x1e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, @perf_bp={&(0x7f00000003c0), 0x6}, 0x0, 0x2, 0xfffffff0, 0x0, 0x12, 0x4, 0x1, 0x0, 0x0, 0x0, 0x9f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="180000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCXONC(r1, 0x540a, 0x1)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
close(0xffffffffffffffff)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
write$selinux_load(0xffffffffffffffff, &(0x7f0000000440)=ANY=[@ANYBLOB="10344cf0b88d038cff7cf9080000005345204c696e7578dc36b797cdcdac247abf"], 0x21)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="00000000000000000100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200001f0000000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b7002001000000009500000000000000"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
readahead(0xffffffffffffffff, 0xc, 0x5)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_HARDIF(r4, 0x0, 0x40000)
syz_genetlink_get_family_id$nl80211(0x0, r4)
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=@newtaction={0x18, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x4}]}, 0x18}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000070000000000b702000014000000b70300000000fe008500000083000000bf09000065000000000000000000000095000000000000bf91000000000000b70200850000008400fb00b70000000000000095000000000000009edb014989bff73eebe18759507e3a12ccf9b9ffd7d37a1fb093bbb5f0e3106f263cfcbc10b7dbe2"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r7, 0x5453, 0x0)
io_setup(0xd6, &(0x7f0000000240))
socket$inet6(0x10, 0x3, 0x0)

2.758470545s ago: executing program 5 (id=1599):
r0 = socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB="9feb010018000000000000003400000034000000060000000400000000000007000000000000000000000001050000018000000000000000010000851000000000000000020000000000000000000100da"], 0x0, 0x52, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000480)={r4, 0x20, &(0x7f0000000440)={&(0x7f0000001340)=""/4096, 0x1000, 0x0, 0x0}}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0xfffffffe, 0x8}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@newtfilter={0x68, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {}, {0xfff1, 0x4}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x38, 0x2, [@TCA_CGROUP_ACT={0x34}]}}]}, 0x68}}, 0x0)

2.567519687s ago: executing program 5 (id=1601):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
close(0x4)
eventfd2(0x9, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x550, 0x65, 0x2, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x8}, {0x0, 0x9}, {0x6}}, [@filter_kind_options=@f_bpf={{0x8}, {0x4}}, @filter_kind_options=@f_route={{0xa}, {0x4}}, @TCA_RATE={0x6, 0x5, {0x6, 0x22}}, @filter_kind_options=@f_route={{0xa}, {0x4fc, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_ACT={0x43c, 0x6, [@m_bpf={0xe4, 0x16, 0x0, 0x0, {{0x8}, {0xbc, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_FD={0x8}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x2248, 0x3, 0x10000000, 0x9, 0xf85}}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x2, 0x0, 0x40000000, 0x4, 0xfff}}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x5}, @TCA_ACT_BPF_FD={0x8}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x6}, @TCA_ACT_BPF_OPS={0x44, 0x4, [{0xe, 0x8f, 0x1, 0x1}, {0x3, 0xd, 0x4, 0xffff}, {0x2ee, 0x7, 0x9}, {0x2, 0x40, 0x3, 0xffffffff}, {0x3, 0x94, 0xc, 0x20000}, {0x6, 0x4, 0xb3, 0x1}, {0x3, 0x51, 0x4, 0x8}, {0x5, 0x5, 0x2, 0x9}]}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1, 0x9, 0x0, 0x8000, 0x6}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}, @m_skbmod={0x9c, 0x6, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_SKBMOD_ETYPE={0x6, 0x5, 0x8}, @TCA_SKBMOD_PARMS={0x24, 0x2, {{0x8, 0x4, 0x3, 0x5d, 0x5}, 0xe}}, @TCA_SKBMOD_DMAC={0xa, 0x3, @remote}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0x5}]}, {0x2d, 0x6, "e7da3c8403fae38a6104e8deccdff1af0e8969df3c0c229b39997b184868614ac4430b321889325324"}, {0xc, 0x7, {0x0, 0xeb1aa48f20ecc78b}}, {0xc, 0x8, {0x3}}}}, @m_skbmod={0x40, 0x12, 0x0, 0x0, {{0xb}, {0x14, 0x2, 0x0, 0x1, [@TCA_SKBMOD_ETYPE={0x6, 0x5, 0x4}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0xe}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_sample={0x12c, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0xffffffff}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0xf3}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x7fffffff, 0x1, 0x10000000, 0x132, 0x3}}]}, {0xd5, 0x6, "5585e4978312153aa42f30e46602bd87be41196cb887f6a445019260145eacfc789e0591173e540ea96ddc89cde1312b24d81cd9cf9ddc2ac817e49647559a92bc68922da07ae74d412c68df8f1a425986d1e0fe379e9b66ed2aca073af3aad4e36109274822fbfa834d7a02b3e1fc01841581700abff25ebcfeb38bbb3ee3e0d75898ec65a1ca67c2f06a3b2b9f5eb067c4e21e0deedcf47e3db9cda23dca15b3e34e43e7d7cc1b9201d0e6d45497b608b28ca549f62ba829bfb392018f5c37ab8e7cc7f5221d33e148c986556da3dba5"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_ctinfo={0xc8, 0x4, 0x0, 0x0, {{0xb}, {0x4}, {0x9a, 0x6, "b44ebc8afbd2b83e8b5f7f3f7d0f9ec133319134ef3defd0e955c2de28a772eff360adf52781f6dd085cc36ec32f2fd717bf6376b7017fcf2c0d0b598e9ea4ab39c2de02997138177e36932b52ff37b506fcea3b7b6c60b4cc622b24ba03ba4191037d499b7d606770aff5b44285d9dc306ba939b169e30cc5732d7474a7eca83e8296f0b261eb3c36c6818ab676368e47f34f380c89"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x21bc45d1731da350}}}}, @m_nat={0x84, 0x9, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x63, 0x7fffffff, 0x0, 0x7fffffff, 0x10001}, @rand_addr=0x64010100, @remote, 0x0, 0x1}}]}, {0x31, 0x6, "fe35d39943ce91b09dd1f3de669aa5f77dd8fda92b8ff94b4d8703845cfc57e688cc3c24fe5cf2725c4c2562ec"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2}}}}]}, @TCA_ROUTE4_ACT={0xa8, 0x6, [@m_vlan={0xa4, 0x13, 0x0, 0x0, {{0x9}, {0xc, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}]}, {0x6e, 0x6, "4536d5ba67cb41f3417191a0b4758169ba997e9dbec50e599419b7f290f4ee70efc0bdcb1d84cd2098b9c95fa81553821d25bbee1244fda18d438c3a5d696ee14197d17ea59071f0fd93760930ba453b3e23095f617d12282ec3f8190afeb1ac2e8d254fdac5b6ea1118"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3}}}}]}, @TCA_ROUTE4_POLICE={0x4}]}}]}, 0x550}, 0x1, 0x0, 0x0, 0x81}, 0x8000)
r4 = socket(0x10, 0x803, 0x0)
sendto(r4, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x7, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5, 0x0, 0x3}, 0x18)
r6 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setlease(r6, 0x400, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
fcntl$setlease(r6, 0x400, 0x2)

2.475821158s ago: executing program 5 (id=1603):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fcntl$dupfd(r2, 0x0, r2)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r4}, 0x18)
fsopen(&(0x7f0000000100)='proc\x00', 0x0)
fchdir(0xffffffffffffffff)
r5 = inotify_init1(0x0)
inotify_add_watch(r5, &(0x7f0000000200)='.\x00', 0x10000a0)
r6 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r6, &(0x7f00000001c0)=""/184, 0xb8)

1.55242456s ago: executing program 5 (id=1617):
r0 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$int_in(r1, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(r1, 0xa, 0x12)
poll(0x0, 0x0, 0xffffffffffbffff8)
dup2(r1, r2)
fcntl$setown(r1, 0x8, r0)
tkill(r0, 0x13)

1.53061238s ago: executing program 4 (id=1618):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x0, 0x1}, 0x8002, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x58e, &(0x7f0000000180)={[{@oldalloc}, {@errors_remount}, {@init_itable}, {@block_validity}, {@block_validity}, {@quota}]}, 0x1, 0x451, &(0x7f0000000780)="$eJzs289vFFUcAPDvTFug/LAV8Qc/1CoaG3+0tKBy8KLRxIMmJl7wWNtCkIUaWhMhRNEYPBoS78ajiX+BJ70Y9WTiVe+GhBguoqc1szvD/mC3tMu2g+znkwx9b+YN7333zdt9M283gIE1kf2TROyMiN8jYqyebS0wUf9z/dqF+X+uXZhPolp9+6+kVu7vaxfmi6LFeTvyzGQakX6WxP4O9S6fO39qrlJZPJvnp1dOvz+9fO78cydPz51YPLF4Zvbo0SOHZ158Yfb5vsR5b9bWfR8tHdj7+juX35w/dvndn78dKuJvi6NPJlY7+GS12ufqyrWrKZ0Ml9gQ1iUbA1l3jdTG/1gMRaPzxuK1T0ttHLChqrkuhy9WgbtYEmW3AChH8UGf3f8W2+bNPsp39eX6DVAW9/V8qx8ZjjQvM9J2f9tPExFx7OK/X2VbbMxzCACAFt9n859nO83/0nigqdw9+drQeL6Wsjsi7ouIPRFxf0St7IMR8dA6629fJLl5/pNe6SmwNcrmfy/la1ut879i9hfjQ3luVy3+keT4ycriofw1mYyRrVl+ZpU6fnj1ty+6HWue/2VbVn8xF8zbcWV4a+s5C3Mrc7cTc7Orn0TsG+4Uf3JjJSCJiL0Rsa/HOk4+/c2BbsduHf8q+rDOVP064ql6/1+MtvgLyerrk9PborJ4aLq4Km72y6+X3upW/23F3wdZ/2/veP3fiH88aV6vXV5/HZf++LzrPc1UT9d/Y8eW/O+HcysrZ2citiRv1BvdvH+2cW6RL8pn8U8e7Dz+d0fjldgfEdlF/HBEPBIRj+Z991hEPB4RB9viar6//umVJ97rFv+d0P8Lbf0/3lqkrf8biS3RvqdzYujUj9+1/o+N5Nre/47UUpP5nrW8/62lXb1dzQAAAPD/k0bEzkjSqRvp0XRqqv4d/j2xPa0sLa88c3zpgzML9d8IjMdIWjzpGmt6HjqT39YX+dm2/OH8ufGXQ6O1/NT8UmWh7OBhwO24afyntfGf+XOo7NYBG87vtWBwNY3/pMx2AJvP5z8MLuMfBleH8T9aRjuAzdfp8//jEtoBbL628W/ZDwaI+38YXMY/DK7m8e8LADAwlkfj1j+S75TYFr2cJXHXJCK9I5rRn0TS4yhYa2Jn2QGuP1H2OxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB//BcAAP//pgHvrg==")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x20000, 0x0)
getdents64(r0, 0x0, 0x0)

1.331851743s ago: executing program 4 (id=1621):
r0 = socket$inet6(0x10, 0x6, 0x6)
r1 = memfd_secret(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r2}, 0x10)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'bond0\x00', <r5=>0x0})
sendmsg$nl_xfrm(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000140)=@updsa={0x144, 0x10, 0x1, 0x0, 0x200017, {{@in6=@dev, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x32}, {@in6=@private1, 0x0, 0x32}, @in=@multicast2, {}, {0xffffffffffffffff}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @offload={0xc, 0x1c, {r5, 0x4}}]}, 0x144}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r6}, 0x10)
r7 = epoll_create1(0x80000)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r8, &(0x7f00000000c0)={0xe000001a})
epoll_ctl$EPOLL_CTL_MOD(r7, 0x3, r8, &(0x7f0000000000))

1.306801953s ago: executing program 4 (id=1623):
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="020000000400000008000000"], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
fsopen(&(0x7f0000000100)='proc\x00', 0x0)
fchdir(0xffffffffffffffff)
r3 = inotify_init1(0x0)
inotify_add_watch(r3, &(0x7f0000000200)='.\x00', 0x10000a0)
getdents(0xffffffffffffffff, &(0x7f00000001c0)=""/184, 0xb8)

1.248220174s ago: executing program 3 (id=1626):
r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r2 = open_tree(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x262)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000200)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095", @ANYRES32=0x0, @ANYRES16=0x0, @ANYRES16], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000040)='asymmetric\x00', &(0x7f0000000000)=@chain)

1.228333254s ago: executing program 3 (id=1627):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fcntl$dupfd(r2, 0x0, r2)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r4}, 0x18)
fsopen(&(0x7f0000000100)='proc\x00', 0x0)
fchdir(0xffffffffffffffff)
r5 = inotify_init1(0x0)
inotify_add_watch(r5, &(0x7f0000000200)='.\x00', 0x10000a0)
r6 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r6, &(0x7f00000001c0)=""/184, 0xb8)

652.021591ms ago: executing program 1 (id=1635):
r0 = socket(0x2000000015, 0x80005, 0x0)
bind$inet6(r0, 0x0, 0x0)
syz_io_uring_setup(0x3bbd, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000380)='kfree\x00', r2}, 0x18)
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r3, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1)

575.693572ms ago: executing program 1 (id=1637):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x100, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000300)={0x80000002, 0x1000, 0x0, 'queue1\x00', 0xff})
r1 = perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x7, 0x0, 0x1e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, @perf_bp={&(0x7f00000003c0), 0x6}, 0x0, 0x2, 0xfffffff0, 0x0, 0x12, 0x4, 0x1, 0x0, 0x0, 0x0, 0x9f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="180000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x1)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x7fff, 0x0, 0x5, 0xd, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
write$selinux_load(r3, &(0x7f0000000440)=ANY=[@ANYBLOB="10344cf0b88d038cff7cf9080000005345204c696e7578dc36b797cdcdac247abf"], 0x21)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="00000000000000000100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70200001f0000000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b7002001000000009500000000000000"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
readahead(0xffffffffffffffff, 0xc, 0x5)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_HARDIF(r6, 0x0, 0x40000)
syz_genetlink_get_family_id$nl80211(0x0, r6)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b00000000000000000000000000d87700000000", @ANYRESDEC=r1, @ANYRES8=r2, @ANYRES8=r5, @ANYRES8=r2, @ANYBLOB="00000000000000000000000000202d143b60f3651d71dc47a5a48a31"], 0x50)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=@newtaction={0x18, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x4}]}, 0x18}}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000070000000000b702000014000000b70300000000fe008500000083000000bf09000065000000000000000000000095000000000000bf91000000000000b70200850000008400fb00b70000000000000095000000000000009edb014989bff73eebe18759507e3a12ccf9b9ffd7d37a1fb093bbb5f0e3106f263cfcbc10b7dbe2"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x10)
r9 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r9, 0x5453, 0x0)
io_setup(0xd6, &(0x7f0000000240))
socket$inet6(0x10, 0x3, 0x0)

559.056593ms ago: executing program 1 (id=1638):
r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r2 = open_tree(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x262)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000200)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095", @ANYRES32=0x0, @ANYRES16=0x0, @ANYRES16], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
keyctl$restrict_keyring(0x1d, r0, 0x0, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000040)='asymmetric\x00', &(0x7f0000000000)=@chain)

542.507313ms ago: executing program 1 (id=1639):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000900)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0xa, 0x6}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x6, 0x2, 0x1, 0xfffffffe, 0xffffffff}, [@TCA_NETEM_CORRUPT={0x9, 0x4, {0xfffffffd}}]}}}]}, 0x58}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFDSTADDR(r5, 0x8918, &(0x7f0000000000)={'batadv_slave_0\x00', {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}})
r6 = dup(r5)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
getsockopt$EBT_SO_GET_INIT_ENTRIES(r6, 0x0, 0x83, &(0x7f0000000100)={'nat\x00', 0x0, 0x4, 0x1000, [0xb, 0x80000000, 0x7, 0x7a4, 0x8, 0x2], 0xa, &(0x7f0000000040)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000cc0)=""/4096}, &(0x7f0000000180)=0x78)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f00000002c0)=@raw={'raw\x00', 0xe501, 0x3, 0x228, 0x0, 0xa, 0x1000000, 0xb8, 0x0, 0x190, 0x230, 0x230, 0x190, 0x223, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xb8}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x3b9, 'syz1\x00'}}}, {{@ip={@local, @loopback, 0x0, 0x0, 'netdevsim0\x00', 'pimreg\x00', {}, {}, 0x4}, 0x0, 0x90, 0xd8, 0x0, {}, [@common=@socket0={{0x20}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x3c0, 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x288)

466.316964ms ago: executing program 1 (id=1640):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, 0x0, 0x0)
fsetxattr$security_ima(r0, &(0x7f0000000140), &(0x7f00000002c0)=@ng={0x4, 0x9, "d356ed9599679813c652608eb6f083"}, 0x11, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x2, 0x0, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
lsetxattr$system_posix_acl(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='system.posix_acl_access\x00', &(0x7f0000000300)={{}, {}, [], {}, [], {0x10, 0x2}}, 0x24, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'veth1_to_bond\x00', <r6=>0x0})
setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f0000000040)={r6, 0x1, 0x6, @local}, 0x10)
setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f0000000000)={r6, 0x11, 0x6, @broadcast}, 0x10)
sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x44, 0x11, 0x1, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xe}, {0x0, 0xa}}, [{0x8, 0xb, 0x400}, {0x8, 0xb, 0x4}, {0x8}, {0x8, 0xb, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x400ccd4}, 0x20008050)

465.125624ms ago: executing program 0 (id=1641):
r0 = socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB="9feb010018000000000000003400000034000000060000000400000000000007000000000000000000000001050000018000000000000000010000851000000000000000020000000000000000000100da"], 0x0, 0x52, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000480)={r3, 0x20, &(0x7f0000000440)={&(0x7f0000001340)=""/4096, 0x1000, 0x0, 0x0}}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0xfffffffe, 0x8}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@newtfilter={0x68, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0xfff1, 0x4}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x38, 0x2, [@TCA_CGROUP_ACT={0x34}]}}]}, 0x68}}, 0x0)

430.683594ms ago: executing program 0 (id=1642):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
r2 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$MRT6_ADD_MFC_PROXY(r2, 0x29, 0xd2, &(0x7f0000000180)={{0xa, 0x6, 0x6, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, 0xffffffff}, {0xa, 0x4e23, 0x8, @remote, 0x7}, 0x1, {[0x800, 0x9, 0x6, 0x1, 0x1, 0x1c, 0xffffffff, 0x400]}}, 0x5c)
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'macvtap0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x68, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r4, {0x0, 0xa}, {0xffff, 0xffff}, {0xc, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x3c, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0xffffffff}, @TCA_TBF_PBURST={0x8, 0x7, 0xa0b}, @TCA_TBF_PARMS={0x28, 0x1, {{0x2, 0x0, 0x10, 0x6, 0x81, 0x4}, {0xb5, 0x2, 0x986, 0x0, 0xf7, 0x7a}, 0xfffffffd, 0x5, 0x1318}}]}}]}, 0x68}}, 0x44080)

409.493115ms ago: executing program 0 (id=1643):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
close(0x4)
eventfd2(0x9, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x550, 0x65, 0x2, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x8}, {0x0, 0x9}, {0x6}}, [@filter_kind_options=@f_bpf={{0x8}, {0x4}}, @filter_kind_options=@f_route={{0xa}, {0x4}}, @TCA_RATE={0x6, 0x5, {0x6, 0x22}}, @filter_kind_options=@f_route={{0xa}, {0x4fc, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_ACT={0x43c, 0x6, [@m_bpf={0xe4, 0x16, 0x0, 0x0, {{0x8}, {0xbc, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_FD={0x8}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x2248, 0x3, 0x10000000, 0x9, 0xf85}}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x2, 0x0, 0x40000000, 0x4, 0xfff}}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x5}, @TCA_ACT_BPF_FD={0x8}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x6}, @TCA_ACT_BPF_OPS={0x44, 0x4, [{0xe, 0x8f, 0x1, 0x1}, {0x3, 0xd, 0x4, 0xffff}, {0x2ee, 0x7, 0x9}, {0x2, 0x40, 0x3, 0xffffffff}, {0x3, 0x94, 0xc, 0x20000}, {0x6, 0x4, 0xb3, 0x1}, {0x3, 0x51, 0x4, 0x8}, {0x5, 0x5, 0x2, 0x9}]}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1, 0x9, 0x0, 0x8000, 0x6}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}, @m_skbmod={0x9c, 0x6, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_SKBMOD_ETYPE={0x6, 0x5, 0x8}, @TCA_SKBMOD_PARMS={0x24, 0x2, {{0x8, 0x4, 0x3, 0x5d, 0x5}, 0xe}}, @TCA_SKBMOD_DMAC={0xa, 0x3, @remote}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0x5}]}, {0x2d, 0x6, "e7da3c8403fae38a6104e8deccdff1af0e8969df3c0c229b39997b184868614ac4430b321889325324"}, {0xc, 0x7, {0x0, 0xeb1aa48f20ecc78b}}, {0xc, 0x8, {0x3}}}}, @m_skbmod={0x40, 0x12, 0x0, 0x0, {{0xb}, {0x14, 0x2, 0x0, 0x1, [@TCA_SKBMOD_ETYPE={0x6, 0x5, 0x4}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0xe}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_sample={0x12c, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0xffffffff}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0xf3}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x7fffffff, 0x1, 0x10000000, 0x132, 0x3}}]}, {0xd5, 0x6, "5585e4978312153aa42f30e46602bd87be41196cb887f6a445019260145eacfc789e0591173e540ea96ddc89cde1312b24d81cd9cf9ddc2ac817e49647559a92bc68922da07ae74d412c68df8f1a425986d1e0fe379e9b66ed2aca073af3aad4e36109274822fbfa834d7a02b3e1fc01841581700abff25ebcfeb38bbb3ee3e0d75898ec65a1ca67c2f06a3b2b9f5eb067c4e21e0deedcf47e3db9cda23dca15b3e34e43e7d7cc1b9201d0e6d45497b608b28ca549f62ba829bfb392018f5c37ab8e7cc7f5221d33e148c986556da3dba5"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_ctinfo={0xc8, 0x4, 0x0, 0x0, {{0xb}, {0x4}, {0x9a, 0x6, "b44ebc8afbd2b83e8b5f7f3f7d0f9ec133319134ef3defd0e955c2de28a772eff360adf52781f6dd085cc36ec32f2fd717bf6376b7017fcf2c0d0b598e9ea4ab39c2de02997138177e36932b52ff37b506fcea3b7b6c60b4cc622b24ba03ba4191037d499b7d606770aff5b44285d9dc306ba939b169e30cc5732d7474a7eca83e8296f0b261eb3c36c6818ab676368e47f34f380c89"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x21bc45d1731da350}}}}, @m_nat={0x84, 0x9, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x63, 0x7fffffff, 0x0, 0x7fffffff, 0x10001}, @rand_addr=0x64010100, @remote, 0x0, 0x1}}]}, {0x31, 0x6, "fe35d39943ce91b09dd1f3de669aa5f77dd8fda92b8ff94b4d8703845cfc57e688cc3c24fe5cf2725c4c2562ec"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2}}}}]}, @TCA_ROUTE4_ACT={0xa8, 0x6, [@m_vlan={0xa4, 0x13, 0x0, 0x0, {{0x9}, {0xc, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}]}, {0x6e, 0x6, "4536d5ba67cb41f3417191a0b4758169ba997e9dbec50e599419b7f290f4ee70efc0bdcb1d84cd2098b9c95fa81553821d25bbee1244fda18d438c3a5d696ee14197d17ea59071f0fd93760930ba453b3e23095f617d12282ec3f8190afeb1ac2e8d254fdac5b6ea1118"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3}}}}]}, @TCA_ROUTE4_POLICE={0x4}]}}]}, 0x550}, 0x1, 0x0, 0x0, 0x81}, 0x8000)
r4 = socket(0x10, 0x803, 0x0)
sendto(r4, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x7, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5, 0x0, 0x3}, 0x18)
r6 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setlease(r6, 0x400, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
fcntl$setlease(r6, 0x400, 0x2)

409.065035ms ago: executing program 4 (id=1644):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup(r2)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=@raw={'raw\x00', 0xe501, 0x3, 0x228, 0x0, 0xa, 0x1000000, 0xb8, 0x0, 0x190, 0x230, 0x230, 0x190, 0x223, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xb8}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x3b9, 'syz1\x00'}}}, {{@ip={@local, @loopback, 0x0, 0x0, 'netdevsim0\x00', 'pimreg\x00', {}, {}, 0x4}, 0x0, 0x90, 0xd8, 0x0, {}, [@common=@socket0={{0x20}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x3c0, 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x288) (fail_nth: 2)

301.107285ms ago: executing program 4 (id=1645):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000300)={0x80000002, 0x1000, 0x0, 'queue1\x00', 0xff})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x7, 0x0, 0x1e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, @perf_bp={&(0x7f00000003c0), 0x6}, 0x0, 0x2, 0xfffffff0, 0x0, 0x12, 0x4, 0x1, 0x0, 0x0, 0x0, 0x9f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="180000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCXONC(r1, 0x540a, 0x1)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x7fff, 0x0, 0x5, 0xd, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
write$selinux_load(0xffffffffffffffff, 0x0, 0x21)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="00000000000000000100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200001f0000000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b7002001000000009500000000000000"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
readahead(0xffffffffffffffff, 0xc, 0x5)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_HARDIF(r4, 0x0, 0x40000)
syz_genetlink_get_family_id$nl80211(0x0, r4)
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=@newtaction={0x18, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x4}]}, 0x18}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000070000000000b702000014000000b70300000000fe008500000083000000bf09000065000000000000000000000095000000000000bf91000000000000b70200850000008400fb00b70000000000000095000000000000009edb014989bff73eebe18759507e3a12ccf9b9ffd7d37a1fb093bbb5f0e3106f263cfcbc10b7dbe2"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r7, 0x5453, 0x0)
io_setup(0xd6, &(0x7f0000000240))
socket$inet6(0x10, 0x3, 0x0)

126.762627ms ago: executing program 0 (id=1646):
r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r2 = open_tree(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x262)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000200)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095", @ANYRES32=0x0, @ANYRES16=0x0, @ANYRES16], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000040)='asymmetric\x00', &(0x7f0000000000)=@chain)

89.953898ms ago: executing program 0 (id=1647):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket(0x15, 0x80000, 0x8001)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r0}, 0x8)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$inet(0x2, 0x1, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xf, 0x4, 0x8, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@map=r5, r6, 0x4, 0x0, 0x0, @void, @value}, 0x10)
setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000000)="8907", 0x2)
r7 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x7ffd, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0xbc8c}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
tgkill(r9, r9, 0x80024)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r8)
r10 = io_uring_setup(0x1a6d, &(0x7f0000000000)={0x0, 0x8969, 0x40, 0xfffffffe, 0x21})
r11 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r11, &(0x7f00000002c0)={0x23, 0x3, 0x6, 0xf7}, 0x10)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r10, 0xb, &(0x7f00000004c0), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_process_exec\x00', r8, 0x0, 0x2}, 0x18)
ioperm(0x0, 0x1, 0x1)
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0xffffffd3)
r12 = syz_open_procfs(0x0, &(0x7f0000000280)='ns\x00')
prctl$PR_CAP_AMBIENT(0x2f, 0x4, 0x0)
readlinkat(r12, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000002780)=""/4112, 0x1010)
sendmsg$can_bcm(r12, &(0x7f0000000280)={&(0x7f0000000100), 0x10, &(0x7f0000000240)={&(0x7f00000001c0)={0x7, 0x80, 0x8, {0x77359400}, {0x0, 0xea60}, {0x4, 0x1}, 0x1, @can={{0x1, 0x1, 0x1, 0x1}, 0x8, 0x1, 0x0, 0x0, "97d712a1628df0c9"}}, 0x48}, 0x1, 0x0, 0x0, 0x80c0}, 0x4)

88.863318ms ago: executing program 3 (id=1648):
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="d80000001e0081054e81f782db4cb9040a1d080006007c095dd2086518000a", 0x1f}], 0x1}, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="001000001a00911c01000000000041da81"], 0xfe33)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0b000000070000000808000009000008eaff0000d3b3b15654a280a0b38d1e2046d9ed7d693b248536671b0d534bccfbb5a12e71fe82cae2321915b556a932fd90a4eff9287da5b00aaa6ac700812088f74e0e134f15911ad82feee77c07238369edcd79afc8fff49bde7ed4e87a8b872af1df7840", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001840)=@newtaction={0x88c, 0x30, 0x12f, 0x0, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x0, 0x2, 0x0, 0x0, 0x7}}}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x80000000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0xb, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff35, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x3, 0x0, 0x1]}], [@TCA_POLICE_RATE={0x404, 0x2, [0x7, 0x6, 0xffffffff, 0x7f, 0x20000401, 0x2, 0x0, 0x2, 0x80000000, 0x4, 0x5, 0x8, 0x0, 0x7fff, 0x75ba, 0x7fffffff, 0x5, 0xffffffff, 0x7ff, 0x2, 0x9, 0x2, 0x0, 0x1000, 0x1, 0x3, 0x6, 0x0, 0xfa, 0x4, 0x0, 0xf, 0x80000001, 0x7, 0xfffffffb, 0x1, 0x20, 0x5, 0x8, 0x1, 0x2f2, 0x7fff, 0x0, 0x81, 0x206, 0x1ff, 0x7, 0x3, 0x5, 0x3, 0x9, 0x1000, 0x401, 0x1, 0x6, 0x7, 0x2, 0x4, 0x7f, 0x5, 0xfffffffb, 0x1, 0x4, 0x5, 0x8, 0x2000009, 0x9, 0x10, 0x9, 0x7, 0xffffff00, 0x97, 0x0, 0x4, 0x8, 0x8, 0x1, 0x958, 0x1fe, 0x4, 0x6, 0x7, 0x80, 0x5, 0xe53, 0x0, 0xfffffffe, 0x5, 0x8, 0x9, 0x7fff, 0x30, 0x8, 0xfffffff7, 0x4, 0x9, 0x1, 0x4, 0x7, 0x9, 0x5, 0x7, 0x6, 0x0, 0x5, 0x2, 0x7, 0x3, 0xcdd, 0x2, 0xd67, 0x7, 0x4, 0x25, 0x9dc5, 0x7, 0xfffffff7, 0x2, 0x400, 0x8, 0x0, 0x3, 0x5, 0x9, 0xa, 0xa, 0x9, 0x5, 0x20db5, 0x101, 0x4, 0x74e4, 0x7fff, 0x7, 0x7ff, 0x1, 0xd70, 0x1, 0x8, 0xa, 0x7, 0x1, 0x82, 0x52e, 0x7, 0x1, 0x5, 0x26, 0x1, 0x1b2a, 0x81, 0x9, 0x1c, 0x767, 0x7, 0x9, 0x10, 0xc2a, 0xff, 0x7, 0x6, 0x7, 0x3, 0xfffffff4, 0x8, 0x3, 0xfff, 0x8, 0x5, 0x5, 0x6, 0x3, 0xd7c3, 0x2, 0x10000, 0xe6, 0x5, 0x5, 0x0, 0xfffffff7, 0x7, 0x102, 0x0, 0x6ee1847d, 0x10001, 0x7ff, 0x1, 0xf0, 0x7, 0x2, 0x7, 0x4, 0x6, 0x4, 0x7, 0x2, 0x0, 0x1, 0x4, 0x3, 0xfff, 0x80000001, 0x7, 0x676, 0x3, 0x9, 0x2, 0x4, 0x7fff, 0x4a5, 0x23, 0x4, 0x9, 0x8, 0x0, 0x8000, 0xa, 0x9, 0xca000000, 0x2, 0xfffffffa, 0x3, 0x7, 0x9, 0x7, 0x65fe, 0x9, 0x6, 0x4, 0x80000000, 0x5, 0x801, 0xb848, 0x6, 0x6, 0x800, 0x7, 0x1, 0xe6, 0x80, 0x2, 0x3, 0x6, 0x9, 0x4, 0x4, 0xc, 0x80000001, 0x5, 0x5, 0x10000000, 0xb, 0x7, 0x5, 0x2, 0x4]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x88c}}, 0x0)

88.291498ms ago: executing program 1 (id=1649):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000300)={0x80000002, 0x1000, 0x0, 'queue1\x00', 0xff})
r1 = perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x7, 0x0, 0x1e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, @perf_bp={&(0x7f00000003c0), 0x6}, 0x0, 0x2, 0xfffffff0, 0x0, 0x12, 0x4, 0x1, 0x0, 0x0, 0x0, 0x9f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="180000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x1)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x7fff, 0x0, 0x5, 0xd, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
write$selinux_load(r3, &(0x7f0000000440)=ANY=[@ANYBLOB="10344cf0b88d038cff7cf9080000005345204c696e7578dc36b797cdcdac247abf"], 0x21)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="00000000000000000100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70200001f0000000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b7002001000000009500000000000000"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
readahead(0xffffffffffffffff, 0xc, 0x5)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_HARDIF(r6, 0x0, 0x40000)
syz_genetlink_get_family_id$nl80211(0x0, r6)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b00000000000000000000000000d87700000000", @ANYRESDEC=r1, @ANYRES8=r2, @ANYRES8=r5, @ANYRES8=r2, @ANYBLOB="00000000000000000000000000202d143b60f3651d71dc47a5a48a31"], 0x50)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=@newtaction={0x18, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x4}]}, 0x18}}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000070000000000b702000014000000b70300000000fe008500000083000000bf09000065000000000000000000000095000000000000bf91000000000000b70200850000008400fb00b70000000000000095000000000000009edb014989bff73eebe18759507e3a12ccf9b9ffd7d37a1fb093bbb5f0e3106f263cfcbc10b7dbe2"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x10)
r9 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r9, 0x5453, 0x0)
io_setup(0xd6, &(0x7f0000000240))
socket$inet6(0x10, 0x3, 0x0)

37.418519ms ago: executing program 3 (id=1650):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_setup(0x2, 0x0)
io_submit(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x5e, &(0x7f0000000500)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8400", 0x28, 0x6, 0xff, @remote, @mcast2, {[], {{0x4e21, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0x10, 0x0, 0x0, 0x0, {[@md5sig={0x13, 0x12, "8afb72d8398dcbac145121cd4e97f5f2"}]}}}}}}}}, 0x0)

36.329849ms ago: executing program 0 (id=1651):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r1}, &(0x7f0000000380), &(0x7f00000003c0)=r2}, 0x20)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB, @ANYBLOB], 0x78}, 0x1, 0xffffffff00000003}, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r4, 0x4b45, 0x0)
ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x300, 0x0, 0x8, 0x300}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB, @ANYRESHEX, @ANYRESHEX, @ANYRES32, @ANYRES8=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(r3, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r5}, 0x18)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000fedbdf25080000001800028014000380100001800400030008000100050000000c00018008000100", @ANYRES32], 0x38}, 0x1, 0x0, 0x0, 0x4000814}, 0x0)

35.579319ms ago: executing program 4 (id=1652):
mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'sit0\x00', @remote})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x10)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2ad, &(0x7f00000007c0)="$eJzs3b9rO2UYAPDn0jQJOiSCkwge6OD05dvv6pIiLRQzKRnUQYttQZogtFDwB8ZOri6Ori6C4OY/4eJ/ILgKbhYsnNzlrklqGpPatP74fJa+fe953nve69uWDvf03eeHxwdpHJ1/8lO0WknUutGNiyQ6UYvKZzGj+0UAAP9mF1kWv2Zjq+QlEdFaX1kAwBqt/Pv/u7WXBACs2RtvvvXadq+383qatmJ3+PlZP//LPv84vr59FO/HIA7jcbTjMiK7Mh7vZlk2qqe5Trw0HJ3188zhOz+U62//ElHkb0U7OsXUbP5eb2crHZvKH+V1PFXev5vnP4l2PDvn/nu9nSdz8qPfiJdfnKr/UbTjx/figxjEQVHEOD9qEZ9upemr2Ze/ffx2Xl6en4zO+s0ibiLbuOcvDQAAAAAAAAAAAAAAAAAAAAAA/2GPyt45zSj69+RTZf+djcv8k81IK53Z/jzj/KRa6Fp/oFEWX1X9eR6naZqVgZP8ejxXj/rD7BoAAAAAAAAAAAAAAAAAAAD+WU4//Oh4fzA4PLmTQdUNoHqt/7brdKdmXojFwc3JvWrlcMHKsVHFJBELy8g3sXTNv5dtD2736J65qeZvvl16na//eu/lYHOJmL85qE7X8X4y/xk2o5ppVYfk++mYRix5r8ZNl7KVjl9j7qX2yntvPF0MRgtiIllU2Cs/j59cOZNc30WjeKpz0zfLwVT6bExr+fOcf6f8SXLVrSO52x9CAAAAAAAAAAAAAAAAAABAYfLS75yL5wtTa1lzbWUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL2a/P//FQajMnmJ4EacnD7wFgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgf+CMAAP//SfdjDw==")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x105042, 0x189)
pwrite64(r1, &(0x7f00000003c0)='\x00\x00', 0xfffffe97, 0x1)
perf_event_open(&(0x7f00000012c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1fc, 0x420, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x10001}, 0x3890, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x0, 0x9af}, 0x0, 0x102, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffbfffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040), &(0x7f00000004c0), 0xce}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket(0x10, 0x3, 0x0)
sendto$inet6(r3, &(0x7f0000000080)="7800000018002507b9409b14ffff0b7a0204be04020714056406040c5c0009003f0006160a0000000d0085a168d0bf46d32345653610648d270005000a06024e49935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a32000400160008030a0000000000e000e218d1ddf66ed538f2523250", 0x78, 0x0, 0x0, 0x0)

27.077369ms ago: executing program 3 (id=1653):
unshare(0x22020600)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2, &(0x7f0000000440)=ANY=[], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00'}, 0x10)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e24, @multicast1}, 0x10)
connect$inet(r1, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)

0s ago: executing program 3 (id=1654):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket(0x10, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b0000000000000000000000008000"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000000000100850000008600000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r3}, 0x10)
mmap(&(0x7f000000b000/0x4000)=nil, 0x4000, 0x1000005, 0x8012, 0xffffffffffffffff, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r4, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f00000016c0)=[{&(0x7f0000001540)}], 0x1}}], 0x1, 0x4000800)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="190000000400000008000000"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000100)={@dev={0xfe, 0x80, '\x00', 0x4}})
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendto$inet6(r7, 0x0, 0x0, 0x20000046, &(0x7f0000000200)={0xa, 0x4e20, 0x6, @loopback, 0x401}, 0x1c)
getsockopt$inet6_mptcp_buf(r7, 0x11c, 0x3, &(0x7f0000000100)=""/222, &(0x7f0000000000)=0x61637876)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000280)='mm_page_pcpu_drain\x00', r6}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x7000000, &(0x7f00000023c0)=[{&(0x7f0000000b40)='?', 0x1}, {0x0, 0x1}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, 0x0, 0x0, 0x1000000}, 0x20001)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00'}, 0x10)
time(0x0)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, &(0x7f0000000500)=0x5, 0xe66, 0x2)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7800, 0x80, 0xfffffffc, 0xdc67}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000040)={'syztnl1\x00', 0x0})
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={0x70, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @multicast2}}}]}, @CTA_TIMEOUT={0x8}, @CTA_SEQ_ADJ_ORIG={0xc, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8}]}]}, 0x70}}, 0x0)
bind$x25(0xffffffffffffffff, &(0x7f0000000080), 0x12)

kernel console output (not intermixed with test programs):

s: Ignoring removed nomblk_io_submit option
[   83.095038][ T5479] EXT4-fs (loop0): unable to read superblock
[   83.465915][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.163234][ T5531] loop2: detected capacity change from 0 to 1024
[   84.176078][ T5531] EXT4-fs: Ignoring removed nomblk_io_submit option
[   84.195168][ T5531] EXT4-fs (loop2): unable to read superblock
[   84.314069][ T5543] netlink: 12 bytes leftover after parsing attributes in process `syz.1.811'.
[   85.100222][ T5571] netlink: 4 bytes leftover after parsing attributes in process `syz.0.822'.
[   85.157379][ T5575] loop3: detected capacity change from 0 to 256
[   85.177386][ T5575] syz.3.824: attempt to access beyond end of device
[   85.177386][ T5575] loop3: rw=2049, sector=256, nr_sectors = 100 limit=256
[   85.213961][ T5577] loop2: detected capacity change from 0 to 256
[   85.442512][ T5595] loop2: detected capacity change from 0 to 164
[   85.562721][ T5603] loop1: detected capacity change from 0 to 2048
[   85.627958][ T5603]  loop1: unable to read partition table
[   85.633761][ T5603] loop1: partition table beyond EOD, truncated
[   85.640004][ T5603] loop_reread_partitions: partition scan of loop1 () failed (rc=-5)
[   85.976522][ T5618] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[   85.987089][ T5618] SELinux: failed to load policy
[   86.417223][ T5627] netlink: 4 bytes leftover after parsing attributes in process `syz.3.848'.
[   86.426407][ T5625] loop2: detected capacity change from 0 to 512
[   86.426520][ T5627] netlink: 12 bytes leftover after parsing attributes in process `syz.3.848'.
[   86.433049][ T5625] EXT4-fs: Ignoring removed mblk_io_submit option
[   86.449616][ T5625] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   86.452422][ T5625] EXT4-fs (loop2): 1 truncate cleaned up
[   86.466201][ T5625] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.491072][ T5625] netlink: 16 bytes leftover after parsing attributes in process `syz.2.847'.
[   86.510560][   T29] kauditd_printk_skb: 585 callbacks suppressed
[   86.510575][   T29] audit: type=1400 audit(2000000002.620:5061): avc:  denied  { read write } for  pid=3325 comm="syz-executor" name="loop0" dev="devtmpfs" ino=100 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   86.541122][   T29] audit: type=1400 audit(2000000002.620:5062): avc:  denied  { open } for  pid=3325 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=100 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   86.565412][   T29] audit: type=1400 audit(2000000002.620:5063): avc:  denied  { ioctl } for  pid=3325 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=100 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   86.590939][ T5633] loop3: detected capacity change from 0 to 512
[   86.597780][   T29] audit: type=1400 audit(2000000002.680:5064): avc:  denied  { prog_load } for  pid=5631 comm="syz.0.850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   86.616862][   T29] audit: type=1400 audit(2000000002.680:5065): avc:  denied  { bpf } for  pid=5631 comm="syz.0.850" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   86.637404][   T29] audit: type=1400 audit(2000000002.680:5066): avc:  denied  { perfmon } for  pid=5631 comm="syz.0.850" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   86.658487][   T29] audit: type=1400 audit(2000000002.680:5067): avc:  denied  { create } for  pid=5630 comm="syz.3.849" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   86.661632][ T5633] EXT4-fs (loop3): orphan cleanup on readonly fs
[   86.678442][   T29] audit: type=1400 audit(2000000002.680:5068): avc:  denied  { create } for  pid=5631 comm="syz.0.850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   86.687163][ T5633] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.849: bad orphan inode 13
[   86.705509][   T29] audit: type=1400 audit(2000000002.680:5069): avc:  denied  { write } for  pid=5631 comm="syz.0.850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   86.716217][ T5633] ext4_test_bit(bit=12, block=18) = 1
[   86.735746][   T29] audit: type=1400 audit(2000000002.680:5070): avc:  denied  { read } for  pid=5631 comm="syz.0.850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   86.741161][ T5633] is_bad_inode(inode)=0
[   86.741174][ T5633] NEXT_ORPHAN(inode)=2130706432
[   86.741184][ T5633] max_ino=32
[   86.741191][ T5633] i_nlink=1
[   86.741730][ T5633] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   86.825998][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.132044][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.251344][ T5660] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[   87.275351][ T5662] loop4: detected capacity change from 0 to 256
[   87.282100][ T5660] SELinux: failed to load policy
[   88.078183][ T5692] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[   88.100284][ T5692] SELinux: failed to load policy
[   88.221063][ T5708] loop1: detected capacity change from 0 to 512
[   88.228054][ T5708] EXT4-fs: Ignoring removed mblk_io_submit option
[   88.235663][ T5708] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   88.249123][ T5708] EXT4-fs (loop1): 1 truncate cleaned up
[   88.255239][ T5708] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.271497][ T5708] netlink: 16 bytes leftover after parsing attributes in process `syz.1.880'.
[   88.332292][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.387538][ T5719] loop1: detected capacity change from 0 to 512
[   88.394514][ T5719] EXT4-fs: Ignoring removed mblk_io_submit option
[   88.403624][ T5720] loop3: detected capacity change from 0 to 164
[   88.413145][ T5719] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   88.435891][ T5719] EXT4-fs (loop1): 1 truncate cleaned up
[   88.445637][ T5719] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.461224][ T5719] netlink: 16 bytes leftover after parsing attributes in process `syz.1.885'.
[   88.510504][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.569223][ T5737] loop1: detected capacity change from 0 to 256
[   88.632717][ T5743] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[   88.643094][ T5743] SELinux: failed to load policy
[   88.648270][ T5744] loop4: detected capacity change from 0 to 164
[   88.736098][ T5750] loop1: detected capacity change from 0 to 256
[   88.742633][ T5749] loop2: detected capacity change from 0 to 256
[   88.762908][ T5749] syz.2.899: attempt to access beyond end of device
[   88.762908][ T5749] loop2: rw=2049, sector=256, nr_sectors = 100 limit=256
[   88.877427][ T5762] netlink: 4 bytes leftover after parsing attributes in process `syz.1.905'.
[   88.933176][ T5764] loop1: detected capacity change from 0 to 4096
[   88.943405][ T5764] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.052070][ T5772] loop2: detected capacity change from 0 to 256
[   89.058937][ T5772] vfat: Unknown parameter 'shortname7winnt'
[   89.126661][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.193841][ T5780] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[   89.204414][ T5780] SELinux: failed to load policy
[   89.243839][ T5782] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[   89.253026][ T5784] loop2: detected capacity change from 0 to 256
[   89.255508][ T5782] SELinux: failed to load policy
[   89.340453][ T5790] loop2: detected capacity change from 0 to 512
[   89.352440][ T5792] netlink: 4 bytes leftover after parsing attributes in process `syz.3.917'.
[   89.376747][ T5790] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.397683][ T5790] ext4 filesystem being mounted at /199/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.414774][ T5790] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.916: Failed to acquire dquot type 0
[   89.482343][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.563761][ T5807] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[   89.591102][ T5807] SELinux: failed to load policy
[   89.702772][ T5812] netlink: 268 bytes leftover after parsing attributes in process `syz.1.920'.
[   89.711971][ T5812] unsupported nla_type 65024
[   89.923699][ T5815] loop0: detected capacity change from 0 to 512
[   89.964542][ T5816] loop2: detected capacity change from 0 to 256
[   89.994871][ T5815] EXT4-fs: Ignoring removed mblk_io_submit option
[   90.066789][ T5815] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   90.082144][ T5820] loop4: detected capacity change from 0 to 512
[   90.098743][ T5820] EXT4-fs: Ignoring removed mblk_io_submit option
[   90.110482][ T5820] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   90.134828][ T5815] EXT4-fs (loop0): 1 truncate cleaned up
[   90.143443][ T5820] EXT4-fs (loop4): 1 truncate cleaned up
[   90.152963][ T5815] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   90.169671][ T5820] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   90.195716][ T5822] loop2: detected capacity change from 0 to 4096
[   90.205279][ T5815] netlink: 16 bytes leftover after parsing attributes in process `syz.0.925'.
[   90.216042][ T5820] netlink: 16 bytes leftover after parsing attributes in process `syz.4.928'.
[   90.241999][ T5822] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.311554][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.326973][ T3325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.395384][ T5831] netlink: 4 bytes leftover after parsing attributes in process `syz.0.930'.
[   90.424995][ T5833] loop4: detected capacity change from 0 to 164
[   90.579516][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.590802][ T5842] loop0: detected capacity change from 0 to 4096
[   90.831777][ T5867] netlink: 4 bytes leftover after parsing attributes in process `syz.1.945'.
[   90.853484][ T5869] loop3: detected capacity change from 0 to 164
[   91.533002][   T29] kauditd_printk_skb: 696 callbacks suppressed
[   91.533021][   T29] audit: type=1400 audit(2000000007.640:5765): avc:  denied  { create } for  pid=5902 comm="syz.2.961" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   91.665781][   T29] audit: type=1400 audit(2000000007.740:5766): avc:  denied  { block_suspend } for  pid=5902 comm="syz.2.961" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   91.691375][   T29] audit: type=1326 audit(2000000007.770:5767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5905 comm="syz.3.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[   91.714800][   T29] audit: type=1326 audit(2000000007.770:5768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5905 comm="syz.3.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[   91.738324][   T29] audit: type=1326 audit(2000000007.770:5769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5905 comm="syz.3.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[   91.761704][   T29] audit: type=1326 audit(2000000007.770:5770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5905 comm="syz.3.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[   91.785060][   T29] audit: type=1326 audit(2000000007.770:5771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5905 comm="syz.3.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[   91.808531][   T29] audit: type=1326 audit(2000000007.770:5772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5905 comm="syz.3.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[   91.831956][   T29] audit: type=1326 audit(2000000007.770:5773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5905 comm="syz.3.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[   91.855345][   T29] audit: type=1326 audit(2000000007.770:5774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5905 comm="syz.3.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[   91.876643][ T5914] loop4: detected capacity change from 0 to 736
[   91.901638][ T5914] rock: directory entry would overflow storage
[   91.907882][ T5914] rock: sig=0x3b10, size=4, remaining=3
[   92.022821][ T5923] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[   92.051022][ T5923] SELinux: failed to load policy
[   92.164283][ T5932] netlink: 12 bytes leftover after parsing attributes in process `syz.1.972'.
[   93.025491][ T5955] netlink: 'syz.4.981': attribute type 3 has an invalid length.
[   93.033260][ T5955] netlink: 'syz.4.981': attribute type 1 has an invalid length.
[   93.075714][ T5959] loop0: detected capacity change from 0 to 512
[   93.094697][ T5959] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   93.110909][ T5959] EXT4-fs (loop0): orphan cleanup on readonly fs
[   93.121136][ T5959] EXT4-fs warning (device loop0): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   93.139685][ T5962] loop3: detected capacity change from 0 to 2048
[   93.149593][ T5959] EXT4-fs (loop0): Cannot turn on quotas: error -22
[   93.165499][ T5959] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #16: comm syz.0.983: iget: immutable or append flags not allowed on symlinks
[   93.180252][ T5968] netlink: 4 bytes leftover after parsing attributes in process `syz.1.987'.
[   93.189369][ T5959] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.983: couldn't read orphan inode 16 (err -117)
[   93.223430][ T5965] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[   93.229409][ T5962]  loop3: unable to read partition table
[   93.239516][ T5962] loop3: partition table beyond EOD, truncated
[   93.245778][ T5962] loop_reread_partitions: partition scan of loop3 () failed (rc=-5)
[   93.245903][ T5965] SELinux: failed to load policy
[   93.837355][ T5985] loop2: detected capacity change from 0 to 512
[   93.863044][ T5985] EXT4-fs: Ignoring removed mblk_io_submit option
[   93.945933][ T5985] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   93.957405][ T5985] EXT4-fs (loop2): 1 truncate cleaned up
[   93.965235][ T5985] netlink: 16 bytes leftover after parsing attributes in process `syz.2.994'.
[   94.055045][ T6000] netlink: 4 bytes leftover after parsing attributes in process `syz.0.998'.
[   94.086785][ T6004] loop0: detected capacity change from 0 to 512
[   94.094475][ T6004] EXT4-fs: Ignoring removed mblk_io_submit option
[   94.101306][ T6004] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   94.111419][ T6006] loop2: detected capacity change from 0 to 2048
[   94.115181][ T6004] EXT4-fs (loop0): 1 truncate cleaned up
[   94.183836][ T6006]  loop2: unable to read partition table
[   94.191033][ T6006] loop2: partition table beyond EOD, truncated
[   94.197295][ T6006] loop_reread_partitions: partition scan of loop2 () failed (rc=-5)
[   94.370932][ T6018] loop1: detected capacity change from 0 to 1024
[   94.379679][ T6018] EXT4-fs: Ignoring removed nomblk_io_submit option
[   94.425534][ T6020] sctp: [Deprecated]: wg1 (pid 6020) Use of int in maxseg socket option.
[   94.425534][ T6020] Use struct sctp_assoc_value instead
[   94.463376][ T6029] __nla_validate_parse: 1 callbacks suppressed
[   94.463395][ T6029] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1010'.
[   94.772168][ T6050] loop3: detected capacity change from 0 to 256
[   94.791879][ T6057] loop4: detected capacity change from 0 to 512
[   94.831176][ T6057] ext4 filesystem being mounted at /205/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.847515][ T6057] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.1021: Failed to acquire dquot type 0
[   94.916802][ T6062] FAULT_INJECTION: forcing a failure.
[   94.916802][ T6062] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   94.930129][ T6062] CPU: 0 UID: 0 PID: 6062 Comm: syz.4.1022 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(voluntary) 
[   94.930166][ T6062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.930183][ T6062] Call Trace:
[   94.930191][ T6062]  <TASK>
[   94.930201][ T6062]  __dump_stack+0x1d/0x30
[   94.930262][ T6062]  dump_stack_lvl+0xe8/0x140
[   94.930330][ T6062]  dump_stack+0x15/0x1b
[   94.930352][ T6062]  should_fail_ex+0x265/0x280
[   94.930397][ T6062]  should_fail+0xb/0x20
[   94.930431][ T6062]  should_fail_usercopy+0x1a/0x20
[   94.930518][ T6062]  _copy_from_user+0x1c/0xb0
[   94.930548][ T6062]  __x64_sys_epoll_ctl+0x92/0x100
[   94.930588][ T6062]  x64_sys_call+0x26ef/0x2fb0
[   94.930667][ T6062]  do_syscall_64+0xd0/0x1a0
[   94.930700][ T6062]  ? clear_bhb_loop+0x40/0x90
[   94.930784][ T6062]  ? clear_bhb_loop+0x40/0x90
[   94.930805][ T6062]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.930826][ T6062] RIP: 0033:0x7fcbb4ede969
[   94.930892][ T6062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.930938][ T6062] RSP: 002b:00007fcbb3547038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[   94.930956][ T6062] RAX: ffffffffffffffda RBX: 00007fcbb5105fa0 RCX: 00007fcbb4ede969
[   94.930969][ T6062] RDX: 0000000000000007 RSI: 0000000000000003 RDI: 0000000000000006
[   94.931014][ T6062] RBP: 00007fcbb3547090 R08: 0000000000000000 R09: 0000000000000000
[   94.931031][ T6062] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.931047][ T6062] R13: 0000000000000000 R14: 00007fcbb5105fa0 R15: 00007ffd2e7e0038
[   94.931102][ T6062]  </TASK>
[   95.126794][ T6066] FAULT_INJECTION: forcing a failure.
[   95.126794][ T6066] name failslab, interval 1, probability 0, space 0, times 0
[   95.139557][ T6066] CPU: 1 UID: 0 PID: 6066 Comm: syz.4.1024 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(voluntary) 
[   95.139590][ T6066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   95.139605][ T6066] Call Trace:
[   95.139612][ T6066]  <TASK>
[   95.139619][ T6066]  __dump_stack+0x1d/0x30
[   95.139640][ T6066]  dump_stack_lvl+0xe8/0x140
[   95.139663][ T6066]  dump_stack+0x15/0x1b
[   95.139700][ T6066]  should_fail_ex+0x265/0x280
[   95.139736][ T6066]  should_failslab+0x8c/0xb0
[   95.139767][ T6066]  kmem_cache_alloc_noprof+0x50/0x310
[   95.139789][ T6066]  ? getname_flags+0x80/0x3b0
[   95.139863][ T6066]  getname_flags+0x80/0x3b0
[   95.139906][ T6066]  user_path_at+0x28/0x130
[   95.139934][ T6066]  vfs_open_tree+0x198/0x540
[   95.140021][ T6066]  __x64_sys_open_tree+0x45/0xc0
[   95.140087][ T6066]  x64_sys_call+0x28d3/0x2fb0
[   95.140184][ T6066]  do_syscall_64+0xd0/0x1a0
[   95.140211][ T6066]  ? clear_bhb_loop+0x40/0x90
[   95.140239][ T6066]  ? clear_bhb_loop+0x40/0x90
[   95.140265][ T6066]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.140297][ T6064] loop3: detected capacity change from 0 to 256
[   95.140293][ T6066] RIP: 0033:0x7fcbb4ede969
[   95.140332][ T6066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.140355][ T6066] RSP: 002b:00007fcbb3547038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ac
[   95.140381][ T6066] RAX: ffffffffffffffda RBX: 00007fcbb5105fa0 RCX: 00007fcbb4ede969
[   95.140400][ T6066] RDX: 0000000000089901 RSI: 0000000000000000 RDI: ffffffffffffff9c
[   95.140418][ T6066] RBP: 00007fcbb3547090 R08: 0000000000000000 R09: 0000000000000000
[   95.140436][ T6066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.140452][ T6066] R13: 0000000000000001 R14: 00007fcbb5105fa0 R15: 00007ffd2e7e0038
[   95.140536][ T6066]  </TASK>
[   95.490932][ T6090] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   95.500759][ T6090] SELinux: failed to load policy
[   95.539248][ T6095] loop2: detected capacity change from 0 to 164
[   95.550879][ T6094] loop1: detected capacity change from 0 to 512
[   95.558656][ T6094] EXT4-fs: Ignoring removed mblk_io_submit option
[   95.569798][ T6094] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   95.589630][ T6094] EXT4-fs (loop1): 1 truncate cleaned up
[   95.598574][ T6094] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1035'.
[   95.686251][ T6101] netlink: 'syz.3.1037': attribute type 21 has an invalid length.
[   96.543484][ T6127] loop2: detected capacity change from 0 to 164
[   96.549924][   T29] kauditd_printk_skb: 327 callbacks suppressed
[   96.549940][   T29] audit: type=1400 audit(2000000012.650:6100): avc:  denied  { setopt } for  pid=6123 comm="syz.2.1046" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   96.575809][ T6126] loop3: detected capacity change from 0 to 2048
[   96.575808][   T29] audit: type=1400 audit(2000000012.650:6101): avc:  denied  { write } for  pid=6123 comm="syz.2.1046" name="file0" dev="tmpfs" ino=1195 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   96.575840][   T29] audit: type=1400 audit(2000000012.650:6102): avc:  denied  { open } for  pid=6123 comm="syz.2.1046" path="/224/file0" dev="tmpfs" ino=1195 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   96.649292][ T6130] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1048'.
[   96.677016][   T29] audit: type=1400 audit(2000000012.690:6103): avc:  denied  { mounton } for  pid=6123 comm="syz.2.1046" path="/224/file0" dev="tmpfs" ino=1195 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   96.700336][   T29] audit: type=1400 audit(2000000012.720:6104): avc:  denied  { mount } for  pid=6123 comm="syz.2.1046" name="/" dev="loop2" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[   96.784796][ T6126]  loop3: unable to read partition table
[   96.809421][ T6126] loop3: partition table beyond EOD, truncated
[   96.815627][ T6126] loop_reread_partitions: partition scan of loop3 () failed (rc=-5)
[   96.860496][   T29] audit: type=1400 audit(2000000012.840:6105): avc:  denied  { write } for  pid=6133 comm="syz.4.1050" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   96.881016][   T29] audit: type=1400 audit(2000000012.840:6106): avc:  denied  { read } for  pid=6133 comm="syz.4.1050" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   96.909062][ T6139] FAULT_INJECTION: forcing a failure.
[   96.909062][ T6139] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   96.922220][ T6139] CPU: 0 UID: 0 PID: 6139 Comm: syz.3.1051 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(voluntary) 
[   96.922258][ T6139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   96.922275][ T6139] Call Trace:
[   96.922281][ T6139]  <TASK>
[   96.922367][ T6139]  __dump_stack+0x1d/0x30
[   96.922428][ T6139]  dump_stack_lvl+0xe8/0x140
[   96.922456][ T6139]  dump_stack+0x15/0x1b
[   96.922473][ T6139]  should_fail_ex+0x265/0x280
[   96.922531][ T6139]  should_fail+0xb/0x20
[   96.922571][ T6139]  should_fail_usercopy+0x1a/0x20
[   96.922599][ T6139]  _copy_to_user+0x20/0xa0
[   96.922622][ T6139]  simple_read_from_buffer+0xb5/0x130
[   96.922663][ T6139]  proc_fail_nth_read+0x100/0x140
[   96.922699][ T6139]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   96.922734][ T6139]  vfs_read+0x19d/0x6f0
[   96.922787][ T6139]  ? __rcu_read_unlock+0x4f/0x70
[   96.922810][ T6139]  ? __rcu_read_unlock+0x4f/0x70
[   96.922838][ T6139]  ? __fget_files+0x184/0x1c0
[   96.922930][ T6139]  ksys_read+0xda/0x1a0
[   96.922957][ T6139]  __x64_sys_read+0x40/0x50
[   96.922988][ T6139]  x64_sys_call+0x2d77/0x2fb0
[   96.923083][ T6139]  do_syscall_64+0xd0/0x1a0
[   96.923142][ T6139]  ? clear_bhb_loop+0x40/0x90
[   96.923171][ T6139]  ? clear_bhb_loop+0x40/0x90
[   96.923280][ T6139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.923307][ T6139] RIP: 0033:0x7f46f0dbd37c
[   96.923385][ T6139] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   96.923403][ T6139] RSP: 002b:00007f46ef427030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   96.923422][ T6139] RAX: ffffffffffffffda RBX: 00007f46f0fe5fa0 RCX: 00007f46f0dbd37c
[   96.923512][ T6139] RDX: 000000000000000f RSI: 00007f46ef4270a0 RDI: 0000000000000003
[   96.923524][ T6139] RBP: 00007f46ef427090 R08: 0000000000000000 R09: 0000000000000000
[   96.923535][ T6139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.923574][ T6139] R13: 0000000000000001 R14: 00007f46f0fe5fa0 R15: 00007fffa9ffe788
[   96.923593][ T6139]  </TASK>
[   97.195519][ T6148] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   97.258832][ T6151] loop4: detected capacity change from 0 to 164
[   97.439290][   T29] audit: type=1400 audit(2000000013.550:6107): avc:  denied  { watch } for  pid=6152 comm="syz.3.1058" path="/201" dev="tmpfs" ino=1083 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   97.462285][   T29] audit: type=1326 audit(2000000013.570:6108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6157 comm="syz.1.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d60fde969 code=0x7ffc0000
[   97.486414][   T29] audit: type=1326 audit(2000000013.570:6109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6157 comm="syz.1.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0d60fde969 code=0x7ffc0000
[   97.514735][ T6162] loop1: detected capacity change from 0 to 512
[   97.540822][ T6162] ext4 filesystem being mounted at /197/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.554416][ T6162] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.1061: Failed to acquire dquot type 0
[   97.631469][ T6171] loop1: detected capacity change from 0 to 256
[   97.640305][ T6172] syz.2.1065 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   97.649374][ T6171] syz.1.1064: attempt to access beyond end of device
[   97.649374][ T6171] loop1: rw=2049, sector=256, nr_sectors = 100 limit=256
[   97.733425][ T6180] loop2: detected capacity change from 0 to 512
[   97.740919][ T6180] EXT4-fs: Ignoring removed mblk_io_submit option
[   97.748176][ T6180] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   97.759617][ T6180] EXT4-fs (loop2): 1 truncate cleaned up
[   97.767063][ T6180] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1069'.
[   97.881090][ T6189] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[   97.891493][ T6189] SELinux: failed to load policy
[   97.946503][ T6193] loop1: detected capacity change from 0 to 256
[   97.969506][ T6195] loop2: detected capacity change from 0 to 256
[   98.088782][ T6207] loop1: detected capacity change from 0 to 512
[   98.095503][ T6207] EXT4-fs: Ignoring removed mblk_io_submit option
[   98.106336][ T6207] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   98.143084][ T6207] EXT4-fs (loop1): 1 truncate cleaned up
[   98.170561][ T6212] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[   98.181270][ T6212] SELinux: failed to load policy
[   98.200382][ T6207] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1082'.
[   98.225665][ T6216] loop3: detected capacity change from 0 to 2048
[   98.311568][ T6216]  loop3: unable to read partition table
[   98.317382][ T6216] loop3: partition table beyond EOD, truncated
[   98.323614][ T6216] loop_reread_partitions: partition scan of loop3 () failed (rc=-5)
[   98.745284][ T6228] loop3: detected capacity change from 0 to 164
[   98.774740][ T6230] loop1: detected capacity change from 0 to 2048
[   98.826075][ T6236] loop4: detected capacity change from 0 to 256
[   98.847715][ T6230]  loop1: unable to read partition table
[   98.853605][ T6230] loop1: partition table beyond EOD, truncated
[   98.859886][ T6230] loop_reread_partitions: partition scan of loop1 () failed (rc=-5)
[   98.920495][ T6240] loop1: detected capacity change from 0 to 256
[   98.935209][ T6240] syz.1.1096: attempt to access beyond end of device
[   98.935209][ T6240] loop1: rw=2049, sector=256, nr_sectors = 100 limit=256
[   98.976734][ T6242] loop4: detected capacity change from 0 to 512
[   98.983452][ T6242] EXT4-fs: Ignoring removed mblk_io_submit option
[   98.991484][ T6242] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   99.016684][ T6242] EXT4-fs (loop4): 1 truncate cleaned up
[   99.026456][ T6242] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1097'.
[   99.098554][ T6249] loop1: detected capacity change from 0 to 512
[   99.105250][ T6249] EXT4-fs: Ignoring removed mblk_io_submit option
[   99.113421][ T6249] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   99.136109][ T6249] EXT4-fs (loop1): 1 truncate cleaned up
[   99.144182][ T6249] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1101'.
[   99.193258][ T6253] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1100'.
[   99.218405][ T6253] loop4: detected capacity change from 0 to 512
[   99.225113][ T6253] EXT4-fs: Ignoring removed oldalloc option
[   99.233066][ T6253] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   99.246677][ T6253] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.1100: invalid indirect mapped block 4294967295 (level 0)
[   99.298053][ T6253] EXT4-fs (loop4): Remounting filesystem read-only
[   99.305235][ T6253] EXT4-fs (loop4): 1 orphan inode deleted
[   99.311054][ T6253] EXT4-fs (loop4): 1 truncate cleaned up
[   99.719980][ T6265] loop3: detected capacity change from 0 to 256
[   99.783938][ T6270] loop0: detected capacity change from 0 to 256
[   99.801011][ T6270] syz.0.1109: attempt to access beyond end of device
[   99.801011][ T6270] loop0: rw=2049, sector=256, nr_sectors = 100 limit=256
[   99.904915][ T6281] loop0: detected capacity change from 0 to 512
[   99.926736][ T6284] loop3: detected capacity change from 0 to 128
[   99.933517][ T6284] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  100.215333][ T6290] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1116'.
[  100.400206][ T6284] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  100.423468][ T6284] lowe: renamed from bridge_slave_0 (while UP)
[  100.432276][ T6281] EXT4-fs mount: 26 callbacks suppressed
[  100.432312][ T6281] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.462783][ T6281] ext4 filesystem being mounted at /216/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.486032][ T6281] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.1112: Failed to acquire dquot type 0
[  100.536025][ T3325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.589569][ T6306] loop2: detected capacity change from 0 to 256
[  100.608904][ T6306] syz.2.1123: attempt to access beyond end of device
[  100.608904][ T6306] loop2: rw=2049, sector=256, nr_sectors = 100 limit=256
[  100.731274][ T6313] loop4: detected capacity change from 0 to 256
[  100.753252][ T6315] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1136'.
[  100.763963][ T6315] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1136'.
[  101.544948][ T6339] loop1: detected capacity change from 0 to 512
[  101.768461][ T6339] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.857713][ T6339] ext4 filesystem being mounted at /223/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  101.920882][ T6339] __quota_error: 592 callbacks suppressed
[  101.920899][ T6339] Quota error (device loop1): find_block_dqentry: Quota for id 0 referenced but not present
[  101.936795][ T6339] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  101.946386][ T6339] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.1135: Failed to acquire dquot type 0
[  101.960623][   T51] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  101.983379][   T29] audit: type=1326 audit(2000000018.090:6698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6348 comm="syz.3.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[  102.019400][   T29] audit: type=1326 audit(2000000018.090:6699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6348 comm="syz.3.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[  102.042893][   T29] audit: type=1326 audit(2000000018.090:6700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6348 comm="syz.3.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[  102.066411][   T29] audit: type=1326 audit(2000000018.090:6701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6348 comm="syz.3.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[  102.089904][   T29] audit: type=1326 audit(2000000018.090:6702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6348 comm="syz.3.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[  102.113328][   T29] audit: type=1326 audit(2000000018.090:6703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6348 comm="syz.3.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[  102.136863][   T29] audit: type=1326 audit(2000000018.090:6704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6348 comm="syz.3.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[  102.146943][ T6353] loop2: detected capacity change from 0 to 256
[  102.160345][   T29] audit: type=1326 audit(2000000018.090:6705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6348 comm="syz.3.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[  102.197888][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.229038][ T6358] loop4: detected capacity change from 0 to 256
[  102.314700][ T6362] loop3: detected capacity change from 0 to 512
[  102.323152][ T6362] EXT4-fs: Ignoring removed mblk_io_submit option
[  102.335885][ T6362] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  102.372563][ T6368] loop1: detected capacity change from 0 to 128
[  102.392582][ T6362] EXT4-fs (loop3): 1 truncate cleaned up
[  102.408042][ T6368] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  102.429027][ T6368] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  102.447305][ T6368] lowe: renamed from bridge_slave_0 (while UP)
[  102.477953][ T6362] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.581154][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.593774][ T6376] loop2: detected capacity change from 0 to 256
[  102.635256][ T6380] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1152'.
[  102.649812][ T6376] syz.2.1151: attempt to access beyond end of device
[  102.649812][ T6376] loop2: rw=2049, sector=256, nr_sectors = 100 limit=256
[  102.679485][ T6384] loop3: detected capacity change from 0 to 512
[  102.700152][ T6384] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.715246][ T6384] ext4 filesystem being mounted at /211/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  102.737986][ T6384] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.1154: Failed to acquire dquot type 0
[  102.777417][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.896126][ T6397] loop3: detected capacity change from 0 to 164
[  103.308965][   T51] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  103.452864][ T6414] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  103.464432][ T6414] SELinux: failed to load policy
[  104.529221][ T6431] loop4: detected capacity change from 0 to 128
[  104.535964][ T6431] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  104.549910][ T6431] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  104.566446][ T6431] lowe: renamed from bridge_slave_0 (while UP)
[  104.584776][ T6428] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1172'.
[  104.628133][ T6428] loop3: detected capacity change from 0 to 512
[  104.634979][ T6428] EXT4-fs: Ignoring removed oldalloc option
[  104.641836][ T6428] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  104.662364][ T6428] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.1172: invalid indirect mapped block 4294967295 (level 0)
[  104.702603][ T6428] EXT4-fs (loop3): Remounting filesystem read-only
[  104.735942][ T6428] EXT4-fs (loop3): 1 orphan inode deleted
[  104.741798][ T6428] EXT4-fs (loop3): 1 truncate cleaned up
[  104.769521][ T6428] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.833134][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.848365][ T6450] loop2: detected capacity change from 0 to 164
[  104.873922][ T6454] loop1: detected capacity change from 0 to 2048
[  104.884817][ T6453] loop3: detected capacity change from 0 to 256
[  104.943750][ T6454]  loop1: unable to read partition table
[  104.949533][ T6454] loop1: partition table beyond EOD, truncated
[  104.955812][ T6454] loop_reread_partitions: partition scan of loop1 () failed (rc=-5)
[  105.110330][ T6464] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  105.121079][ T6464] SELinux: failed to load policy
[  105.171091][ T6468] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1188'.
[  105.356481][ T6481] loop3: detected capacity change from 0 to 2048
[  105.375212][ T6483] loop1: detected capacity change from 0 to 256
[  105.431559][ T6481]  loop3: unable to read partition table
[  105.442021][ T6481] loop3: partition table beyond EOD, truncated
[  105.448507][ T6481] loop_reread_partitions: partition scan of loop3 () failed (rc=-5)
[  105.524462][   T37] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  105.578455][ T6491] loop4: detected capacity change from 0 to 256
[  105.587885][ T6487] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  105.610961][ T6487] SELinux: failed to load policy
[  105.649296][ T6496] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1202'.
[  106.063471][ T6510] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  106.164898][ T6510] SELinux: failed to load policy
[  106.252705][ T6516] loop2: detected capacity change from 0 to 256
[  106.263998][ T6520] loop1: detected capacity change from 0 to 256
[  106.271077][ T6520] vfat: Unknown parameter 'shortname7winnt'
[  106.429218][ T6530] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1217'.
[  106.518258][ T6541] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  106.528623][ T6541] SELinux: failed to load policy
[  106.535570][ T6539] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  106.550122][ T6539] SELinux: failed to load policy
[  106.674071][ T6553] loop1: detected capacity change from 0 to 2048
[  106.686107][ T6557] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1230'.
[  106.887994][ T6570] loop4: detected capacity change from 0 to 256
[  106.918020][ T6570] vfat: Unknown parameter 'shortname7winnt'
[  106.971114][   T29] kauditd_printk_skb: 634 callbacks suppressed
[  106.971168][   T29] audit: type=1400 audit(2000000023.080:7338): avc:  denied  { module_request } for  pid=6568 comm="syz.4.1236" kmod="bpf_preload" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  107.028577][ T6553]  loop1: unable to read partition table
[  107.078381][ T6553] loop1: partition table beyond EOD, truncated
[  107.084774][ T6553] loop_reread_partitions: partition scan of loop1 () failed (rc=-5)
[  107.106703][   T29] audit: type=1400 audit(2000000023.200:7339): avc:  denied  { mount } for  pid=6568 comm="syz.4.1236" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  107.215972][ T6576] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1237'.
[  107.225047][   T29] audit: type=1400 audit(2000000023.320:7340): avc:  denied  { read } for  pid=6575 comm="syz.3.1237" dev="nsfs" ino=4026532516 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  107.246342][   T29] audit: type=1400 audit(2000000023.320:7341): avc:  denied  { open } for  pid=6575 comm="syz.3.1237" path="net:[4026532516]" dev="nsfs" ino=4026532516 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  107.269906][   T29] audit: type=1400 audit(2000000023.320:7342): avc:  denied  { read } for  pid=6575 comm="syz.3.1237" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  107.294543][ T6576] loop3: detected capacity change from 0 to 512
[  107.301464][ T6576] EXT4-fs: Ignoring removed oldalloc option
[  107.308140][ T6576] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  107.337644][ T6588] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1242'.
[  107.347476][ T6576] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.1237: invalid indirect mapped block 4294967295 (level 0)
[  107.365885][ T6576] EXT4-fs (loop3): Remounting filesystem read-only
[  107.376265][   T29] audit: type=1400 audit(2000000023.480:7343): avc:  denied  { setopt } for  pid=6584 comm="syz.1.1241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  107.396055][   T29] audit: type=1400 audit(2000000023.480:7344): avc:  denied  { create } for  pid=6584 comm="syz.1.1241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  107.398097][ T6576] EXT4-fs (loop3): 1 orphan inode deleted
[  107.415887][   T29] audit: type=1400 audit(2000000023.480:7345): avc:  denied  { write } for  pid=6584 comm="syz.1.1241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  107.421660][ T6576] EXT4-fs (loop3): 1 truncate cleaned up
[  107.441457][   T29] audit: type=1326 audit(2000000023.480:7346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6589 comm="syz.2.1243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb49293e969 code=0x7ffc0000
[  107.470110][   T29] audit: type=1326 audit(2000000023.480:7347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6589 comm="syz.2.1243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb49293e969 code=0x7ffc0000
[  107.504191][ T6576] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.540100][ T6592] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  107.552850][ T6592] SELinux: failed to load policy
[  107.665930][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.696975][ T6608] loop2: detected capacity change from 0 to 256
[  107.737952][ T6612] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  107.749692][ T6612] SELinux: failed to load policy
[  107.876199][ T6627] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1263'.
[  108.020835][ T6643] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  108.043620][ T6643] SELinux: failed to load policy
[  108.100787][ T6649] loop2: detected capacity change from 0 to 256
[  108.175984][ T6658] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1277'.
[  108.176530][ T6659] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1276'.
[  109.050092][ T6683] loop1: detected capacity change from 0 to 256
[  109.188007][ T6686] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  109.226393][ T6686] SELinux: failed to load policy
[  109.367152][ T6691] loop0: detected capacity change from 0 to 512
[  109.374091][ T6691] EXT4-fs: Ignoring removed mblk_io_submit option
[  109.382050][ T6693] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1290'.
[  109.382208][ T6691] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  109.403140][ T6691] EXT4-fs (loop0): 1 truncate cleaned up
[  109.410509][ T6691] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.486012][ T3325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.580476][ T6701] loop1: detected capacity change from 0 to 256
[  109.613412][ T6701] syz.1.1294: attempt to access beyond end of device
[  109.613412][ T6701] loop1: rw=2049, sector=256, nr_sectors = 100 limit=256
[  109.735461][ T6708] FAULT_INJECTION: forcing a failure.
[  109.735461][ T6708] name failslab, interval 1, probability 0, space 0, times 0
[  109.748233][ T6708] CPU: 0 UID: 0 PID: 6708 Comm: syz.1.1296 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(voluntary) 
[  109.748279][ T6708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  109.748291][ T6708] Call Trace:
[  109.748298][ T6708]  <TASK>
[  109.748305][ T6708]  __dump_stack+0x1d/0x30
[  109.748362][ T6708]  dump_stack_lvl+0xe8/0x140
[  109.748407][ T6708]  dump_stack+0x15/0x1b
[  109.748498][ T6708]  should_fail_ex+0x265/0x280
[  109.748537][ T6708]  should_failslab+0x8c/0xb0
[  109.748582][ T6708]  kmem_cache_alloc_noprof+0x50/0x310
[  109.748604][ T6708]  ? getname_flags+0x80/0x3b0
[  109.748679][ T6708]  getname_flags+0x80/0x3b0
[  109.748792][ T6708]  __x64_sys_link+0x33/0x70
[  109.748838][ T6708]  x64_sys_call+0x2af9/0x2fb0
[  109.748859][ T6708]  do_syscall_64+0xd0/0x1a0
[  109.748889][ T6708]  ? clear_bhb_loop+0x40/0x90
[  109.748922][ T6708]  ? clear_bhb_loop+0x40/0x90
[  109.748963][ T6708]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.748992][ T6708] RIP: 0033:0x7f0d60fde969
[  109.749034][ T6708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.749056][ T6708] RSP: 002b:00007f0d5f647038 EFLAGS: 00000246 ORIG_RAX: 0000000000000056
[  109.749080][ T6708] RAX: ffffffffffffffda RBX: 00007f0d61205fa0 RCX: 00007f0d60fde969
[  109.749097][ T6708] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 00002000000000c0
[  109.749110][ T6708] RBP: 00007f0d5f647090 R08: 0000000000000000 R09: 0000000000000000
[  109.749125][ T6708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.749162][ T6708] R13: 0000000000000000 R14: 00007f0d61205fa0 R15: 00007ffda727d2a8
[  109.749184][ T6708]  </TASK>
[  109.756766][ T6710] loop0: detected capacity change from 0 to 256
[  109.824556][ T6713] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1299'.
[  110.035546][ T6725] loop0: detected capacity change from 0 to 512
[  110.042459][ T6725] EXT4-fs: Ignoring removed mblk_io_submit option
[  110.050892][ T6725] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  111.106985][ T6725] EXT4-fs (loop0): 1 truncate cleaned up
[  111.205780][ T6725] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.308397][ T3325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.318011][ T6748] loop1: detected capacity change from 0 to 2048
[  111.327506][ T6746] loop2: detected capacity change from 0 to 2048
[  111.332047][ T6750] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1312'.
[  111.395385][ T6748]  loop1: unable to read partition table
[  111.402410][ T6748] loop1: partition table beyond EOD, truncated
[  111.408681][ T6748] loop_reread_partitions: partition scan of loop1 () failed (rc=-5)
[  111.431775][ T6746]  loop2: unable to read partition table
[  111.440298][ T6746] loop2: partition table beyond EOD, truncated
[  111.446594][ T6746] loop_reread_partitions: partition scan of loop2 () failed (rc=-5)
[  111.482962][ T6757] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  111.510547][ T6757] SELinux: failed to load policy
[  111.545440][ T6767] loop2: detected capacity change from 0 to 256
[  111.564896][ T6767] syz.2.1320: attempt to access beyond end of device
[  111.564896][ T6767] loop2: rw=2049, sector=256, nr_sectors = 100 limit=256
[  111.682769][ T6776] loop2: detected capacity change from 0 to 128
[  111.689518][ T6776] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  111.702962][ T6776] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  111.731831][ T6776] lowe: renamed from bridge_slave_0 (while UP)
[  111.770329][ T2222] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  112.214888][   T29] kauditd_printk_skb: 426 callbacks suppressed
[  112.214904][   T29] audit: type=1400 audit(2000000028.320:7774): avc:  denied  { create } for  pid=6784 comm="syz.2.1325" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  112.246629][   T29] audit: type=1400 audit(2000000028.350:7775): avc:  denied  { getopt } for  pid=6784 comm="syz.2.1325" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  112.266227][   T29] audit: type=1400 audit(2000000028.350:7776): avc:  denied  { connect } for  pid=6784 comm="syz.2.1325" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  112.286086][   T29] audit: type=1400 audit(2000000028.350:7777): avc:  denied  { name_connect } for  pid=6784 comm="syz.2.1325" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  112.307567][   T29] audit: type=1400 audit(2000000028.410:7778): avc:  denied  { setopt } for  pid=6784 comm="syz.2.1325" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  112.327127][   T29] audit: type=1400 audit(2000000028.410:7779): avc:  denied  { write } for  pid=6784 comm="syz.2.1325" name="file0" dev="tmpfs" ino=1532 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  112.328569][ T6786] loop2: detected capacity change from 0 to 164
[  112.349596][   T29] audit: type=1400 audit(2000000028.410:7780): avc:  denied  { open } for  pid=6784 comm="syz.2.1325" path="/286/file0" dev="tmpfs" ino=1532 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  112.381305][   T29] audit: type=1400 audit(2000000028.490:7781): avc:  denied  { mounton } for  pid=6784 comm="syz.2.1325" path="/286/file0" dev="tmpfs" ino=1532 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  112.404435][   T29] audit: type=1400 audit(2000000028.490:7782): avc:  denied  { mount } for  pid=6784 comm="syz.2.1325" name="/" dev="loop2" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  112.446638][   T29] audit: type=1400 audit(2000000028.550:7783): avc:  denied  { read } for  pid=6787 comm="syz.4.1327" dev="nsfs" ino=4026532754 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  112.447229][ T6788] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1327'.
[  112.491758][ T6788] loop4: detected capacity change from 0 to 512
[  112.499708][ T6788] EXT4-fs: Ignoring removed oldalloc option
[  112.506135][ T6788] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  112.519463][ T6788] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.1327: invalid indirect mapped block 4294967295 (level 0)
[  112.533775][ T6788] EXT4-fs (loop4): Remounting filesystem read-only
[  112.541613][ T6788] EXT4-fs (loop4): 1 orphan inode deleted
[  112.547502][ T6788] EXT4-fs (loop4): 1 truncate cleaned up
[  112.553909][ T6788] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.560196][ T6791] loop3: detected capacity change from 0 to 2048
[  112.628930][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.664486][ T6791]  loop3: unable to read partition table
[  112.672598][ T6791] loop3: partition table beyond EOD, truncated
[  112.678904][ T6791] loop_reread_partitions: partition scan of loop3 () failed (rc=-5)
[  112.765946][ T6797] loop3: detected capacity change from 0 to 736
[  112.779706][ T6797] rock: directory entry would overflow storage
[  112.785967][ T6797] rock: sig=0x3b10, size=4, remaining=3
[  112.820422][ T6803] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  112.830731][ T6803] SELinux: failed to load policy
[  113.019188][ T6816] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1340'.
[  113.068629][ T6819] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1341'.
[  113.257508][ T6826] FAULT_INJECTION: forcing a failure.
[  113.257508][ T6826] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  113.270733][ T6826] CPU: 1 UID: 0 PID: 6826 Comm: syz.3.1344 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(voluntary) 
[  113.270775][ T6826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  113.270788][ T6826] Call Trace:
[  113.270794][ T6826]  <TASK>
[  113.270803][ T6826]  __dump_stack+0x1d/0x30
[  113.270830][ T6826]  dump_stack_lvl+0xe8/0x140
[  113.270855][ T6826]  dump_stack+0x15/0x1b
[  113.270878][ T6826]  should_fail_ex+0x265/0x280
[  113.270952][ T6826]  should_fail+0xb/0x20
[  113.270992][ T6826]  should_fail_usercopy+0x1a/0x20
[  113.271071][ T6826]  _copy_from_user+0x1c/0xb0
[  113.271169][ T6826]  __sys_bind+0x106/0x2a0
[  113.271215][ T6826]  __x64_sys_bind+0x3f/0x50
[  113.271250][ T6826]  x64_sys_call+0x2086/0x2fb0
[  113.271340][ T6826]  do_syscall_64+0xd0/0x1a0
[  113.271367][ T6826]  ? clear_bhb_loop+0x40/0x90
[  113.271403][ T6826]  ? clear_bhb_loop+0x40/0x90
[  113.271432][ T6826]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.271461][ T6826] RIP: 0033:0x7f46f0dbe969
[  113.271477][ T6826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.271533][ T6826] RSP: 002b:00007f46ef427038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  113.271558][ T6826] RAX: ffffffffffffffda RBX: 00007f46f0fe5fa0 RCX: 00007f46f0dbe969
[  113.271575][ T6826] RDX: 000000000000001c RSI: 0000200000000040 RDI: 0000000000000003
[  113.271588][ T6826] RBP: 00007f46ef427090 R08: 0000000000000000 R09: 0000000000000000
[  113.271600][ T6826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.271648][ T6826] R13: 0000000000000000 R14: 00007f46f0fe5fa0 R15: 00007fffa9ffe788
[  113.271716][ T6826]  </TASK>
[  113.651952][ T6832] capability: warning: `syz.3.1346' uses 32-bit capabilities (legacy support in use)
[  113.921208][ T6839] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  113.950254][ T6841] loop4: detected capacity change from 0 to 512
[  113.958846][ T6839] SELinux: failed to load policy
[  113.964260][ T6841] EXT4-fs: Ignoring removed mblk_io_submit option
[  113.973684][ T6841] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  113.997741][ T6841] EXT4-fs (loop4): 1 truncate cleaned up
[  114.004566][ T6841] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.090894][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.115653][ T6854] loop3: detected capacity change from 0 to 512
[  114.124419][ T6854] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  114.134846][ T6854] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c042c118, mo2=0002]
[  114.142931][ T6850] loop1: detected capacity change from 0 to 164
[  114.144660][ T6854] EXT4-fs error (device loop3): ext4_iget_extra_inode:4693: inode #15: comm syz.3.1356: corrupted in-inode xattr: e_value size too large
[  114.170690][ T6854] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1356: couldn't read orphan inode 15 (err -117)
[  114.288797][ T6854] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.770158][ T6870] loop0: detected capacity change from 0 to 1024
[  114.776977][ T6870] EXT4-fs: Ignoring removed nomblk_io_submit option
[  114.788911][ T6870] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.818116][ T3325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.909203][ T6882] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  114.909473][ T6881] loop1: detected capacity change from 0 to 512
[  114.919536][ T6882] SELinux: failed to load policy
[  114.926801][ T6881] EXT4-fs: Ignoring removed mblk_io_submit option
[  114.943522][ T6881] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  114.956234][ T6881] EXT4-fs (loop1): 1 truncate cleaned up
[  114.962413][ T6881] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.991960][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.013656][ T6887] loop2: detected capacity change from 0 to 512
[  115.025900][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.092150][ T6887] EXT4-fs (loop2): 1 orphan inode deleted
[  115.098571][ T6887] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.116911][   T51] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:3: Failed to release dquot type 1
[  115.139305][ T6887] ext4 filesystem being mounted at /291/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  115.150556][ T6896] loop1: detected capacity change from 0 to 512
[  115.169975][ T6896] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  115.196644][ T6903] loop3: detected capacity change from 0 to 256
[  115.209341][ T6905] loop4: detected capacity change from 0 to 512
[  115.210599][ T6889] 8021q: adding VLAN 0 to HW filter on device bond1
[  115.223834][ T6905] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  115.224621][ T6889] bond0: (slave bond1): Enslaving as an active interface with an up link
[  115.259524][ T3321] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 4: comm syz-executor: path /291/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[  115.282152][ T6905] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.1373: Failed to acquire dquot type 0
[  115.282594][ T6896] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.1370: Failed to acquire dquot type 0
[  115.306621][ T3321] EXT4-fs error (device loop2): ext4_empty_dir:3086: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[  115.313680][ T6896] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  115.340751][ T6905] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  115.344259][ T6896] EXT4-fs (loop1): 1 truncate cleaned up
[  115.362451][ T6896] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.375673][ T6896] FAULT_INJECTION: forcing a failure.
[  115.375673][ T6896] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  115.388821][ T3321] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[  115.389036][ T3321] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 4: comm syz-executor: path /291/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[  115.400272][ T6896] CPU: 1 UID: 0 PID: 6896 Comm: syz.1.1370 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(voluntary) 
[  115.400375][ T6896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  115.400389][ T6896] Call Trace:
[  115.400486][ T6896]  <TASK>
[  115.400498][ T6896]  __dump_stack+0x1d/0x30
[  115.400528][ T6896]  dump_stack_lvl+0xe8/0x140
[  115.400600][ T6896]  dump_stack+0x15/0x1b
[  115.400622][ T6896]  should_fail_ex+0x265/0x280
[  115.400669][ T6896]  should_fail+0xb/0x20
[  115.400710][ T6896]  should_fail_usercopy+0x1a/0x20
[  115.400772][ T6896]  strncpy_from_user+0x25/0x230
[  115.400811][ T6896]  path_setxattrat+0xeb/0x310
[  115.400890][ T6896]  __x64_sys_lsetxattr+0x71/0x90
[  115.400931][ T6896]  x64_sys_call+0x1e36/0x2fb0
[  115.400970][ T6896]  do_syscall_64+0xd0/0x1a0
[  115.401003][ T6896]  ? clear_bhb_loop+0x40/0x90
[  115.401080][ T6896]  ? clear_bhb_loop+0x40/0x90
[  115.401110][ T6896]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.401138][ T6896] RIP: 0033:0x7f0d60fde969
[  115.401158][ T6896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.401184][ T6896] RSP: 002b:00007f0d5f647038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  115.401231][ T6896] RAX: ffffffffffffffda RBX: 00007f0d61205fa0 RCX: 00007f0d60fde969
[  115.401248][ T6896] RDX: 0000000000000000 RSI: 0000200000000700 RDI: 0000200000000680
[  115.401265][ T6896] RBP: 00007f0d5f647090 R08: 0000000000000001 R09: 0000000000000000
[  115.401283][ T6896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  115.401299][ T6896] R13: 0000000000000000 R14: 00007f0d61205fa0 R15: 00007ffda727d2a8
[  115.401352][ T6896]  </TASK>
[  115.446434][ T6905] EXT4-fs (loop4): 1 truncate cleaned up
[  115.487959][ T3321] EXT4-fs error (device loop2): ext4_empty_dir:3086: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[  115.493030][ T6905] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.497037][ T3321] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[  115.521468][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.561562][ T6919] loop0: detected capacity change from 0 to 164
[  115.576105][ T3321] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 4: comm syz-executor: path /291/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[  115.602352][ T6905] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #15: comm syz.4.1373: corrupted xattr block 19: bad e_name length
[  115.617511][ T3321] EXT4-fs error (device loop2): ext4_empty_dir:3086: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[  115.630395][ T6905] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[  115.696368][ T3321] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[  115.709905][ T6905] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #15: comm syz.4.1373: corrupted xattr block 19: bad e_name length
[  115.742265][ T3321] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 4: comm syz-executor: path /291/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[  115.764429][ T6905] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[  115.764476][ T3321] EXT4-fs error (device loop2): ext4_empty_dir:3086: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[  115.775242][ T6921] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  115.803426][ T3321] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[  115.814983][ T6921] SELinux: failed to load policy
[  115.820329][ T3321] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 4: comm syz-executor: path /291/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[  115.842125][ T3321] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[  115.844324][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.863465][ T3321] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[  115.875587][ T3321] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[  115.893128][ T6925] FAULT_INJECTION: forcing a failure.
[  115.893128][ T6925] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  115.906465][ T6925] CPU: 0 UID: 0 PID: 6925 Comm: syz.4.1379 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(voluntary) 
[  115.906503][ T6925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  115.906593][ T6925] Call Trace:
[  115.906601][ T6925]  <TASK>
[  115.906610][ T6925]  __dump_stack+0x1d/0x30
[  115.906635][ T6925]  dump_stack_lvl+0xe8/0x140
[  115.906658][ T6925]  dump_stack+0x15/0x1b
[  115.906676][ T6925]  should_fail_ex+0x265/0x280
[  115.906771][ T6925]  should_fail+0xb/0x20
[  115.906810][ T6925]  should_fail_usercopy+0x1a/0x20
[  115.906871][ T6925]  strncpy_from_user+0x25/0x230
[  115.906901][ T6925]  ? kmem_cache_alloc_noprof+0x186/0x310
[  115.906937][ T6925]  ? getname_flags+0x80/0x3b0
[  115.906973][ T6925]  getname_flags+0xae/0x3b0
[  115.907005][ T6925]  __se_sys_newstat+0x4b/0x270
[  115.907038][ T3321] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[  115.907090][ T6925]  ? __secure_computing+0x82/0x150
[  115.907120][ T6925]  __x64_sys_newstat+0x31/0x40
[  115.907166][ T6925]  x64_sys_call+0x781/0x2fb0
[  115.907272][ T6925]  do_syscall_64+0xd0/0x1a0
[  115.907354][ T6925]  ? clear_bhb_loop+0x40/0x90
[  115.907383][ T6925]  ? clear_bhb_loop+0x40/0x90
[  115.907412][ T6925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.907445][ T6925] RIP: 0033:0x7fcbb4ede969
[  115.907487][ T6925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.907511][ T6925] RSP: 002b:00007fcbb3547038 EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  115.907536][ T6925] RAX: ffffffffffffffda RBX: 00007fcbb5105fa0 RCX: 00007fcbb4ede969
[  115.907553][ T6925] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  115.907605][ T6925] RBP: 00007fcbb3547090 R08: 0000000000000000 R09: 0000000000000000
[  115.907621][ T6925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  115.907637][ T6925] R13: 0000000000000000 R14: 00007fcbb5105fa0 R15: 00007ffd2e7e0038
[  115.907662][ T6925]  </TASK>
[  115.953532][ T6929] loop4: detected capacity change from 0 to 512
[  115.960414][ T3321] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[  115.964222][ T6929] EXT4-fs: Ignoring removed mblk_io_submit option
[  115.976543][ T3321] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[  116.013300][ T6929] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  116.178709][ T6929] EXT4-fs (loop4): 1 truncate cleaned up
[  116.186385][ T6929] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.231477][ T6940] loop3: detected capacity change from 0 to 256
[  116.236322][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.408360][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.474970][ T6688] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.558412][ T6961] 9pnet_fd: Insufficient options for proto=fd
[  116.652536][ T6688] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.771134][ T6967] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1391'.
[  116.787129][ T6688] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.901741][ T6688] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.022519][ T6688] bridge_slave_1: left allmulticast mode
[  117.028610][ T6688] bridge_slave_1: left promiscuous mode
[  117.034355][ T6688] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.058180][ T6688] lowe: left allmulticast mode
[  117.063033][ T6688] lowe: left promiscuous mode
[  117.067967][ T6688] bridge0: port 1(lowe) entered disabled state
[  117.151383][ T6984] loop3: detected capacity change from 0 to 512
[  117.187670][ T6984] EXT4-fs: Ignoring removed mblk_io_submit option
[  117.218025][ T6984] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  117.258333][ T6984] EXT4-fs (loop3): 1 truncate cleaned up
[  117.264402][ T6984] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.308017][   T29] kauditd_printk_skb: 382 callbacks suppressed
[  117.308037][   T29] audit: type=1400 audit(2000000033.410:8161): avc:  denied  { mount } for  pid=6983 comm="syz.3.1397" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  117.348203][ T6993] loop1: detected capacity change from 0 to 128
[  117.354929][ T6993] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  117.375628][   T29] audit: type=1400 audit(2000000033.460:8162): avc:  denied  { read write } for  pid=6990 comm="syz.1.1401" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  117.399792][   T29] audit: type=1400 audit(2000000033.460:8163): avc:  denied  { open } for  pid=6990 comm="syz.1.1401" path="/dev/loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  117.408122][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.423966][   T29] audit: type=1400 audit(2000000033.460:8164): avc:  denied  { ioctl } for  pid=6990 comm="syz.1.1401" path="/dev/loop1" dev="devtmpfs" ino=101 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  117.438302][ T6993] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  117.458402][   T29] audit: type=1400 audit(2000000033.460:8165): avc:  denied  { mounton } for  pid=6990 comm="syz.1.1401" path="/294/file0" dev="tmpfs" ino=1582 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  117.490119][   T29] audit: type=1400 audit(2000000033.480:8166): avc:  denied  { map_create } for  pid=6991 comm="syz.0.1400" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  117.509351][   T29] audit: type=1400 audit(2000000033.480:8167): avc:  denied  { map_read map_write } for  pid=6991 comm="syz.0.1400" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  117.529315][   T29] audit: type=1400 audit(2000000033.480:8168): avc:  denied  { unmount } for  pid=3324 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  117.549169][   T29] audit: type=1400 audit(2000000033.480:8169): avc:  denied  { prog_load } for  pid=6991 comm="syz.0.1400" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  117.568295][   T29] audit: type=1400 audit(2000000033.480:8170): avc:  denied  { bpf } for  pid=6991 comm="syz.0.1400" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  117.591114][ T6688] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  117.607832][ T6992] loop0: detected capacity change from 0 to 512
[  117.614639][ T6992] EXT4-fs: Ignoring removed mblk_io_submit option
[  117.628100][ T6688] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  117.647357][ T6995] loop3: detected capacity change from 0 to 512
[  117.649236][ T6688] bond0 (unregistering): Released all slaves
[  117.656597][ T6992] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  117.670615][ T6995] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846c018, mo2=0002]
[  117.678965][ T6995] System zones: 1-12
[  117.683316][ T6995] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #2: comm syz.3.1402: corrupted xattr block 255: invalid header
[  117.702185][ T6995] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[  117.724742][ T6992] EXT4-fs (loop0): 1 truncate cleaned up
[  117.735181][ T6995] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.748418][ T6995] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #2: comm syz.3.1402: corrupted xattr block 255: invalid header
[  117.748968][ T6992] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.760578][ T2222] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  117.775288][ T6995] SELinux: (dev loop3, type ext4) getxattr errno 117
[  117.775772][ T6992] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1400'.
[  117.786787][ T6995] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.826139][ T6688] hsr_slave_0: left promiscuous mode
[  117.832455][ T6688] hsr_slave_1: left promiscuous mode
[  117.833034][ T7006] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  117.838190][ T6688] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  117.855543][ T6995] loop3: detected capacity change from 0 to 256
[  117.855591][ T6688] batman_adv: batadv0: Removing interface: batadv_slave_0
[  117.862174][ T7006] SELinux: failed to load policy
[  117.874946][ T6688] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  117.882429][ T6688] batman_adv: batadv0: Removing interface: batadv_slave_1
[  117.903195][ T3325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.915107][ T6688] veth1_macvtap: left promiscuous mode
[  117.921641][ T6688] veth0_macvtap: left promiscuous mode
[  117.927895][ T6688] veth1_vlan: left promiscuous mode
[  117.933263][ T6688] veth0_vlan: left promiscuous mode
[  118.035248][ T6688] team0 (unregistering): Port device team_slave_1 removed
[  118.050259][ T6688] team0 (unregistering): Port device team_slave_0 removed
[  118.060461][ T7018] IPv4: Oversized IP packet from 127.202.26.0
[  118.101046][ T6970] chnl_net:caif_netlink_parms(): no params data found
[  118.325320][ T7029] loop3: detected capacity change from 0 to 256
[  118.411990][ T6970] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.419197][ T6970] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.445836][ T6970] bridge_slave_0: entered allmulticast mode
[  118.471553][ T6970] bridge_slave_0: entered promiscuous mode
[  118.502525][ T6970] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.509743][ T6970] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.544540][ T7034] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  118.551879][ T6970] bridge_slave_1: entered allmulticast mode
[  118.566386][ T6970] bridge_slave_1: entered promiscuous mode
[  118.570494][ T7034] SELinux: failed to load policy
[  118.590501][ T6970] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  118.601534][ T6970] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  118.622218][ T7038] loop3: detected capacity change from 0 to 256
[  118.623394][ T6970] team0: Port device team_slave_0 added
[  118.635312][ T6970] team0: Port device team_slave_1 added
[  118.636157][ T7038] FAT-fs (loop3): Directory bread(block 64) failed
[  118.648055][ T7038] FAT-fs (loop3): Directory bread(block 65) failed
[  118.654645][ T7038] FAT-fs (loop3): Directory bread(block 66) failed
[  118.661303][ T7038] FAT-fs (loop3): Directory bread(block 67) failed
[  118.667944][ T7038] FAT-fs (loop3): Directory bread(block 68) failed
[  118.668992][ T6970] batman_adv: batadv0: Adding interface: batadv_slave_0
[  118.674595][ T7038] FAT-fs (loop3): Directory bread(block 69) failed
[  118.681441][ T6970] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  118.702959][ T7038] FAT-fs (loop3): Directory bread(block 70) failed
[  118.713868][ T6970] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  118.721555][ T7038] FAT-fs (loop3): Directory bread(block 71) failed
[  118.732753][ T6970] batman_adv: batadv0: Adding interface: batadv_slave_1
[  118.743481][ T7038] FAT-fs (loop3): Directory bread(block 72) failed
[  118.744581][ T6970] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  118.751137][ T7038] FAT-fs (loop3): Directory bread(block 73) failed
[  118.776991][ T6970] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  118.854285][ T7042] loop3: detected capacity change from 0 to 2048
[  118.854510][ T7045] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  118.871499][ T7045] SELinux: failed to load policy
[  118.895937][ T7047] loop1: detected capacity change from 0 to 512
[  118.903193][ T7047] EXT4-fs: Ignoring removed mblk_io_submit option
[  118.920680][ T7047] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  118.932561][ T6970] hsr_slave_0: entered promiscuous mode
[  118.938753][ T6970] hsr_slave_1: entered promiscuous mode
[  118.944887][ T6970] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  118.953040][ T6970] Cannot create hsr debugfs directory
[  118.960033][ T7047] EXT4-fs (loop1): 1 truncate cleaned up
[  118.966288][ T7047] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  118.989663][ T7047] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1419'.
[  119.021282][ T7042]  loop3: unable to read partition table
[  119.027010][ T7042] loop3: partition table beyond EOD, truncated
[  119.033232][ T7042] loop_reread_partitions: partition scan of loop3 () failed (rc=-5)
[  119.076890][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.117140][ T6970] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  119.124415][ T7056] loop4: detected capacity change from 0 to 256
[  119.133265][ T6970] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  119.159482][ T6970] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  119.174009][ T6970] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  119.181752][ T7062] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1425'.
[  119.229350][ T7064] loop0: detected capacity change from 0 to 128
[  119.242611][ T6970] 8021q: adding VLAN 0 to HW filter on device bond0
[  119.245787][ T7064] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  119.264376][ T6970] 8021q: adding VLAN 0 to HW filter on device team0
[  119.274562][ T7064] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  119.291860][ T6688] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.299100][ T6688] bridge0: port 1(bridge_slave_0) entered forwarding state
[  119.323584][ T6970] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  119.334135][ T6970] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  119.349600][ T6688] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.356778][ T6688] bridge0: port 2(bridge_slave_1) entered forwarding state
[  119.375939][ T7064] lowe: renamed from bridge_slave_0 (while UP)
[  119.386167][ T7069] loop4: detected capacity change from 0 to 128
[  119.396023][ T7069] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  119.409657][   T12] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  119.420545][ T7069] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  119.499019][ T6970] 8021q: adding VLAN 0 to HW filter on device batadv0
[  119.609061][ T7080] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  119.699631][ T7080] SELinux: failed to load policy
[  119.711082][ T7086] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  119.789035][ T7086] SELinux: failed to load policy
[  119.795179][   T51] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  119.913820][ T7092] loop4: detected capacity change from 0 to 512
[  119.925857][ T7092] EXT4-fs: Ignoring removed mblk_io_submit option
[  119.934409][ T7092] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  119.950392][ T7092] EXT4-fs (loop4): 1 truncate cleaned up
[  119.959334][ T7092] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  120.007893][ T7092] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1432'.
[  120.063171][ T6970] veth0_vlan: entered promiscuous mode
[  120.075199][ T6970] veth1_vlan: entered promiscuous mode
[  120.092517][ T6970] veth0_macvtap: entered promiscuous mode
[  120.099787][ T6970] veth1_macvtap: entered promiscuous mode
[  120.112205][ T6970] batman_adv: batadv0: Interface activated: batadv_slave_0
[  120.124292][ T6970] batman_adv: batadv0: Interface activated: batadv_slave_1
[  120.138284][ T6970] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  120.147024][ T6970] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  120.155906][ T6970] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  120.164708][ T6970] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  120.353645][ T7116] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1393'.
[  120.445676][ T7118] loop5: detected capacity change from 0 to 256
[  120.607308][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.872696][ T7132] FAULT_INJECTION: forcing a failure.
[  120.872696][ T7132] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  120.885948][ T7132] CPU: 1 UID: 0 PID: 7132 Comm: syz.5.1442 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(voluntary) 
[  120.886043][ T7132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  120.886058][ T7132] Call Trace:
[  120.886065][ T7132]  <TASK>
[  120.886072][ T7132]  __dump_stack+0x1d/0x30
[  120.886096][ T7132]  dump_stack_lvl+0xe8/0x140
[  120.886123][ T7132]  dump_stack+0x15/0x1b
[  120.886141][ T7132]  should_fail_ex+0x265/0x280
[  120.886238][ T7132]  should_fail+0xb/0x20
[  120.886268][ T7132]  should_fail_usercopy+0x1a/0x20
[  120.886421][ T7132]  _copy_from_user+0x1c/0xb0
[  120.886452][ T7132]  do_ip6t_set_ctl+0x3a9/0x840
[  120.886485][ T7132]  ? kstrtoull+0x111/0x140
[  120.886527][ T7132]  ? trace_reschedule_exit+0xd/0xc0
[  120.886563][ T7132]  ? sysvec_reschedule_ipi+0x4f/0x70
[  120.886607][ T7132]  ? trace_reschedule_exit+0xd/0xc0
[  120.886697][ T7132]  nf_setsockopt+0x199/0x1b0
[  120.886718][ T7132]  ipv6_setsockopt+0x11a/0x130
[  120.886741][ T7132]  tcp_setsockopt+0x98/0xb0
[  120.886783][ T7132]  sock_common_setsockopt+0x69/0x80
[  120.886869][ T7132]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  120.886899][ T7132]  __sys_setsockopt+0x184/0x200
[  120.886919][ T7132]  __x64_sys_setsockopt+0x64/0x80
[  120.886943][ T7132]  x64_sys_call+0x2bd5/0x2fb0
[  120.886972][ T7132]  do_syscall_64+0xd0/0x1a0
[  120.887077][ T7132]  ? clear_bhb_loop+0x40/0x90
[  120.887100][ T7132]  ? clear_bhb_loop+0x40/0x90
[  120.887121][ T7132]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.887209][ T7132] RIP: 0033:0x7f32e7e0e969
[  120.887228][ T7132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.887253][ T7132] RSP: 002b:00007f32e6477038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  120.887277][ T7132] RAX: ffffffffffffffda RBX: 00007f32e8035fa0 RCX: 00007f32e7e0e969
[  120.887295][ T7132] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  120.887310][ T7132] RBP: 00007f32e6477090 R08: 0000000000000458 R09: 0000000000000000
[  120.887322][ T7132] R10: 0000200000000c80 R11: 0000000000000246 R12: 0000000000000001
[  120.887360][ T7132] R13: 0000000000000000 R14: 00007f32e8035fa0 R15: 00007ffd03640f88
[  120.887391][ T7132]  </TASK>
[  121.246985][ T7126] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  121.247007][ T7126] SELinux: failed to load policy
[  121.289188][ T7147] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  121.300063][ T7147] SELinux: failed to load policy
[  122.252333][ T7154] loop3: detected capacity change from 0 to 512
[  122.266491][ T7154] EXT4-fs: Ignoring removed oldalloc option
[  122.273981][ T7154] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  122.371999][ T7154] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.1451: invalid indirect mapped block 4294967295 (level 0)
[  122.386354][ T7154] EXT4-fs (loop3): Remounting filesystem read-only
[  122.390227][ T7172] loop0: detected capacity change from 0 to 128
[  122.406406][ T7172] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  122.429820][ T7172] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  122.436870][ T7154] EXT4-fs (loop3): 1 orphan inode deleted
[  122.444771][ T7154] EXT4-fs (loop3): 1 truncate cleaned up
[  122.452314][ T7154] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.465319][   T29] kauditd_printk_skb: 277 callbacks suppressed
[  122.465362][   T29] audit: type=1400 audit(2000000038.570:8448): avc:  denied  { mount } for  pid=7153 comm="syz.3.1451" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  122.495476][   T29] audit: type=1400 audit(2000000038.600:8449): avc:  denied  { create } for  pid=7176 comm="syz.4.1457" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  122.531695][   T29] audit: type=1400 audit(2000000038.620:8450): avc:  denied  { setopt } for  pid=7176 comm="syz.4.1457" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  122.569914][   T29] audit: type=1400 audit(2000000038.680:8451): avc:  denied  { sys_module } for  pid=7171 comm="syz.0.1455" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  122.599350][   T29] audit: type=1400 audit(2000000038.710:8452): avc:  denied  { create } for  pid=7171 comm="syz.0.1455" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  122.619320][   T29] audit: type=1400 audit(2000000038.710:8453): avc:  denied  { connect } for  pid=7171 comm="syz.0.1455" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  122.639053][   T29] audit: type=1400 audit(2000000038.710:8454): avc:  denied  { write } for  pid=7171 comm="syz.0.1455" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  122.693158][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.792996][   T29] audit: type=1400 audit(2000000038.900:8455): avc:  denied  { read } for  pid=7197 comm="syz.5.1465" lport=43 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  122.934241][   T29] audit: type=1400 audit(2000000038.930:8456): avc:  denied  { mounton } for  pid=7197 comm="syz.5.1465" path="/8/bus" dev="tmpfs" ino=60 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  123.017821][   T29] audit: type=1400 audit(2000000039.120:8457): avc:  denied  { create } for  pid=7205 comm="syz.4.1468" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  123.046711][ T7208] FAULT_INJECTION: forcing a failure.
[  123.046711][ T7208] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.059872][ T7208] CPU: 0 UID: 0 PID: 7208 Comm: syz.3.1466 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(voluntary) 
[  123.059901][ T7208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  123.059978][ T7208] Call Trace:
[  123.059984][ T7208]  <TASK>
[  123.059994][ T7208]  __dump_stack+0x1d/0x30
[  123.060021][ T7208]  dump_stack_lvl+0xe8/0x140
[  123.060152][ T7208]  dump_stack+0x15/0x1b
[  123.060175][ T7208]  should_fail_ex+0x265/0x280
[  123.060217][ T7208]  should_fail+0xb/0x20
[  123.060248][ T7208]  should_fail_usercopy+0x1a/0x20
[  123.060274][ T7208]  _copy_from_user+0x1c/0xb0
[  123.060322][ T7208]  ___sys_sendmsg+0xc1/0x1d0
[  123.060367][ T7208]  __x64_sys_sendmsg+0xd4/0x160
[  123.060393][ T7208]  x64_sys_call+0x2999/0x2fb0
[  123.060441][ T7208]  do_syscall_64+0xd0/0x1a0
[  123.060472][ T7208]  ? clear_bhb_loop+0x40/0x90
[  123.060502][ T7208]  ? clear_bhb_loop+0x40/0x90
[  123.060565][ T7208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.060586][ T7208] RIP: 0033:0x7f46f0dbe969
[  123.060653][ T7208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.060725][ T7208] RSP: 002b:00007f46ef427038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  123.060810][ T7208] RAX: ffffffffffffffda RBX: 00007f46f0fe5fa0 RCX: 00007f46f0dbe969
[  123.060828][ T7208] RDX: 0000000000000004 RSI: 00002000000000c0 RDI: 0000000000000003
[  123.060845][ T7208] RBP: 00007f46ef427090 R08: 0000000000000000 R09: 0000000000000000
[  123.060859][ T7208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.060871][ T7208] R13: 0000000000000000 R14: 00007f46f0fe5fa0 R15: 00007fffa9ffe788
[  123.060888][ T7208]  </TASK>
[  123.302275][ T7209] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  123.313023][ T7209] SELinux: failed to load policy
[  123.374408][ T7211] loop4: detected capacity change from 0 to 512
[  123.389878][ T7213] loop3: detected capacity change from 0 to 256
[  123.398212][ T7211] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  123.421912][ T7213] syz.3.1470: attempt to access beyond end of device
[  123.421912][ T7213] loop3: rw=2049, sector=256, nr_sectors = 100 limit=256
[  123.440731][ T7211] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c042c118, mo2=0002]
[  123.459305][ T7211] EXT4-fs error (device loop4): ext4_iget_extra_inode:4693: inode #15: comm syz.4.1469: corrupted in-inode xattr: e_value size too large
[  123.538332][ T7211] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1469: couldn't read orphan inode 15 (err -117)
[  123.589080][ T7211] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.676386][ T7221] loop0: detected capacity change from 0 to 512
[  123.695560][ T7224] loop3: detected capacity change from 0 to 512
[  123.720071][ T7224] EXT4-fs: Ignoring removed mblk_io_submit option
[  123.731379][ T7219] loop5: detected capacity change from 0 to 4096
[  123.740017][ T7224] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  123.751356][ T7221] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002]
[  123.767197][ T7221] System zones: 0-2, 18-18, 34-35
[  123.773751][ T7219] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  123.788503][ T7221] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  123.809142][ T7224] EXT4-fs (loop3): 1 truncate cleaned up
[  123.820888][ T7224] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.837566][ T7221] ext4 filesystem being mounted at /271/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.852317][ T7224] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1472'.
[  124.012154][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.065013][ T6970] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.104788][ T3325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.259346][ T7250] loop0: detected capacity change from 0 to 256
[  124.275695][ T7250] syz.0.1483: attempt to access beyond end of device
[  124.275695][ T7250] loop0: rw=2049, sector=256, nr_sectors = 100 limit=256
[  124.294626][ T7251] loop3: detected capacity change from 0 to 256
[  124.328415][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.332699][ T7253] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.371645][ T7252] loop5: detected capacity change from 0 to 256
[  124.387744][ T7258] netlink: 'syz.1.1477': attribute type 29 has an invalid length.
[  124.395693][ T7258] netlink: 'syz.1.1477': attribute type 3 has an invalid length.
[  124.403524][ T7258] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1477'.
[  124.420112][ T7258] loop1: detected capacity change from 0 to 128
[  124.429235][ T7259] loop0: detected capacity change from 0 to 164
[  124.429961][ T7261] loop4: detected capacity change from 0 to 512
[  124.436643][ T7258] /dev/loop1: Can't open blockdev
[  124.447184][ T7261] EXT4-fs: Ignoring removed mblk_io_submit option
[  124.465576][ T7253] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.476397][ T7261] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  124.494697][ T7264] loop3: detected capacity change from 0 to 512
[  124.498702][ T7261] EXT4-fs (loop4): 1 truncate cleaned up
[  124.501678][ T7264] EXT4-fs: Ignoring removed mblk_io_submit option
[  124.507226][ T7261] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  124.518643][ T7264] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  124.551918][ T7261] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1486'.
[  124.571752][ T7264] EXT4-fs (loop3): 1 truncate cleaned up
[  124.586480][ T7264] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  124.617297][ T7253] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.640379][ T7264] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1487'.
[  124.680580][ T7269] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  124.698544][ T7269] SELinux: failed to load policy
[  124.705835][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.728727][ T7253] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.768402][ T7272] loop4: detected capacity change from 0 to 512
[  124.775124][ T7272] EXT4-fs: Ignoring removed mblk_io_submit option
[  124.775467][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.782257][ T7272] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  124.811308][ T7253] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  124.821548][ T7272] EXT4-fs (loop4): 1 truncate cleaned up
[  124.833622][ T7272] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  124.860346][ T7253] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  124.879431][ T7253] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  124.893133][ T7253] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  124.951621][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.039714][ T7283] loop3: detected capacity change from 0 to 256
[  125.081037][ T7283] syz.3.1495: attempt to access beyond end of device
[  125.081037][ T7283] loop3: rw=2049, sector=256, nr_sectors = 100 limit=256
[  125.167729][ T7293] loop3: detected capacity change from 0 to 256
[  125.190747][ T7298] loop4: detected capacity change from 0 to 128
[  125.197602][ T7298] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  125.210993][ T7298] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  125.278309][ T7305] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1504'.
[  125.385066][ T7316] loop4: detected capacity change from 0 to 164
[  125.402146][ T7318] loop0: detected capacity change from 0 to 256
[  125.446241][ T7320] loop3: detected capacity change from 0 to 256
[  125.462417][ T7320] syz.3.1510: attempt to access beyond end of device
[  125.462417][ T7320] loop3: rw=2049, sector=256, nr_sectors = 100 limit=256
[  125.736516][ T7328] loop3: detected capacity change from 0 to 256
[  125.945875][ T7336] loop3: detected capacity change from 0 to 128
[  125.954191][ T7336] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  125.966602][ T7336] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  125.970488][ T7338] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1517'.
[  126.034551][ T7341] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1519'.
[  126.061654][ T7341] loop5: detected capacity change from 0 to 512
[  126.068474][ T7341] EXT4-fs: Ignoring removed oldalloc option
[  126.075628][ T7341] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  126.091617][ T7341] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.1519: invalid indirect mapped block 4294967295 (level 0)
[  126.122483][ T7341] EXT4-fs (loop5): Remounting filesystem read-only
[  126.144657][ T7341] EXT4-fs (loop5): 1 orphan inode deleted
[  126.150596][ T7341] EXT4-fs (loop5): 1 truncate cleaned up
[  126.158080][ T7341] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.213864][ T7354] loop4: detected capacity change from 0 to 736
[  126.228107][ T7358] loop1: detected capacity change from 0 to 256
[  126.235417][ T7354] rock: directory entry would overflow storage
[  126.241693][ T7354] rock: sig=0x3b10, size=4, remaining=3
[  126.250975][ T6970] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.292178][ T7356] loop3: detected capacity change from 0 to 4096
[  126.300812][ T7356] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.408624][ T7370] loop1: detected capacity change from 0 to 128
[  126.415384][ T7370] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  126.431284][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.434695][ T7370] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  126.458233][ T7373] loop4: detected capacity change from 0 to 1024
[  126.466398][ T7373] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  126.477518][ T7373] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  126.493426][ T7373] JBD2: no valid journal superblock found
[  126.499296][ T7373] EXT4-fs (loop4): Could not load journal inode
[  126.510664][ T7373] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1531'.
[  126.573857][ T7381] $Hÿ: renamed from bond0 (while UP)
[  126.584002][ T7381] $Hÿ: entered promiscuous mode
[  126.589179][ T7381] bond_slave_0: entered promiscuous mode
[  126.594946][ T7381] bond_slave_1: entered promiscuous mode
[  126.610533][ T7383] loop1: detected capacity change from 0 to 512
[  126.618339][ T7383] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  126.629965][ T7384] loop0: detected capacity change from 0 to 164
[  126.649383][ T7383] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.1534: Failed to acquire dquot type 0
[  126.661769][ T7383] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  126.673067][ T7386] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1535'.
[  126.676977][ T7383] EXT4-fs (loop1): 1 truncate cleaned up
[  126.694255][ T7383] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.1534: corrupted xattr block 19: bad e_name length
[  126.710117][ T7383] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[  126.719222][ T7383] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.1534: corrupted xattr block 19: bad e_name length
[  126.734235][ T7383] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[  126.772259][ T7395] loop3: detected capacity change from 0 to 736
[  126.793208][ T7395] rock: directory entry would overflow storage
[  126.799488][ T7395] rock: sig=0x3b10, size=4, remaining=3
[  126.817189][ T7397] loop1: detected capacity change from 0 to 256
[  126.878883][ T7399] loop3: detected capacity change from 0 to 256
[  127.019036][ T7405] loop1: detected capacity change from 0 to 128
[  127.027680][ T7405] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  127.040789][ T7405] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  127.096519][ T7415] pimreg: entered allmulticast mode
[  127.156947][ T7415] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=65528 sclass=netlink_xfrm_socket pid=7415 comm=syz.3.1546
[  127.178243][ T7415] pimreg: left allmulticast mode
[  127.199889][ T7421] netlink: 'syz.5.1549': attribute type 7 has an invalid length.
[  127.207870][ T7421] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1549'.
[  127.238480][ T7427] loop1: detected capacity change from 0 to 512
[  127.245360][ T7427] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  127.247233][ T7430] loop5: detected capacity change from 0 to 256
[  127.270119][ T7427] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  127.283585][ T7427] EXT4-fs (loop1): 1 truncate cleaned up
[  127.326768][ T7437] loop3: detected capacity change from 0 to 128
[  127.333870][ T7437] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  127.346182][ T7437] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  127.498934][   T29] kauditd_printk_skb: 350 callbacks suppressed
[  127.499019][   T29] audit: type=1326 audit(2000000043.610:8806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7450 comm="syz.3.1562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[  127.559610][   T29] audit: type=1326 audit(2000000043.610:8807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7450 comm="syz.3.1562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[  127.583423][   T29] audit: type=1326 audit(2000000043.610:8808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7450 comm="syz.3.1562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[  127.606913][   T29] audit: type=1326 audit(2000000043.610:8809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7450 comm="syz.3.1562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[  127.630482][   T29] audit: type=1326 audit(2000000043.610:8810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7450 comm="syz.3.1562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[  127.654052][   T29] audit: type=1326 audit(2000000043.610:8811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7450 comm="syz.3.1562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[  127.677552][   T29] audit: type=1326 audit(2000000043.610:8812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7450 comm="syz.3.1562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[  127.701074][   T29] audit: type=1326 audit(2000000043.610:8813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7450 comm="syz.3.1562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[  127.724595][   T29] audit: type=1326 audit(2000000043.610:8814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7450 comm="syz.3.1562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[  127.748112][   T29] audit: type=1326 audit(2000000043.610:8815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7450 comm="syz.3.1562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f46f0dbe969 code=0x7ffc0000
[  127.871760][ T7469] loop3: detected capacity change from 0 to 256
[  127.901418][ T7471] loop0: detected capacity change from 0 to 2048
[  127.962196][ T7471]  loop0: unable to read partition table
[  127.968908][ T7471] loop0: partition table beyond EOD, truncated
[  127.975106][ T7471] loop_reread_partitions: partition scan of loop0 () failed (rc=-5)
[  128.022063][ T7483] loop4: detected capacity change from 0 to 512
[  128.030891][ T7483] EXT4-fs: Ignoring removed mblk_io_submit option
[  128.039481][ T7487] loop3: detected capacity change from 0 to 256
[  128.045952][ T7485] loop0: detected capacity change from 0 to 512
[  128.052712][ T7483] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  128.062970][ T7485] EXT4-fs: Ignoring removed oldalloc option
[  128.063080][ T7487] syz.3.1580: attempt to access beyond end of device
[  128.063080][ T7487] loop3: rw=2049, sector=256, nr_sectors = 100 limit=256
[  128.069111][ T7485] EXT4-fs: dax option not supported
[  128.103705][ T7483] EXT4-fs (loop4): 1 truncate cleaned up
[  128.216638][ T7505] loop4: detected capacity change from 0 to 2048
[  128.235151][ T7499] FAULT_INJECTION: forcing a failure.
[  128.235151][ T7499] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  128.248359][ T7499] CPU: 1 UID: 0 PID: 7499 Comm: syz.3.1585 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(voluntary) 
[  128.248392][ T7499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  128.248476][ T7499] Call Trace:
[  128.248521][ T7499]  <TASK>
[  128.248527][ T7499]  __dump_stack+0x1d/0x30
[  128.248604][ T7499]  dump_stack_lvl+0xe8/0x140
[  128.248629][ T7499]  dump_stack+0x15/0x1b
[  128.248650][ T7499]  should_fail_ex+0x265/0x280
[  128.248727][ T7499]  should_fail+0xb/0x20
[  128.248844][ T7499]  should_fail_usercopy+0x1a/0x20
[  128.248864][ T7499]  _copy_to_user+0x20/0xa0
[  128.248905][ T7499]  simple_read_from_buffer+0xb5/0x130
[  128.248966][ T7499]  proc_fail_nth_read+0x100/0x140
[  128.249060][ T7499]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  128.249086][ T7499]  vfs_read+0x19d/0x6f0
[  128.249141][ T7499]  ? __rcu_read_unlock+0x4f/0x70
[  128.249171][ T7499]  ? __fget_files+0x184/0x1c0
[  128.249203][ T7499]  ksys_read+0xda/0x1a0
[  128.249230][ T7499]  __x64_sys_read+0x40/0x50
[  128.249280][ T7499]  x64_sys_call+0x2d77/0x2fb0
[  128.249368][ T7499]  do_syscall_64+0xd0/0x1a0
[  128.249459][ T7499]  ? clear_bhb_loop+0x40/0x90
[  128.249485][ T7499]  ? clear_bhb_loop+0x40/0x90
[  128.249506][ T7499]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.249545][ T7499] RIP: 0033:0x7f46f0dbd37c
[  128.249563][ T7499] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  128.249582][ T7499] RSP: 002b:00007f46ef427030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  128.249601][ T7499] RAX: ffffffffffffffda RBX: 00007f46f0fe5fa0 RCX: 00007f46f0dbd37c
[  128.249615][ T7499] RDX: 000000000000000f RSI: 00007f46ef4270a0 RDI: 0000000000000003
[  128.249631][ T7499] RBP: 00007f46ef427090 R08: 0000000000000000 R09: 0000000000000000
[  128.249692][ T7499] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[  128.249709][ T7499] R13: 0000000000000000 R14: 00007f46f0fe5fa0 R15: 00007fffa9ffe788
[  128.249734][ T7499]  </TASK>
[  128.461026][ T7510] loop1: detected capacity change from 0 to 128
[  128.461376][ T7508] FAULT_INJECTION: forcing a failure.
[  128.461376][ T7508] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  128.467959][ T7510] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  128.480386][ T7508] CPU: 0 UID: 0 PID: 7508 Comm: syz.0.1589 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(voluntary) 
[  128.480424][ T7508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  128.480442][ T7508] Call Trace:
[  128.480484][ T7508]  <TASK>
[  128.480496][ T7508]  __dump_stack+0x1d/0x30
[  128.480526][ T7508]  dump_stack_lvl+0xe8/0x140
[  128.480554][ T7508]  dump_stack+0x15/0x1b
[  128.480600][ T7508]  should_fail_ex+0x265/0x280
[  128.480648][ T7508]  should_fail+0xb/0x20
[  128.480690][ T7508]  should_fail_usercopy+0x1a/0x20
[  128.480731][ T7508]  _copy_to_user+0x20/0xa0
[  128.480763][ T7508]  simple_read_from_buffer+0xb5/0x130
[  128.480800][ T7508]  proc_fail_nth_read+0x100/0x140
[  128.480937][ T7508]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  128.480974][ T7508]  vfs_read+0x19d/0x6f0
[  128.481008][ T7508]  ? __rcu_read_unlock+0x4f/0x70
[  128.481119][ T7508]  ? __fget_files+0x184/0x1c0
[  128.481194][ T7508]  ksys_read+0xda/0x1a0
[  128.481230][ T7508]  __x64_sys_read+0x40/0x50
[  128.481265][ T7508]  x64_sys_call+0x2d77/0x2fb0
[  128.481293][ T7508]  do_syscall_64+0xd0/0x1a0
[  128.481352][ T7508]  ? clear_bhb_loop+0x40/0x90
[  128.481399][ T7508]  ? clear_bhb_loop+0x40/0x90
[  128.481483][ T7508]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.481608][ T7508] RIP: 0033:0x7efcb5e7d37c
[  128.481637][ T7508] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  128.481661][ T7508] RSP: 002b:00007efcb44e7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  128.481717][ T7508] RAX: ffffffffffffffda RBX: 00007efcb60a5fa0 RCX: 00007efcb5e7d37c
[  128.481735][ T7508] RDX: 000000000000000f RSI: 00007efcb44e70a0 RDI: 0000000000000004
[  128.481751][ T7508] RBP: 00007efcb44e7090 R08: 0000000000000000 R09: 0000000000000000
[  128.481767][ T7508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  128.481783][ T7508] R13: 0000000000000000 R14: 00007efcb60a5fa0 R15: 00007ffd1e66a688
[  128.481814][ T7508]  </TASK>
[  128.639225][ T7505]  loop4: unable to read partition table
[  128.668013][ T7510] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  128.717078][ T7505] loop4: partition table beyond EOD, truncated
[  128.723437][ T7505] loop_reread_partitions: partition scan of loop4 () failed (rc=-5)
[  128.743592][ T7519] loop0: detected capacity change from 0 to 512
[  128.755031][ T7519] EXT4-fs: Ignoring removed mblk_io_submit option
[  128.786486][ T7519] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  128.817879][ T7519] EXT4-fs (loop0): 1 truncate cleaned up
[  128.892168][ T7534] loop0: detected capacity change from 0 to 512
[  128.912739][ T7534] EXT4-fs: Ignoring removed mblk_io_submit option
[  129.015780][ T7534] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  129.084732][ T7534] EXT4-fs (loop0): 1 truncate cleaned up
[  129.118537][ T7534] __nla_validate_parse: 1 callbacks suppressed
[  129.118595][ T7534] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1600'.
[  129.222748][ T7546] loop4: detected capacity change from 0 to 512
[  129.230665][ T7546] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  129.253503][ T7546] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.1604: Failed to acquire dquot type 0
[  129.266197][ T7546] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  129.281388][ T7546] EXT4-fs (loop4): 1 truncate cleaned up
[  129.296802][ T7546] FAULT_INJECTION: forcing a failure.
[  129.296802][ T7546] name failslab, interval 1, probability 0, space 0, times 0
[  129.309540][ T7546] CPU: 1 UID: 0 PID: 7546 Comm: syz.4.1604 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(voluntary) 
[  129.309605][ T7546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  129.309618][ T7546] Call Trace:
[  129.309624][ T7546]  <TASK>
[  129.309646][ T7546]  __dump_stack+0x1d/0x30
[  129.309667][ T7546]  dump_stack_lvl+0xe8/0x140
[  129.309686][ T7546]  dump_stack+0x15/0x1b
[  129.309704][ T7546]  should_fail_ex+0x265/0x280
[  129.309760][ T7546]  should_failslab+0x8c/0xb0
[  129.309792][ T7546]  kmem_cache_alloc_noprof+0x50/0x310
[  129.309812][ T7546]  ? getname_flags+0x80/0x3b0
[  129.309853][ T7546]  getname_flags+0x80/0x3b0
[  129.309966][ T7546]  path_setxattrat+0x223/0x310
[  129.310092][ T7546]  __x64_sys_lsetxattr+0x71/0x90
[  129.310122][ T7546]  x64_sys_call+0x1e36/0x2fb0
[  129.310198][ T7546]  do_syscall_64+0xd0/0x1a0
[  129.310265][ T7546]  ? clear_bhb_loop+0x40/0x90
[  129.310288][ T7546]  ? clear_bhb_loop+0x40/0x90
[  129.310309][ T7546]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.310348][ T7546] RIP: 0033:0x7fcbb4ede969
[  129.310366][ T7546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.310390][ T7546] RSP: 002b:00007fcbb3547038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  129.310414][ T7546] RAX: ffffffffffffffda RBX: 00007fcbb5105fa0 RCX: 00007fcbb4ede969
[  129.310426][ T7546] RDX: 0000000000000000 RSI: 0000200000000700 RDI: 0000200000000680
[  129.310437][ T7546] RBP: 00007fcbb3547090 R08: 0000000000000001 R09: 0000000000000000
[  129.310513][ T7546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.310598][ T7546] R13: 0000000000000000 R14: 00007fcbb5105fa0 R15: 00007ffd2e7e0038
[  129.310618][ T7546]  </TASK>
[  129.776534][ T7558] loop4: detected capacity change from 0 to 128
[  129.825865][ T7558] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  129.895986][ T7558] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  129.906668][ T7567] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  129.907137][ T7568] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1611'.
[  129.922234][ T7567] ipvlan0: entered promiscuous mode
[  129.930083][ T7567] ipvlan0: left promiscuous mode
[  129.941507][ T7568] ipvlan0: entered promiscuous mode
[  129.947340][ T7568] ipvlan0: left promiscuous mode
[  130.054636][ T7580] loop1: detected capacity change from 0 to 256
[  130.104193][ T7585] loop4: detected capacity change from 0 to 512
[  130.110888][ T7585] EXT4-fs: Ignoring removed oldalloc option
[  130.117333][ T7587] loop3: detected capacity change from 0 to 512
[  130.118338][ T7585] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  130.125032][ T7587] EXT4-fs: Ignoring removed mblk_io_submit option
[  130.140468][ T7587] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  130.151860][ T7585] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.1618: invalid indirect mapped block 4294967295 (level 0)
[  130.152572][ T7587] EXT4-fs (loop3): 1 truncate cleaned up
[  130.166296][ T7585] EXT4-fs (loop4): Remounting filesystem read-only
[  130.178380][ T7585] EXT4-fs (loop4): 1 orphan inode deleted
[  130.184204][ T7585] EXT4-fs (loop4): 1 truncate cleaned up
[  130.193050][ T7587] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1619'.
[  130.254097][ T7593] tipc: Started in network mode
[  130.259091][ T7593] tipc: Node identity ac14140f, cluster identity 4711
[  130.266242][ T7593] tipc: New replicast peer: 10.1.1.2
[  130.271736][ T7593] tipc: Enabled bearer <udp:syz0>, priority 10
[  130.280097][ T7593] loop1: detected capacity change from 0 to 164
[  130.331789][ T7603] loop1: detected capacity change from 0 to 256
[  130.426993][ T7603] syz.1.1624: attempt to access beyond end of device
[  130.426993][ T7603] loop1: rw=2049, sector=256, nr_sectors = 100 limit=256
[  130.492126][ T7613] loop1: detected capacity change from 0 to 256
[  131.001051][ T7630] loop0: detected capacity change from 0 to 256
[  131.009606][ T7632] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  131.020071][ T7632] SELinux: failed to load policy
[  131.080239][ T7636] netem: change failed
[  131.145373][ T7639] veth1_to_bond: entered promiscuous mode
[  131.151760][ T7639] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1640'.
[  131.164315][ T7641] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1641'.
[  131.215491][ T7639] veth1_to_bond (unregistering): left promiscuous mode
[  131.215942][ T7646] FAULT_INJECTION: forcing a failure.
[  131.215942][ T7646] name failslab, interval 1, probability 0, space 0, times 0
[  131.235318][ T7646] CPU: 0 UID: 0 PID: 7646 Comm: syz.4.1644 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(voluntary) 
[  131.235345][ T7646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  131.235356][ T7646] Call Trace:
[  131.235361][ T7646]  <TASK>
[  131.235368][ T7646]  __dump_stack+0x1d/0x30
[  131.235390][ T7646]  dump_stack_lvl+0xe8/0x140
[  131.235408][ T7646]  dump_stack+0x15/0x1b
[  131.235422][ T7646]  should_fail_ex+0x265/0x280
[  131.235454][ T7646]  should_failslab+0x8c/0xb0
[  131.235542][ T7646]  __kvmalloc_node_noprof+0x126/0x4d0
[  131.235561][ T7646]  ? xt_alloc_table_info+0x3b/0x80
[  131.235588][ T7646]  ? should_fail_ex+0xdb/0x280
[  131.235665][ T7646]  xt_alloc_table_info+0x3b/0x80
[  131.235762][ T7646]  do_ipt_set_ctl+0x59c/0x820
[  131.235878][ T7646]  ? _raw_spin_unlock_bh+0x36/0x40
[  131.235904][ T7646]  ? tcp_release_cb+0xf1/0x370
[  131.235990][ T7646]  nf_setsockopt+0x199/0x1b0
[  131.236009][ T7646]  ip_setsockopt+0x102/0x110
[  131.236163][ T7646]  ipv6_setsockopt+0xfb/0x130
[  131.236184][ T7646]  tcp_setsockopt+0x98/0xb0
[  131.236211][ T7646]  sock_common_setsockopt+0x69/0x80
[  131.236238][ T7646]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  131.236290][ T7646]  __sys_setsockopt+0x184/0x200
[  131.236308][ T7646]  __x64_sys_setsockopt+0x64/0x80
[  131.236326][ T7646]  x64_sys_call+0x2bd5/0x2fb0
[  131.236345][ T7646]  do_syscall_64+0xd0/0x1a0
[  131.236365][ T7646]  ? clear_bhb_loop+0x40/0x90
[  131.236431][ T7646]  ? clear_bhb_loop+0x40/0x90
[  131.236456][ T7646]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.236474][ T7646] RIP: 0033:0x7fcbb4ede969
[  131.236487][ T7646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.236503][ T7646] RSP: 002b:00007fcbb3547038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  131.236520][ T7646] RAX: ffffffffffffffda RBX: 00007fcbb5105fa0 RCX: 00007fcbb4ede969
[  131.236531][ T7646] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000007
[  131.236542][ T7646] RBP: 00007fcbb3547090 R08: 0000000000000288 R09: 0000000000000000
[  131.236596][ T7646] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  131.236606][ T7646] R13: 0000000000000000 R14: 00007fcbb5105fa0 R15: 00007ffd2e7e0038
[  131.236624][ T7646]  </TASK>
[  131.236831][ T7639] bond0: (slave bond_slave_1): Releasing backup interface
[  131.519829][   T23] tipc: Node number set to 2886997007
[  131.554133][ T7661] SELinux:  policydb magic number 0xf04c3410 does not match expected magic number 0xf97cff8c
[  131.582448][ T7661] SELinux: failed to load policy
[  131.602060][ T7667] loop4: detected capacity change from 0 to 256
[  131.619015][ T2068] ==================================================================
[  131.627140][ T2068] BUG: KCSAN: data-race in copy_page_from_iter_atomic / fat12_ent_put
[  131.635322][ T2068] 
[  131.637650][ T2068] write to 0xffff888125f4b803 of 1 bytes by task 7667 on cpu 1:
[  131.645374][ T2068]  fat12_ent_put+0x74/0x170
[  131.649913][ T2068]  fat_alloc_clusters+0x4ce/0xa80
[  131.654951][ T2068]  fat_get_block+0x258/0x5e0
[  131.659557][ T2068]  __block_write_begin_int+0x41c/0xf70
[  131.665029][ T2068]  cont_write_begin+0x5a3/0x8e0
[  131.669893][ T2068]  fat_write_begin+0x4f/0xe0
[  131.674488][ T2068]  generic_perform_write+0x181/0x490
[  131.679793][ T2068]  __generic_file_write_iter+0xec/0x120
[  131.685371][ T2068]  generic_file_write_iter+0x8d/0x2f0
[  131.690770][ T2068]  vfs_write+0x4a0/0x8d0
[  131.695024][ T2068]  __x64_sys_pwrite64+0xfd/0x150
[  131.699978][ T2068]  x64_sys_call+0xe45/0x2fb0
[  131.704583][ T2068]  do_syscall_64+0xd0/0x1a0
[  131.709103][ T2068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.715011][ T2068] 
[  131.717339][ T2068] read to 0xffff888125f4b800 of 2048 bytes by task 2068 on cpu 0:
[  131.725144][ T2068]  copy_page_from_iter_atomic+0x77f/0xff0
[  131.730873][ T2068]  generic_perform_write+0x2c2/0x490
[  131.736172][ T2068]  shmem_file_write_iter+0xc5/0xf0
[  131.741298][ T2068]  lo_rw_aio+0x5fa/0x7c0
[  131.745561][ T2068]  loop_process_work+0x52d/0xa60
[  131.750512][ T2068]  loop_workfn+0x31/0x40
[  131.754769][ T2068]  process_scheduled_works+0x4cb/0x9d0
[  131.760248][ T2068]  worker_thread+0x582/0x770
[  131.764860][ T2068]  kthread+0x486/0x510
[  131.768946][ T2068]  ret_from_fork+0x4b/0x60
[  131.773367][ T2068]  ret_from_fork_asm+0x1a/0x30
[  131.778146][ T2068] 
[  131.780483][ T2068] Reported by Kernel Concurrency Sanitizer on:
[  131.786631][ T2068] CPU: 0 UID: 0 PID: 2068 Comm: kworker/u8:6 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(voluntary) 
[  131.799226][ T2068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  131.809289][ T2068] Workqueue: loop4 loop_workfn
[  131.814081][ T2068] ==================================================================