last executing test programs:

3m9.915706897s ago: executing program 4 (id=1188):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a300000000008000a40ffffffff580000000c0a010100000000000000000a0000060900020073797a30000000000900010073797a31000000012c0003802800008004000180200007800e000100636f6e6e6c696d69740000000c000280080001"], 0xbc}, 0x1, 0x0, 0x0, 0x4000851}, 0x40)

3m9.894930607s ago: executing program 4 (id=1189):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="01000000030000000400010005"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000002d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r3}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYBLOB="79610000442b1ca3052d65df0096", @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4008084}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB], 0x548}, 0x1, 0x0, 0x0, 0x24004004}, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f0000000000)={[{@i_version}, {@init_itable}, {@noblock_validity}]}, 0x1, 0x71e, &(0x7f0000000f40)="$eJzs3U1rXNUbAPDn3nb+yb+NJoKKLyAVxYqlkya2lK6sC9FNMVBwm4bkJsTc9MbMTG1CF+nKrYii4Ea/gxtXims/gF9BQbTURV1F7rykbzPNVJMMZH4/uNPn3Hub55yZzHkgZ5gTwNA6UT6kEc9HxEwSMd4+n0REpRkdjbjYuu/2rRvz5ZHE9vblP5LmPWU77vk/peMRsRURz0XET5WIU+nDeWsbmytzeZ6tt9uT9dW1ydrG5unl1bmlbCm7euHs2emz589duLB3Y33j/Q+erZ57Z+z7mcXZk1O/fpfExRhrX7t3HHup9ZxUyqfwPu/uR7IBSgbdAf6V8q15pPUuj2diPI40IwDgMNseidgGAIZMov4DwJDp/B2gs7a3X+tgvfz+dkSMdst/tL1mNtpchzx2O7lvZSKJiImD7CiH0tbNiLgyceLh37/koTXbx3VmLzrIvvqxnH8udpt/0p35J7rMP6Odz078R73nv7v5j/SY/2b6zPHei42iZ/6bES8c7ZY/2cmf9Mh/pc/8P9xZ+LvXte1vI17rWn+S+3L1/nzI5OJynp1pPXbPcaJx48NHjf9Yj/xbu4x/rc/xj3328s9bj8j/+iuPfv275S9r4qd95v+k8tYXva6V+Rd6jH+31/+bPvOff+mjzT5vBQAAAAAAAAAAAAAAAAAAAAAAAAAAgEMhjYixSNLqTpym1WprD++n41iaF7X6qcWicXUhmntlT0Ql7XzV8nirnZTtqfb38Xfa0w+034yIpyLi85H/N9vV+SJfGPTgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDt+AP7//810tr/HwA45EYH3QEA4MCp/wAwfNR/ABg+6j8ADB/1HwCGj/oPAMNH/QcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADggM1culQe27dv3Zgv2wvXNhorxbXTC1ltpbramK/OF+tr1aWiWMqz6nyxutvPy4tibXo6Gtcn61mtPlnb2JxdLRpX67PLq3NL2WxWOZBRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDjGWseSVqNiLQZp2m1GvFERExEJVlczrMzEfFkRPwyUhkp21OD7jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHaxubKXJ5n6wKBQLATDHpmAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIN3d9PvQfcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYp/S2JiPI4Of7q2INX/5fcGWn+GxEff335y+tz9fr6VHn+z53z9a/a56cH0X8AYDedOt2p4wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQTW1jc2Uuz7P1fQwGPUYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPbOPwEAAP//vT/OxQ==")
r9 = creat(&(0x7f0000000380)='./bus\x00', 0x0)
io_setup(0x202, &(0x7f0000000200)=<r10=>0x0)
io_submit(r10, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x82, 0x1, 0x0, r9, &(0x7f0000000000), 0x100000, 0x3000}])
sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(r8, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="2c000000020701040000000000000000070000000900010073797a30000000000900010073797a3000000000f854c63d95a80f7fe1cee3c3cf6e014f0d86874854c4c0d933e8570b011d3b486fd9b660f688c6a73f89b0cf0942a74c574d7b"], 0x2c}, 0x1, 0x0, 0x0, 0x24008850}, 0x40)
r11 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r11, &(0x7f00000011c0)={0xfc, {"a483885aed0d09f91b5e070987f70e06d038e7ff7fc6e5539b0d3e0e8b089b3f073063030890e0879b0af8c6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801118c20b8f16bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399ea4727d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a040200b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a64002bebc2407aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef64ab253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bf068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827475e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcb32b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba36b37767b6b45a44957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b94025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b03512629f46366e7205dd8d6f37525c1a0e94210dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9154f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d603994732d6b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21396532713e5b69cf767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285e6a89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeaf1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b627cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e46a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5c92441918145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed608000000a006e39336d07c2b80817a28ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030f81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c00004f5d374755534d7f68f679c4ff516e9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00", 0x1000}}, 0xffbc)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)

3m8.100934355s ago: executing program 4 (id=1225):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4c20, 0x8001, @empty, 0xffffff5d}, 0x1c)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x3, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x70}}, &(0x7f0000000080)='syzkaller\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x45, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
listen(r0, 0x50)
r1 = socket$inet6(0xa, 0x5, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x38, 0x3, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @empty, 0x4}, 0x1c)
listen(r1, 0x50)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r3, 0xffffffffffffffff, 0x0)

3m7.690083103s ago: executing program 4 (id=1227):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x55)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x1a, &(0x7f0000000080)=0x2, 0x4)
bind$inet6(r1, &(0x7f0000000540)={0xa, 0x4e22, 0x7651, @empty, 0x200}, 0x1c)
listen(0xffffffffffffffff, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2d}}, 0x6}, 0x1c)
connect$inet6(r2, 0x0, 0x0)

3m7.501747217s ago: executing program 4 (id=1229):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x800, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f00000000c0)=@v2={0x2, @aes256, 0xc1cc6ef981c7e8f3, '\x00', @auto="aa9645597d57ba4a9f5ecc7c548fa57d"})

3m7.472642038s ago: executing program 4 (id=1230):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee0, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
ptrace(0x10, 0x1)

3m7.211385543s ago: executing program 3 (id=1237):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x4, &(0x7f0000000400)=0xfffffff7, 0x4)

3m7.161759214s ago: executing program 3 (id=1238):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket(0x15, 0x5, 0x0)
getsockopt(r0, 0x200000000114, 0x2713, 0x0, &(0x7f0000000040))

3m7.152537365s ago: executing program 3 (id=1240):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
quotactl$Q_SETQUOTA(0xffffffff80000802, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0xffffffffffffffff, 0x0)

3m6.210099644s ago: executing program 3 (id=1246):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000100), 0x2, 0x4fd, &(0x7f0000000b00)="$eJzs3ctvW1kZAPDv3jycyWQmGZgFoAHKMFBQVTtxZ6LRbBhWI4RGQsySRSckThTFiaPYGZrQRbpkj0QlVrDiHwCJBVJX7JFYwI5NWSDxqEANEgsjX19nnIcbq03sNv79pCufe47t75xa9xzrc3NPACPrWkQcRMRkRHwcEbN5fZIf8X77aD3v8aO7y4eP7i4n0Wx+9M8ka2/VRddrWl7O33MqIr7/QcQPkxNB/xhR39vfWKpWKzt5VamxuV2q7+3fXN9cWqusVbbK5cWFxfl3b71TvqCR/vqo9LvffvHhHw6++eNWt2byuu5xXKT20CeO4rSMR8R3LyPYEIzl45l8mhc/1Yu4SGlEfCYi3syu/9kYyz7N445/TN+K/NIGAF5QzeZsNGe7zwGAqy7NcmBJWsxzATORpsViO4f3ekyn1Vq9cWO1tru10s6VzcVEurpercznucK5mEhW18crC1m5c16tlE+c34qI1yLip4WXsvPicq26MswvPgAwwl4+sf7/p9Be/wGAK67r1/zCMPsBAAyO/80HAKPH+g8Ao8f6DwCjx/oPAKPH+g8Ao8f6DwAj5Xsfftg6mof5/a9XPtnb3ah9cnOlUt8obu4uF5drO9vFtVptLbtnz+Z571et1bYX3o7dO6VGpd4o1ff2b2/Wdrcat7P7et+uTAxkVADAk7z25Qd/TiLi4L2XsiO67vd/7lr9xmX3DrhM6bA7AAzN2LA7AAzN6d2+gFEhHw90bdF7r6t66lThpPt9vX2a7xsKPEeuf/4Z8v/AC03+H0bX0+X/fZeHq0D+H0ZXs5nY8x8ARowcP5Cc0979+/98s+ukv9//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4EqayY4kLeZ7gc9EmhaLEa9ExFxMJKvr1cp8RLwaEX8qTBRa5wsRYd8gAHiRpX9L8v2/rs++NXOydbLw30L2GBE/+vlHP7uz1GjsLERMJv86qm/cz+vLw+g/AHCezjrdWcc7Hj+6u9w5Btmfv3+7vbloK+5hfrRbxmM8e5zKcg3T/07y87bW95WxC4h/cC8iPnfW+JMsNzKX73x6Mn4r9isDjZ8ei59mbe3H1r/FZy+gLzBqHrTmn/fPuv7SuJY9nn39T2Uz1LPrzH+Hp+a/9Gj+G+sx/13rN8bbv//OqcrmbLvtXsQXxiMOO2/eNf904ic94r/VZ/y/vPGlN3u1NX8RcT3OGn9yLFapsbldqu/t31zfXFqrrFW2yuXFhcX5d2+9Uy5lOepSJ1N92j/eu/Fqr/it8U/3iD91zvi/1uf4f/m/j3/wlSfE/8ZXz/78X39C/Naa+PU+4y9N/2aqV1sr/kqP8Z/3+d/oM/7Dv+6v9PlUAGAA6nv7G0vVamXnsgvp5YfICknEwQCG0y4UfvWTDwYV6xIL8Xx0Q+F5Kgx7ZgIu26cX/bB7AgAAAAAAAAAAAAAA9DKIPyca9hgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//2KH0wQ=")
open(0x0, 0x64842, 0x86)
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x45)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000140))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8041, 0x1c3)
pwrite64(r1, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61)

3m6.021159928s ago: executing program 3 (id=1249):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x82000, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r4, 0x10e, 0x2, &(0x7f0000000100)=0x6, 0x4)

3m5.116568917s ago: executing program 3 (id=1260):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428", 0x5bb}], 0x1)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
ptrace(0x10, 0x1)

2m52.183014456s ago: executing program 32 (id=1230):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee0, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
ptrace(0x10, 0x1)

2m49.846536145s ago: executing program 33 (id=1260):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428", 0x5bb}], 0x1)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
ptrace(0x10, 0x1)

2m17.403113649s ago: executing program 6 (id=2174):
syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, 0x0, 0x0)

2m17.337809771s ago: executing program 6 (id=2175):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_LOOPBACK(r0, 0x65, 0x20, 0x0, 0x0)

2m17.249156493s ago: executing program 6 (id=2179):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000008c0)=ANY=[@ANYBLOB], 0x11d4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

2m17.248806453s ago: executing program 6 (id=2180):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x1101)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0x0)

2m17.197633724s ago: executing program 6 (id=2182):
r0 = socket$igmp6(0xa, 0x3, 0x2)
sendmmsg$inet6(r0, &(0x7f0000006680), 0x0, 0x4000000)

2m16.933685379s ago: executing program 6 (id=2187):
socket$kcm(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$inet6(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="18"], 0x0}, 0x94)
r0 = syz_io_uring_setup(0x10e, &(0x7f0000000300)={0x0, 0x334e, 0x100, 0x3, 0xc9}, &(0x7f00000003c0)=<r1=>0x0, &(0x7f00000002c0)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x7, 0x0, 0x0, 0x1, 0x7})
io_uring_register$IORING_REGISTER_NAPI(r0, 0x1b, &(0x7f0000000100)={0xffffff24, 0x7}, 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0xc, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x60, 0x185100})
io_uring_enter(r0, 0x7277, 0x0, 0x28, 0x0, 0x0)

2m16.846242731s ago: executing program 34 (id=2187):
socket$kcm(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$inet6(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="18"], 0x0}, 0x94)
r0 = syz_io_uring_setup(0x10e, &(0x7f0000000300)={0x0, 0x334e, 0x100, 0x3, 0xc9}, &(0x7f00000003c0)=<r1=>0x0, &(0x7f00000002c0)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x7, 0x0, 0x0, 0x1, 0x7})
io_uring_register$IORING_REGISTER_NAPI(r0, 0x1b, &(0x7f0000000100)={0xffffff24, 0x7}, 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0xc, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x60, 0x185100})
io_uring_enter(r0, 0x7277, 0x0, 0x28, 0x0, 0x0)

1.876336991s ago: executing program 0 (id=4928):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a300000000008000a40ffffffff580000000c0a010100000000000000000a0000060900020073797a30000000000900010073797a31000000012c0003802800008004000180200007800e000100636f6e6e6c696d69"], 0xbc}, 0x1, 0x0, 0x0, 0x4000851}, 0x40)

1.731653574s ago: executing program 0 (id=4936):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0xae, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge0\x00'})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='br_fdb_add\x00', r1}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000001300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x20040010)

1.650379926s ago: executing program 0 (id=4940):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYBLOB="48000000100001040000000000000078102f8da1a78e31073946b2709c103dafd98d2bfa533c176c5f090d68929cc64e1cefe0d549e85ab40534a18d605ded64b9f168e41259ef2327802469b7e4d2b386235abb7c82e54b48376473a4a7d2518eea5e63793f400a943b9465c9afd1db119018f36d510608be60ba5aba900db9c68f41cd196dc3ec274077d5de256f1dd8ae18b75b84440045e7b60923115214a2972ad7cee2e87b2b4b9054037b09b2eb92019d8f2d6fd205033005fcd45461bc75146af7a03ff68985593b17c6e5d959fe7007294cd3b872df87761fd10d7cf6e273bbf1c81aa0659efa34e0edadf5f042f16f980209616860a4213759c08d7eb87550c5dde0c734e3dbe9a3c05de10b000000000000000a765e3df99c8a81e43b7c8cbf6e830a954d1f5ad8ac2681f4c4bba86b1e84e4146cb2a9732d3eb0b1fe49af2ea352b8640b74762199ec9cedc19bf72bbca078d50cc7ca31762d7ca78f4209258f64b2b4ca942a59bc2c98b1c509d318f59a60ace1a0496f0954406c35f94041ddf0", @ANYRES32=0x0, @ANYBLOB="00000000000000002800128008000100677265001c00028006000f0002000000060011004e220000060010004e210000"], 0x48}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'syzkaller0\x00', <r2=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
bind$packet(r0, &(0x7f0000000080)={0x11, 0x1a, r2, 0x1, 0x1, 0x6, @broadcast}, 0x14)
socket$inet_smc(0x2b, 0x1, 0x0)
close(0x3)

1.649968926s ago: executing program 0 (id=4941):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000003c0)=[@in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10)
sendto$inet(r0, &(0x7f0000000040)="fe071400d0b1124a5c27b7d7bc2cec207e", 0x11, 0x8018, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000080)=0x3, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x2010410, &(0x7f0000000100)=ANY=[], 0xfe, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r1}, 0x18)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0)
r2 = creat(0x0, 0x0)
write$binfmt_aout(r2, 0x0, 0x20)
open$dir(0x0, 0x0, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r3}, 0x18)
io_setup(0x2004, &(0x7f0000000680))
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)

1.583275547s ago: executing program 5 (id=4943):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x6}, 0x18)
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r2, 0x29, 0x39, &(0x7f0000e86000)="0022040000ffffebfffffffeffffff0700000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c1", 0xd2)

1.44593618s ago: executing program 5 (id=4944):
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={0xffffffffffffffff, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x6}, 0x18)
r1 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r1, 0x29, 0x39, 0x0, 0x0)

1.241698884s ago: executing program 5 (id=4946):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002}, 0x0)
r2 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x16, 0xc, &(0x7f0000000240)=ANY=[@ANYRESOCT=r0, @ANYRES16=r0, @ANYRESOCT=r1, @ANYRESHEX=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={0x0, r4}, 0x18)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000800)={{r3}, &(0x7f0000000580), &(0x7f00000007c0)='%-5lx  \x00'}, 0x20)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
r7 = syz_open_procfs(0x0, &(0x7f0000000300)='fdinfo\x00')
getdents64(r7, &(0x7f0000000080)=""/95, 0x5f)
symlinkat(&(0x7f0000000380)='./file1\x00', r7, &(0x7f00000003c0)='./file1\x00')
sendmsg$IPSET_CMD_ADD(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000ffff00000000020000000900020073797a31000000000500010006000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0xc4)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
poll(0x0, 0x0, 0x7f)
r8 = syz_open_dev$vcsa(&(0x7f00000002c0), 0x1, 0x8100)
ioctl$SG_BLKSECTGET(r8, 0x1267, &(0x7f0000000500))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000400)=@framed={{0xc3, 0xa, 0xa, 0xfe00, 0x41, 0x71, 0x10, 0x1a}}, &(0x7f0000000480)='syzkaller\x00'}, 0x90)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000005f00)={0x44, 0x0, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}]}, @ETHTOOL_A_FEATURES_WANTED={0x18, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x6}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_VALUE={0x8, 0x4, "3423d5d2"}]}]}, 0x44}}, 0x4004)

1.011733449s ago: executing program 5 (id=4949):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x70, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x1e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x45, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x0, &(0x7f0000000040)})
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file0\x00', 0x2)

873.896502ms ago: executing program 5 (id=4951):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x10, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823000031c9d9ceb5a9c76ed1063d2a0b6876c4cbc32ee2ab9f7e0d6f566fffecb15900716b22a315a603f63f8d925ed1c9fa874e8b69f74133b2aa0a24ccfec16600fedf23a5a84d1ac269a63568a51e3255006b78ae5404", @ANYRESHEX=r0, @ANYRESDEC=r1], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41, 0x0, 0x0, 0x0}, 0xfffffffffffffea6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000140)='kfree\x00', r2, 0x0, 0xffffffffffffffff}, 0x34)
r3 = io_uring_setup(0x132d, &(0x7f0000000240)={0x0, 0xca6a, 0x80, 0x3, 0x200001c8})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r3, 0xb, &(0x7f0000000480), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r4, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01dfffffff9a26000000210000000c00018008000100", @ANYRES32], 0x20}, 0x1, 0x0, 0x0, 0x4000c00}, 0x0)

803.130923ms ago: executing program 5 (id=4956):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r3, 0x0)
connect$unix(r2, 0x0, 0x0)
accept(r3, 0x0, 0x0)

745.534205ms ago: executing program 0 (id=4959):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYRES64=r2, @ANYRES16=r3, @ANYRESDEC=0x0, @ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x7dc284fdb71fc420}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020a07b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x6f, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r4}, 0x18)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f00000005c0))
r6 = openat(0xffffffffffffff9c, &(0x7f0000000980)='./file1\x00', 0x42, 0x8a)
pwrite64(r6, &(0x7f0000000080)="cc", 0x1, 0x200980)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
sendfile(r7, r7, 0x0, 0xe0000000)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="06000000040000000700000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00'}, 0x10)
rt_sigtimedwait(0x0, 0x0, 0x0, 0x0)
ioctl$EXT4_IOC_MIGRATE(r5, 0x6609)
write$nci(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="40010421f9252ea3"], 0x8)
socket$inet_sctp(0x2, 0x1, 0x84)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000001c0), r2)
r9 = syz_open_dev$usbfs(&(0x7f0000000000), 0xe, 0x141341)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$USBDEVFS_BULK(r9, 0xc0185502, &(0x7f0000000040)={{{0x1, 0x1}}, 0x0, 0x3, 0x0})

685.612756ms ago: executing program 1 (id=4962):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000360155380000"], 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x18)
pselect6(0x40, &(0x7f00000001c0)={0x2, 0x3000000, 0x3, 0xfffffffffffffffd, 0x3, 0x0, 0x0, 0xe}, 0x0, &(0x7f0000000040)={0x3ff, 0x7e7, 0x0, 0x9, 0x1, 0x0, 0x7ffffffb, 0x83f8}, 0x0, 0x0)

671.021586ms ago: executing program 1 (id=4964):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000002e80)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={0x0, r1}, 0x18)
uname(0x0)
add_key$keyring(&(0x7f0000000080), &(0x7f00000002c0)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000640)='GPL\x00', 0xe0000000, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffff9ce}, 0x94)
r2 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, 0x0, 0x0}, 0x20)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="120000000a000000040000000200000000000000", @ANYRES32, @ANYBLOB="0000008bd276ff00000000020000697b19a80100", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r6}, &(0x7f0000000040), &(0x7f0000000140)=r5}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r6}, &(0x7f0000000580)=0x2, &(0x7f00000005c0)=r5}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r6, &(0x7f0000000040)}, 0x20)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000840)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000048000000160a01000000000000000000010000010900010073797a30000000000900020073797a30000000001c0003800800014000000000080002400000000000000140000000004c020000180a0101000b000000000000010000000900010073797a3000000000e800038008000140000000000800014000000000cc0003801400010069703665727370616e3000000000000014000100776732000000000000000000000000001400010076657468305f6d61637674617000000014000100626f6e645f736c6176655f310000000045000100626f6e645f736c6176655f300000000014000100636169663000000000000000000000001400010070696d726567300000000000000000001400010070696d726567310000000000000000001400010069705f76746930000000000000000000140001007465616d5f736c6176655f30000000ffff000140000000200900020073797a30"], 0x2dc}}, 0x0)
r8 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x2501, 0x0)
ioctl$SNAPSHOT_FREE(r8, 0x3305)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e0000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_io_uring_setup(0x37a6, &(0x7f0000000340)={0x0, 0x7c77, 0x400, 0x1, 0x52, 0x0, r2}, &(0x7f00000003c0), &(0x7f00000004c0))
bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[], 0x48)

594.796278ms ago: executing program 1 (id=4967):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x7c, 0x7c, 0x3, [@enum={0xc, 0x5, 0x0, 0x6, 0x4, [{0xb, 0x7f}, {0x0, 0x8}, {0x10, 0x3}, {0xd, 0xc3}, {0x3}]}, @restrict={0xb, 0x0, 0x0, 0xb, 0x2}, @restrict={0x6, 0x0, 0x0, 0xb, 0x1000003}, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x66, 0x0, 0x20}, @volatile={0xf, 0x0, 0x0, 0x9, 0x3}, @enum={0xb, 0x1, 0x0, 0x6, 0x4, [{0xb, 0x6}]}]}, {0x0, [0x61]}}, &(0x7f0000001780)=""/4096, 0x97, 0x1000, 0x1, 0x3, 0x10000}, 0x28)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000480)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x30, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x4}, 0x50)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x5}, 0x50)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0100000004000000080000000600000010000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000008ea700000000000052e096c61bb690fb324453262351277a13f082442447047b359e302fa9cb7127568cd0850ede9c75c8932589e066ba98f9dd5f3510022889e363021f08a328474ff396a534b92ecf028840f4aad665cf035503803c30f4c7ac18616e1ed36604a316079b5ba29019ed05527f2ca3657067cf870a59e88648d632423902bac57f9ce99b7099b9c5888831b97fd1cf7b942dc2321899a6e42bf9228b50e346df1c2de994892a0bc57f1698df1019da6ba8cf48bb2001a3a284eaa33d301e57baffc1adf2712a0330a246e54da23a1f34f4fd52b40a68286f23d239aec31478be679a6eedcc6e3c4d4a9949c35e1db733635d461a293bb8ba598f5293e7af48b892c1c7509c6b1e2a34f6f32815457177915cb560fe102e98f95c7d4e74f9001b6550f51877"], 0x50)
syz_open_procfs(0x0, &(0x7f0000000180)='mountstats\x00')
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000010c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
sendmsg$inet(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x22fe0}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000009500000000000063"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x86, &(0x7f0000000180)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "6b88ef", 0x50, 0x3a, 0x0, @private1, @local, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "bdd7c3", 0xf226, 0x33, 0xff, @loopback, @empty, [@hopopts={0x29, 0x2, '\x00', [@hao={0xc9, 0x10, @remote}]}]}}}}}}}, 0x0)

592.086638ms ago: executing program 0 (id=4968):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000003c0)=[@in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10)
sendto$inet(r0, &(0x7f0000000040)="fe071400d0b1124a5c27b7d7bc2cec207e53", 0x12, 0x8018, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000080)=0x3, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b4020000000000006111480000000000850000008c0000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r1 = syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x2010410, &(0x7f0000000100)=ANY=[], 0xfe, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
ioprio_set$uid(0x3, 0x0, 0x0)
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r2}, 0x18)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0)
r4 = creat(0x0, 0x0)
write$binfmt_aout(r4, &(0x7f00000000c0)=ANY=[], 0x20)
r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x12, r5, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0x0, 0x7, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000a00)=ANY=[], 0x50)
fgetxattr(r5, 0x0, &(0x7f0000000340)=""/58, 0x3a)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000006c0)=""/96, 0x60}], 0x1, 0x8000, 0x0)
setrlimit(0x9, &(0x7f0000000400)={0x0, 0x7})
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_setup(0x2004, &(0x7f0000000680))
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=@migrate={0xe8, 0x21, 0x1, 0x70bd28, 0x25dfdbfc, {{@in6=@loopback, @in=@dev={0xac, 0x14, 0x14, 0x2a}, 0x4e1e, 0x8, 0x4e20, 0x0, 0x2, 0x80, 0x80, 0x2e}, 0x6e6bb5}, [@migrate={0x50, 0x11, [{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in6=@mcast2, @in6=@private0, @in=@multicast2, 0x32, 0x1, 0x0, 0x34ff, 0xa, 0xa}]}, @user_kmaddress={0x2c, 0x13, {@in=@remote, @in6=@private0, 0x0, 0x2}}, @encap={0x1c, 0x4, {0xfffffffffffffffe, 0x4e23, 0x4e22, @in6=@empty}}]}, 0xe8}, 0x1, 0x0, 0x0, 0x8048044}, 0x4040)
writev(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)

586.448618ms ago: executing program 7 (id=4970):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x4, @perf_bp={0x0, 0x4}, 0x0, 0x10003, 0x8, 0x1, 0x8, 0x20005, 0x8b, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r1)
sendmsg$IEEE802154_LIST_PHY(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)={0x14, r2, 0x30b, 0x0, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x44}, 0x20000004)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000001c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r4, &(0x7f0000000200)=@name={0x1e, 0x2, 0x3, {{0x42, 0x1}}}, 0x10)
bind$tipc(r4, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x1, {0x42, 0x0, 0x2}}, 0x10)
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000400)={0x42, 0x3, 0x3}, 0x10)
bind$tipc(r5, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x4}}, 0x10)
bind$tipc(r5, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x2, {0x42, 0x1, 0x3}}, 0x10)
bind$tipc(r4, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r3}, 0x10)
write$cgroup_subtree(r0, 0x0, 0x2a)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='mm_page_free\x00', r6}, 0x10)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
socket$inet6_mptcp(0xa, 0x1, 0x106)

485.38908ms ago: executing program 1 (id=4972):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009e0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000080000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x4}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r4, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01dfffffff9a26000000210000000c00018008000100", @ANYRES32=r3], 0x20}, 0x1, 0x0, 0x0, 0x4000c00}, 0x0)

462.889571ms ago: executing program 1 (id=4974):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000360155380000"], 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x18)
pselect6(0x40, &(0x7f00000001c0)={0x2, 0x3000000, 0x3, 0xfffffffffffffffd, 0x3, 0x0, 0x0, 0xe}, 0x0, &(0x7f0000000040)={0x3ff, 0x7e7, 0x0, 0x9, 0x1, 0x0, 0x7ffffffb, 0x83f8}, 0x0, 0x0)

427.183331ms ago: executing program 1 (id=4976):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000003c0)=[@in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10)
sendto$inet(r0, &(0x7f0000000040)="fe071400d0b1124a5c27b7d7bc2cec207e53", 0x12, 0x8018, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000080)=0x3, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b4020000000000006111480000000000850000008c0000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r1 = syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x2010410, &(0x7f0000000100)=ANY=[], 0xfe, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
ioprio_set$uid(0x3, 0x0, 0x0)
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r2}, 0x18)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0)
r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$binfmt_aout(r4, &(0x7f00000000c0)=ANY=[], 0x20)
r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x12, r5, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0x0, 0x7, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000a00)=ANY=[], 0x50)
fgetxattr(r5, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000006c0)=""/96, 0x60}], 0x1, 0x8000, 0x0)
setrlimit(0x9, &(0x7f0000000400)={0x0, 0x7})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00'}, 0x18)
io_setup(0x2004, &(0x7f0000000680))
r6 = socket$netlink(0x10, 0x3, 0x0)
writev(r6, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)

401.474402ms ago: executing program 7 (id=4977):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xd, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
syz_emit_ethernet(0x72, &(0x7f0000000340)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000386dd60f7d8ff003c3c18fe8000000000000000000000000000aaff0200000000000000000000000000015e04"], 0x0)

400.846142ms ago: executing program 2 (id=4978):
socket(0x11, 0x800000003, 0x0)
r0 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', <r1=>0x0})
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0xa4, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r1, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}]}]}}]}, 0xa4}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ff9}]}) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x20, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r3], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000005c0)='kmem_cache_free\x00', r4}, 0x10) (async)
kexec_load(0x5, 0x2, &(0x7f00000002c0)=[{0x0, 0x0, 0x0, 0x10000}, {0x0, 0x40, 0x3e0000}], 0x0) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYRES8], &(0x7f0000000100)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000780)='mm_page_free\x00', r6}, 0x18) (async)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x42073, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) (async)
r7 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r7, 0xa, 0x13) (async)
fcntl$setlease(r7, 0x400, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280)) (async)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) (async)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
rt_sigaction(0x40, &(0x7f0000000080)={0x0, 0xc8000000, 0x0, {[0x5]}}, 0x0, 0x8, &(0x7f0000000540)) (async)
r8 = syz_open_procfs(0x0, &(0x7f0000000500)='status\x00')
lseek(r8, 0x9, 0x0) (async)
fcntl$setlease(r7, 0x400, 0x2) (async)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
timerfd_create(0x0, 0x0)

340.813293ms ago: executing program 7 (id=4979):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/bus/input/devices\x00', 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000540)={'trans=fd,', {'rfdno', 0x3d, r0}})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r1, 0x6, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000100000000000000000000181200eb", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r3}, 0x18)
unshare(0x20000400)
r4 = open(&(0x7f0000001540)='./file0\x00', 0x40, 0xef)
fgetxattr(r4, &(0x7f00000003c0)=@known='security.selinux\x00', 0x0, 0x0)
socket$inet(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = fsmount(r1, 0x0, 0x0)
r6 = openat$cgroup_subtree(r5, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
write$cgroup_subtree(r6, &(0x7f0000000140)={[{0x2b, 'cpu'}]}, 0x5)

340.626723ms ago: executing program 2 (id=4980):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYRES64=r2, @ANYRES16=r3, @ANYRESDEC=0x0, @ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x7dc284fdb71fc420}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020a07b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x6f, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r4}, 0x18)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f00000005c0))
r6 = openat(0xffffffffffffff9c, &(0x7f0000000980)='./file1\x00', 0x42, 0x8a)
pwrite64(r6, &(0x7f0000000080)="cc", 0x1, 0x200980)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
sendfile(r7, r7, 0x0, 0xe0000000)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="06000000040000000700000008"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r8}, 0x10)
rt_sigtimedwait(0x0, 0x0, 0x0, 0x0)
ioctl$EXT4_IOC_MIGRATE(r5, 0x6609)
write$nci(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="40010421f9252ea3"], 0x8)
socket$inet_sctp(0x2, 0x1, 0x84)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000001c0), r2)
r9 = syz_open_dev$usbfs(&(0x7f0000000000), 0xe, 0x141341)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$USBDEVFS_BULK(r9, 0xc0185502, &(0x7f0000000040)={{{0x1, 0x1}}, 0x0, 0x3, 0x0})

313.807674ms ago: executing program 7 (id=4981):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x2d}, 0x18)

296.751744ms ago: executing program 7 (id=4982):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x58, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="05000000040000000400000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018", @ANYRES32=r2], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r3}, 0x10)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x1], 0x0, 0x0, 0x1, 0x1}}, 0x40)
r4 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x44)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000001, 0x12, r4, 0x0)

257.903285ms ago: executing program 2 (id=4983):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002}, 0x0)
r2 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x16, 0xc, &(0x7f0000000240)=ANY=[@ANYRESOCT=r0, @ANYRES16=r0, @ANYRESOCT=r1, @ANYRESHEX=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x18)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
r7 = syz_open_procfs(0x0, &(0x7f0000000300)='fdinfo\x00')
getdents64(r7, &(0x7f0000000080)=""/95, 0x5f)
symlinkat(&(0x7f0000000380)='./file1\x00', r7, &(0x7f00000003c0)='./file1\x00')
sendmsg$IPSET_CMD_ADD(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000ffff00000000020000000900020073797a31000000000500010006000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0xc4)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
poll(0x0, 0x0, 0x7f)
r8 = syz_open_dev$vcsa(&(0x7f00000002c0), 0x1, 0x8100)
ioctl$SG_BLKSECTGET(r8, 0x1267, &(0x7f0000000500))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000400)=@framed={{0xc3, 0xa, 0xa, 0xfe00, 0x41, 0x71, 0x10, 0x1a}}, &(0x7f0000000480)='syzkaller\x00'}, 0x90)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000005f00)={0x44, 0x0, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}]}, @ETHTOOL_A_FEATURES_WANTED={0x18, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x6}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_VALUE={0x8, 0x4, "3423d5d2"}]}]}, 0x44}}, 0x4004)

227.590785ms ago: executing program 7 (id=4984):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009e0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000080000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x4}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r4, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01dfffffff9a26000000210000000c00018008000100", @ANYRES32=r3], 0x20}, 0x1, 0x0, 0x0, 0x4000c00}, 0x0)

40.646969ms ago: executing program 2 (id=4986):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10)
openat(0xffffffffffffffff, 0x0, 0x2000, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$tipc(r4, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
close(r3)

21.71342ms ago: executing program 2 (id=4987):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000360155380000"], 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x18)
pselect6(0x40, &(0x7f00000001c0)={0x2, 0x3000000, 0x3, 0xfffffffffffffffd, 0x3, 0x0, 0x0, 0xe}, 0x0, &(0x7f0000000040)={0x3ff, 0x7e7, 0x0, 0x9, 0x1, 0x0, 0x7ffffffb, 0x83f8}, 0x0, 0x0)

0s ago: executing program 2 (id=4988):
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x58, 0x0, 0x2, 0x201, 0x0, 0x0, {0xa}, [@CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x4}, @CTA_EXPECT_TUPLE={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @loopback}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x86}}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x24000801}, 0x4) (async)
sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x58, 0x0, 0x2, 0x201, 0x0, 0x0, {0xa}, [@CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x4}, @CTA_EXPECT_TUPLE={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @loopback}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x86}}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x24000801}, 0x4)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
creat(&(0x7f00000000c0)='./file0\x00', 0x48) (async)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000), 0x0) (async)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) (async)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8) (async)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r6, 0x0, 0x200000000000006}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ff3}]})
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000005c0)='kmem_cache_free\x00', r8}, 0x10)
signalfd(0xffffffffffffffff, &(0x7f0000000040)={[0x4]}, 0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
utimes(&(0x7f0000000380)='./file0\x00', 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), r9)
sendmsg$TIPC_NL_LINK_SET(r9, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="ac000000", @ANYRES16=r10, @ANYBLOB="01060000000000000000090000002c0004801300010062726f6164636173742d6c696e6b00"], 0xac}}, 0x0)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r1, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20000200}, 0xc, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="f800ffff", @ANYRES16=0x0, @ANYBLOB="080026bd7000fcdbdf2518000000080001007063690011000200303030303a30303a31302e3000000000080003000500000008000b000200000006001600040000000500120000000000060011000d00000008000b0008000000080001007063690011000200303030303a30303a31302e3000000000080003000000000008000b000400000006001600020000000500120001000000060011000002000008000b0000010000080001007063690011000200303030303a30303a31302e3000000000080003000200000008000b008f00000006001600260200000500120000000000060011000e00000008000b007e000000"], 0xf8}, 0x1, 0x0, 0x0, 0x800}, 0x800)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x8, 0x100010, r0, 0xd48d2000)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10802080}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x30, 0x1405, 0x4, 0x70bd27, 0x25dfdbfb, "", [{{0x8, 0x1, 0x1}, {0x8}}, {{0x8}, {0x8, 0x3, 0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4008081}, 0x4) (async)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10802080}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x30, 0x1405, 0x4, 0x70bd27, 0x25dfdbfb, "", [{{0x8, 0x1, 0x1}, {0x8}}, {{0x8}, {0x8, 0x3, 0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4008081}, 0x4)

kernel console output (not intermixed with test programs):

tes in process `+}[@'.
[  265.108975][T14005] netlink: 'syz.5.3736': attribute type 1 has an invalid length.
[  265.133312][T14005] bond2: entered promiscuous mode
[  265.142033][T14005] 8021q: adding VLAN 0 to HW filter on device bond2
[  265.168620][T14005] batadv1: entered promiscuous mode
[  265.173982][T14005] batadv1: entered allmulticast mode
[  265.180432][T14005] 8021q: adding VLAN 0 to HW filter on device batadv1
[  265.188696][T14005] bond2: (slave batadv1): making interface the new active one
[  265.196740][T14005] bond2: (slave batadv1): Enslaving as an active interface with an up link
[  265.218532][T14005] batadv2: entered promiscuous mode
[  265.223839][T14005] batadv2: entered allmulticast mode
[  265.229630][T14005] 8021q: adding VLAN 0 to HW filter on device batadv2
[  265.237918][T14005] bond2: (slave batadv2): Enslaving as an active interface with an up link
[  265.299875][T14020] random: crng reseeded on system resumption
[  265.313087][T14020] Restarting kernel threads ...
[  265.319764][T14020] Done restarting kernel threads.
[  266.039298][T14055] FAULT_INJECTION: forcing a failure.
[  266.039298][T14055] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  266.052495][T14055] CPU: 1 UID: 0 PID: 14055 Comm: syz.7.3752 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  266.052648][T14055] Tainted: [W]=WARN
[  266.052656][T14055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  266.052677][T14055] Call Trace:
[  266.052685][T14055]  <TASK>
[  266.052694][T14055]  __dump_stack+0x1d/0x30
[  266.052759][T14055]  dump_stack_lvl+0xe8/0x140
[  266.052784][T14055]  dump_stack+0x15/0x1b
[  266.052806][T14055]  should_fail_ex+0x265/0x280
[  266.052838][T14055]  should_fail+0xb/0x20
[  266.052864][T14055]  should_fail_usercopy+0x1a/0x20
[  266.052955][T14055]  _copy_from_user+0x1c/0xb0
[  266.052994][T14055]  memdup_user+0x5e/0xd0
[  266.053021][T14055]  strndup_user+0x68/0xb0
[  266.053054][T14055]  __se_sys_mount+0x4d/0x2e0
[  266.053130][T14055]  ? fput+0x8f/0xc0
[  266.053195][T14055]  ? ksys_write+0x192/0x1a0
[  266.053225][T14055]  __x64_sys_mount+0x67/0x80
[  266.053255][T14055]  x64_sys_call+0x2b4d/0x2ff0
[  266.053283][T14055]  do_syscall_64+0xd2/0x200
[  266.053315][T14055]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  266.053391][T14055]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  266.053430][T14055]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.053457][T14055] RIP: 0033:0x7f2427aeeba9
[  266.053558][T14055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  266.053576][T14055] RSP: 002b:00007f242652e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  266.053599][T14055] RAX: ffffffffffffffda RBX: 00007f2427d36090 RCX: 00007f2427aeeba9
[  266.053614][T14055] RDX: 0000200000001780 RSI: 0000200000000280 RDI: 0000000000000000
[  266.053630][T14055] RBP: 00007f242652e090 R08: 0000200000001c00 R09: 0000000000000000
[  266.053641][T14055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  266.053710][T14055] R13: 00007f2427d36128 R14: 00007f2427d36090 R15: 00007ffd2fcb1908
[  266.053735][T14055]  </TASK>
[  266.367125][T14081] FAULT_INJECTION: forcing a failure.
[  266.367125][T14081] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  266.380243][T14081] CPU: 0 UID: 0 PID: 14081 Comm: syz.5.3763 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  266.380282][T14081] Tainted: [W]=WARN
[  266.380289][T14081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  266.380354][T14081] Call Trace:
[  266.380360][T14081]  <TASK>
[  266.380367][T14081]  __dump_stack+0x1d/0x30
[  266.380389][T14081]  dump_stack_lvl+0xe8/0x140
[  266.380409][T14081]  dump_stack+0x15/0x1b
[  266.380425][T14081]  should_fail_ex+0x265/0x280
[  266.380492][T14081]  should_fail+0xb/0x20
[  266.380512][T14081]  should_fail_usercopy+0x1a/0x20
[  266.380538][T14081]  _copy_from_user+0x1c/0xb0
[  266.380633][T14081]  ___sys_sendmsg+0xc1/0x1d0
[  266.380673][T14081]  __x64_sys_sendmsg+0xd4/0x160
[  266.380708][T14081]  x64_sys_call+0x191e/0x2ff0
[  266.380748][T14081]  do_syscall_64+0xd2/0x200
[  266.380781][T14081]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  266.380807][T14081]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  266.380850][T14081]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.380873][T14081] RIP: 0033:0x7fe2df09eba9
[  266.380889][T14081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  266.380909][T14081] RSP: 002b:00007fe2ddb07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  266.380947][T14081] RAX: ffffffffffffffda RBX: 00007fe2df2e5fa0 RCX: 00007fe2df09eba9
[  266.380960][T14081] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000005
[  266.380974][T14081] RBP: 00007fe2ddb07090 R08: 0000000000000000 R09: 0000000000000000
[  266.381041][T14081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  266.381068][T14081] R13: 00007fe2df2e6038 R14: 00007fe2df2e5fa0 R15: 00007ffeca14c9c8
[  266.381138][T14081]  </TASK>
[  266.608274][T14087] netlink: 'syz.2.3758': attribute type 4 has an invalid length.
[  267.265894][   T29] kauditd_printk_skb: 153 callbacks suppressed
[  267.265907][   T29] audit: type=1400 audit(1758463879.937:10029): avc:  denied  { create } for  pid=14111 comm="syz.5.3770" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  267.302997][   T29] audit: type=1400 audit(1758463879.967:10030): avc:  denied  { write } for  pid=14111 comm="syz.5.3770" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  267.342699][   T29] audit: type=1400 audit(1758463879.997:10031): avc:  denied  { allowed } for  pid=14117 comm="syz.2.3772" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  267.362317][   T29] audit: type=1400 audit(1758463879.997:10032): avc:  denied  { sqpoll } for  pid=14117 comm="syz.2.3772" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  267.381722][   T29] audit: type=1400 audit(1758463879.997:10033): avc:  denied  { create } for  pid=14117 comm="syz.2.3772" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  267.997006][   T29] audit: type=1400 audit(1758463880.667:10034): avc:  denied  { create } for  pid=14132 comm="syz.7.3777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  268.047578][   T29] audit: type=1400 audit(1758463880.687:10035): avc:  denied  { setopt } for  pid=14132 comm="syz.7.3777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  268.067462][   T29] audit: type=1400 audit(1758463880.697:10036): avc:  denied  { mount } for  pid=14128 comm="syz.1.3775" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  268.264904][T14160] netlink: 'syz.2.3781': attribute type 4 has an invalid length.
[  268.486204][   T29] audit: type=1400 audit(1758463881.157:10037): avc:  denied  { read write } for  pid=14175 comm="syz.5.3791" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  268.509685][   T29] audit: type=1400 audit(1758463881.157:10038): avc:  denied  { open } for  pid=14175 comm="syz.5.3791" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  268.549172][T14178] FAULT_INJECTION: forcing a failure.
[  268.549172][T14178] name failslab, interval 1, probability 0, space 0, times 0
[  268.561833][T14178] CPU: 0 UID: 0 PID: 14178 Comm: syz.7.3792 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  268.561861][T14178] Tainted: [W]=WARN
[  268.561868][T14178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  268.561883][T14178] Call Trace:
[  268.561889][T14178]  <TASK>
[  268.561896][T14178]  __dump_stack+0x1d/0x30
[  268.561918][T14178]  dump_stack_lvl+0xe8/0x140
[  268.561941][T14178]  dump_stack+0x15/0x1b
[  268.561958][T14178]  should_fail_ex+0x265/0x280
[  268.561979][T14178]  should_failslab+0x8c/0xb0
[  268.562001][T14178]  kmem_cache_alloc_noprof+0x50/0x310
[  268.562028][T14178]  ? vm_area_dup+0x33/0x2c0
[  268.562065][T14178]  vm_area_dup+0x33/0x2c0
[  268.562100][T14178]  __split_vma+0xe9/0x650
[  268.562133][T14178]  ? can_vma_merge_right+0xfe/0x2e0
[  268.562169][T14178]  vma_modify+0x21e/0xc80
[  268.562206][T14178]  ? _parse_integer_limit+0x170/0x190
[  268.562230][T14178]  vma_modify_flags+0x101/0x130
[  268.562254][T14178]  mlock_fixup+0x11d/0x210
[  268.562289][T14178]  apply_vma_lock_flags+0x193/0x250
[  268.562320][T14178]  do_mlock+0x3c6/0x520
[  268.562345][T14178]  ? __bpf_trace_sys_enter+0x10/0x30
[  268.562365][T14178]  ? trace_sys_enter+0xd0/0xf0
[  268.562391][T14178]  __x64_sys_mlock+0x36/0x50
[  268.562420][T14178]  x64_sys_call+0x18f8/0x2ff0
[  268.562444][T14178]  do_syscall_64+0xd2/0x200
[  268.562472][T14178]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  268.562491][T14178]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  268.562522][T14178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.562544][T14178] RIP: 0033:0x7f2427aeeba9
[  268.562560][T14178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.562578][T14178] RSP: 002b:00007f242654f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000095
[  268.562595][T14178] RAX: ffffffffffffffda RBX: 00007f2427d35fa0 RCX: 00007f2427aeeba9
[  268.562606][T14178] RDX: 0000000000000000 RSI: 0000000000400000 RDI: 0000200000c00000
[  268.562616][T14178] RBP: 00007f242654f090 R08: 0000000000000000 R09: 0000000000000000
[  268.562626][T14178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  268.562635][T14178] R13: 00007f2427d36038 R14: 00007f2427d35fa0 R15: 00007ffd2fcb1908
[  268.562655][T14178]  </TASK>
[  269.219287][T14225] vhci_hcd: invalid port number 96
[  269.224571][T14225] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  269.239377][T14224] IPVS: Unknown mcast interface: vcan0
[  269.246498][T14224] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  269.253972][T14224] batman_adv: batadv0: Removing interface: batadv_slave_0
[  269.263676][T14224] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  269.271177][T14224] batman_adv: batadv0: Removing interface: batadv_slave_1
[  269.284829][T14227] netlink: 'syz.5.3802': attribute type 4 has an invalid length.
[  269.340226][T14236] __nla_validate_parse: 18 callbacks suppressed
[  269.340244][T14236] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3812'.
[  269.425739][T14239] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3813'.
[  269.455372][T14242] netlink: 'syz.0.3810': attribute type 4 has an invalid length.
[  269.598178][T14253] FAULT_INJECTION: forcing a failure.
[  269.598178][T14253] name failslab, interval 1, probability 0, space 0, times 0
[  269.610917][T14253] CPU: 1 UID: 0 PID: 14253 Comm: syz.7.3817 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  269.611030][T14253] Tainted: [W]=WARN
[  269.611038][T14253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  269.611052][T14253] Call Trace:
[  269.611058][T14253]  <TASK>
[  269.611065][T14253]  __dump_stack+0x1d/0x30
[  269.611083][T14253]  dump_stack_lvl+0xe8/0x140
[  269.611102][T14253]  dump_stack+0x15/0x1b
[  269.611137][T14253]  should_fail_ex+0x265/0x280
[  269.611180][T14253]  ? call_usermodehelper_setup+0x72/0x190
[  269.611234][T14253]  should_failslab+0x8c/0xb0
[  269.611258][T14253]  ? __pfx_free_modprobe_argv+0x10/0x10
[  269.611280][T14253]  __kmalloc_cache_noprof+0x4c/0x320
[  269.611384][T14253]  ? __kmalloc_node_track_caller_noprof+0x1e5/0x410
[  269.611443][T14253]  ? __pfx_free_modprobe_argv+0x10/0x10
[  269.611471][T14253]  call_usermodehelper_setup+0x72/0x190
[  269.611506][T14253]  __request_module+0x264/0x3e0
[  269.611569][T14253]  ? capable+0x7c/0xb0
[  269.611592][T14253]  dev_load+0x61/0xc0
[  269.611620][T14253]  dev_ioctl+0x4fe/0x960
[  269.611647][T14253]  sock_do_ioctl+0x197/0x220
[  269.611711][T14253]  sock_ioctl+0x41b/0x610
[  269.611750][T14253]  ? __pfx_sock_ioctl+0x10/0x10
[  269.611783][T14253]  __se_sys_ioctl+0xce/0x140
[  269.611854][T14253]  __x64_sys_ioctl+0x43/0x50
[  269.611871][T14253]  x64_sys_call+0x1816/0x2ff0
[  269.611891][T14253]  do_syscall_64+0xd2/0x200
[  269.611997][T14253]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  269.612028][T14253]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  269.612065][T14253]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.612090][T14253] RIP: 0033:0x7f2427aeeba9
[  269.612109][T14253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.612179][T14253] RSP: 002b:00007f242654f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  269.612200][T14253] RAX: ffffffffffffffda RBX: 00007f2427d35fa0 RCX: 00007f2427aeeba9
[  269.612214][T14253] RDX: 0000200000000100 RSI: 0000000000008933 RDI: 0000000000000009
[  269.612242][T14253] RBP: 00007f242654f090 R08: 0000000000000000 R09: 0000000000000000
[  269.612257][T14253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.612271][T14253] R13: 00007f2427d36038 R14: 00007f2427d35fa0 R15: 00007ffd2fcb1908
[  269.612293][T14253]  </TASK>
[  270.137110][T14278] FAULT_INJECTION: forcing a failure.
[  270.137110][T14278] name failslab, interval 1, probability 0, space 0, times 0
[  270.149831][T14278] CPU: 1 UID: 0 PID: 14278 Comm: syz.5.3825 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  270.149870][T14278] Tainted: [W]=WARN
[  270.149878][T14278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  270.149935][T14278] Call Trace:
[  270.149941][T14278]  <TASK>
[  270.149948][T14278]  __dump_stack+0x1d/0x30
[  270.149968][T14278]  dump_stack_lvl+0xe8/0x140
[  270.149987][T14278]  dump_stack+0x15/0x1b
[  270.150002][T14278]  should_fail_ex+0x265/0x280
[  270.150027][T14278]  should_failslab+0x8c/0xb0
[  270.150109][T14278]  kmem_cache_alloc_node_noprof+0x57/0x320
[  270.150196][T14278]  ? __alloc_skb+0x101/0x320
[  270.150281][T14278]  __alloc_skb+0x101/0x320
[  270.150371][T14278]  netlink_alloc_large_skb+0xba/0xf0
[  270.150398][T14278]  netlink_sendmsg+0x3cf/0x6b0
[  270.150509][T14278]  ? __pfx_netlink_sendmsg+0x10/0x10
[  270.150540][T14278]  __sock_sendmsg+0x145/0x180
[  270.150602][T14278]  ____sys_sendmsg+0x31e/0x4e0
[  270.150636][T14278]  ___sys_sendmsg+0x17b/0x1d0
[  270.150679][T14278]  __x64_sys_sendmsg+0xd4/0x160
[  270.150769][T14278]  x64_sys_call+0x191e/0x2ff0
[  270.150802][T14278]  do_syscall_64+0xd2/0x200
[  270.150892][T14278]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  270.150915][T14278]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  270.150950][T14278]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.150975][T14278] RIP: 0033:0x7fe2df09eba9
[  270.150992][T14278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  270.151012][T14278] RSP: 002b:00007fe2ddb07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  270.151033][T14278] RAX: ffffffffffffffda RBX: 00007fe2df2e5fa0 RCX: 00007fe2df09eba9
[  270.151048][T14278] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000003
[  270.151061][T14278] RBP: 00007fe2ddb07090 R08: 0000000000000000 R09: 0000000000000000
[  270.151075][T14278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  270.151088][T14278] R13: 00007fe2df2e6038 R14: 00007fe2df2e5fa0 R15: 00007ffeca14c9c8
[  270.151110][T14278]  </TASK>
[  270.416166][T14280] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3826'.
[  270.546256][T14297] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3831'.
[  270.564719][T14295] loop1: detected capacity change from 0 to 1024
[  270.571618][T14295] EXT4-fs: Ignoring removed bh option
[  270.586059][T14297] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3831'.
[  270.591459][T14295] EXT4-fs: inline encryption not supported
[  270.604388][T14295] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  270.622324][T14295] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  270.633125][T14295] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 2: comm syz.1.3830: lblock 2 mapped to illegal pblock 2 (length 1)
[  270.649373][T14295] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 48: comm syz.1.3830: lblock 0 mapped to illegal pblock 48 (length 1)
[  270.650931][T14303] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2048 sclass=netlink_route_socket pid=14303 comm=syz.5.3833
[  270.692048][T14295] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.3830: Failed to acquire dquot type 0
[  270.705055][T14295] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  270.714761][T14303] netlink: 'syz.5.3833': attribute type 30 has an invalid length.
[  270.722632][T14295] EXT4-fs error (device loop1): ext4_evict_inode:254: inode #11: comm syz.1.3830: mark_inode_dirty error
[  270.735387][T14295] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  270.745976][T14295] EXT4-fs (loop1): 1 orphan inode deleted
[  270.752170][T14295] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  270.766660][ T3453] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:8: lblock 1 mapped to illegal pblock 1 (length 1)
[  270.788363][ T3453] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u8:8: Failed to release dquot type 0
[  270.802171][T14295] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.828586][T14295] EXT4-fs error (device loop1): __ext4_get_inode_loc:4861: comm syz.1.3830: Invalid inode table block 1 in block_group 0
[  270.829181][T14314] netlink: 'syz.0.3836': attribute type 27 has an invalid length.
[  270.844405][T14295] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  270.881195][T14295] EXT4-fs error (device loop1): ext4_quota_off:7221: inode #3: comm syz.1.3830: mark_inode_dirty error
[  270.938134][T14318] netlink: 44 bytes leftover after parsing attributes in process `syz.5.3838'.
[  270.991082][T14322] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3841'.
[  271.002101][T14322] netlink: 312 bytes leftover after parsing attributes in process `syz.5.3841'.
[  271.011214][T14322] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3841'.
[  271.028799][T14322] random: crng reseeded on system resumption
[  271.039388][T14314] veth0_to_bond: left allmulticast mode
[  271.049246][T14322] Restarting kernel threads ...
[  271.055517][T14322] Done restarting kernel threads.
[  271.069662][T14314] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  271.081899][T14314] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  271.133168][T14314] bridge0: left allmulticast mode
[  271.138486][T14314] macvtap1: left promiscuous mode
[  271.143598][T14314] macvtap1: left allmulticast mode
[  271.155716][  T136] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  271.168335][  T136] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  271.178740][  T136] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  271.187750][  T136] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  271.399050][T14343] loop1: detected capacity change from 0 to 8192
[  271.689653][T14354] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3851'.
[  271.716165][T14356] random: crng reseeded on system resumption
[  271.726640][T14356] Restarting kernel threads ...
[  271.731674][T14356] Done restarting kernel threads.
[  271.813885][T14365] RDS: rds_bind could not find a transport for ::c00d:0:20:0, load rds_tcp or rds_rdma?
[  272.297401][   T29] kauditd_printk_skb: 283 callbacks suppressed
[  272.297464][   T29] audit: type=1400 audit(1758463884.967:10319): avc:  denied  { name_bind } for  pid=14377 comm="syz.0.3861" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  272.325586][   T29] audit: type=1400 audit(1758463884.967:10320): avc:  denied  { node_bind } for  pid=14377 comm="syz.0.3861" saddr=::1 src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  272.405481][T14387] random: crng reseeded on system resumption
[  272.415341][T14387] Restarting kernel threads ...
[  272.420347][T14387] Done restarting kernel threads.
[  272.654297][   T29] audit: type=1400 audit(1758463885.317:10321): avc:  denied  { mount } for  pid=14400 comm="syz.5.3871" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  272.688520][   T29] audit: type=1326 audit(1758463885.337:10322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14409 comm="syz.0.3873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39e22feba9 code=0x7ffc0000
[  272.712151][   T29] audit: type=1326 audit(1758463885.337:10323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14409 comm="syz.0.3873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f39e22feba9 code=0x7ffc0000
[  272.735648][   T29] audit: type=1326 audit(1758463885.337:10324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14409 comm="syz.0.3873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39e22feba9 code=0x7ffc0000
[  272.759215][   T29] audit: type=1326 audit(1758463885.337:10325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14409 comm="syz.0.3873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f39e22feba9 code=0x7ffc0000
[  272.782776][   T29] audit: type=1326 audit(1758463885.337:10326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14409 comm="syz.0.3873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39e22feba9 code=0x7ffc0000
[  272.806482][   T29] audit: type=1326 audit(1758463885.337:10327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14409 comm="syz.0.3873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f39e22feba9 code=0x7ffc0000
[  272.830115][   T29] audit: type=1326 audit(1758463885.337:10328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14409 comm="syz.0.3873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39e22feba9 code=0x7ffc0000
[  273.209492][T14447] netlink: 'syz.7.3886': attribute type 4 has an invalid length.
[  273.755008][T14460] sd 0:0:1:0: device reset
[  273.778111][T14460] 8021q: adding VLAN 0 to HW filter on device bond1
[  273.793291][T14460] vlan2: entered allmulticast mode
[  273.798468][T14460] bond1: entered allmulticast mode
[  273.861466][T14471] FAULT_INJECTION: forcing a failure.
[  273.861466][T14471] name failslab, interval 1, probability 0, space 0, times 0
[  273.874146][T14471] CPU: 1 UID: 0 PID: 14471 Comm: syz.1.3894 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  273.874181][T14471] Tainted: [W]=WARN
[  273.874189][T14471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  273.874203][T14471] Call Trace:
[  273.874209][T14471]  <TASK>
[  273.874217][T14471]  __dump_stack+0x1d/0x30
[  273.874321][T14471]  dump_stack_lvl+0xe8/0x140
[  273.874344][T14471]  dump_stack+0x15/0x1b
[  273.874364][T14471]  should_fail_ex+0x265/0x280
[  273.874393][T14471]  should_failslab+0x8c/0xb0
[  273.874503][T14471]  kmem_cache_alloc_noprof+0x50/0x310
[  273.874528][T14471]  ? audit_log_start+0x365/0x6c0
[  273.874628][T14471]  audit_log_start+0x365/0x6c0
[  273.874656][T14471]  ? should_failslab+0x8c/0xb0
[  273.874704][T14471]  audit_log+0x5e/0xd0
[  273.874760][T14471]  security_bounded_transition+0x361/0x3d0
[  273.874812][T14471]  selinux_lsm_setattr+0x469/0x660
[  273.874863][T14471]  selinux_setprocattr+0x4f/0x70
[  273.874891][T14471]  security_setprocattr+0x1a7/0x1d0
[  273.874988][T14471]  proc_pid_attr_write+0x1eb/0x220
[  273.875030][T14471]  ? __pfx_proc_pid_attr_write+0x10/0x10
[  273.875062][T14471]  vfs_write+0x266/0x960
[  273.875090][T14471]  ? __rcu_read_unlock+0x4f/0x70
[  273.875169][T14471]  ? __fget_files+0x184/0x1c0
[  273.875213][T14471]  ksys_write+0xda/0x1a0
[  273.875308][T14471]  __x64_sys_write+0x40/0x50
[  273.875337][T14471]  x64_sys_call+0x27fe/0x2ff0
[  273.875413][T14471]  do_syscall_64+0xd2/0x200
[  273.875465][T14471]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  273.875495][T14471]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  273.875533][T14471]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.875623][T14471] RIP: 0033:0x7fd67311eba9
[  273.875680][T14471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  273.875714][T14471] RSP: 002b:00007fd671b7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  273.875744][T14471] RAX: ffffffffffffffda RBX: 00007fd673365fa0 RCX: 00007fd67311eba9
[  273.875755][T14471] RDX: 000000000000001d RSI: 0000200000000100 RDI: 0000000000000003
[  273.875768][T14471] RBP: 00007fd671b7f090 R08: 0000000000000000 R09: 0000000000000000
[  273.875783][T14471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  273.875797][T14471] R13: 00007fd673366038 R14: 00007fd673365fa0 R15: 00007fffc5415a68
[  273.875820][T14471]  </TASK>
[  274.155705][T14478] futex_wake_op: syz.1.3896 tries to shift op by -1; fix this program
[  274.255141][T14490] FAULT_INJECTION: forcing a failure.
[  274.255141][T14490] name failslab, interval 1, probability 0, space 0, times 0
[  274.267973][T14490] CPU: 0 UID: 0 PID: 14490 Comm: syz.7.3900 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  274.268005][T14490] Tainted: [W]=WARN
[  274.268013][T14490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  274.268026][T14490] Call Trace:
[  274.268032][T14490]  <TASK>
[  274.268037][T14490]  __dump_stack+0x1d/0x30
[  274.268093][T14490]  dump_stack_lvl+0xe8/0x140
[  274.268181][T14490]  dump_stack+0x15/0x1b
[  274.268230][T14490]  should_fail_ex+0x265/0x280
[  274.268258][T14490]  should_failslab+0x8c/0xb0
[  274.268285][T14490]  kmem_cache_alloc_noprof+0x50/0x310
[  274.268315][T14490]  ? audit_log_start+0x365/0x6c0
[  274.268487][T14490]  audit_log_start+0x365/0x6c0
[  274.268524][T14490]  audit_seccomp+0x48/0x100
[  274.268552][T14490]  ? __seccomp_filter+0x68c/0x10d0
[  274.268634][T14490]  __seccomp_filter+0x69d/0x10d0
[  274.268658][T14490]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  274.268689][T14490]  ? vfs_write+0x7e8/0x960
[  274.268720][T14490]  ? __rcu_read_unlock+0x4f/0x70
[  274.268803][T14490]  ? __fget_files+0x184/0x1c0
[  274.268833][T14490]  __secure_computing+0x82/0x150
[  274.268893][T14490]  syscall_trace_enter+0xcf/0x1e0
[  274.269003][T14490]  do_syscall_64+0xac/0x200
[  274.269037][T14490]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  274.269063][T14490]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  274.269143][T14490]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.269167][T14490] RIP: 0033:0x7f2427aeeba9
[  274.269182][T14490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  274.269202][T14490] RSP: 002b:00007f242654f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000095
[  274.269283][T14490] RAX: ffffffffffffffda RBX: 00007f2427d35fa0 RCX: 00007f2427aeeba9
[  274.269296][T14490] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 00002000007fe000
[  274.269309][T14490] RBP: 00007f242654f090 R08: 0000000000000000 R09: 0000000000000000
[  274.269322][T14490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  274.269393][T14490] R13: 00007f2427d36038 R14: 00007f2427d35fa0 R15: 00007ffd2fcb1908
[  274.269414][T14490]  </TASK>
[  274.534714][T14493] __nla_validate_parse: 20 callbacks suppressed
[  274.534733][T14493] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3901'.
[  274.626337][T14491] netlink: 'syz.5.3898': attribute type 4 has an invalid length.
[  274.845743][T14502] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3904'.
[  274.935264][T14506] mmap: syz.7.3906 (14506) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  274.952696][T14506] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3906'.
[  274.984973][T14507] loop1: detected capacity change from 0 to 128
[  275.013253][T14507] syz.1.3905: attempt to access beyond end of device
[  275.013253][T14507] loop1: rw=2049, sector=138, nr_sectors = 2 limit=128
[  275.039613][T14513] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  275.108626][T14518] netlink: 'syz.1.3905': attribute type 4 has an invalid length.
[  275.186553][T14524] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3912'.
[  275.189227][T14528] usb usb9: usbfs: process 14528 (syz.7.3913) did not claim interface 0 before use
[  275.206421][T14524] netlink: 312 bytes leftover after parsing attributes in process `syz.5.3912'.
[  275.215612][T14524] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3912'.
[  275.237437][T14531] random: crng reseeded on system resumption
[  275.265445][T14531] Restarting kernel threads ...
[  275.270519][T14531] Done restarting kernel threads.
[  275.302160][T14534] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3915'.
[  275.358109][T14543] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3919'.
[  275.416566][T14543] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3919'.
[  275.665682][T14561] syz_tun: entered allmulticast mode
[  275.678316][T14561] syz_tun (unregistering): left allmulticast mode
[  275.906316][T14568] netlink: 'syz.7.3930': attribute type 39 has an invalid length.
[  276.069643][T14578] veth1_to_bond: entered allmulticast mode
[  276.083730][T14578] bond0: (slave bond_slave_1): Releasing backup interface
[  276.096154][T14578] veth1_to_bond (unregistering): left allmulticast mode
[  276.534941][T14593] netlink: 'syz.5.3938': attribute type 4 has an invalid length.
[  276.743204][T14596] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  276.750714][T14596] batman_adv: batadv0: Removing interface: batadv_slave_0
[  276.760842][T14596] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  276.768470][T14596] batman_adv: batadv0: Removing interface: batadv_slave_1
[  276.818833][T14599] vlan2: entered allmulticast mode
[  276.872243][T14604] syz_tun: entered allmulticast mode
[  276.879622][T14604] FAULT_INJECTION: forcing a failure.
[  276.879622][T14604] name failslab, interval 1, probability 0, space 0, times 0
[  276.892499][T14604] CPU: 1 UID: 0 PID: 14604 Comm: syz.1.3941 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  276.892538][T14604] Tainted: [W]=WARN
[  276.892546][T14604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  276.892615][T14604] Call Trace:
[  276.892622][T14604]  <TASK>
[  276.892629][T14604]  __dump_stack+0x1d/0x30
[  276.892655][T14604]  dump_stack_lvl+0xe8/0x140
[  276.892728][T14604]  dump_stack+0x15/0x1b
[  276.892751][T14604]  should_fail_ex+0x265/0x280
[  276.892779][T14604]  should_failslab+0x8c/0xb0
[  276.892815][T14604]  kmem_cache_alloc_noprof+0x50/0x310
[  276.892848][T14604]  ? skb_clone+0x151/0x1f0
[  276.892888][T14604]  skb_clone+0x151/0x1f0
[  276.892992][T14604]  __netlink_deliver_tap+0x2c9/0x500
[  276.893031][T14604]  netlink_unicast+0x66b/0x690
[  276.893062][T14604]  netlink_sendmsg+0x58b/0x6b0
[  276.893172][T14604]  ? __pfx_netlink_sendmsg+0x10/0x10
[  276.893208][T14604]  __sock_sendmsg+0x145/0x180
[  276.893251][T14604]  ____sys_sendmsg+0x31e/0x4e0
[  276.893333][T14604]  ___sys_sendmsg+0x17b/0x1d0
[  276.893380][T14604]  __x64_sys_sendmsg+0xd4/0x160
[  276.893492][T14604]  x64_sys_call+0x191e/0x2ff0
[  276.893520][T14604]  do_syscall_64+0xd2/0x200
[  276.893591][T14604]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  276.893624][T14604]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  276.893655][T14604]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.893723][T14604] RIP: 0033:0x7fd67311eba9
[  276.893738][T14604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.893756][T14604] RSP: 002b:00007fd671b7f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  276.893778][T14604] RAX: ffffffffffffffda RBX: 00007fd673365fa0 RCX: 00007fd67311eba9
[  276.893793][T14604] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000008
[  276.893808][T14604] RBP: 00007fd671b7f090 R08: 0000000000000000 R09: 0000000000000000
[  276.893824][T14604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  276.893862][T14604] R13: 00007fd673366038 R14: 00007fd673365fa0 R15: 00007fffc5415a68
[  276.893880][T14604]  </TASK>
[  277.115092][T14604] syz_tun (unregistering): left allmulticast mode
[  277.239754][T14616] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(9)
[  277.246513][T14616] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  277.254184][T14616] vhci_hcd vhci_hcd.0: Device attached
[  277.262273][T14616] vhci_hcd vhci_hcd.0: pdev(7) rhport(1) sockfd(11)
[  277.268970][T14616] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  277.276559][T14616] vhci_hcd vhci_hcd.0: Device attached
[  277.522957][ T3384] usb 15-1: new low-speed USB device number 2 using vhci_hcd
[  277.841145][   T29] kauditd_printk_skb: 356 callbacks suppressed
[  277.841163][   T29] audit: type=1400 audit(1758463890.502:10681): avc:  denied  { watch } for  pid=14648 comm="syz.0.3956" path="/212" dev="tmpfs" ino=1128 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  277.872609][T14649] FAULT_INJECTION: forcing a failure.
[  277.872609][T14649] name failslab, interval 1, probability 0, space 0, times 0
[  277.885302][T14649] CPU: 0 UID: 0 PID: 14649 Comm: syz.0.3956 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  277.885339][T14649] Tainted: [W]=WARN
[  277.885346][T14649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  277.885360][T14649] Call Trace:
[  277.885368][T14649]  <TASK>
[  277.885376][T14649]  __dump_stack+0x1d/0x30
[  277.885448][T14649]  dump_stack_lvl+0xe8/0x140
[  277.885471][T14649]  dump_stack+0x15/0x1b
[  277.885489][T14649]  should_fail_ex+0x265/0x280
[  277.885595][T14649]  should_failslab+0x8c/0xb0
[  277.885621][T14649]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  277.885727][T14649]  ? should_fail_ex+0xdb/0x280
[  277.885747][T14649]  ? sidtab_sid2str_get+0xa0/0x130
[  277.885770][T14649]  kmemdup_noprof+0x2b/0x70
[  277.885795][T14649]  sidtab_sid2str_get+0xa0/0x130
[  277.885900][T14649]  security_sid_to_context_core+0x1eb/0x2e0
[  277.885922][T14649]  security_sid_to_context_force+0x2a/0x40
[  277.885943][T14649]  selinux_inode_init_security+0x31f/0x3c0
[  277.885980][T14649]  security_inode_init_security+0x146/0x330
[  277.886015][T14649]  ? __pfx_shmem_initxattrs+0x10/0x10
[  277.886041][T14649]  shmem_mknod+0xad/0x180
[  277.886063][T14649]  shmem_rename2+0x159/0x290
[  277.886122][T14649]  ? __pfx_shmem_rename2+0x10/0x10
[  277.886146][T14649]  vfs_rename+0x7f0/0xa40
[  277.886174][T14649]  do_renameat2+0x557/0xa10
[  277.886207][T14649]  __x64_sys_renameat2+0x7e/0x90
[  277.886282][T14649]  x64_sys_call+0x3f9/0x2ff0
[  277.886302][T14649]  do_syscall_64+0xd2/0x200
[  277.886333][T14649]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  277.886357][T14649]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  277.886421][T14649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.886442][T14649] RIP: 0033:0x7f39e22feba9
[  277.886456][T14649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  277.886471][T14649] RSP: 002b:00007f39e0d67038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  277.886503][T14649] RAX: ffffffffffffffda RBX: 00007f39e2545fa0 RCX: 00007f39e22feba9
[  277.886514][T14649] RDX: ffffffffffffff9c RSI: 0000200000000440 RDI: ffffffffffffff9c
[  277.886602][T14649] RBP: 00007f39e0d67090 R08: 0000000000000004 R09: 0000000000000000
[  277.886613][T14649] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000002
[  277.886624][T14649] R13: 00007f39e2546038 R14: 00007f39e2545fa0 R15: 00007ffe42e690a8
[  277.886641][T14649]  </TASK>
[  278.134722][T14619] vhci_hcd: connection closed
[  278.135387][ T1914] vhci_hcd: stop threads
[  278.144392][ T1914] vhci_hcd: release socket
[  278.148816][ T1914] vhci_hcd: disconnect device
[  278.160174][T14617] vhci_hcd: connection reset by peer
[  278.180069][ T1914] vhci_hcd: stop threads
[  278.184429][ T1914] vhci_hcd: release socket
[  278.188915][ T1914] vhci_hcd: disconnect device
[  278.255720][T14659] FAULT_INJECTION: forcing a failure.
[  278.255720][T14659] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  278.268854][T14659] CPU: 1 UID: 0 PID: 14659 Comm: syz.2.3961 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  278.268883][T14659] Tainted: [W]=WARN
[  278.268888][T14659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  278.268899][T14659] Call Trace:
[  278.268903][T14659]  <TASK>
[  278.268909][T14659]  __dump_stack+0x1d/0x30
[  278.269046][T14659]  dump_stack_lvl+0xe8/0x140
[  278.269065][T14659]  dump_stack+0x15/0x1b
[  278.269081][T14659]  should_fail_ex+0x265/0x280
[  278.269106][T14659]  should_fail+0xb/0x20
[  278.269147][T14659]  should_fail_usercopy+0x1a/0x20
[  278.269174][T14659]  _copy_to_user+0x20/0xa0
[  278.269213][T14659]  simple_read_from_buffer+0xb5/0x130
[  278.269243][T14659]  proc_fail_nth_read+0x10e/0x150
[  278.269350][T14659]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  278.269384][T14659]  vfs_read+0x1a5/0x770
[  278.269410][T14659]  ? __rcu_read_unlock+0x4f/0x70
[  278.269434][T14659]  ? __fget_files+0x184/0x1c0
[  278.269469][T14659]  ksys_read+0xda/0x1a0
[  278.269623][T14659]  __x64_sys_read+0x40/0x50
[  278.269650][T14659]  x64_sys_call+0x27bc/0x2ff0
[  278.269678][T14659]  do_syscall_64+0xd2/0x200
[  278.269762][T14659]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  278.269791][T14659]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  278.269830][T14659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.269856][T14659] RIP: 0033:0x7f5e1c2fd5bc
[  278.269873][T14659] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  278.269955][T14659] RSP: 002b:00007f5e1ad67030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  278.269977][T14659] RAX: ffffffffffffffda RBX: 00007f5e1c545fa0 RCX: 00007f5e1c2fd5bc
[  278.269992][T14659] RDX: 000000000000000f RSI: 00007f5e1ad670a0 RDI: 0000000000000004
[  278.270007][T14659] RBP: 00007f5e1ad67090 R08: 0000000000000000 R09: 0000000000000000
[  278.270021][T14659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  278.270033][T14659] R13: 00007f5e1c546038 R14: 00007f5e1c545fa0 R15: 00007ffda59460d8
[  278.270071][T14659]  </TASK>
[  278.459801][   T29] audit: type=1326 audit(1758463891.122:10682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14661 comm="syz.1.3962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd673115b67 code=0x7ffc0000
[  278.497391][   T29] audit: type=1326 audit(1758463891.122:10683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14661 comm="syz.1.3962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd6730bada9 code=0x7ffc0000
[  278.521030][   T29] audit: type=1326 audit(1758463891.122:10684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14661 comm="syz.1.3962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd673115b67 code=0x7ffc0000
[  278.544516][   T29] audit: type=1326 audit(1758463891.122:10685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14661 comm="syz.1.3962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd6730bada9 code=0x7ffc0000
[  278.568108][   T29] audit: type=1326 audit(1758463891.122:10686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14661 comm="syz.1.3962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd67311eba9 code=0x7ffc0000
[  278.591861][   T29] audit: type=1326 audit(1758463891.122:10687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14661 comm="syz.1.3962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fd67311eba9 code=0x7ffc0000
[  278.615312][   T29] audit: type=1326 audit(1758463891.122:10688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14661 comm="syz.1.3962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd67311eba9 code=0x7ffc0000
[  278.638878][   T29] audit: type=1326 audit(1758463891.122:10689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14661 comm="syz.1.3962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7fd67311eba9 code=0x7ffc0000
[  278.662523][   T29] audit: type=1326 audit(1758463891.122:10690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14661 comm="syz.1.3962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd67311eba9 code=0x7ffc0000
[  278.869433][T14678] pim6reg: entered allmulticast mode
[  278.875242][T14678] pim6reg: left allmulticast mode
[  279.250027][T14738] loop1: detected capacity change from 0 to 1024
[  279.258421][T14738] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  279.274621][T14738] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  279.282786][T14738] EXT4-fs (loop1): orphan cleanup on readonly fs
[  279.289424][T14738] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  279.304174][T14738] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  279.313721][T14738] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.3987: Freeing blocks not in datazone - block = 0, count = 4096
[  279.328775][T14738] EXT4-fs (loop1): 1 orphan inode deleted
[  279.334875][T14738] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  279.360662][T14747] random: crng reseeded on system resumption
[  279.370711][T14747] Restarting kernel threads ...
[  279.375799][T14747] Done restarting kernel threads.
[  279.422214][T11557] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.449792][T14745] netlink: 'syz.0.3989': attribute type 4 has an invalid length.
[  279.468059][T14754] random: crng reseeded on system resumption
[  279.478804][T14754] Restarting kernel threads ...
[  279.484414][T14754] Done restarting kernel threads.
[  279.490437][T14755] usb usb8: usbfs: interface 0 claimed by hub while 'syz.5.3990' resets device
[  279.601715][T14771] __nla_validate_parse: 23 callbacks suppressed
[  279.601733][T14771] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4000'.
[  280.523677][T14831] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4021'.
[  280.539393][T14831] loop1: detected capacity change from 0 to 128
[  280.623842][T14839] loop1: detected capacity change from 0 to 128
[  281.021294][T14848] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4026'.
[  281.499772][T14867] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4034'.
[  281.774921][T14880] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4038'.
[  281.811864][T14886] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4041'.
[  281.820924][T14886] netlink: 312 bytes leftover after parsing attributes in process `syz.7.4041'.
[  281.830098][T14886] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4041'.
[  281.839675][T14886] random: crng reseeded on system resumption
[  281.851367][T14886] Restarting kernel threads ...
[  281.856638][T14886] Done restarting kernel threads.
[  281.882118][T14892] FAULT_INJECTION: forcing a failure.
[  281.882118][T14892] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  281.895243][T14892] CPU: 0 UID: 0 PID: 14892 Comm: syz.0.4043 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  281.895277][T14892] Tainted: [W]=WARN
[  281.895285][T14892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  281.895299][T14892] Call Trace:
[  281.895305][T14892]  <TASK>
[  281.895312][T14892]  __dump_stack+0x1d/0x30
[  281.895335][T14892]  dump_stack_lvl+0xe8/0x140
[  281.895356][T14892]  dump_stack+0x15/0x1b
[  281.895406][T14892]  should_fail_ex+0x265/0x280
[  281.895447][T14892]  should_fail+0xb/0x20
[  281.895469][T14892]  should_fail_usercopy+0x1a/0x20
[  281.895505][T14892]  _copy_from_user+0x1c/0xb0
[  281.895616][T14892]  memdup_user+0x5e/0xd0
[  281.895645][T14892]  sctp_getsockopt_connectx3+0x173/0x300
[  281.895682][T14892]  sctp_getsockopt+0x910/0xaa0
[  281.895715][T14892]  sock_common_getsockopt+0x5d/0x70
[  281.895753][T14892]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  281.895786][T14892]  do_sock_getsockopt+0x1fd/0x240
[  281.895834][T14892]  __x64_sys_getsockopt+0x11e/0x1a0
[  281.895908][T14892]  x64_sys_call+0x2bc6/0x2ff0
[  281.895950][T14892]  do_syscall_64+0xd2/0x200
[  281.895987][T14892]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  281.896016][T14892]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  281.896107][T14892]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.896133][T14892] RIP: 0033:0x7f39e22feba9
[  281.896149][T14892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  281.896187][T14892] RSP: 002b:00007f39e0d67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  281.896236][T14892] RAX: ffffffffffffffda RBX: 00007f39e2545fa0 RCX: 00007f39e22feba9
[  281.896250][T14892] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000003
[  281.896260][T14892] RBP: 00007f39e0d67090 R08: 0000200000000100 R09: 0000000000000000
[  281.896278][T14892] R10: 0000200000000300 R11: 0000000000000246 R12: 0000000000000001
[  281.896293][T14892] R13: 00007f39e2546038 R14: 00007f39e2545fa0 R15: 00007ffe42e690a8
[  281.896315][T14892]  </TASK>
[  282.175506][T14904] loop1: detected capacity change from 0 to 128
[  282.185407][T14904] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  282.197887][T14904] ext4 filesystem being mounted at /228/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  282.276899][T14913] netlink: 68 bytes leftover after parsing attributes in process `syz.2.4052'.
[  282.391275][T14925] pimreg: entered allmulticast mode
[  282.401318][T14928] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4055'.
[  282.410868][T14928] random: crng reseeded on system resumption
[  282.421925][T14928] Restarting kernel threads ...
[  282.428153][T14925] pimreg: left allmulticast mode
[  282.433817][T14928] Done restarting kernel threads.
[  282.498129][T14935] futex_wake_op: syz.2.4060 tries to shift op by -1; fix this program
[  282.518807][T14936] FAULT_INJECTION: forcing a failure.
[  282.518807][T14936] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  282.531917][T14936] CPU: 1 UID: 0 PID: 14936 Comm: syz.0.4059 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  282.531960][T14936] Tainted: [W]=WARN
[  282.531985][T14936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  282.532001][T14936] Call Trace:
[  282.532008][T14936]  <TASK>
[  282.532017][T14936]  __dump_stack+0x1d/0x30
[  282.532043][T14936]  dump_stack_lvl+0xe8/0x140
[  282.532068][T14936]  dump_stack+0x15/0x1b
[  282.532084][T14936]  should_fail_ex+0x265/0x280
[  282.532162][T14936]  should_fail+0xb/0x20
[  282.532182][T14936]  should_fail_usercopy+0x1a/0x20
[  282.532211][T14936]  strncpy_from_user+0x25/0x230
[  282.532393][T14936]  ? kmem_cache_alloc_noprof+0x186/0x310
[  282.532423][T14936]  ? getname_flags+0x80/0x3b0
[  282.532449][T14936]  getname_flags+0xae/0x3b0
[  282.532472][T14936]  __x64_sys_renameat2+0x5f/0x90
[  282.532505][T14936]  x64_sys_call+0x3f9/0x2ff0
[  282.532554][T14936]  do_syscall_64+0xd2/0x200
[  282.532609][T14936]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  282.532634][T14936]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  282.532697][T14936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.532716][T14936] RIP: 0033:0x7f39e22feba9
[  282.532729][T14936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  282.532825][T14936] RSP: 002b:00007f39e0d67038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  282.532844][T14936] RAX: ffffffffffffffda RBX: 00007f39e2545fa0 RCX: 00007f39e22feba9
[  282.532857][T14936] RDX: ffffffffffffffff RSI: 0000200000000480 RDI: ffffffffffffffff
[  282.532869][T14936] RBP: 00007f39e0d67090 R08: 0000000000000004 R09: 0000000000000000
[  282.532921][T14936] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  282.532933][T14936] R13: 00007f39e2546038 R14: 00007f39e2545fa0 R15: 00007ffe42e690a8
[  282.532997][T14936]  </TASK>
[  282.719999][ T3384] usb 15-1: enqueue for inactive port 0
[  282.725661][ T3384] usb 15-1: enqueue for inactive port 0
[  282.772804][T14946] tipc: Started in network mode
[  282.777877][T14946] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711
[  282.786924][T14946] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  282.792971][ T3384] vhci_hcd: vhci_device speed not set
[  282.834992][T14950] FAULT_INJECTION: forcing a failure.
[  282.834992][T14950] name failslab, interval 1, probability 0, space 0, times 0
[  282.847701][T14950] CPU: 0 UID: 0 PID: 14950 Comm: syz.2.4064 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  282.847783][T14950] Tainted: [W]=WARN
[  282.847789][T14950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  282.847800][T14950] Call Trace:
[  282.847805][T14950]  <TASK>
[  282.847811][T14950]  __dump_stack+0x1d/0x30
[  282.847829][T14950]  dump_stack_lvl+0xe8/0x140
[  282.847902][T14950]  dump_stack+0x15/0x1b
[  282.847916][T14950]  should_fail_ex+0x265/0x280
[  282.847938][T14950]  should_failslab+0x8c/0xb0
[  282.847967][T14950]  kmem_cache_alloc_noprof+0x50/0x310
[  282.848035][T14950]  ? security_inode_alloc+0x37/0x100
[  282.848067][T14950]  security_inode_alloc+0x37/0x100
[  282.848126][T14950]  inode_init_always_gfp+0x4b7/0x500
[  282.848178][T14950]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  282.848234][T14950]  alloc_inode+0x58/0x170
[  282.848253][T14950]  new_inode+0x1d/0xe0
[  282.848278][T14950]  shmem_get_inode+0x244/0x750
[  282.848335][T14950]  __shmem_file_setup+0x113/0x210
[  282.848444][T14950]  shmem_file_setup+0x3b/0x50
[  282.848465][T14950]  __se_sys_memfd_create+0x2c3/0x590
[  282.848491][T14950]  __x64_sys_memfd_create+0x31/0x40
[  282.848573][T14950]  x64_sys_call+0x2abe/0x2ff0
[  282.848606][T14950]  do_syscall_64+0xd2/0x200
[  282.848636][T14950]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  282.848712][T14950]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  282.848739][T14950]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.848759][T14950] RIP: 0033:0x7f5e1c2feba9
[  282.848779][T14950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  282.848799][T14950] RSP: 002b:00007f5e1ad66d68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  282.848819][T14950] RAX: ffffffffffffffda RBX: 0000000000000593 RCX: 00007f5e1c2feba9
[  282.848833][T14950] RDX: 00007f5e1ad66dec RSI: 0000000000000000 RDI: 00007f5e1c3827e8
[  282.848847][T14950] RBP: 00002000000005c0 R08: 00007f5e1ad66b07 R09: 0000000000000000
[  282.848860][T14950] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001
[  282.848874][T14950] R13: 00007f5e1ad66dec R14: 00007f5e1ad66df0 R15: 00007ffda59460d8
[  282.848958][T14950]  </TASK>
[  283.308523][   T29] kauditd_printk_skb: 304 callbacks suppressed
[  283.308541][   T29] audit: type=1326 audit(1758463895.972:10994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14931 comm="syz.5.4058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe2df095b67 code=0x7fc00000
[  283.404702][T14961] netlink: 'syz.2.4066': attribute type 4 has an invalid length.
[  283.508535][T11557] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  283.564361][T14971] random: crng reseeded on system resumption
[  283.574389][T14971] Restarting kernel threads ...
[  283.583038][T14971] Done restarting kernel threads.
[  283.740203][T14981] netlink: 'syz.7.4073': attribute type 1 has an invalid length.
[  283.748330][   T29] audit: type=1400 audit(1758463896.402:10995): avc:  denied  { mount } for  pid=14974 comm="syz.7.4073" name="/" dev="mqueue" ino=29002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  283.771089][   T29] audit: type=1400 audit(1758463896.402:10996): avc:  denied  { create } for  pid=14974 comm="syz.7.4073" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  283.791610][   T29] audit: type=1400 audit(1758463896.402:10997): avc:  denied  { write } for  pid=14974 comm="syz.7.4073" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  283.887103][T14984] ip6_vti0: Master is either lo or non-ether device
[  283.959489][   T29] audit: type=1400 audit(1758463896.602:10998): avc:  denied  { bind } for  pid=14974 comm="syz.7.4073" lport=32 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  283.979971][   T29] audit: type=1400 audit(1758463896.602:10999): avc:  denied  { node_bind } for  pid=14974 comm="syz.7.4073" saddr=ff01::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  284.241326][T14995] loop1: detected capacity change from 0 to 128
[  284.281198][T14995] syz.1.4076: attempt to access beyond end of device
[  284.281198][T14995] loop1: rw=2049, sector=138, nr_sectors = 2 limit=128
[  284.524053][T14998] netlink: 'syz.1.4076': attribute type 4 has an invalid length.
[  284.872709][T15015] __nla_validate_parse: 10 callbacks suppressed
[  284.872724][T15015] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4083'.
[  284.991526][   T29] audit: type=1326 audit(1758463897.642:11000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14993 comm="syz.7.4077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2427aeeba9 code=0x7fc00000
[  285.053377][T15017] random: crng reseeded on system resumption
[  285.070592][T15015] netlink: 312 bytes leftover after parsing attributes in process `syz.5.4083'.
[  285.079930][T15015] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4083'.
[  285.090587][   T29] audit: type=1400 audit(1758463897.732:11001): avc:  denied  { connect } for  pid=15018 comm="syz.7.4084" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  285.091997][T15017] Restarting kernel threads ...
[  285.132982][   T29] audit: type=1400 audit(1758463897.792:11002): avc:  denied  { read } for  pid=15018 comm="syz.7.4084" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  285.133118][T15017] Done restarting kernel threads.
[  285.343372][T15042] loop1: detected capacity change from 0 to 128
[  285.353698][T15042] syz.1.4089: attempt to access beyond end of device
[  285.353698][T15042] loop1: rw=2049, sector=138, nr_sectors = 2 limit=128
[  285.433739][T15047] netlink: 'syz.1.4089': attribute type 4 has an invalid length.
[  285.616004][T15056] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4096'.
[  285.626545][T15056] netlink: 312 bytes leftover after parsing attributes in process `syz.2.4096'.
[  285.635627][T15056] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4096'.
[  285.648440][T15056] random: crng reseeded on system resumption
[  285.659210][T15056] Restarting kernel threads ...
[  285.665511][T15056] Done restarting kernel threads.
[  285.773771][   T29] audit: type=1326 audit(1758463898.442:11003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15058 comm="syz.2.4097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e1c2feba9 code=0x7ffc0000
[  286.035174][T15065] netlink: 'syz.7.4098': attribute type 4 has an invalid length.
[  286.087748][T15071] FAULT_INJECTION: forcing a failure.
[  286.087748][T15071] name failslab, interval 1, probability 0, space 0, times 0
[  286.100507][T15071] CPU: 0 UID: 0 PID: 15071 Comm: syz.0.4100 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  286.100561][T15071] Tainted: [W]=WARN
[  286.100569][T15071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  286.100584][T15071] Call Trace:
[  286.100593][T15071]  <TASK>
[  286.100600][T15071]  __dump_stack+0x1d/0x30
[  286.100665][T15071]  dump_stack_lvl+0xe8/0x140
[  286.100681][T15071]  dump_stack+0x15/0x1b
[  286.100694][T15071]  should_fail_ex+0x265/0x280
[  286.100792][T15071]  should_failslab+0x8c/0xb0
[  286.100816][T15071]  kmem_cache_alloc_node_noprof+0x57/0x320
[  286.100852][T15071]  ? __alloc_skb+0x101/0x320
[  286.100872][T15071]  __alloc_skb+0x101/0x320
[  286.100902][T15071]  netlink_alloc_large_skb+0xba/0xf0
[  286.100921][T15071]  netlink_sendmsg+0x3cf/0x6b0
[  286.101017][T15071]  ? __pfx_netlink_sendmsg+0x10/0x10
[  286.101060][T15071]  __sock_sendmsg+0x145/0x180
[  286.101087][T15071]  ____sys_sendmsg+0x31e/0x4e0
[  286.101111][T15071]  ___sys_sendmsg+0x17b/0x1d0
[  286.101146][T15071]  __x64_sys_sendmsg+0xd4/0x160
[  286.101241][T15071]  x64_sys_call+0x191e/0x2ff0
[  286.101258][T15071]  do_syscall_64+0xd2/0x200
[  286.101282][T15071]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  286.101336][T15071]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  286.101359][T15071]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.101376][T15071] RIP: 0033:0x7f39e22feba9
[  286.101435][T15071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  286.101501][T15071] RSP: 002b:00007f39e0d67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  286.101522][T15071] RAX: ffffffffffffffda RBX: 00007f39e2545fa0 RCX: 00007f39e22feba9
[  286.101536][T15071] RDX: 00000000000008d0 RSI: 0000200000000500 RDI: 0000000000000006
[  286.101625][T15071] RBP: 00007f39e0d67090 R08: 0000000000000000 R09: 0000000000000000
[  286.101635][T15071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  286.101644][T15071] R13: 00007f39e2546038 R14: 00007f39e2545fa0 R15: 00007ffe42e690a8
[  286.101659][T15071]  </TASK>
[  286.334929][T15075] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4102'.
[  286.360388][T15075] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4102'.
[  287.053919][T15085] loop1: detected capacity change from 0 to 8192
[  287.571234][T15096] loop1: detected capacity change from 0 to 128
[  287.621748][T15099] netlink: 'syz.7.4108': attribute type 1 has an invalid length.
[  287.629757][T15099] netlink: 184332 bytes leftover after parsing attributes in process `syz.7.4108'.
[  287.677771][T15102] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4109'.
[  287.850471][T15111] loop1: detected capacity change from 0 to 512
[  287.872089][T15111] EXT4-fs: Ignoring removed mblk_io_submit option
[  287.905460][T15111] EXT4-fs (loop1): failed to initialize system zone (-117)
[  287.916339][T15111] EXT4-fs (loop1): mount failed
[  288.449929][T15118] netlink: 'syz.5.4114': attribute type 4 has an invalid length.
[  288.667044][T15111] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  288.675548][T15111] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  288.781970][   T29] kauditd_printk_skb: 60 callbacks suppressed
[  288.782024][   T29] audit: type=1326 audit(1758463901.412:11064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15129 comm="syz.2.4118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e1c2feba9 code=0x7ffc0000
[  288.811802][   T29] audit: type=1326 audit(1758463901.412:11065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15129 comm="syz.2.4118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e1c2feba9 code=0x7ffc0000
[  288.835381][   T29] audit: type=1326 audit(1758463901.412:11066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15129 comm="syz.2.4118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5e1c2feba9 code=0x7ffc0000
[  288.858861][   T29] audit: type=1326 audit(1758463901.412:11067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15129 comm="syz.2.4118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e1c2feba9 code=0x7ffc0000
[  288.882480][   T29] audit: type=1326 audit(1758463901.412:11068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15129 comm="syz.2.4118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f5e1c2feba9 code=0x7ffc0000
[  288.905975][   T29] audit: type=1326 audit(1758463901.412:11069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15129 comm="syz.2.4118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e1c2feba9 code=0x7ffc0000
[  288.929784][   T29] audit: type=1326 audit(1758463901.412:11070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15129 comm="syz.2.4118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f5e1c2feba9 code=0x7ffc0000
[  288.953329][   T29] audit: type=1326 audit(1758463901.412:11071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15129 comm="syz.2.4118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e1c2feba9 code=0x7ffc0000
[  288.977085][   T29] audit: type=1326 audit(1758463901.412:11072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15129 comm="syz.2.4118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5e1c2feba9 code=0x7ffc0000
[  289.000780][   T29] audit: type=1326 audit(1758463901.412:11073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15129 comm="syz.2.4118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e1c2feba9 code=0x7ffc0000
[  289.404883][T15160] netlink: 'syz.0.4127': attribute type 4 has an invalid length.
[  289.707886][T15180] loop1: detected capacity change from 0 to 8192
[  289.809361][T15188] loop1: detected capacity change from 0 to 128
[  289.819202][T15188] syz.1.4136: attempt to access beyond end of device
[  289.819202][T15188] loop1: rw=2049, sector=138, nr_sectors = 2 limit=128
[  290.286023][T15202] netlink: 'syz.5.4141': attribute type 4 has an invalid length.
[  290.608589][T15209] __nla_validate_parse: 3 callbacks suppressed
[  290.608665][T15209] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4143'.
[  290.765894][T15215] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4146'.
[  290.955479][T15226] loop1: detected capacity change from 0 to 128
[  291.053872][T15233] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  291.062275][T15233] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  291.226648][T15248] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4159'.
[  291.536149][T15268] netlink: 'syz.2.4167': attribute type 4 has an invalid length.
[  291.570800][T15270] netlink: 16 bytes leftover after parsing attributes in process `+}[@'.
[  291.750711][T15281] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4173'.
[  291.856608][T15294] netlink: 16 bytes leftover after parsing attributes in process `+}[@'.
[  291.934299][T15300] usb usb4: usbfs: process 15300 (syz.1.4182) did not claim interface 0 before use
[  292.008262][T15311] loop1: detected capacity change from 0 to 128
[  292.018825][T15311] syz.1.4186: attempt to access beyond end of device
[  292.018825][T15311] loop1: rw=2049, sector=138, nr_sectors = 2 limit=128
[  292.095669][T15314] netlink: 'syz.1.4186': attribute type 4 has an invalid length.
[  292.335000][T15317] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4187'.
[  292.560477][T15328] futex_wake_op: syz.2.4192 tries to shift op by -1; fix this program
[  292.685050][T15333] netlink: 16 bytes leftover after parsing attributes in process `+}[@'.
[  292.754511][T15339] usb usb4: usbfs: process 15339 (syz.2.4196) did not claim interface 0 before use
[  292.984034][T15365] loop1: detected capacity change from 0 to 8192
[  293.684230][T15392] 9pnet_fd: Insufficient options for proto=fd
[  293.742444][T15393] netlink: 'syz.0.4213': attribute type 4 has an invalid length.
[  293.839645][T15407] random: crng reseeded on system resumption
[  293.853183][T15407] Restarting kernel threads ...
[  293.860001][T15407] Done restarting kernel threads.
[  293.897153][T15416] loop1: detected capacity change from 0 to 128
[  293.908520][T15416] syz.1.4222: attempt to access beyond end of device
[  293.908520][T15416] loop1: rw=2049, sector=138, nr_sectors = 2 limit=128
[  294.039958][T15428] netlink: 'syz.2.4224': attribute type 4 has an invalid length.
[  294.102144][T15432] 9pnet_fd: Insufficient options for proto=fd
[  294.349319][   T29] kauditd_printk_skb: 315 callbacks suppressed
[  294.349354][   T29] audit: type=1400 audit(1758463907.012:11389): avc:  denied  { mounton } for  pid=15445 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  295.067934][   T29] audit: type=1326 audit(1758463907.732:11390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15437 comm="syz.7.4231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2427aeeba9 code=0x7fc00000
[  295.091655][   T29] audit: type=1326 audit(1758463907.732:11391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15437 comm="syz.7.4231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2427aeeba9 code=0x7fc00000
[  295.115278][   T29] audit: type=1326 audit(1758463907.732:11392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15437 comm="syz.7.4231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2427aeeba9 code=0x7fc00000
[  295.139163][   T29] audit: type=1326 audit(1758463907.732:11393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15437 comm="syz.7.4231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2427aeeba9 code=0x7fc00000
[  295.223319][T15483] 9pnet_fd: Insufficient options for proto=fd
[  295.281773][T15445] chnl_net:caif_netlink_parms(): no params data found
[  295.323091][T15489] netlink: 'syz.7.4244': attribute type 4 has an invalid length.
[  295.356254][T15445] bridge0: port 1(bridge_slave_0) entered blocking state
[  295.363372][T15445] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.375055][T15445] bridge_slave_0: entered allmulticast mode
[  295.390857][T15445] bridge_slave_0: entered promiscuous mode
[  295.401373][T15445] bridge0: port 2(bridge_slave_1) entered blocking state
[  295.405975][T15475] loop1: detected capacity change from 0 to 32768
[  295.408474][T15445] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.421987][T15445] bridge_slave_1: entered allmulticast mode
[  295.428735][T15445] bridge_slave_1: entered promiscuous mode
[  295.457546][T15475]  loop1: p1 p2 p3 < p5 p6 p7 >
[  295.467954][T15445] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  295.478254][T15475] loop1: p2 size 16775168 extends beyond EOD, truncated
[  295.487788][T15475] loop1: p5 start 4294970168 is beyond EOD, truncated
[  295.498070][T15445] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  295.536612][T15445] team0: Port device team_slave_0 added
[  295.553849][T15445] team0: Port device team_slave_1 added
[  295.578112][T15445] batman_adv: batadv0: Adding interface: batadv_slave_0
[  295.585168][T15445] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  295.611131][T15445] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  295.624458][T15445] batman_adv: batadv0: Adding interface: batadv_slave_1
[  295.631481][T15445] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  295.657478][T15445] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  295.739308][T15445] hsr_slave_0: entered promiscuous mode
[  295.748831][T15445] hsr_slave_1: entered promiscuous mode
[  295.755085][T15445] debugfs: 'hsr0' already exists in 'hsr'
[  295.760851][T15445] Cannot create hsr debugfs directory
[  295.770153][   T29] audit: type=1326 audit(1758463908.432:11394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15504 comm="syz.1.4250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd67311eba9 code=0x7ffc0000
[  295.793998][   T29] audit: type=1326 audit(1758463908.432:11395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15504 comm="syz.1.4250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd67311eba9 code=0x7ffc0000
[  295.817725][   T29] audit: type=1326 audit(1758463908.462:11396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15504 comm="syz.1.4250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd67311eba9 code=0x7ffc0000
[  295.841244][   T29] audit: type=1326 audit(1758463908.462:11397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15504 comm="syz.1.4250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd67311eba9 code=0x7ffc0000
[  295.864827][   T29] audit: type=1326 audit(1758463908.462:11398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15504 comm="syz.1.4250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd67311eba9 code=0x7ffc0000
[  295.968716][T15512] loop1: detected capacity change from 0 to 128
[  296.202469][T15544] __nla_validate_parse: 7 callbacks suppressed
[  296.202485][T15544] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4267'.
[  296.254027][T15445] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  296.266563][T15445] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  296.276733][T15445] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  296.287315][T15445] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  296.297770][T15553] netlink: 'syz.7.4266': attribute type 4 has an invalid length.
[  296.376090][T15445] 8021q: adding VLAN 0 to HW filter on device bond0
[  296.393709][T15445] 8021q: adding VLAN 0 to HW filter on device team0
[  296.403738][  T348] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.410835][  T348] bridge0: port 1(bridge_slave_0) entered forwarding state
[  296.423296][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.430543][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[  296.459136][T15445] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  296.469586][T15445] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  296.526355][T15445] 8021q: adding VLAN 0 to HW filter on device batadv0
[  296.638887][T15445] veth0_vlan: entered promiscuous mode
[  296.647662][T15445] veth1_vlan: entered promiscuous mode
[  296.663208][T15445] veth0_macvtap: entered promiscuous mode
[  296.670635][T15445] veth1_macvtap: entered promiscuous mode
[  296.681394][T15445] batman_adv: batadv0: Interface activated: batadv_slave_0
[  296.693291][T15445] batman_adv: batadv0: Interface activated: batadv_slave_1
[  296.704443][   T51] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  296.715422][   T51] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  296.724441][   T51] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  296.734280][   T51] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  296.786468][T15579] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4270'.
[  296.807394][   T51] bridge0 (unregistering): left allmulticast mode
[  296.814011][   T51] bridge0 (unregistering): left promiscuous mode
[  296.825971][T15579] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4270'.
[  296.854496][T15579] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4270'.
[  297.015998][   T51] bond0 (unregistering): Released all slaves
[  297.026140][   T51] bond1 (unregistering): Released all slaves
[  297.035123][   T51] bond2 (unregistering): (slave batadv1): Releasing active interface
[  297.043534][T15600] futex_wake_op: syz.2.4277 tries to shift op by -1; fix this program
[  297.052848][   T51] bond2 (unregistering): (slave batadv2): Releasing active interface
[  297.067566][   T51] bond2 (unregistering): Released all slaves
[  297.069542][T15604] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4279'.
[  297.084878][T15604] netlink: 312 bytes leftover after parsing attributes in process `syz.7.4279'.
[  297.094049][T15604] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4279'.
[  297.129112][T15608] random: crng reseeded on system resumption
[  297.155327][T15613] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4280'.
[  297.162042][T15604] Restarting kernel threads ...
[  297.164758][T15613] netlink: 312 bytes leftover after parsing attributes in process `syz.5.4280'.
[  297.178191][T15613] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4280'.
[  297.199885][   T51] hsr_slave_0: left promiscuous mode
[  297.205858][T15604] Done restarting kernel threads.
[  297.211015][   T51] hsr_slave_1: left promiscuous mode
[  297.310393][   T37] smc: removing ib device syz!
[  297.524600][T15649] futex_wake_op: syz.0.4296 tries to shift op by -1; fix this program
[  297.820016][T15699] futex_wake_op: syz.5.4314 tries to shift op by -1; fix this program
[  298.141157][T15734] loop1: detected capacity change from 0 to 128
[  298.154727][T15734] syz.1.4326: attempt to access beyond end of device
[  298.154727][T15734] loop1: rw=2049, sector=138, nr_sectors = 2 limit=128
[  298.360775][T15741] futex_wake_op: syz.2.4328 tries to shift op by -1; fix this program
[  299.144674][T15784] FAULT_INJECTION: forcing a failure.
[  299.144674][T15784] name failslab, interval 1, probability 0, space 0, times 0
[  299.157419][T15784] CPU: 0 UID: 0 PID: 15784 Comm: syz.2.4346 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  299.157458][T15784] Tainted: [W]=WARN
[  299.157466][T15784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  299.157482][T15784] Call Trace:
[  299.157489][T15784]  <TASK>
[  299.157497][T15784]  __dump_stack+0x1d/0x30
[  299.157596][T15784]  dump_stack_lvl+0xe8/0x140
[  299.157620][T15784]  dump_stack+0x15/0x1b
[  299.157694][T15784]  should_fail_ex+0x265/0x280
[  299.157743][T15784]  should_failslab+0x8c/0xb0
[  299.157823][T15784]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  299.157889][T15784]  ? nf_ct_ext_add+0xff/0x210
[  299.157979][T15784]  ? __nf_conntrack_alloc+0xc9/0x2b0
[  299.158013][T15784]  krealloc_noprof+0xb9/0x2d0
[  299.158045][T15784]  nf_ct_ext_add+0xff/0x210
[  299.158095][T15784]  ctnetlink_new_conntrack+0xbea/0x1280
[  299.158121][T15784]  ? __nla_validate_parse+0x1652/0x1d00
[  299.158160][T15784]  ? __nla_parse+0x40/0x60
[  299.158194][T15784]  nfnetlink_rcv_msg+0x4c3/0x590
[  299.158292][T15784]  netlink_rcv_skb+0x123/0x220
[  299.158428][T15784]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  299.158454][T15784]  nfnetlink_rcv+0x16b/0x1690
[  299.158473][T15784]  ? nlmon_xmit+0x4f/0x60
[  299.158516][T15784]  ? consume_skb+0x49/0x150
[  299.158608][T15784]  ? nlmon_xmit+0x4f/0x60
[  299.158635][T15784]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  299.158661][T15784]  ? __dev_queue_xmit+0x1200/0x2000
[  299.158773][T15784]  ? __dev_queue_xmit+0x182/0x2000
[  299.158843][T15784]  ? ref_tracker_free+0x37d/0x3e0
[  299.158900][T15784]  ? __netlink_deliver_tap+0x4dc/0x500
[  299.158935][T15784]  netlink_unicast+0x5bd/0x690
[  299.158963][T15784]  netlink_sendmsg+0x58b/0x6b0
[  299.159085][T15784]  ? __pfx_netlink_sendmsg+0x10/0x10
[  299.159112][T15784]  __sock_sendmsg+0x145/0x180
[  299.159148][T15784]  ____sys_sendmsg+0x31e/0x4e0
[  299.159238][T15784]  ___sys_sendmsg+0x17b/0x1d0
[  299.159325][T15784]  __x64_sys_sendmsg+0xd4/0x160
[  299.159365][T15784]  x64_sys_call+0x191e/0x2ff0
[  299.159386][T15784]  do_syscall_64+0xd2/0x200
[  299.159416][T15784]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  299.159441][T15784]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  299.159496][T15784]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.159583][T15784] RIP: 0033:0x7f5e1c2feba9
[  299.159600][T15784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  299.159618][T15784] RSP: 002b:00007f5e1ad67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  299.159635][T15784] RAX: ffffffffffffffda RBX: 00007f5e1c545fa0 RCX: 00007f5e1c2feba9
[  299.159647][T15784] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[  299.159721][T15784] RBP: 00007f5e1ad67090 R08: 0000000000000000 R09: 0000000000000000
[  299.159735][T15784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  299.159749][T15784] R13: 00007f5e1c546038 R14: 00007f5e1c545fa0 R15: 00007ffda59460d8
[  299.159773][T15784]  </TASK>
[  299.457004][T15790] loop1: detected capacity change from 0 to 128
[  300.973676][   T29] kauditd_printk_skb: 234 callbacks suppressed
[  300.973736][   T29] audit: type=1326 audit(1758463913.192:11633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15788 comm="syz.7.4347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2427aeeba9 code=0x7fc00000
[  300.979344][T15811] FAULT_INJECTION: forcing a failure.
[  300.979344][T15811] name failslab, interval 1, probability 0, space 0, times 0
[  300.979971][   T29] audit: type=1400 audit(1758463913.632:11634): avc:  denied  { setcheckreqprot } for  pid=15793 comm="syz.2.4349" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  301.003631][T15811] CPU: 1 UID: 0 PID: 15811 Comm: syz.0.4353 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  301.003676][T15811] Tainted: [W]=WARN
[  301.003715][T15811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  301.003733][T15811] Call Trace:
[  301.003740][T15811]  <TASK>
[  301.003752][T15811]  __dump_stack+0x1d/0x30
[  301.003781][T15811]  dump_stack_lvl+0xe8/0x140
[  301.003809][T15811]  dump_stack+0x15/0x1b
[  301.003832][T15811]  should_fail_ex+0x265/0x280
[  301.003868][T15811]  should_failslab+0x8c/0xb0
[  301.003946][T15811]  __kmalloc_noprof+0xa5/0x3e0
[  301.004058][T15811]  ? security_sk_alloc+0x52/0x120
[  301.004192][T15811]  security_sk_alloc+0x52/0x120
[  301.004278][T15811]  sk_prot_alloc+0xc2/0x190
[  301.004315][T15811]  sk_alloc+0x34/0x360
[  301.004347][T15811]  unix_create1+0xa5/0x430
[  301.004428][T15811]  ? inode_init_always_gfp+0x4cd/0x500
[  301.004462][T15811]  unix_create+0x11f/0x150
[  301.004493][T15811]  __sock_create+0x2ec/0x5b0
[  301.004523][T15811]  __sys_socketpair+0x170/0x430
[  301.004563][T15811]  ? ksys_write+0x192/0x1a0
[  301.004605][T15811]  __x64_sys_socketpair+0x52/0x60
[  301.004633][T15811]  x64_sys_call+0x2bf2/0x2ff0
[  301.004660][T15811]  do_syscall_64+0xd2/0x200
[  301.004700][T15811]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  301.004807][T15811]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  301.004856][T15811]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.004884][T15811] RIP: 0033:0x7f39e2300afa
[  301.004903][T15811] Code: 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 35 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  301.004935][T15811] RSP: 002b:00007f39e0d66f78 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  301.004958][T15811] RAX: ffffffffffffffda RBX: 00007f39e2545f00 RCX: 00007f39e2300afa
[  301.004973][T15811] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[  301.004989][T15811] RBP: 00007f39e0d67090 R08: 0000000000000000 R09: 0000000000000000
[  301.005004][T15811] R10: 00007f39e0d66f98 R11: 0000000000000246 R12: 0000000000000004
[  301.005020][T15811] R13: 00007f39e2546038 R14: 00007f39e2545fa0 R15: 00007ffe42e690a8
[  301.005115][T15811]  </TASK>
[  301.362535][T15828] __nla_validate_parse: 15 callbacks suppressed
[  301.362552][T15828] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4360'.
[  301.377816][T15830] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  301.409677][T15828] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4360'.
[  301.451551][T15828] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4360'.
[  302.424368][   T29] audit: type=1326 audit(1758463915.042:11635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15844 comm="syz.7.4366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2427aeeba9 code=0x7fc00000
[  302.448506][   T29] audit: type=1326 audit(1758463915.042:11636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15844 comm="syz.7.4366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2427aeeba9 code=0x7fc00000
[  302.472295][   T29] audit: type=1326 audit(1758463915.042:11637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15844 comm="syz.7.4366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2427aeeba9 code=0x7fc00000
[  302.496061][   T29] audit: type=1326 audit(1758463915.042:11638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15844 comm="syz.7.4366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2427aeeba9 code=0x7fc00000
[  302.519699][   T29] audit: type=1326 audit(1758463915.042:11639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15844 comm="syz.7.4366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2427aeeba9 code=0x7fc00000
[  302.543573][   T29] audit: type=1326 audit(1758463915.042:11640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15844 comm="syz.7.4366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2427aeeba9 code=0x7fc00000
[  302.591891][T15877] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4376'.
[  302.613032][T15877] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4376'.
[  302.661706][   T29] audit: type=1326 audit(1758463915.322:11641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15879 comm="syz.0.4377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39e22feba9 code=0x7ffc0000
[  302.685375][   T29] audit: type=1326 audit(1758463915.322:11642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15879 comm="syz.0.4377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f39e22feba9 code=0x7ffc0000
[  302.731854][T15877] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4376'.
[  302.835911][T15896] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4382'.
[  302.855007][T15896] netlink: 312 bytes leftover after parsing attributes in process `syz.0.4382'.
[  302.864177][T15896] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4382'.
[  302.903100][T15902] random: crng reseeded on system resumption
[  302.917957][T15896] Restarting kernel threads ...
[  302.969272][T15896] Done restarting kernel threads.
[  303.020009][T15913] random: crng reseeded on system resumption
[  303.031555][T15913] Restarting kernel threads ...
[  303.037263][T15913] Done restarting kernel threads.
[  303.136906][T15925] futex_wake_op: syz.5.4394 tries to shift op by -1; fix this program
[  303.725184][T15965] loop1: detected capacity change from 0 to 128
[  303.741960][T15965] syz.1.4407: attempt to access beyond end of device
[  303.741960][T15965] loop1: rw=2049, sector=138, nr_sectors = 2 limit=128
[  303.759119][T15967] futex_wake_op: syz.2.4408 tries to shift op by -1; fix this program
[  303.930001][T15968] netlink: 'syz.1.4407': attribute type 4 has an invalid length.
[  304.075780][T15992] futex_wake_op: syz.7.4419 tries to shift op by -1; fix this program
[  304.322816][T16028] futex_wake_op: syz.2.4435 tries to shift op by -1; fix this program
[  304.664300][T16063] FAULT_INJECTION: forcing a failure.
[  304.664300][T16063] name failslab, interval 1, probability 0, space 0, times 0
[  304.677085][T16063] CPU: 0 UID: 0 PID: 16063 Comm: syz.2.4450 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  304.677114][T16063] Tainted: [W]=WARN
[  304.677121][T16063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  304.677135][T16063] Call Trace:
[  304.677141][T16063]  <TASK>
[  304.677149][T16063]  __dump_stack+0x1d/0x30
[  304.677207][T16063]  dump_stack_lvl+0xe8/0x140
[  304.677226][T16063]  dump_stack+0x15/0x1b
[  304.677244][T16063]  should_fail_ex+0x265/0x280
[  304.677309][T16063]  should_failslab+0x8c/0xb0
[  304.677336][T16063]  __kmalloc_noprof+0xa5/0x3e0
[  304.677359][T16063]  ? kernfs_fop_write_iter+0xe2/0x300
[  304.677457][T16063]  ? selinux_file_permission+0x1e4/0x320
[  304.677484][T16063]  kernfs_fop_write_iter+0xe2/0x300
[  304.677550][T16063]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  304.677577][T16063]  vfs_write+0x527/0x960
[  304.677623][T16063]  ksys_write+0xda/0x1a0
[  304.677648][T16063]  __x64_sys_write+0x40/0x50
[  304.677680][T16063]  x64_sys_call+0x27fe/0x2ff0
[  304.677697][T16063]  do_syscall_64+0xd2/0x200
[  304.677775][T16063]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  304.677882][T16063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.677907][T16063] RIP: 0033:0x7f5e1c2feba9
[  304.677923][T16063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  304.677943][T16063] RSP: 002b:00007f5e1ad67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  304.677958][T16063] RAX: ffffffffffffffda RBX: 00007f5e1c545fa0 RCX: 00007f5e1c2feba9
[  304.678039][T16063] RDX: 0000000000000012 RSI: 0000200000000000 RDI: 0000000000000006
[  304.678049][T16063] RBP: 00007f5e1ad67090 R08: 0000000000000000 R09: 0000000000000000
[  304.678059][T16063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  304.678107][T16063] R13: 00007f5e1c546038 R14: 00007f5e1c545fa0 R15: 00007ffda59460d8
[  304.678129][T16063]  </TASK>
[  304.742117][    C1] vcan0: j1939_tp_rxtimer: 0xffff888119d5cc00: rx timeout, send abort
[  304.880804][    C1] vcan0: j1939_tp_rxtimer: 0xffff888119d5d600: rx timeout, send abort
[  304.889334][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888119d5cc00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  304.903684][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888119d5d600: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  305.131062][T16076] netlink: 'syz.5.4453': attribute type 4 has an invalid length.
[  305.341424][T16094] futex_wake_op: syz.0.4461 tries to shift op by -1; fix this program
[  305.906395][T16116] loop1: detected capacity change from 0 to 32768
[  306.043029][T16116]  loop1: p1 p2 p3 < p5 p6 p7 >
[  306.083570][T16116] loop1: p2 size 16775168 extends beyond EOD, truncated
[  306.091724][T16116] loop1: p5 start 4294970168 is beyond EOD, truncated
[  306.436077][T16138] __nla_validate_parse: 23 callbacks suppressed
[  306.436095][T16138] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4475'.
[  306.822902][   T29] kauditd_printk_skb: 320 callbacks suppressed
[  306.822918][   T29] audit: type=1326 audit(1758463919.472:11963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16130 comm="syz.7.4473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2427aeeba9 code=0x7fc00000
[  307.154563][    C1] vcan0: j1939_tp_rxtimer: 0xffff888118e36600: rx timeout, send abort
[  307.162781][    C1] vcan0: j1939_tp_rxtimer: 0xffff888118e37200: rx timeout, send abort
[  307.171349][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888118e36600: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  307.185634][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888118e37200: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  307.226794][   T29] audit: type=1326 audit(1758463919.892:11964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16141 comm="syz.0.4476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39e22feba9 code=0x7ffc0000
[  307.252635][T16142] FAULT_INJECTION: forcing a failure.
[  307.252635][T16142] name failslab, interval 1, probability 0, space 0, times 0
[  307.265419][T16142] CPU: 0 UID: 0 PID: 16142 Comm: syz.0.4476 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  307.265484][T16142] Tainted: [W]=WARN
[  307.265492][T16142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  307.265534][T16142] Call Trace:
[  307.265540][T16142]  <TASK>
[  307.265548][T16142]  __dump_stack+0x1d/0x30
[  307.265572][T16142]  dump_stack_lvl+0xe8/0x140
[  307.265629][T16142]  dump_stack+0x15/0x1b
[  307.265647][T16142]  should_fail_ex+0x265/0x280
[  307.265726][T16142]  should_failslab+0x8c/0xb0
[  307.265748][T16142]  kmem_cache_alloc_noprof+0x50/0x310
[  307.265833][T16142]  ? audit_log_start+0x365/0x6c0
[  307.265933][T16142]  audit_log_start+0x365/0x6c0
[  307.265964][T16142]  audit_seccomp+0x48/0x100
[  307.265990][T16142]  ? __seccomp_filter+0x68c/0x10d0
[  307.266015][T16142]  __seccomp_filter+0x69d/0x10d0
[  307.266041][T16142]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  307.266212][T16142]  ? vfs_write+0x7e8/0x960
[  307.266236][T16142]  ? __rcu_read_unlock+0x4f/0x70
[  307.266256][T16142]  ? __fget_files+0x184/0x1c0
[  307.266286][T16142]  __secure_computing+0x82/0x150
[  307.266310][T16142]  syscall_trace_enter+0xcf/0x1e0
[  307.266438][T16142]  do_syscall_64+0xac/0x200
[  307.266492][T16142]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  307.266511][T16142]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  307.266543][T16142]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.266604][T16142] RIP: 0033:0x7f39e22feba9
[  307.266619][T16142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.266689][T16142] RSP: 002b:00007f39e0d67038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  307.266709][T16142] RAX: ffffffffffffffda RBX: 00007f39e2545fa0 RCX: 00007f39e22feba9
[  307.266721][T16142] RDX: 0000000000000002 RSI: 0000000000000086 RDI: 0000000000000000
[  307.266752][T16142] RBP: 00007f39e0d67090 R08: 0000000000000000 R09: 00000000fffffffc
[  307.266764][T16142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  307.266782][T16142] R13: 00007f39e2546038 R14: 00007f39e2545fa0 R15: 00007ffe42e690a8
[  307.266803][T16142]  </TASK>
[  307.266810][T16142] audit: audit_lost=11 audit_rate_limit=0 audit_backlog_limit=64
[  307.394026][   T29] audit: type=1326 audit(1758463919.922:11965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16141 comm="syz.0.4476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f39e22feba9 code=0x7ffc0000
[  307.396421][T16142] audit: out of memory in audit_log_start
[  307.402284][   T29] audit: type=1326 audit(1758463919.922:11966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16141 comm="syz.0.4476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39e22feba9 code=0x7ffc0000
[  307.440155][T16146] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4478'.
[  307.443007][   T29] audit: type=1326 audit(1758463919.922:11967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16141 comm="syz.0.4476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f39e22feba9 code=0x7ffc0000
[  307.443062][   T29] audit: type=1326 audit(1758463919.922:11968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16141 comm="syz.0.4476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39e22feba9 code=0x7ffc0000
[  307.443095][   T29] audit: type=1326 audit(1758463919.922:11969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16141 comm="syz.0.4476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f39e22feba9 code=0x7ffc0000
[  307.452845][T16146] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4478'.
[  307.459053][   T29] audit: type=1326 audit(1758463919.922:11970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16141 comm="syz.0.4476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39e22feba9 code=0x7ffc0000
[  307.467845][T16146] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4478'.
[  307.736858][T16171] 9pnet_fd: Insufficient options for proto=fd
[  307.886151][T16194] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4492'.
[  307.890653][T16172] netlink: 'syz.5.4481': attribute type 4 has an invalid length.
[  307.910004][T16194] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4492'.
[  307.919133][T16194] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4492'.
[  307.958776][T16205] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4496'.
[  308.010970][T16205] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4496'.
[  308.020424][T16210] FAULT_INJECTION: forcing a failure.
[  308.020424][T16210] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  308.033561][T16210] CPU: 0 UID: 0 PID: 16210 Comm: syz.2.4497 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  308.033630][T16210] Tainted: [W]=WARN
[  308.033636][T16210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  308.033651][T16210] Call Trace:
[  308.033658][T16210]  <TASK>
[  308.033667][T16210]  __dump_stack+0x1d/0x30
[  308.033692][T16210]  dump_stack_lvl+0xe8/0x140
[  308.033717][T16210]  dump_stack+0x15/0x1b
[  308.033745][T16210]  should_fail_ex+0x265/0x280
[  308.033819][T16210]  should_fail+0xb/0x20
[  308.033845][T16210]  should_fail_usercopy+0x1a/0x20
[  308.033875][T16210]  _copy_from_user+0x1c/0xb0
[  308.033906][T16210]  __copy_msghdr+0x244/0x300
[  308.033976][T16210]  ___sys_sendmsg+0x109/0x1d0
[  308.034024][T16210]  __x64_sys_sendmsg+0xd4/0x160
[  308.034052][T16210]  x64_sys_call+0x191e/0x2ff0
[  308.034137][T16210]  do_syscall_64+0xd2/0x200
[  308.034167][T16210]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  308.034291][T16210]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  308.034320][T16210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  308.034338][T16210] RIP: 0033:0x7f5e1c2feba9
[  308.034352][T16210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  308.034373][T16210] RSP: 002b:00007f5e1ad67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  308.034394][T16210] RAX: ffffffffffffffda RBX: 00007f5e1c545fa0 RCX: 00007f5e1c2feba9
[  308.034473][T16210] RDX: 0000000000000800 RSI: 0000200000000140 RDI: 0000000000000003
[  308.034488][T16210] RBP: 00007f5e1ad67090 R08: 0000000000000000 R09: 0000000000000000
[  308.034501][T16210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  308.034511][T16210] R13: 00007f5e1c546038 R14: 00007f5e1c545fa0 R15: 00007ffda59460d8
[  308.034531][T16210]  </TASK>
[  308.266024][T16205] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4496'.
[  308.339259][T16230] 9pnet_fd: Insufficient options for proto=fd
[  308.402233][T16234] 9pnet_fd: Insufficient options for proto=fd
[  308.658099][T16263] 9pnet_fd: Insufficient options for proto=fd
[  308.941490][T16289] netlink: 'syz.0.4526': attribute type 4 has an invalid length.
[  309.420223][T16307] netlink: 'syz.5.4531': attribute type 4 has an invalid length.
[  309.683171][T16314] 9pnet_fd: Insufficient options for proto=fd
[  310.069199][T16338] loop1: detected capacity change from 0 to 128
[  310.089791][T16338] syz.1.4543: attempt to access beyond end of device
[  310.089791][T16338] loop1: rw=2049, sector=138, nr_sectors = 2 limit=128
[  310.184488][T16342] netlink: 'syz.1.4543': attribute type 4 has an invalid length.
[  310.299673][T16351] 9pnet_fd: Insufficient options for proto=fd
[  310.707699][T16368] ipvlan2: entered promiscuous mode
[  311.057775][T16382] futex_wake_op: syz.2.4559 tries to shift op by -1; fix this program
[  311.221313][T16402] ipvlan2: entered promiscuous mode
[  311.311216][T16406] netlink: 'syz.5.4565': attribute type 4 has an invalid length.
[  311.405261][T16419] loop1: detected capacity change from 0 to 512
[  311.420696][T16419] EXT4-fs: Ignoring removed mblk_io_submit option
[  311.437894][T16419] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  311.451081][T16419] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  311.480934][T16419] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  311.516721][T16419] System zones: 1-12
[  311.539669][T16419] EXT4-fs (loop1): 1 truncate cleaned up
[  311.553371][T16419] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  312.150909][T16450] __nla_validate_parse: 10 callbacks suppressed
[  312.150926][T16450] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4581'.
[  312.191411][   T29] kauditd_printk_skb: 87 callbacks suppressed
[  312.191423][   T29] audit: type=1326 audit(1758463924.852:12058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16444 comm="syz.5.4582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb124eba9 code=0x7ffc0000
[  312.215463][T16456] 9pnet_fd: Insufficient options for proto=fd
[  312.249981][   T29] audit: type=1326 audit(1758463924.852:12059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16444 comm="syz.5.4582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bb124eba9 code=0x7ffc0000
[  312.273792][   T29] audit: type=1326 audit(1758463924.852:12060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16444 comm="syz.5.4582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb124eba9 code=0x7ffc0000
[  312.297428][   T29] audit: type=1326 audit(1758463924.852:12061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16444 comm="syz.5.4582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bb124eba9 code=0x7ffc0000
[  312.321260][   T29] audit: type=1326 audit(1758463924.852:12062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16444 comm="syz.5.4582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb124eba9 code=0x7ffc0000
[  312.344921][   T29] audit: type=1326 audit(1758463924.852:12063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16444 comm="syz.5.4582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bb124eba9 code=0x7ffc0000
[  312.368514][   T29] audit: type=1326 audit(1758463924.852:12064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16444 comm="syz.5.4582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb124eba9 code=0x7ffc0000
[  312.392082][   T29] audit: type=1326 audit(1758463924.852:12065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16444 comm="syz.5.4582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bb124eba9 code=0x7ffc0000
[  312.415769][   T29] audit: type=1326 audit(1758463924.862:12066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16444 comm="syz.5.4582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb124eba9 code=0x7ffc0000
[  312.439525][   T29] audit: type=1326 audit(1758463924.862:12067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16444 comm="syz.5.4582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bb124eba9 code=0x7ffc0000
[  312.489026][T11557] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.535154][T16469] futex_wake_op: syz.1.4588 tries to shift op by -1; fix this program
[  312.669762][T16484] netlink: 'syz.5.4590': attribute type 4 has an invalid length.
[  312.713112][T16488] netlink: 'syz.0.4593': attribute type 4 has an invalid length.
[  312.738344][T16493] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4598'.
[  312.865873][T16503] netlink: 108 bytes leftover after parsing attributes in process `syz.2.4601'.
[  312.955772][T16490] loop1: detected capacity change from 0 to 32768
[  312.974430][T16490]  loop1: p1 p2 p3 < p5 p6 p7 >
[  312.982235][T16490] loop1: p2 size 16775168 extends beyond EOD, truncated
[  313.053958][T16490] loop1: p5 start 4294970168 is beyond EOD, truncated
[  313.196912][T16508] loop1: detected capacity change from 0 to 1024
[  313.205177][T16508] EXT4-fs: Ignoring removed bh option
[  313.210691][T16508] EXT4-fs: inline encryption not supported
[  313.217035][T16508] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  313.231194][T16508] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 2: comm syz.1.4602: lblock 2 mapped to illegal pblock 2 (length 1)
[  313.247367][T16508] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 48: comm syz.1.4602: lblock 0 mapped to illegal pblock 48 (length 1)
[  313.261878][T16508] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.4602: Failed to acquire dquot type 0
[  313.273565][T16508] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  313.283978][T16508] EXT4-fs error (device loop1): ext4_evict_inode:254: inode #11: comm syz.1.4602: mark_inode_dirty error
[  313.295887][T16508] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  313.306226][T16508] EXT4-fs (loop1): 1 orphan inode deleted
[  313.312411][T16508] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  313.325036][   T31] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:1: lblock 1 mapped to illegal pblock 1 (length 1)
[  313.340386][T16508] FAULT_INJECTION: forcing a failure.
[  313.340386][T16508] name failslab, interval 1, probability 0, space 0, times 0
[  313.343094][   T31] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u8:1: Failed to release dquot type 0
[  313.353044][T16508] CPU: 0 UID: 0 PID: 16508 Comm: syz.1.4602 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  313.353153][T16508] Tainted: [W]=WARN
[  313.353162][T16508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  313.353180][T16508] Call Trace:
[  313.353189][T16508]  <TASK>
[  313.353250][T16508]  __dump_stack+0x1d/0x30
[  313.353278][T16508]  dump_stack_lvl+0xe8/0x140
[  313.353306][T16508]  dump_stack+0x15/0x1b
[  313.353362][T16508]  should_fail_ex+0x265/0x280
[  313.353395][T16508]  should_failslab+0x8c/0xb0
[  313.353431][T16508]  kmem_cache_alloc_noprof+0x50/0x310
[  313.353470][T16508]  ? getname_flags+0x80/0x3b0
[  313.353555][T16508]  getname_flags+0x80/0x3b0
[  313.353596][T16508]  user_path_at+0x28/0x130
[  313.353641][T16508]  __se_sys_mount+0x25b/0x2e0
[  313.353700][T16508]  ? fput+0x8f/0xc0
[  313.353745][T16508]  __x64_sys_mount+0x67/0x80
[  313.353779][T16508]  x64_sys_call+0x2b4d/0x2ff0
[  313.353809][T16508]  do_syscall_64+0xd2/0x200
[  313.353892][T16508]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  313.353924][T16508]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  313.353973][T16508]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.354037][T16508] RIP: 0033:0x7fd67311eba9
[  313.354054][T16508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  313.354075][T16508] RSP: 002b:00007fd671b7f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  313.354097][T16508] RAX: ffffffffffffffda RBX: 00007fd673365fa0 RCX: 00007fd67311eba9
[  313.354117][T16508] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000000
[  313.354142][T16508] RBP: 00007fd671b7f090 R08: 0000000000000000 R09: 0000000000000000
[  313.354156][T16508] R10: 0000000000000021 R11: 0000000000000246 R12: 0000000000000001
[  313.354171][T16508] R13: 00007fd673366038 R14: 00007fd673365fa0 R15: 00007fffc5415a68
[  313.354212][T16508]  </TASK>
[  313.587022][T11557] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  313.599047][T11557] EXT4-fs error (device loop1): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[  313.612531][T11557] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  313.624736][T11557] EXT4-fs error (device loop1): ext4_quota_off:7221: inode #3: comm syz-executor: mark_inode_dirty error
[  313.709980][T16530] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4610'.
[  313.774633][T16530] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4610'.
[  313.814804][T16530] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4610'.
[  313.888145][T16556] loop1: detected capacity change from 0 to 128
[  314.035947][T16567] netlink: 'syz.5.4618': attribute type 4 has an invalid length.
[  314.098925][T16582] 9pnet_fd: Insufficient options for proto=fd
[  314.133260][T16591] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  314.139824][T16591] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  314.147489][T16591] vhci_hcd vhci_hcd.0: Device attached
[  314.155450][T16591] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(11)
[  314.162080][T16591] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  314.169642][T16591] vhci_hcd vhci_hcd.0: Device attached
[  314.310155][ T3391] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  314.318301][ T3391] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  314.403691][T16622] 9pnet_fd: Insufficient options for proto=fd
[  314.442925][ T3384] usb 1-1: new low-speed USB device number 2 using vhci_hcd
[  314.697641][T16642] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=36 sclass=netlink_audit_socket pid=16642 comm=syz.2.4652
[  314.715163][T16646] 9pnet_fd: Insufficient options for proto=fd
[  314.730699][T16642] SELinux: ebitmap: truncated map
[  314.744574][T16642] SELinux: failed to load policy
[  314.872654][T16668] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4664'.
[  314.890344][T16670] loop1: detected capacity change from 0 to 128
[  314.963466][T16592] vhci_hcd: connection reset by peer
[  314.968831][T16597] vhci_hcd: connection closed
[  314.974276][  T136] vhci_hcd: stop threads
[  314.983237][  T136] vhci_hcd: release socket
[  314.987668][  T136] vhci_hcd: disconnect device
[  314.995938][  T136] vhci_hcd: stop threads
[  315.000202][  T136] vhci_hcd: release socket
[  315.004764][  T136] vhci_hcd: disconnect device
[  315.031364][T16679] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4668'.
[  315.050427][T16679] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4668'.
[  315.079645][T16679] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4668'.
[  315.318135][T16715] 9pnet_fd: Insufficient options for proto=fd
[  315.692031][T16751] loop1: detected capacity change from 0 to 1024
[  315.698809][T16751] EXT4-fs: Ignoring removed orlov option
[  315.706746][T16751] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  316.653392][T11557] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.717733][T16794] loop1: detected capacity change from 0 to 256
[  316.725513][T16794] FAT-fs (loop1): bogus sectors per cluster 223
[  316.731790][T16794] FAT-fs (loop1): Can't find a valid FAT filesystem
[  316.745131][T16794] loop1: detected capacity change from 0 to 512
[  316.752615][T16794] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  316.765909][T16794] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  316.779180][T16794] EXT4-fs (loop1): 1 truncate cleaned up
[  316.787141][T16794] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  316.817534][T16803] 9pnet_fd: Insufficient options for proto=fd
[  316.855368][T11557] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.361042][   T29] kauditd_printk_skb: 512 callbacks suppressed
[  317.361058][   T29] audit: type=1326 audit(1758463930.022:12577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16837 comm="syz.5.4731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb124eba9 code=0x7ffc0000
[  317.409026][   T29] audit: type=1326 audit(1758463930.062:12578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16837 comm="syz.5.4731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb124eba9 code=0x7ffc0000
[  317.432698][   T29] audit: type=1326 audit(1758463930.062:12579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16837 comm="syz.5.4731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bb124eba9 code=0x7ffc0000
[  317.456330][   T29] audit: type=1326 audit(1758463930.062:12580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16837 comm="syz.5.4731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb124eba9 code=0x7ffc0000
[  317.480081][   T29] audit: type=1326 audit(1758463930.062:12581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16837 comm="syz.5.4731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb124eba9 code=0x7ffc0000
[  317.503696][   T29] audit: type=1326 audit(1758463930.062:12582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16837 comm="syz.5.4731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bb124eba9 code=0x7ffc0000
[  317.527369][   T29] audit: type=1326 audit(1758463930.062:12583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16837 comm="syz.5.4731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb124eba9 code=0x7ffc0000
[  317.550999][   T29] audit: type=1326 audit(1758463930.062:12584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16837 comm="syz.5.4731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb124eba9 code=0x7ffc0000
[  317.574592][   T29] audit: type=1326 audit(1758463930.062:12585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16837 comm="syz.5.4731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bb124eba9 code=0x7ffc0000
[  317.598218][   T29] audit: type=1326 audit(1758463930.062:12586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16837 comm="syz.5.4731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb124eba9 code=0x7ffc0000
[  317.692020][T16847] __nla_validate_parse: 3 callbacks suppressed
[  317.692033][T16847] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4735'.
[  317.908504][T16866] 9pnet_fd: Insufficient options for proto=fd
[  317.930339][T16868] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4744'.
[  317.940273][T16868] netlink: 312 bytes leftover after parsing attributes in process `syz.7.4744'.
[  317.949398][T16868] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4744'.
[  317.965129][T16868] random: crng reseeded on system resumption
[  317.976486][T16868] Restarting kernel threads ...
[  317.981605][T16868] Done restarting kernel threads.
[  318.026731][T16874] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4747'.
[  318.045855][T16875] loop1: detected capacity change from 0 to 128
[  318.102286][T16875] netlink: 'syz.1.4745': attribute type 4 has an invalid length.
[  318.454435][T16888] netlink: 44 bytes leftover after parsing attributes in process `syz.5.4751'.
[  318.525602][T16894] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4754'.
[  318.535198][T16894] netlink: 312 bytes leftover after parsing attributes in process `syz.5.4754'.
[  318.544337][T16894] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4754'.
[  318.554744][T16894] random: crng reseeded on system resumption
[  318.565239][T16894] Restarting kernel threads ...
[  318.570510][T16894] Done restarting kernel threads.
[  318.769375][T16910] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4762'.
[  318.831018][T16917] random: crng reseeded on system resumption
[  318.840790][T16917] Restarting kernel threads ...
[  318.846201][T16917] Done restarting kernel threads.
[  318.971586][T16926] loop1: detected capacity change from 0 to 128
[  318.987267][T16926] syz.1.4768: attempt to access beyond end of device
[  318.987267][T16926] loop1: rw=2049, sector=138, nr_sectors = 2 limit=128
[  319.474696][ T3384] usb 1-1: enqueue for inactive port 0
[  319.489170][ T3384] usb 1-1: enqueue for inactive port 0
[  319.653208][ T3384] vhci_hcd: vhci_device speed not set
[  320.297322][T17032] FAULT_INJECTION: forcing a failure.
[  320.297322][T17032] name failslab, interval 1, probability 0, space 0, times 0
[  320.310111][T17032] CPU: 0 UID: 0 PID: 17032 Comm: syz.2.4816 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  320.310140][T17032] Tainted: [W]=WARN
[  320.310145][T17032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  320.310203][T17032] Call Trace:
[  320.310210][T17032]  <TASK>
[  320.310218][T17032]  __dump_stack+0x1d/0x30
[  320.310240][T17032]  dump_stack_lvl+0xe8/0x140
[  320.310264][T17032]  dump_stack+0x15/0x1b
[  320.310283][T17032]  should_fail_ex+0x265/0x280
[  320.310312][T17032]  should_failslab+0x8c/0xb0
[  320.310336][T17032]  kmem_cache_alloc_node_noprof+0x57/0x320
[  320.310422][T17032]  ? __alloc_skb+0x101/0x320
[  320.310449][T17032]  __alloc_skb+0x101/0x320
[  320.310471][T17032]  inet_netconf_notify_devconf+0x173/0x230
[  320.310528][T17032]  inetdev_event+0x743/0xc10
[  320.310558][T17032]  ? __pfx_ib_netdevice_event+0x10/0x10
[  320.310618][T17032]  ? ib_netdevice_event+0x186/0x5f0
[  320.310649][T17032]  ? __pfx_inetdev_event+0x10/0x10
[  320.310707][T17032]  raw_notifier_call_chain+0x6f/0x1b0
[  320.310725][T17032]  ? call_netdevice_notifiers_info+0x9c/0x100
[  320.310798][T17032]  call_netdevice_notifiers_info+0xae/0x100
[  320.310833][T17032]  unregister_netdevice_many_notify+0xda9/0x15d0
[  320.310935][T17032]  unregister_netdevice_queue+0x1f5/0x220
[  320.310961][T17032]  __tun_detach+0x7db/0xad0
[  320.310989][T17032]  ? __pfx_tun_chr_close+0x10/0x10
[  320.311029][T17032]  tun_chr_close+0x5a/0x100
[  320.311049][T17032]  __fput+0x29b/0x650
[  320.311086][T17032]  fput_close_sync+0x6e/0x120
[  320.311240][T17032]  __x64_sys_close+0x56/0xf0
[  320.311261][T17032]  x64_sys_call+0x2738/0x2ff0
[  320.311286][T17032]  do_syscall_64+0xd2/0x200
[  320.311323][T17032]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  320.311352][T17032]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  320.311461][T17032]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.311486][T17032] RIP: 0033:0x7f5e1c2feba9
[  320.311558][T17032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  320.311573][T17032] RSP: 002b:00007f5e1ad67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  320.311592][T17032] RAX: ffffffffffffffda RBX: 00007f5e1c545fa0 RCX: 00007f5e1c2feba9
[  320.311606][T17032] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[  320.311619][T17032] RBP: 00007f5e1ad67090 R08: 0000000000000000 R09: 0000000000000000
[  320.311633][T17032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  320.311646][T17032] R13: 00007f5e1c546038 R14: 00007f5e1c545fa0 R15: 00007ffda59460d8
[  320.311711][T17032]  </TASK>
[  320.808112][T17071] loop1: detected capacity change from 0 to 128
[  320.829793][T17071] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  320.842082][T17071] ext4 filesystem being mounted at /346/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  320.987226][T11557] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  321.242488][T17095] futex_wake_op: syz.1.4836 tries to shift op by -1; fix this program
[  321.655642][T17125] loop1: detected capacity change from 0 to 128
[  322.383936][   T29] kauditd_printk_skb: 290 callbacks suppressed
[  322.383967][   T29] audit: type=1326 audit(1758463935.052:12877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17170 comm="syz.0.4861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39e22feba9 code=0x7ffc0000
[  322.538405][   T29] audit: type=1326 audit(1758463935.052:12878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17170 comm="syz.0.4861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39e22feba9 code=0x7ffc0000
[  322.562239][   T29] audit: type=1326 audit(1758463935.052:12879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17170 comm="syz.0.4861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=316 compat=0 ip=0x7f39e22feba9 code=0x7ffc0000
[  322.585952][   T29] audit: type=1326 audit(1758463935.052:12880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17170 comm="syz.0.4861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39e22feba9 code=0x7ffc0000
[  322.636342][   T29] audit: type=1326 audit(1758463935.292:12881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17188 comm="syz.1.4869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd67311eba9 code=0x7ffc0000
[  322.659977][   T29] audit: type=1326 audit(1758463935.292:12882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17188 comm="syz.1.4869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd67311eba9 code=0x7ffc0000
[  322.683675][   T29] audit: type=1326 audit(1758463935.292:12883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17188 comm="syz.1.4869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd67311eba9 code=0x7ffc0000
[  322.707375][   T29] audit: type=1326 audit(1758463935.292:12884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17188 comm="syz.1.4869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd67311eba9 code=0x7ffc0000
[  322.730954][   T29] audit: type=1326 audit(1758463935.292:12885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17188 comm="syz.1.4869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd67311eba9 code=0x7ffc0000
[  322.754564][   T29] audit: type=1326 audit(1758463935.292:12886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17188 comm="syz.1.4869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7fd67311eba9 code=0x7ffc0000
[  322.884212][T17197] netlink: 'syz.0.4865': attribute type 4 has an invalid length.
[  322.920205][T17200] loop1: detected capacity change from 0 to 128
[  323.540141][T17251] __nla_validate_parse: 30 callbacks suppressed
[  323.540154][T17251] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4891'.
[  323.555400][T17251] netlink: 312 bytes leftover after parsing attributes in process `syz.0.4891'.
[  323.564531][T17251] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4891'.
[  323.574622][T17251] random: crng reseeded on system resumption
[  323.584901][T17251] Restarting kernel threads ...
[  323.589935][T17251] Done restarting kernel threads.
[  323.640294][T17255] futex_wake_op: syz.0.4893 tries to shift op by -1; fix this program
[  323.809951][T17276] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4902'.
[  323.820669][T17279] loop1: detected capacity change from 0 to 256
[  323.829230][T17279] FAT-fs (loop1): bogus sectors per cluster 223
[  323.829856][T17276] netlink: 312 bytes leftover after parsing attributes in process `syz.7.4902'.
[  323.835567][T17279] FAT-fs (loop1): Can't find a valid FAT filesystem
[  323.840582][T17279] loop1: detected capacity change from 0 to 512
[  323.844951][T17276] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4902'.
[  323.859396][T17279] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  323.867224][T17280] random: crng reseeded on system resumption
[  323.889974][T17276] Restarting kernel threads ...
[  323.895580][T17276] Done restarting kernel threads.
[  323.913310][T17279] EXT4-fs (loop1): 1 truncate cleaned up
[  323.926377][T17279] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  323.956375][T11557] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.237395][T17290] futex_wake_op: syz.5.4906 tries to shift op by -1; fix this program
[  324.418764][T17301] loop1: detected capacity change from 0 to 128
[  324.490951][T17310] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4912'.
[  324.511904][T17301] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  324.545510][T17301] ext4 filesystem being mounted at /369/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  324.560368][T17310] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4912'.
[  324.732505][T17310] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4912'.
[  324.780835][T11557] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  324.828714][T17317] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4914'.
[  324.853473][T17317] random: crng reseeded on system resumption
[  324.863607][T17317] Restarting kernel threads ...
[  324.871853][T17317] Done restarting kernel threads.
[  325.424559][T17375] futex_wake_op: syz.7.4937 tries to shift op by -1; fix this program
[  325.835634][T17394] netlink: 'syz.0.4941': attribute type 4 has an invalid length.
[  326.475956][T17454] 9pnet_fd: Insufficient options for proto=fd
[  326.491708][T17456] random: crng reseeded on system resumption
[  326.502465][T17456] Restarting kernel threads ...
[  326.510584][T17456] Done restarting kernel threads.
[  326.751324][T17491] 9pnet_fd: Insufficient options for proto=fd
[  326.768582][T17497] loop1: detected capacity change from 0 to 128
[  326.777970][T17497] syz.1.4976: attempt to access beyond end of device
[  326.777970][T17497] loop1: rw=2049, sector=138, nr_sectors = 2 limit=128
[  326.855374][T17497] netlink: 'syz.1.4976': attribute type 4 has an invalid length.
[  327.131626][  T348] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.148896][T17526] ==================================================================
[  327.157026][T17526] BUG: KCSAN: data-race in call_rcu / mas_state_walk
[  327.163739][T17526] 
[  327.166068][T17526] write to 0xffff888122e2fd10 of 8 bytes by task 17524 on cpu 1:
[  327.173780][T17526]  call_rcu+0x44/0x3f0
[  327.177867][T17526]  mas_wmb_replace+0xc6a/0x14a0
[  327.182728][T17526]  mas_wr_store_entry+0x1773/0x2b50
[  327.187955][T17526]  mas_store_prealloc+0x74d/0x9e0
[  327.192990][T17526]  vma_iter_store_new+0x1c5/0x200
[  327.198024][T17526]  vma_complete+0x125/0x580
[  327.202532][T17526]  __split_vma+0x591/0x650
[  327.206956][T17526]  vma_modify+0x21e/0xc80
[  327.211297][T17526]  vma_modify_flags+0x101/0x130
[  327.216143][T17526]  mprotect_fixup+0x2cc/0x570
[  327.220822][T17526]  do_mprotect_pkey+0x6d6/0x980
[  327.225684][T17526]  __x64_sys_mprotect+0x48/0x60
[  327.230535][T17526]  x64_sys_call+0x274e/0x2ff0
[  327.235213][T17526]  do_syscall_64+0xd2/0x200
[  327.239722][T17526]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.245617][T17526] 
[  327.247938][T17526] read to 0xffff888122e2fd10 of 8 bytes by task 17526 on cpu 0:
[  327.255560][T17526]  mas_state_walk+0x2f5/0x650
[  327.260240][T17526]  mas_walk+0x60/0x150
[  327.264314][T17526]  lock_vma_under_rcu+0x8d/0x160
[  327.269262][T17526]  do_user_addr_fault+0x233/0x1090
[  327.274407][T17526]  exc_page_fault+0x62/0xa0
[  327.278916][T17526]  asm_exc_page_fault+0x26/0x30
[  327.283765][T17526] 
[  327.286087][T17526] value changed: 0x00007f5e1c16ffff -> 0xffffffff85649c50
[  327.293197][T17526] 
[  327.295517][T17526] Reported by Kernel Concurrency Sanitizer on:
[  327.301658][T17526] CPU: 0 UID: 0 PID: 17526 Comm: syz.2.4988 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  327.313026][T17526] Tainted: [W]=WARN
[  327.316824][T17526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  327.326877][T17526] ==================================================================
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  327.356033][T17510] chnl_net:caif_netlink_parms(): no params data found
[  327.380015][  T348] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.472449][   T29] kauditd_printk_skb: 487 callbacks suppressed
[  327.472465][   T29] audit: type=1326 audit(1758463940.132:13374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17524 comm="syz.2.4988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e1c2feba9 code=0x7ffc0000
[  327.503994][   T29] audit: type=1326 audit(1758463940.162:13375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17524 comm="syz.2.4988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5e1c2feba9 code=0x7ffc0000
[  327.527663][   T29] audit: type=1326 audit(1758463940.162:13376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17524 comm="syz.2.4988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e1c2feba9 code=0x7ffc0000
[  327.551483][   T29] audit: type=1326 audit(1758463940.162:13377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17524 comm="syz.2.4988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e1c2feba9 code=0x7ffc0000
[  327.634002][  T348] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.688393][  T348] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.825536][  T348] bridge_slave_1: left allmulticast mode
[  327.831363][  T348] bridge_slave_1: left promiscuous mode
[  327.837109][  T348] bridge0: port 2(bridge_slave_1) entered disabled state
[  327.849700][  T348] bridge_slave_0: left allmulticast mode
[  327.855379][  T348] bridge_slave_0: left promiscuous mode
[  327.861065][  T348] bridge0: port 1(bridge_slave_0) entered disabled state
[  327.906662][  T348] bridge0 (unregistering): left allmulticast mode
[  327.913812][  T348] bridge0 (unregistering): left promiscuous mode
[  328.004923][  T348] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  328.014507][  T348] bond0 (unregistering): Released all slaves
[  328.022937][  T348] bond1 (unregistering): Released all slaves
[  328.031773][  T348] bond2 (unregistering): (slave wireguard0): Releasing backup interface
[  328.040182][  T348] wireguard0: left promiscuous mode
[  328.046332][  T348] bond2 (unregistering): (slave wireguard1): Releasing backup interface
[  328.055460][  T348] bond2 (unregistering): Released all slaves
[  328.063594][  T348] bond3 (unregistering): Released all slaves
[  328.116864][  T348] hsr_slave_0: left promiscuous mode
[  328.122439][  T348] hsr_slave_1: left promiscuous mode
[  328.129342][  T348] veth1_vlan: left promiscuous mode
[  328.134578][  T348] veth0_vlan: left promiscuous mode
[  328.180617][  T348] team_slave_1 (unregistering): left allmulticast mode
[  328.187925][  T348] team0 (unregistering): Port device team_slave_1 removed
[  328.196929][  T348] team_slave_0 (unregistering): left allmulticast mode
[  328.204493][  T348] team0 (unregistering): Port device team_slave_0 removed
[  328.677405][  T348] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.725148][  T348] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.775844][  T348] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.825173][  T348] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.057776][  T348] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.085427][  T348] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.135395][  T348] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.195585][  T348] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.256641][  T348] bridge_slave_1: left allmulticast mode
[  329.262298][  T348] bridge_slave_1: left promiscuous mode
[  329.267965][  T348] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.275640][  T348] bridge_slave_0: left allmulticast mode
[  329.281359][  T348] bridge_slave_0: left promiscuous mode
[  329.286988][  T348] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.295338][  T348] bridge_slave_1: left allmulticast mode
[  329.301075][  T348] bridge_slave_1: left promiscuous mode
[  329.306687][  T348] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.314356][  T348] bridge_slave_0: left promiscuous mode
[  329.320007][  T348] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.328244][  T348] bridge_slave_1: left allmulticast mode
[  329.333917][  T348] bridge_slave_1: left promiscuous mode
[  329.339663][  T348] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.347173][  T348] bridge_slave_0: left allmulticast mode
[  329.352818][  T348] bridge_slave_0: left promiscuous mode
[  329.358578][  T348] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.367586][  T348] bridge_slave_1: left allmulticast mode
[  329.373315][  T348] bridge_slave_1: left promiscuous mode
[  329.379026][  T348] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.386880][  T348] bridge_slave_0: left allmulticast mode
[  329.392504][  T348] bridge_slave_0: left promiscuous mode
[  329.398250][  T348] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.554690][  T348] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  329.564230][  T348] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  329.573253][  T348] bond0 (unregistering): Released all slaves
[  329.581269][  T348] bond1 (unregistering): Released all slaves
[  329.604654][  T348] bridge0 (unregistering): left allmulticast mode
[  329.611079][  T348] bridge0 (unregistering): left promiscuous mode
[  329.705094][  T348] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  329.714647][  T348] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  329.724118][  T348] bond0 (unregistering): Released all slaves
[  329.741084][  T348] batman_adv: batadv0: Removing interface: geneve2
[  329.944970][  T348] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  329.954255][  T348] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  329.963245][  T348] bond0 (unregistering): Released all slaves
[  330.025008][  T348] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  330.034732][  T348] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  330.044171][  T348] bond0 (unregistering): Released all slaves
[  330.134348][  T348] bond0 (unregistering): Released all slaves
[  330.177947][  T348] tipc: Left network mode
[  330.187320][  T348] hsr_slave_0: left promiscuous mode
[  330.193687][  T348] hsr_slave_1: left promiscuous mode
[  330.199244][  T348] batman_adv: batadv0: Removing interface: batadv_slave_0
[  330.206805][  T348] batman_adv: batadv0: Removing interface: batadv_slave_1
[  330.216138][  T348] hsr_slave_0: left promiscuous mode
[  330.221748][  T348] hsr_slave_1: left promiscuous mode
[  330.229136][  T348] hsr_slave_0: left promiscuous mode
[  330.234850][  T348] hsr_slave_1: left promiscuous mode
[  330.240289][  T348] batman_adv: batadv0: Removing interface: batadv_slave_0
[  330.247849][  T348] batman_adv: batadv0: Removing interface: batadv_slave_1
[  330.256675][  T348] hsr_slave_0: left promiscuous mode
[  330.262443][  T348] hsr_slave_1: left promiscuous mode
[  330.268106][  T348] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  330.275506][  T348] batman_adv: batadv0: Removing interface: batadv_slave_0
[  330.282961][  T348] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  330.290342][  T348] batman_adv: batadv0: Removing interface: batadv_slave_1
[  330.301382][  T348] veth1_macvtap: left promiscuous mode
[  330.306910][  T348] veth0_macvtap: left promiscuous mode
[  330.312414][  T348] veth1_vlan: left promiscuous mode
[  330.317762][  T348] veth0_vlan: left promiscuous mode
[  330.323596][  T348] veth1_macvtap: left promiscuous mode
[  330.329068][  T348] veth0_macvtap: left promiscuous mode
[  330.334769][  T348] veth1_vlan: left promiscuous mode
[  330.340044][  T348] veth0_vlan: left promiscuous mode
[  330.426661][  T348] team0 (unregistering): Port device team_slave_1 removed
[  330.436534][  T348] team0 (unregistering): Port device team_slave_0 removed
[  330.488729][  T348] team0 (unregistering): Port device team_slave_1 removed
[  330.499417][  T348] team0 (unregistering): Port device team_slave_0 removed
[  330.550087][  T348] team0 (unregistering): Port device team_slave_1 removed
[  330.559456][  T348] team0 (unregistering): Port device team_slave_0 removed
[  330.607060][  T348] team0 (unregistering): Port device team_slave_1 removed
[  330.616342][  T348] team0 (unregistering): Port device team_slave_0 removed