last executing test programs:

4.906572444s ago: executing program 0 (id=3910):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x3, 0x13, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000900000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000000000bf090000000000005509010000000000852000000300000095"], 0x0, 0x8, 0x0, 0x0, 0x41100, 0x62, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
stat(&(0x7f00000001c0)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
unshare(0x6a040000)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000002900000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYRES32=r3, @ANYRES64=0x0, @ANYBLOB="0000000000000000b7080000fdffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000180)='kfree\x00', r4}, 0x18)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x66, 0x903, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xe, 0x7}, {0x1, 0xfff1}, {0xa}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000001140)={'sit0\x00', &(0x7f0000001080)={'erspan0\x00', <r6=>0x0, 0x1, 0x1, 0x31a0e5c6, 0xb, {{0x21, 0x4, 0x0, 0xf, 0x84, 0x68, 0x0, 0xa, 0x2f, 0x0, @local, @dev={0xac, 0x14, 0x14, 0x12}, {[@ssrr={0x89, 0x13, 0x10, [@empty, @rand_addr=0x64010102, @loopback, @empty]}, @lsrr={0x83, 0x17, 0xee, [@multicast2, @multicast1, @local, @empty, @multicast1]}, @rr={0x7, 0x17, 0x96, [@local, @rand_addr=0x64010101, @broadcast, @rand_addr=0x64010102, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @noop, @lsrr={0x83, 0x7, 0x12, [@rand_addr=0x64010101]}, @lsrr={0x83, 0x23, 0x3b, [@loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010102, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0xe}, @rand_addr=0x64010100, @local, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @noop]}}}}})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000001180)={'batadv0\x00', <r7=>0x0})
sendmsg$ETHTOOL_MSG_EEE_GET(r2, &(0x7f0000001440)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001400)={&(0x7f00000011c0)={0x218, 0x0, 0x2, 0x70bd27, 0x25dfdbfe, {}, [@HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nicvf0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp1\x00'}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gretap0\x00'}]}, @HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}]}]}, 0x218}, 0x1, 0x0, 0x0, 0x24000841}, 0x4000080)
socket$nl_route(0x10, 0x3, 0x0)
creat(&(0x7f0000000180)='./file0\x00', 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000b40)=@filter={'filter\x00', 0x4, 0x4, 0x4b8, 0xffffffff, 0x260, 0x260, 0xe8, 0xfeffffff, 0xffffffff, 0x3e8, 0x3e8, 0x3e8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x29}, @private2, [0xffffffff, 0xff000000, 0xff, 0xffffff00], [0xffffff00, 0xffffffff, 0xffffffff, 0xffffffff], 'hsr0\x00', 'sit0\x00', {}, {}, 0x87, 0x3, 0x4, 0x5}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x7}}}}, {{@ipv6={@private2, @empty, [], [0x0, 0x0, 0xff000000], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0x138, 0x178, 0x0, {}, [@common=@srh1={{0x90}, {0x21, 0x12, 0xbe, 0x7, 0x5aa9, @ipv4={'\x00', '\xff\xff', @empty}, @private1, @local, [0xff000000, 0xff000000, 0x0, 0xff], [0xffffff00, 0xff000000, 0xff], [0x0, 0xffffff, 0xffffff00, 0x7fffff7f], 0x3c80}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x2000010}}}}, {{@uncond, 0x0, 0x160, 0x188, 0x0, {}, [@common=@unspec=@addrtype1={{0x28}, {0x21, 0x180, 0x5}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x3, 0x7, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast1, @private1, [0x0, 0x0, 0xff, 0xff], [0x0, 0xffffff00], [0x0, 0xff000000], 0x843, 0x1400}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x518)

4.624139969s ago: executing program 0 (id=3916):
r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c756e695f786c6174653d312c757466383d312c757466383d312c646973636172642c757466383d302c756e695f786c6174653d302c666c7573682c73686f72746e616d653d6d697865642c73686f72746e616d653d6c6f7765722c646f733178666c6f7070792c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c757466382c0014697a7960fb374b723f64329787434c6c9f891d2e309efaf1d4e529e1ba0f697fedffb095592bc19d5a8f8141ee9bf46262f3a2b1452bf206c0e2ae8a465e6e1be6eeb5d588035a24458d476fc1f9a234cdc4ba352a4185614ce67df4870bff796357ee95fffb99cde9"], 0xfe, 0x2ae, &(0x7f0000000a40)="$eJzs3c9qY1UYAPDvpkka7SJZuBLBu5iFG8tkti7MIBXErpQs/AM6ODMwNGGggcCoGGblE7hw4Xu4cy+48Q0EH8CdgxSO3NzbJLZp2rSmlfr7bXo45/vu+U7uabO43NPPXxsePHw6evz869+i1cqi1otevMiiE7U4lioBANwKL1KKPy71/V6vbaomAGCzFr7/G2eEbJ/uenvTZQEAG/ThRx+/f39/f++DPG9FDL8d97Mof5bj9x/HkxjEo7gb7TiaPwtIqWy/+97+XtTzQifuDCfjfpE5/OyXxccGRX432tFZnt/NSwv5k3G/ES9HZFnEk15RyL1oxyun8ovxvXtL8qPfjDda1SKL+XejHb9+EU9jEA+nzzTm83/TzfN30nd/fvVJEVzkZ5Nxf3saN5e2rvveAAAAAAAAAAAAAAAAAAAAAABwe+3mM524Myy6qvN3to6m47v/GJ+er1Objpf5WURz2jhxPtAkxQ/H5+vczfM8ZWX8/Hyferxaj/qNLRwAAAAAAAAAAAAAAAAAAAD+Q0bPvjx4MBg8OvxXGtVL/rPX+i97nd5Cz+uxOnh7rbliqwovaj0Z0/350+Gsp1jEZYofN/KIVTU3TvW8VNRz/pX/SimlLIu42m1qXGSucxo7q2OKD/in73fePHiQnfcZto5v3I+LQ804HD07cU8jW6fCtNb2a66IaVY75kLX2bniL9Fbv5eTVT3ZGqtoVI04a/u11trP1/c3CAAAAAAAAAAAAAAAAAAAKM1f+l0y+Hxlam1jRQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADANZv///81GpMqeXlMSmky62nG4eiGlwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/wN8BAAD//7DYbww=")
io_uring_register$IORING_REGISTER_PROBE(r0, 0x8, &(0x7f00000000c0)={0x0, 0x0, 0x0, '\x00', [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}]}, 0x17)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)

3.792843581s ago: executing program 0 (id=3928):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000100060000000077f2ab26850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x45)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='kfree\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})

3.691120793s ago: executing program 0 (id=3931):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000134000000140a03000000000000000000020000000900010073797a300000000008000340000000010c0006400000000000000002"], 0x98}}, 0x0) (fail_nth: 6)

3.450299067s ago: executing program 0 (id=3933):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900080001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000100)={@local, @remote, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x2, @broadcast, @broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x36}, @multicast2}}}}, 0x0)
clock_gettime(0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x11, 0x4, 0x48, 0xbf22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
clock_nanosleep(0x7, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
r4 = gettid()
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000b28000)=0x3)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_buf(r5, 0x0, 0x4, &(0x7f0000000040), 0x0)
poll(0x0, 0x0, 0xffffffffffbffff8)
tkill(r4, 0x13)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='module_request\x00', r0}, 0x10)
socketpair(0x0, 0x0, 0x0, &(0x7f0000000140))
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = timerfd_create(0x0, 0x800)
timerfd_settime(r7, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0)
read(r7, &(0x7f0000000240)=""/123, 0x7b)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r6, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f0000000e80)={&(0x7f0000000d80)={0x24, r8, 0x1, 0x70bd2d, 0x25dfdbff, {}, [@NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'b\x00'}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8}]}, 0x24}}, 0x0)

3.440075287s ago: executing program 3 (id=3934):
syz_mount_image$iso9660(&(0x7f0000002900), &(0x7f0000000000)='./file0\x00', 0x2, &(0x7f00000002c0)=ANY=[], 0x1, 0x5b1, &(0x7f0000001000)="$eJzs3MFv29YZAPDHxK4NBwsGFGvSNEDZtIfsEFeSFwdGBywaTdtsJVEg5cI5DcXiZMHsblg2YMmly6VDgQ077bz1utOO+6d62T/ggRLlybIzuWkbZcDvB8TvUfzI9z2C4QcRIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEKJks9FoRqGT9Xb34udLNou8e7y0EKbXj/f3rxPNCYsTf0MUQlT9C8vL4eroo6uv/zf2B9WfG+HKaOlKWK6a5fD00hvf/+D1hQvVhotRdCqLl+3xk6e//OTgYP83X2Obo6Ojz6rZfIdpvTTbaS8r86zb3k7jrMzjjfX1xvs7W2W8lXXS8l45SLtxUqTtQV7EN5O7IYSNtThdvZfv9rY32500vpn8MG5ubNy51Wo01uMPV/tpuyjz3vsfrpbJTtbpZL3tYUy1+lbr7XCnOhE/ygbxIG134/jBo4P9tVlJVkHN8wS1ZgW1Gq1Ws9lqNddvb9y+02gs12fr8QcLjSlhepOF+Z+0vHSv1SfKcGF8jXvtW7uIwws6Sv4y7xQAAACA71g0vMceDe/LXx32trJO2jgRcxTNLT0AAADgWzD8an+lvgEQwtUQnf7+DwAAAPx/+/u4c+YzdiGKQtlfisaPqvT33osO21WvfXhx9NHF6T0Otq5Fl+udDJv1hXopSa9Hb46C3hxHf1U3D57/rN8/Q5VHVBSL0bNvlkD4U7g2irl2f9TeH68ZzXZlK+ukq0ne+aAZ2u3LFwbp3uB3nz76fQhFcXTxi173chQePDrYX/35rw7uD3N5Vu3l2WH9C4lTP5Q4mctSmMjlt8fPPdYzvnvyyC8Ob8RUs/6i110ZjduYnP+F0eYXvsb8Pw9vjWLeWhm1Kyfnv1yN2Vw9Y/aTWTT7e+8t1YOdc+ZTWVwfxVy/OTyx3r1Zr1mcyKI1K4vW5PF/oWNxnMW7J7KYPBZrs7JY+4ZZAMzLg+kqdKr+n6q7L3CV+x/VvRqlKuEzq/svZo7yeXhnFPPOtYW6Il0MYeqK3ph1RW+cs66HcHYW/wg3/vbXEHbDjXHw82psNe6fT1TV6PDLaoMvT4/7h1FT/vvhzqWqs3T46/DG4ydPbz06/OTh/sP9T1uttfXGjxqN262wOJxG3ag9AJwhLb6KVgZ/jIoi6/+subHRbA920rjIk4/iItvcTuOsN0iLZKfd207jfpEP8iTvVJ2Ps820jMvdfj+vKklexP28zPaGb36J61e/lGm33RtkSdnvpO0yjZO8N2gng3gzK5O4v/vTTlbupEW8lRdx2U+TbCtL2oMs78Vlvlsk6Wocl2k6EZhtpkefhZBV3V7cL7Juu7gXf5x3drtpvJlW1bI/yKNQ7XA8VtbbyovucLer8z7YAPCKeBzqN9gdv8ru8U/Gq56cWnVmJyzPiJnzFAGAKdNVemneCQEAAAAAAAAAAAAAAKdMPq734/qVPud77O+V7dy9dNaqt+ef2GQnhLDwCqShc87O8quRxmL93/ZF9xOFEGYHf6+KmedVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADO9p8AAAD//0n5kWY=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000740)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x1d61, 0x80, 0x1, 0x1f9}, &(0x7f0000000080)=<r2=>0x0, &(0x7f0000000240))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r4 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r4, 0x0)
write$selinux_load(r3, &(0x7f0000000000)=ANY=[], 0x2000)

3.356322988s ago: executing program 3 (id=3935):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1, 0x0, 0x80000}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)

3.324631778s ago: executing program 3 (id=3936):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e21, 0x7, @mcast1, 0x4}, 0x1c)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
connect$pppl2tp(r0, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r2, 0x8, 0x0, 0x4, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x34000}], 0x1)

3.302552009s ago: executing program 3 (id=3937):
socket$nl_route(0x10, 0x3, 0x0)
openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0x80402, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
timer_create(0x3, 0x0, &(0x7f0000001400)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000200)={{}, {0x0, 0x9}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="050000000400000f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000004000000020000000000000800002000000061006639b07d16025f0f6c7bf22481d9b7"], 0x0, 0x28, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000040000000000000000000080000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0xb, r3, 0x8, 0x0, 0x0, 0x14, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2101690, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x7, 0x0, 0x7, 0x40510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xd}, 0x0, 0x10400, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
mount(0x0, &(0x7f0000000d40)='./file0/../file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, 0x0)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000340), 0x1, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x2)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)

3.051912093s ago: executing program 3 (id=3940):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b000000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x2}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2901090, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0/../file0\x00')
syz_open_dev$tty1(0xc, 0x4, 0x2)

2.851931186s ago: executing program 4 (id=3942):
prlimit64(0x0, 0xd, &(0x7f0000000140)={0x0, 0x20008b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10000)
io_uring_enter(r1, 0x6252, 0xc09b, 0x0, 0x0, 0x0)
mmap(&(0x7f0000a24000/0x3000)=nil, 0x3000, 0x2000007, 0x13, 0xffffffffffffffff, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r2, 0x800448d4, &(0x7f0000000080))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='sched_switch\x00'}, 0x18)
r3 = socket$pptp(0x18, 0x1, 0x2)
close_range(r3, 0xffffffffffffffff, 0x0)

2.730954658s ago: executing program 3 (id=3944):
prlimit64(0x0, 0xd, &(0x7f0000000140)={0x0, 0x20008b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10000)
io_uring_enter(r1, 0x6252, 0xc09b, 0x0, 0x0, 0x0)
mmap(&(0x7f0000a24000/0x3000)=nil, 0x3000, 0x2000007, 0x13, 0xffffffffffffffff, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r2, 0x800448d4, &(0x7f0000000080))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='sched_switch\x00'}, 0x18)
r3 = socket$pptp(0x18, 0x1, 0x2)
close_range(r3, 0xffffffffffffffff, 0x0)

2.698498799s ago: executing program 32 (id=3944):
prlimit64(0x0, 0xd, &(0x7f0000000140)={0x0, 0x20008b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10000)
io_uring_enter(r1, 0x6252, 0xc09b, 0x0, 0x0, 0x0)
mmap(&(0x7f0000a24000/0x3000)=nil, 0x3000, 0x2000007, 0x13, 0xffffffffffffffff, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r2, 0x800448d4, &(0x7f0000000080))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='sched_switch\x00'}, 0x18)
r3 = socket$pptp(0x18, 0x1, 0x2)
close_range(r3, 0xffffffffffffffff, 0x0)

2.093482008s ago: executing program 4 (id=3949):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
quotactl$Q_GETNEXTQUOTA(0x0, &(0x7f0000002040)=@filename='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, 0x0)
exit(0xe0)
sendto$inet6(r0, &(0x7f0000001240)="8f", 0x1, 0x0, &(0x7f0000001200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f0000000280)="39000000140081ae0000dc676f97daf01effffff0521018701546fabca1b4e8a06a6580e88370200c5090000009c40ebb3734b49bbc51245e7", 0x39}], 0x1}, 0x0)
recvmsg$kcm(r3, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x40010220)

1.240842731s ago: executing program 4 (id=3956):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1, 0x0, 0x80000}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)

1.138850993s ago: executing program 4 (id=3958):
prlimit64(0x0, 0xd, &(0x7f0000000140)={0x0, 0x20008b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10000)
io_uring_enter(r1, 0x6252, 0xc09b, 0x0, 0x0, 0x0)
mmap(&(0x7f0000a24000/0x3000)=nil, 0x3000, 0x2000007, 0x13, 0xffffffffffffffff, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r2, 0x800448d4, &(0x7f0000000080))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='sched_switch\x00'}, 0x18)
r3 = socket$pptp(0x18, 0x1, 0x2)
close_range(r3, 0xffffffffffffffff, 0x0)

905.230846ms ago: executing program 1 (id=3961):
r0 = syz_io_uring_setup(0x1725, &(0x7f0000000100)={0x0, 0x1452, 0x800, 0x80400002, 0x2d4}, &(0x7f0000000300), &(0x7f0000000200))
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r1}, &(0x7f0000000380), &(0x7f00000003c0)=r2}, 0x20)
r3 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r3, 0x2, &(0x7f0000000540)='\x00', &(0x7f0000001c80)="6ed4", 0x2)
fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f00000005c0)='\x00H\xeb', 0x0, r3)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000040)='syzkaller\x00', &(0x7f0000001140)='\xf1\x95\xb3>-\x8c\xd4\r\x01\xfa\xe2{eED\x0e\xaaPV\x11\xff\xb6j\xd4~6\x82^\x9b b', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r3, 0x2, &(0x7f00000002c0)='\x04\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000940)="ad", 0x1)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000080)='kfree\x00', &(0x7f0000000180)='\xfa.-\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000a40)='t`\x16{\xf9\x8eE5\xf7\xbbE\xc94I\xb4\xbap\xc7\x13\x0f\xa8\x8c.\xc8\xe5\xbc\xbeQ#\v$z\x7f:\xe5J\xad\xf1\xdc\x8dE\x90\xf8\x01\x1f\xdd\xa6!\xf0\x1a\x9b\'\x8a\x83Y\x8d\x01\xf8\xda$\x93\xbb|\x00', &(0x7f0000000a80)='U&~=\xd8G\x93\x14\xc9o\xaf\x8b\xd4-\xc5\x12\x8d\xc8\xf1\'\xcf\x92V\xceKg\x8b\xc3\x9e\xd6H\xad0`\xaf\x06\x00xOq\xb6H\x11', 0x0)
close(r3)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280)={0x0, r0}, 0x8)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r5, 0xffffffffffffffff, 0x600000000000000)

891.456716ms ago: executing program 1 (id=3963):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r1}, 0x18)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='attr/current\x00')
writev(r2, &(0x7f00000015c0)=[{&(0x7f00000000c0)='w', 0x1}], 0x1)

787.493888ms ago: executing program 1 (id=3964):
socket$netlink(0x10, 0x3, 0x8000000004)
r0 = syz_create_resource$binfmt(&(0x7f0000000000)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r0, 0x41, 0x1ff)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x24, 0x1, 0x1, 0x301, 0x0, 0x0, {0xa}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x702}]}, @CTA_TUPLE_ORIG={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x8040041}, 0x24008854)
r3 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001980)={0x11, 0xc, &(0x7f00000013c0)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kfree\x00', r4}, 0x18)
r5 = syz_open_procfs(0x0, &(0x7f0000000840)='map_files\x00')
lseek(r5, 0x1, 0x0)
getdents(r5, 0x0, 0x51)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_CONFIG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01002abd70000000000010"], 0x24}}, 0x0)

742.255049ms ago: executing program 1 (id=3966):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast1=0xe0004001}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
unshare(0x6a040000)

548.011772ms ago: executing program 2 (id=3967):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1, 0x0, 0x80000}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)

442.446453ms ago: executing program 2 (id=3968):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
unshare(0x20000400)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$FOU_CMD_ADD(r1, &(0x7f0000002200)={0x0, 0x0, &(0x7f00000021c0)={&(0x7f0000002180)={0x14, 0x0, 0x1, 0x70bd2c, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x50}, 0x200040c0)

433.938233ms ago: executing program 1 (id=3969):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x3, 0x13, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000900000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000000000bf090000000000005509010000000000852000000300000095"], 0x0, 0x8, 0x0, 0x0, 0x41100, 0x62, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
stat(&(0x7f00000001c0)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
unshare(0x6a040000)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000002900000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYRES32=r3, @ANYRES64=0x0, @ANYBLOB="0000000000000000b7080000fdffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000180)='kfree\x00', r4}, 0x18)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x66, 0x903, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xe, 0x7}, {0x1, 0xfff1}, {0xa}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000001180)={'batadv0\x00', <r6=>0x0})
sendmsg$ETHTOOL_MSG_EEE_GET(r2, &(0x7f0000001440)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001400)={&(0x7f00000011c0)={0x224, 0x0, 0x2, 0x70bd27, 0x25dfdbfe, {}, [@HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nicvf0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp1\x00'}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gretap0\x00'}]}, @HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}]}]}, 0x224}, 0x1, 0x0, 0x0, 0x24000841}, 0x4000080)
socket$nl_route(0x10, 0x3, 0x0)
creat(&(0x7f0000000180)='./file0\x00', 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000b40)=@filter={'filter\x00', 0x4, 0x4, 0x4b8, 0xffffffff, 0x260, 0x260, 0xe8, 0xfeffffff, 0xffffffff, 0x3e8, 0x3e8, 0x3e8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x29}, @private2, [0xffffffff, 0xff000000, 0xff, 0xffffff00], [0xffffff00, 0xffffffff, 0xffffffff, 0xffffffff], 'hsr0\x00', 'sit0\x00', {}, {}, 0x87, 0x3, 0x4, 0x5}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x7}}}}, {{@ipv6={@private2, @empty, [], [0x0, 0x0, 0xff000000], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0x138, 0x178, 0x0, {}, [@common=@srh1={{0x90}, {0x21, 0x12, 0xbe, 0x7, 0x5aa9, @ipv4={'\x00', '\xff\xff', @empty}, @private1, @local, [0xff000000, 0xff000000, 0x0, 0xff], [0xffffff00, 0xff000000, 0xff], [0x0, 0xffffff, 0xffffff00, 0x7fffff7f], 0x3c80}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x2000010}}}}, {{@uncond, 0x0, 0x160, 0x188, 0x0, {}, [@common=@unspec=@addrtype1={{0x28}, {0x21, 0x180, 0x5}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x3, 0x7, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast1, @private1, [0x0, 0x0, 0xff, 0xff], [0x0, 0xffffff00], [0x0, 0xff000000], 0x843, 0x1400}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x518)

377.838054ms ago: executing program 5 (id=3945):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYRES32, @ANYBLOB="040000000000000000003ab5272c9a6473410000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
lsm_get_self_attr(0x64, 0xffffffffffffffff, &(0x7f0000000040)=0xfffffffffffffdb1, 0x0)
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x88002, 0x0)
socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_netdev_private(0xffffffffffffffff, 0x8946, &(0x7f0000000a00)="4749c2368bb8dd2c7f17323cf53a")
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$AUTOFS_IOC_PROTOVER(r1, 0x80049363, &(0x7f0000000bc0))
pwritev(r1, &(0x7f0000000000)=[{&(0x7f0000000040)="2ae45b40ce996cf48511a1e8b1b0b2f3e185dd3cad11cd92d6ebab6ad08689982c79e82bfc9bbffd8d0d07d974329e21936b470cd51c0978ec19242f901c20719ebaa98bfb", 0x45}], 0x1, 0x5d, 0x80000003)
fsopen(&(0x7f00000009c0)='sysv\x00', 0x1)
r2 = socket$kcm(0x29, 0x0, 0x0)
sendmsg$kcm(r2, &(0x7f0000000900)={&(0x7f00000000c0)=@alg={0x26, 'aead\x00', 0x0, 0x0, 'aegis256\x00'}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000140)="f5ebbb17a933b265a508f947116d7bf705d92c6e", 0x14}, {&(0x7f0000000180)="37925c54730ec881ea92cf07f6bfd23b952dba8a242a93b01dc01db4cc8179e0c6f14408a622bb2fbcd6ae089185c111f8e1aa2ef3d3d480a648efefafb263a3d8143bb053b9c539e7bdf8295befec78b330d350f3ace61a2fe84b86c27bf7222b0418782e3c4121dc470d4117b2228b34554164a938607b09ef2f28c9ac8958483dc2fe5ae468aa44201d75f8d75fa0092245ddf27c378831ca9be21b468a41f96597c5fb864eb0eb18c8581c93de4744407a16c68f0f55a1b8899c9d653e5e3148be7005a731242b073866c623ef1d503550d59b38", 0xd6}, {&(0x7f0000000300)="d7a04e655c26c8c6f118c883a834869c9fe76e64d2c1e7e2acef4649933f950fa6188a0489cbcc751abdaaec48dd1e8bd1ca34bb2d92d6bf26ddc1c253434c9d2eb99bd4ff9db70ccd2fc9583e827a4e038c0a0042245d1d11ef1082252c6e2153d08b07534a1815d849673a9097616d0815a70037b7285869c0f57b0fec18893c573efa7445a06cc161c21d864c916c4d4faa0cb14a32712410f8e1d385147cbd7f691946b07b02ea17cf5582d0c98725967005af8bea47e4424a656479dbd5287b5e43914354260d6f2e8fa32e2a69b7a8868e85", 0xd5}, {&(0x7f0000000400)="929210ae4f1166b7f577d6d1f50810e665d4e65dd3652b5e1aa5a2c0495c0e3410f92a1f34374e459da5f210521f0b3c2f02724c4735d71291f9d0c9910c137684f7d9de48e5e1976932bd2865c8e06e0031080410137b40352ba40be1f7a3e224b4d60acf4b37de0b11a398c17156a0fd1c40dd91ddd5b3631f1e6d7ba7767cc4b2161bec6732be80e7a1754741b9393a2bc661bb1a41640c0fe8343a06b0be1dd19178a80b8e6647358461b40deebab4bd33044391d7aa59444efdccb0dbcd274b86edb13769528901", 0xca}], 0x4, &(0x7f0000000500)=[{0x10, 0x101, 0x9}, {0x88, 0x117, 0x10, "144522685363fe839495042a9e6098cd52d74d2f0af684f95e62da75be5e13b43e6a0285a84115e20bc04def71edaec5368f89f3803c6527ca7e1ebe4e6e1b8e426e4f49a1a44cf60e540e88df7b6e62139ec96ff2282e820df5ef84cf67a2ad74151754d205780d49f3602cf8d0f960c24e5106ad0d21"}, {0xe0, 0x9eb0416b92bc449, 0x2, "d2c80a4a4028eca194b97d3cf4763e1672d7c788dec18bf0d3b8781ae0b2ad53b2847b94436e67948d36be507203d2a5ee4b73362f23652980745aa1512ae87c971371ff077bca7bc8bdda55c79760317bf1b1f38bcd149776808747902e0664f4184d9a84bca8fdf0a4c56f2b856cde94015e4fe3ae2313c6aedc470b2495bab5cc653af36d81a614539a3a8b7180281e157dda91abcdbe780fa4f143289df00b4c4c92d077b8e6bc7be926072aab625f4a1b4cb81a6526dbec93d203edab2e2f50d6396f83267df71f"}, {0xf0, 0x109, 0x7, "33e8898e4173b98863b4a4e9c156300dc318369eb09c981eae391f4a34029a2d659d980b1ef7437193b0c6713794435a179373f5cf74cafd3fc4cfd96d921166587438e6cbb4eeb58a3a14e4098229e6941bf18e6320ffaef2f244a6247b1587a7b9f25f6d6b7fa4310a6d046316b13c179d23963184846d1c91601321a3f568a3e9a07e52d38d258ca5a371d514b223492ccb31d85411651c439225826294f41101805b130c902ca2ea05547f09499f081de84ed9286af6897031a5a3ea076beab28b53378dfba6c9f2b8b6ac7fca8ac94b608af27c5235c8ed81"}, {0x80, 0x111, 0x6, "aa2d208f59b4ac7f8ad1ac5eddd092ddf6899613ed17703f1f2b2ee3cc313e879b4903669a4da8f821b0713f326c1d23459e57e8fc81f6c10e863a04481294018b12567cc2ed5db53688436f7b7fa3cb6be7b45f4176fd01c087c4967dba3d73ed32196b5b521148bcdcb20ba4"}, {0x108, 0x102, 0x0, "1c0fc29efe8352a4cf1694a0b8bc3bd0e88d20c73c52cd9778752b6a2f52b51d5e4939863a8ec998ea22505c32db2bed35908f8b3438d00f829ccbbc15499c9c91e4d51d9eea516ef117ca9744a9fef6d86378950e91d25c03307490f4a0f34079c36d4668c334c9bb2171ecc9b814ea0fe7b42e541012e2c23d292333a75e735658dee2d60a7ac4e264ce5175fa8ca49eb8169b8fa7321a59a6fc3849aedddab45b81f19740b93e95bba9a8cd3da4591e9b6472469222d5d575e6c36cbe75fb411d0cf1e42cc736e17f86ec8d430da157b1bc2ecf10eab1198127254da8d083415dd5a15b8f5f3eeaa10a6fa54dd7faf7"}], 0x3f0}, 0x40000)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
io_uring_setup(0x7b21, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0xfffffffd})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000003a000b00000000000000000004000000"], 0x24}, 0x1, 0x0, 0x0, 0x5}, 0x0)
statx(r1, &(0x7f0000000940)='./file0\x00', 0x1000, 0x8, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0, 0xc26bfe8e8f6baca8}, 0x20)
setfsgid(r4)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f00000008c0)={0x84, @private=0xa010102, 0x4e22, 0x1, 'lblcr\x00', 0x0, 0x10000, 0x100000}, 0x2c)
setsockopt$IP_VS_SO_SET_DEL(r5, 0x0, 0x483, &(0x7f0000001280)={0x20000000000084, @remote, 0x0, 0x200000001, 'sh\x00', 0x0, 0x821}, 0x2c)
ioctl$SIOCGSTAMPNS(r1, 0x8907, &(0x7f0000000980))

341.835455ms ago: executing program 0 (id=3970):
socket$nl_route(0x10, 0x3, 0x0)
openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0x80402, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
timer_create(0x3, 0x0, &(0x7f0000001400)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000200)={{}, {0x0, 0x9}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="050000000400000f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000004000000020000000000000800002000000061006639b07d16025f0f6c7bf22481d9b7"], 0x0, 0x28, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000040000000000000000000080000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0xb, r3, 0x8, 0x0, 0x0, 0x14, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2101690, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x7, 0x0, 0x7, 0x40510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xd}, 0x0, 0x10400, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
pivot_root(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0/../file0\x00')
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000340), 0x1, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x2)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)

341.561535ms ago: executing program 2 (id=3971):
socket$netlink(0x10, 0x3, 0x8000000004)
r0 = syz_create_resource$binfmt(&(0x7f0000000000)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r0, 0x41, 0x1ff)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x24, 0x1, 0x1, 0x301, 0x0, 0x0, {0xa}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x702}]}, @CTA_TUPLE_ORIG={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x8040041}, 0x24008854)
r3 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001980)={0x11, 0xc, &(0x7f00000013c0)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kfree\x00', r4}, 0x18)
r5 = syz_open_procfs(0x0, &(0x7f0000000840)='map_files\x00')
lseek(r5, 0x1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_CONFIG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01002abd70000000000010"], 0x24}}, 0x0)

315.491265ms ago: executing program 5 (id=3972):
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0400000004000000040000000523ac581e27a026c78af197388745d86e09bee2317682e04eadf6dd"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000140)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x50010, &(0x7f0000000000), 0xfc, 0x59c, &(0x7f0000000bc0)="$eJzs3e9rJGcdAPDvbHbz4y6aKH1RhdbDFu6KXnLp2TaI9k4Q3xWU6usz5PZCuE32SDZtEw7N4R8giNiCb/SVbwT/AEHuTyiCYN+LFeXQq4JFtCMzO5vspTu3SS67q8nnA5N5duaZ+X6f2d3Z2ZlnMwGcWRci4npEjEXECxExU0yvFEPstoes3gcP7y5nQxJp+vpfk0iKaVm1JGIsKZY9Xyw22R49aqo92tzeub3UaNQ3isnzrbU785vbO5dX15ZW6iv19atXF15efGXxpcUrJ9LOrF2vfv1PP/nhL77x6m+++OYfbvzl0veyfKeL+Z12nLT2Nqll22JPNSI2BhFsBMaK9vwrbetdqzrstAAAKJEd4386Ij6fH//PxFifY7XxrnIy8OwAAACAk5Bem45/JxHpEdWOvAQAAAAwKpW8D2xSmSv6AkxHpTI31+7D+1ScqzSam60v3Gpurd9s95WdjVrl1mqjfiXvUzsREbUke7ywd0ah/fjFvG42JI/0Af7xzFQ+f2652bg5ihMeAAAAcAadP/D9/x8z7e//AAAAwCkzW4zPjTgPAAAAYHBmR50AAAAAMHDH+P4/Pog8AAAAgIH45muvZUPauf/1zTe2t24337h8s755e25ta3luublxZ26l2VxppBMRa/3W12g273wp1rfemm/VN1vzm9s7N9aaW+utG6uP3AIbAAAAGKJPfe7+e0lE7H55Kh+ic21/rGQBvxWAU6NyyHpp9uf9weYCDFfZxzxw+lUfP7usm+/EIHIBhqvWHiWjzgMYnX47gMmyGu8eK5yfDwEAwAhc/Mz999Lk49f/q/vnBoBT6rDX/4HTp+T6fzoz7ESAoSu9/t+nYwDw/6+mByCcef2v/5d4N591vX+ENO27LgAAYKCm8yGpzBXXAqej8mHaFrNRS26tNupXIuKTEfH7mdpE9nghXzLxowEAAAAAAAAAAAAAAAAAAAAAAAAAOKQ0TSI9huqxlgIAAABGIaLy56S4D/DFmeenD54fGE8+zG8F/FGapm/+9PW331pqtTYWsul/y6ePR0TrnWz6+ChOXwAAAABdOnf5z7+/v1gbcTYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnFYfPLy73BmGGffB1yJitlf8akzm48moRcS5vydR7VouiYixE4i/ey8inu4VP8nSitkii4PxKxExlWfxxPErRbEs/jNpmvaMf/6Jo8PZdj/b/1zv9f6vxIV83Pv9X20P1540fmf/d75rH9yJ39n/je3F/+pe8GzP84lDxvjs73413/XwO/vFifb8au/9Xyd+UrL/fa5XsOrHJ3332zs7ZbmlP4+42Gl7GhFd8btjzbfW7sxvbu9cXl1bWqmv1NevXl14efGVxZcWr8zfWm3Ui7/7K3473Sv+6Jlff1QW/8GFiHMR6czDu8vjnZyKD5bZ9ugryV4q44/k9HxWqJWted9/9hfrrp2v9cG9iEvP7W3/9Ptdz//T+bjn9v/ZP9Nc/jmQzb9YfCYku+1yRPHyjYhnf/nbZ0vbf2+yKB39+b/Uv+m5F771gz8esioAMASb2zu3lxqN+sbAC++kaXq4ytlRaXmdtDga60xJInYP1skO4E64FVMRUTIrYicm96ZMFVs1Drvmp0pTfX8qYkjPzlEL145SOZ040ost2f0faOAZLoznL8iR7pYAAIAB2D/6H3UmAAAAAAAAAAAAAAAAAAAAcHYN4/+KHYy5O5qmAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA81n8DAAD//x3CzJ0=")
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000200)=[@in={0x2, 0x4e23, @private=0xa010100}, @in6={0xa, 0x4e22, 0x808e, @empty, 0xffffffb0}, @in={0x2, 0x4e21, @loopback}], 0x3c)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r2, &(0x7f0000000440), 0x10)
listen(r2, 0x0)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
connect$vsock_stream(r3, &(0x7f0000000040)={0x28, 0x0, 0x2710, @my=0x0}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_SERVICE(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000500)=ANY=[@ANYBLOB="14000000cf49be3708a35d9eeb74434f59d54fb7251c2ed1b1de3d5c91cb97d0e029416886b1a8ddb86c080399f8aebee5a9b67402ac5b4d5b4ee6ff3ff9b0dc9f6ae4523909daa0c7057c72ef7dc1aa564a0653aae05a5fd3ff7e49f50f33c51d4b55ceb3b82b", @ANYRES16=r5, @ANYBLOB="110727bd70000000000004000000"], 0x14}, 0x1, 0x0, 0x0, 0x4004094}, 0x8894)
r6 = epoll_create1(0x0)
r7 = epoll_create1(0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x20000000, 0x0, 0x0, 0x5}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9}, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x4008000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x9, &(0x7f0000000440)="8d57fcd1a80f321782b08a1e75c6cb3163e87a4842f0d93e158c61bbcec4c56e3aa912edf042b829646572e6a9432e400a5b7d284121e426b53190bf3ec944a3ba6d074ca3b523e6ee96b4bcfab765b05267b2fbde11a62d52fc6bfb054197119157722cbe6a734b188fc4b974e80c0caa6e55a85e69300520909156b167dceae38bdbd5cf7e64c9524ec2d687357ccac5b3a95a5f92e733296e90f9458b6fc035638d076c5c39a84f24f43f052e30820855bfd5", 0xb4)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r7, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r8, &(0x7f0000000400)={0xa})

196.774977ms ago: executing program 2 (id=3973):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='attr/current\x00')
writev(r1, &(0x7f00000015c0)=[{&(0x7f00000000c0)='w', 0x1}], 0x1)

139.576168ms ago: executing program 4 (id=3974):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0a00000004000000080000000800000000000000", @ANYRES32, @ANYBLOB="040000000000000000003ab5272c9a6473410000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
lsm_get_self_attr(0x64, 0xffffffffffffffff, &(0x7f0000000040)=0xfffffffffffffdb1, 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x88002, 0x0)
socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_netdev_private(0xffffffffffffffff, 0x8946, &(0x7f0000000a00)="4749c2368bb8dd2c7f17323cf53a")
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$AUTOFS_IOC_PROTOVER(r2, 0x80049363, &(0x7f0000000bc0))
pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000000040)="2ae45b40ce996cf48511a1e8b1b0b2f3e185dd3cad11cd92d6ebab6ad08689982c79e82bfc9bbffd8d0d07d974329e21936b470cd51c0978ec19242f901c20719ebaa98bfb", 0x45}], 0x1, 0x5d, 0x80000003)
fsopen(&(0x7f00000009c0)='sysv\x00', 0x1)
r3 = socket$kcm(0x29, 0x0, 0x0)
sendmsg$kcm(r3, &(0x7f0000000900)={&(0x7f00000000c0)=@alg={0x26, 'aead\x00', 0x0, 0x0, 'aegis256\x00'}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000140)="f5ebbb17a933b265a508f947116d7bf705d92c6e", 0x14}, {&(0x7f0000000180)="37925c54730ec881ea92cf07f6bfd23b952dba8a242a93b01dc01db4cc8179e0c6f14408a622bb2fbcd6ae089185c111f8e1aa2ef3d3d480a648efefafb263a3d8143bb053b9c539e7bdf8295befec78b330d350f3ace61a2fe84b86c27bf7222b0418782e3c4121dc470d4117b2228b34554164a938607b09ef2f28c9ac8958483dc2fe5ae468aa44201d75f8d75fa0092245ddf27c378831ca9be21b468a41f96597c5fb864eb0eb18c8581c93de4744407a16c68f0f55a1b8899c9d653e5e3148be7005a731242b073866c623ef1d503550d59b38", 0xd6}, {&(0x7f0000000300)="d7a04e655c26c8c6f118c883a834869c9fe76e64d2c1e7e2acef4649933f950fa6188a0489cbcc751abdaaec48dd1e8bd1ca34bb2d92d6bf26ddc1c253434c9d2eb99bd4ff9db70ccd2fc9583e827a4e038c0a0042245d1d11ef1082252c6e2153d08b07534a1815d849673a9097616d0815a70037b7285869c0f57b0fec18893c573efa7445a06cc161c21d864c916c4d4faa0cb14a32712410f8e1d385147cbd7f691946b07b02ea17cf5582d0c98725967005af8bea47e4424a656479dbd5287b5e43914354260d6f2e8fa32e2a69b7a8868e85", 0xd5}, {&(0x7f0000000400)="929210ae4f1166b7f577d6d1f50810e665d4e65dd3652b5e1aa5a2c0495c0e3410f92a1f34374e459da5f210521f0b3c2f02724c4735d71291f9d0c9910c137684f7d9de48e5e1976932bd2865c8e06e0031080410137b40352ba40be1f7a3e224b4d60acf4b37de0b11a398c17156a0fd1c40dd91ddd5b3631f1e6d7ba7767cc4b2161bec6732be80e7a1754741b9393a2bc661bb1a41640c0fe8343a06b0be1dd19178a80b8e6647358461b40deebab4bd33044391d7aa59444efdccb0dbcd274b86edb13769528901", 0xca}], 0x4, &(0x7f0000000500)=[{0x10, 0x101, 0x9}, {0x88, 0x117, 0x10, "144522685363fe839495042a9e6098cd52d74d2f0af684f95e62da75be5e13b43e6a0285a84115e20bc04def71edaec5368f89f3803c6527ca7e1ebe4e6e1b8e426e4f49a1a44cf60e540e88df7b6e62139ec96ff2282e820df5ef84cf67a2ad74151754d205780d49f3602cf8d0f960c24e5106ad0d21"}, {0xe0, 0x9eb0416b92bc449, 0x2, "d2c80a4a4028eca194b97d3cf4763e1672d7c788dec18bf0d3b8781ae0b2ad53b2847b94436e67948d36be507203d2a5ee4b73362f23652980745aa1512ae87c971371ff077bca7bc8bdda55c79760317bf1b1f38bcd149776808747902e0664f4184d9a84bca8fdf0a4c56f2b856cde94015e4fe3ae2313c6aedc470b2495bab5cc653af36d81a614539a3a8b7180281e157dda91abcdbe780fa4f143289df00b4c4c92d077b8e6bc7be926072aab625f4a1b4cb81a6526dbec93d203edab2e2f50d6396f83267df71f"}, {0xf0, 0x109, 0x7, "33e8898e4173b98863b4a4e9c156300dc318369eb09c981eae391f4a34029a2d659d980b1ef7437193b0c6713794435a179373f5cf74cafd3fc4cfd96d921166587438e6cbb4eeb58a3a14e4098229e6941bf18e6320ffaef2f244a6247b1587a7b9f25f6d6b7fa4310a6d046316b13c179d23963184846d1c91601321a3f568a3e9a07e52d38d258ca5a371d514b223492ccb31d85411651c439225826294f41101805b130c902ca2ea05547f09499f081de84ed9286af6897031a5a3ea076beab28b53378dfba6c9f2b8b6ac7fca8ac94b608af27c5235c8ed81"}, {0x70, 0x111, 0x6, "aa2d208f59b4ac7f8ad1ac5eddd092ddf6899613ed17703f1f2b2ee3cc313e879b4903669a4da8f821b0713f326c1d23459e57e8fc81f6c10e863a04481294018b12567cc2ed5db53688436f7b7fa3cb6be7b45f4176fd01c087c4967dba3d73"}, {0x108, 0x102, 0x0, "1c0fc29efe8352a4cf1694a0b8bc3bd0e88d20c73c52cd9778752b6a2f52b51d5e4939863a8ec998ea22505c32db2bed35908f8b3438d00f829ccbbc15499c9c91e4d51d9eea516ef117ca9744a9fef6d86378950e91d25c03307490f4a0f34079c36d4668c334c9bb2171ecc9b814ea0fe7b42e541012e2c23d292333a75e735658dee2d60a7ac4e264ce5175fa8ca49eb8169b8fa7321a59a6fc3849aedddab45b81f19740b93e95bba9a8cd3da4591e9b6472469222d5d575e6c36cbe75fb411d0cf1e42cc736e17f86ec8d430da157b1bc2ecf10eab1198127254da8d083415dd5a15b8f5f3eeaa10a6fa54dd7faf7"}], 0x3e0}, 0x40000)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
io_uring_setup(0x7b21, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0xfffffffd})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000003a000b00000000000000000004000000"], 0x24}, 0x1, 0x0, 0x0, 0x5}, 0x0)
statx(r2, &(0x7f0000000940)='./file0\x00', 0x1000, 0x8, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0, 0xc26bfe8e8f6baca8}, 0x20)
setfsgid(r5)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADD(r6, 0x0, 0x482, &(0x7f00000008c0)={0x84, @private=0xa010102, 0x4e22, 0x1, 'lblcr\x00', 0x0, 0x10000, 0x100000}, 0x2c)
setsockopt$IP_VS_SO_SET_DEL(r6, 0x0, 0x483, &(0x7f0000001280)={0x20000000000084, @remote, 0x0, 0x200000001, 'sh\x00', 0x0, 0x821}, 0x2c)
ioctl$SIOCGSTAMPNS(r2, 0x8907, &(0x7f0000000980))

131.284058ms ago: executing program 2 (id=3975):
r0 = syz_io_uring_setup(0x1725, &(0x7f0000000100)={0x0, 0x1452, 0x800, 0x80400002, 0x2d4}, &(0x7f0000000300), &(0x7f0000000200))
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r1}, &(0x7f0000000380), &(0x7f00000003c0)=r2}, 0x20)
r3 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r3, 0x2, &(0x7f0000000540)='\x00', &(0x7f0000001c80)="6ed4", 0x2)
fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f00000005c0)='\x00H\xeb', 0x0, r3)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000040)='syzkaller\x00', &(0x7f0000001140)='\xf1\x95\xb3>-\x8c\xd4\r\x01\xfa\xe2{eED\x0e\xaaPV\x11\xff\xb6j\xd4~6\x82^\x9b b', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r3, 0x2, &(0x7f00000002c0)='\x04\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000940)="ad", 0x1)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000080)='kfree\x00', &(0x7f0000000180)='\xfa.-\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000a40)='t`\x16{\xf9\x8eE5\xf7\xbbE\xc94I\xb4\xbap\xc7\x13\x0f\xa8\x8c.\xc8\xe5\xbc\xbeQ#\v$z\x7f:\xe5J\xad\xf1\xdc\x8dE\x90\xf8\x01\x1f\xdd\xa6!\xf0\x1a\x9b\'\x8a\x83Y\x8d\x01\xf8\xda$\x93\xbb|\x00', &(0x7f0000000a80)='U&~=\xd8G\x93\x14\xc9o\xaf\x8b\xd4-\xc5\x12\x8d\xc8\xf1\'\xcf\x92V\xceKg\x8b\xc3\x9e\xd6H\xad0`\xaf\x06\x00xOq\xb6H\x11', 0x0)
close(r3)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280)={0x0, r0}, 0x8)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r5, 0xffffffffffffffff, 0x600000000000000)

98.004999ms ago: executing program 2 (id=3976):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast1=0xe0004001}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
unshare(0x6a040000)

72.628889ms ago: executing program 1 (id=3977):
syz_mount_image$iso9660(&(0x7f0000002900), &(0x7f0000000000)='./file0\x00', 0x2, &(0x7f00000002c0)=ANY=[], 0x1, 0x5b1, &(0x7f0000001000)="$eJzs3MFv29YZAPDHxK4NBwsGFGvSNEDZtIfsEFeSFwdGBywaTdtsJVEg5cI5DcXiZMHsblg2YMmly6VDgQ077bz1utOO+6d62T/ggRLlybIzuWkbZcDvB8TvUfzI9z2C4QcRIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEKJks9FoRqGT9Xb34udLNou8e7y0EKbXj/f3rxPNCYsTf0MUQlT9C8vL4eroo6uv/zf2B9WfG+HKaOlKWK6a5fD00hvf/+D1hQvVhotRdCqLl+3xk6e//OTgYP83X2Obo6Ojz6rZfIdpvTTbaS8r86zb3k7jrMzjjfX1xvs7W2W8lXXS8l45SLtxUqTtQV7EN5O7IYSNtThdvZfv9rY32500vpn8MG5ubNy51Wo01uMPV/tpuyjz3vsfrpbJTtbpZL3tYUy1+lbr7XCnOhE/ygbxIG134/jBo4P9tVlJVkHN8wS1ZgW1Gq1Ws9lqNddvb9y+02gs12fr8QcLjSlhepOF+Z+0vHSv1SfKcGF8jXvtW7uIwws6Sv4y7xQAAACA71g0vMceDe/LXx32trJO2jgRcxTNLT0AAADgWzD8an+lvgEQwtUQnf7+DwAAAPx/+/u4c+YzdiGKQtlfisaPqvT33osO21WvfXhx9NHF6T0Otq5Fl+udDJv1hXopSa9Hb46C3hxHf1U3D57/rN8/Q5VHVBSL0bNvlkD4U7g2irl2f9TeH68ZzXZlK+ukq0ne+aAZ2u3LFwbp3uB3nz76fQhFcXTxi173chQePDrYX/35rw7uD3N5Vu3l2WH9C4lTP5Q4mctSmMjlt8fPPdYzvnvyyC8Ob8RUs/6i110ZjduYnP+F0eYXvsb8Pw9vjWLeWhm1Kyfnv1yN2Vw9Y/aTWTT7e+8t1YOdc+ZTWVwfxVy/OTyx3r1Zr1mcyKI1K4vW5PF/oWNxnMW7J7KYPBZrs7JY+4ZZAMzLg+kqdKr+n6q7L3CV+x/VvRqlKuEzq/svZo7yeXhnFPPOtYW6Il0MYeqK3ph1RW+cs66HcHYW/wg3/vbXEHbDjXHw82psNe6fT1TV6PDLaoMvT4/7h1FT/vvhzqWqs3T46/DG4ydPbz06/OTh/sP9T1uttfXGjxqN262wOJxG3ag9AJwhLb6KVgZ/jIoi6/+subHRbA920rjIk4/iItvcTuOsN0iLZKfd207jfpEP8iTvVJ2Ps820jMvdfj+vKklexP28zPaGb36J61e/lGm33RtkSdnvpO0yjZO8N2gng3gzK5O4v/vTTlbupEW8lRdx2U+TbCtL2oMs78Vlvlsk6Wocl2k6EZhtpkefhZBV3V7cL7Juu7gXf5x3drtpvJlW1bI/yKNQ7XA8VtbbyovucLer8z7YAPCKeBzqN9gdv8ru8U/Gq56cWnVmJyzPiJnzFAGAKdNVemneCQEAAAAAAAAAAAAAAKdMPq734/qVPud77O+V7dy9dNaqt+ef2GQnhLDwCqShc87O8quRxmL93/ZF9xOFEGYHf6+KmedVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADO9p8AAAD//0n5kWY=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000740)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x1d61, 0x80, 0x1, 0x1f9}, &(0x7f0000000080)=<r2=>0x0, &(0x7f0000000240)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x6, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
r4 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r5 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r5, 0x0)
write$selinux_load(r4, &(0x7f0000000000)=ANY=[], 0x2000)

0s ago: executing program 4 (id=3978):
syz_mount_image$iso9660(&(0x7f0000002900), &(0x7f0000000000)='./file0\x00', 0x2, &(0x7f00000002c0)=ANY=[], 0x1, 0x5b1, &(0x7f0000001000)="$eJzs3MFv29YZAPDHxK4NBwsGFGvSNEDZtIfsEFeSFwdGBywaTdtsJVEg5cI5DcXiZMHsblg2YMmly6VDgQ077bz1utOO+6d62T/ggRLlybIzuWkbZcDvB8TvUfzI9z2C4QcRIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEKJks9FoRqGT9Xb34udLNou8e7y0EKbXj/f3rxPNCYsTf0MUQlT9C8vL4eroo6uv/zf2B9WfG+HKaOlKWK6a5fD00hvf/+D1hQvVhotRdCqLl+3xk6e//OTgYP83X2Obo6Ojz6rZfIdpvTTbaS8r86zb3k7jrMzjjfX1xvs7W2W8lXXS8l45SLtxUqTtQV7EN5O7IYSNtThdvZfv9rY32500vpn8MG5ubNy51Wo01uMPV/tpuyjz3vsfrpbJTtbpZL3tYUy1+lbr7XCnOhE/ygbxIG134/jBo4P9tVlJVkHN8wS1ZgW1Gq1Ws9lqNddvb9y+02gs12fr8QcLjSlhepOF+Z+0vHSv1SfKcGF8jXvtW7uIwws6Sv4y7xQAAACA71g0vMceDe/LXx32trJO2jgRcxTNLT0AAADgWzD8an+lvgEQwtUQnf7+DwAAAPx/+/u4c+YzdiGKQtlfisaPqvT33osO21WvfXhx9NHF6T0Otq5Fl+udDJv1hXopSa9Hb46C3hxHf1U3D57/rN8/Q5VHVBSL0bNvlkD4U7g2irl2f9TeH68ZzXZlK+ukq0ne+aAZ2u3LFwbp3uB3nz76fQhFcXTxi173chQePDrYX/35rw7uD3N5Vu3l2WH9C4lTP5Q4mctSmMjlt8fPPdYzvnvyyC8Ob8RUs/6i110ZjduYnP+F0eYXvsb8Pw9vjWLeWhm1Kyfnv1yN2Vw9Y/aTWTT7e+8t1YOdc+ZTWVwfxVy/OTyx3r1Zr1mcyKI1K4vW5PF/oWNxnMW7J7KYPBZrs7JY+4ZZAMzLg+kqdKr+n6q7L3CV+x/VvRqlKuEzq/svZo7yeXhnFPPOtYW6Il0MYeqK3ph1RW+cs66HcHYW/wg3/vbXEHbDjXHw82psNe6fT1TV6PDLaoMvT4/7h1FT/vvhzqWqs3T46/DG4ydPbz06/OTh/sP9T1uttfXGjxqN262wOJxG3ag9AJwhLb6KVgZ/jIoi6/+subHRbA920rjIk4/iItvcTuOsN0iLZKfd207jfpEP8iTvVJ2Ps820jMvdfj+vKklexP28zPaGb36J61e/lGm33RtkSdnvpO0yjZO8N2gng3gzK5O4v/vTTlbupEW8lRdx2U+TbCtL2oMs78Vlvlsk6Wocl2k6EZhtpkefhZBV3V7cL7Juu7gXf5x3drtpvJlW1bI/yKNQ7XA8VtbbyovucLer8z7YAPCKeBzqN9gdv8ru8U/Gq56cWnVmJyzPiJnzFAGAKdNVemneCQEAAAAAAAAAAAAAAKdMPq734/qVPud77O+V7dy9dNaqt+ef2GQnhLDwCqShc87O8quRxmL93/ZF9xOFEGYHf6+KmedVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADO9p8AAAD//0n5kWY=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000740)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x1d61, 0x80, 0x1, 0x1f9}, &(0x7f0000000080)=<r2=>0x0, &(0x7f0000000240)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x6, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
r4 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r5 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r5, 0x0)
write$selinux_load(r4, &(0x7f0000000000)=ANY=[], 0x2000)

kernel console output (not intermixed with test programs):

hout journal. Quota mode: writeback.
[  266.223111][T13296] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  266.296068][T12643] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.340874][T12395] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.351900][T13310] loop3: detected capacity change from 0 to 2048
[  266.425234][T13321] loop1: detected capacity change from 0 to 1024
[  266.437340][T13321] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  266.485591][T13327] loop0: detected capacity change from 0 to 128
[  266.497065][T13327] EXT4-fs: Ignoring removed nomblk_io_submit option
[  266.525989][T13327] EXT4-fs error (device loop0): __ext4_fill_super:5500: inode #2: comm syz.0.3383: iget: checksum invalid
[  266.539922][T13327] EXT4-fs (loop0): get root inode failed
[  266.545652][T13327] EXT4-fs (loop0): mount failed
[  266.714123][T13347] loop0: detected capacity change from 0 to 512
[  266.730109][T13347] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.764830][T13347] ext4 filesystem being mounted at /65/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  266.794442][T13349] __nla_validate_parse: 7 callbacks suppressed
[  266.794459][T13349] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3393'.
[  266.853921][T13356] loop1: detected capacity change from 0 to 2048
[  266.879235][T13358] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3395'.
[  266.927561][T13358] loop2: detected capacity change from 0 to 1024
[  266.943937][T13347] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #18: comm syz.0.3391: corrupted inode contents
[  266.957001][T13358] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  266.981066][T13347] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #18: comm syz.0.3391: mark_inode_dirty error
[  267.049266][T13347] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #18: comm syz.0.3391: corrupted inode contents
[  267.066902][T13347] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2991: inode #18: comm syz.0.3391: mark_inode_dirty error
[  267.098033][T13347] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2994: inode #18: comm syz.0.3391: mark inode dirty (error -117)
[  267.128601][T13347] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -117)
[  267.168347][T11543] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.198999][T12209] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.241336][T13379] loop2: detected capacity change from 0 to 2048
[  267.267484][T13385] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3408'.
[  267.278212][T13380] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3407'.
[  267.343022][T13394] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3411'.
[  267.379712][T13394] loop4: detected capacity change from 0 to 1024
[  267.439384][T13394] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  267.549483][T13406] openvswitch: netlink: Message has 6 unknown bytes.
[  267.571921][T13404] loop1: detected capacity change from 0 to 1024
[  267.594957][T13406] loop3: detected capacity change from 0 to 128
[  267.617795][T13406] EXT4-fs: Ignoring removed nomblk_io_submit option
[  267.641680][T13410] loop2: detected capacity change from 0 to 512
[  267.649152][T13406] EXT4-fs error (device loop3): __ext4_fill_super:5500: inode #2: comm syz.3.3416: iget: checksum invalid
[  267.677445][T13406] EXT4-fs (loop3): get root inode failed
[  267.683224][T13406] EXT4-fs (loop3): mount failed
[  267.706408][T13413] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  267.789524][T13404] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  267.817555][T13410] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  267.885363][T13404] ext4 filesystem being mounted at /59/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  267.911070][T13410] ext4 filesystem being mounted at /52/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  267.978454][T13423] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  267.999233][T13404] EXT4-fs error (device loop1): ext4_map_blocks:816: inode #15: block 1: comm syz.1.3415: lblock 1 mapped to illegal pblock 1 (length 15)
[  268.115712][T13404] EXT4-fs error (device loop1): ext4_ext_remove_space:2955: inode #15: comm syz.1.3415: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  268.136225][T13427] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #18: comm syz.2.3417: corrupted inode contents
[  268.178826][T13427] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #18: comm syz.2.3417: mark_inode_dirty error
[  268.248016][T13427] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #18: comm syz.2.3417: corrupted inode contents
[  268.331556][T13427] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2991: inode #18: comm syz.2.3417: mark_inode_dirty error
[  268.333363][T13435] loop3: detected capacity change from 0 to 512
[  268.360337][T13433] pim6reg1: entered promiscuous mode
[  268.365797][T13433] pim6reg1: entered allmulticast mode
[  268.389634][T13427] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2994: inode #18: comm syz.2.3417: mark inode dirty (error -117)
[  268.419317][T13427] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[  268.421921][T13435] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  268.465226][T12395] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.514567][T13435] ext4 filesystem being mounted at /92/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  268.831346][T13447] loop4: detected capacity change from 0 to 2048
[  268.898252][T13451] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm syz.3.3422: corrupted inode contents
[  268.966072][T13453] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  268.977857][T13451] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #18: comm syz.3.3422: mark_inode_dirty error
[  269.017799][T13451] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm syz.3.3422: corrupted inode contents
[  269.030139][T13451] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #18: comm syz.3.3422: mark_inode_dirty error
[  269.046545][T13451] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #18: comm syz.3.3422: mark inode dirty (error -117)
[  269.077869][T13451] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  269.127199][T11978] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.229165][T13476] openvswitch: netlink: Message has 6 unknown bytes.
[  269.250581][T13476] loop2: detected capacity change from 0 to 128
[  269.257688][T13476] EXT4-fs: Ignoring removed nomblk_io_submit option
[  269.279702][T13476] EXT4-fs error (device loop2): __ext4_fill_super:5500: inode #2: comm syz.2.3435: iget: checksum invalid
[  269.291469][T13476] EXT4-fs (loop2): get root inode failed
[  269.297259][T13476] EXT4-fs (loop2): mount failed
[  269.333025][T13478] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3441'.
[  269.345586][T13485] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  269.428061][T13491] loop2: detected capacity change from 0 to 512
[  269.448011][T13491] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  269.461501][T13491] ext4 filesystem being mounted at /59/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  269.482402][T13489] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  269.721941][T12643] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.728625][T13505] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #18: comm syz.2.3446: corrupted inode contents
[  270.820072][T13505] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #18: comm syz.2.3446: mark_inode_dirty error
[  271.936245][T13505] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #18: comm syz.2.3446: corrupted inode contents
[  271.977794][T13505] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2991: inode #18: comm syz.2.3446: mark_inode_dirty error
[  272.022710][T13505] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2994: inode #18: comm syz.2.3446: mark inode dirty (error -117)
[  272.148098][T13514] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3452'.
[  272.157252][T13514] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3452'.
[  272.184681][   T29] kauditd_printk_skb: 479 callbacks suppressed
[  272.184698][   T29] audit: type=1326 audit(1750103127.832:22459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13501 comm="syz.4.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f92fba258e7 code=0x7ffc0000
[  272.210145][T13505] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[  272.214708][   T29] audit: type=1326 audit(1750103127.832:22460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13501 comm="syz.4.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f92fb9cab19 code=0x7ffc0000
[  272.247515][   T29] audit: type=1326 audit(1750103127.832:22461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13501 comm="syz.4.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f92fba258e7 code=0x7ffc0000
[  272.271052][   T29] audit: type=1326 audit(1750103127.832:22462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13501 comm="syz.4.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f92fb9cab19 code=0x7ffc0000
[  272.295085][   T29] audit: type=1326 audit(1750103127.832:22463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13501 comm="syz.4.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f92fba258e7 code=0x7ffc0000
[  272.318658][   T29] audit: type=1326 audit(1750103127.832:22464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13501 comm="syz.4.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f92fb9cab19 code=0x7ffc0000
[  272.342207][   T29] audit: type=1326 audit(1750103127.832:22465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13501 comm="syz.4.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f92fba258e7 code=0x7ffc0000
[  272.365766][   T29] audit: type=1326 audit(1750103127.832:22466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13501 comm="syz.4.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f92fb9cab19 code=0x7ffc0000
[  272.366551][T13514] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3452'.
[  272.389259][   T29] audit: type=1326 audit(1750103127.832:22467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13501 comm="syz.4.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f92fba258e7 code=0x7ffc0000
[  272.421838][   T29] audit: type=1326 audit(1750103127.832:22468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13501 comm="syz.4.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f92fb9cab19 code=0x7ffc0000
[  272.461101][T13514] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3452'.
[  272.470160][T13514] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3452'.
[  272.490656][T12395] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.502339][T13519] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3453'.
[  272.511644][T13514] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3452'.
[  272.663760][T13514] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3452'.
[  272.672858][T13514] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3452'.
[  272.686829][T13514] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3452'.
[  272.848506][T13531] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  272.903740][T13540] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  273.197856][T13550] loop2: detected capacity change from 0 to 512
[  273.224527][T13550] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  273.237675][T13550] ext4 filesystem being mounted at /62/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  273.268135][T13550] netlink: 'syz.2.3462': attribute type 3 has an invalid length.
[  273.331009][T13550] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #18: comm syz.2.3462: corrupted inode contents
[  273.343534][T13552] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  273.352680][T13550] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #18: comm syz.2.3462: mark_inode_dirty error
[  273.420476][T13550] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #18: comm syz.2.3462: corrupted inode contents
[  273.571327][T13550] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2991: inode #18: comm syz.2.3462: mark_inode_dirty error
[  273.594934][T13550] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2994: inode #18: comm syz.2.3462: mark inode dirty (error -117)
[  273.608845][T13550] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[  274.599387][T12395] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.663350][T13585] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  276.145756][T13596] loop1: detected capacity change from 0 to 512
[  276.170506][T13601] loop3: detected capacity change from 0 to 512
[  276.197004][T13596] EXT4-fs (loop1): 1 orphan inode deleted
[  276.204676][T13596] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  276.217374][   T37] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 1
[  276.219886][T13596] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  276.231128][T13601] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  276.247987][T13614] loop2: detected capacity change from 0 to 1024
[  276.258787][T13601] ext4 filesystem being mounted at /105/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  276.259462][T13608] netlink: 'syz.0.3479': attribute type 1 has an invalid length.
[  276.344551][T13601] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm syz.3.3477: corrupted inode contents
[  276.357734][T13601] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #18: comm syz.3.3477: mark_inode_dirty error
[  276.369407][T13601] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm syz.3.3477: corrupted inode contents
[  276.383892][T13601] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #18: comm syz.3.3477: mark_inode_dirty error
[  276.422084][T13601] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #18: comm syz.3.3477: mark inode dirty (error -117)
[  276.439417][T13601] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  277.244138][T13652] netlink: 'syz.4.3495': attribute type 1 has an invalid length.
[  277.252004][T13652] __nla_validate_parse: 5 callbacks suppressed
[  277.252019][T13652] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3495'.
[  277.319866][T13650] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  277.370812][T13656] loop4: detected capacity change from 0 to 512
[  277.408964][T13656] EXT4-fs (loop4): 1 orphan inode deleted
[  277.416181][T13656] ext4 filesystem being mounted at /132/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  277.427146][  T311] __quota_error: 4444 callbacks suppressed
[  277.427160][  T311] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  277.442799][  T311] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:6: Failed to release dquot type 1
[  277.480660][T13662] loop4: detected capacity change from 0 to 1024
[  277.564560][   T29] audit: type=1326 audit(1750103133.212:26912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13646 comm="syz.0.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feebaeae929 code=0x7ffc0000
[  277.588239][   T29] audit: type=1326 audit(1750103133.212:26913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13646 comm="syz.0.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7feebaea58e7 code=0x7ffc0000
[  277.611813][   T29] audit: type=1326 audit(1750103133.212:26914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13646 comm="syz.0.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feebae4ab19 code=0x7ffc0000
[  277.635396][   T29] audit: type=1326 audit(1750103133.212:26915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13646 comm="syz.0.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feebaeae929 code=0x7ffc0000
[  277.659182][   T29] audit: type=1326 audit(1750103133.212:26916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13646 comm="syz.0.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7feebaea58e7 code=0x7ffc0000
[  277.682827][   T29] audit: type=1326 audit(1750103133.212:26917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13646 comm="syz.0.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feebae4ab19 code=0x7ffc0000
[  277.706624][   T29] audit: type=1326 audit(1750103133.212:26918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13646 comm="syz.0.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feebaeae929 code=0x7ffc0000
[  277.730371][   T29] audit: type=1326 audit(1750103133.212:26919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13646 comm="syz.0.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7feebaea58e7 code=0x7ffc0000
[  277.753940][   T29] audit: type=1326 audit(1750103133.212:26920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13646 comm="syz.0.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feebae4ab19 code=0x7ffc0000
[  277.978790][T13681] loop2: detected capacity change from 0 to 256
[  278.169373][T13677] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3505'.
[  278.258067][T13685] vhci_hcd: invalid port number 224
[  278.569416][T13689] netlink: 'syz.2.3508': attribute type 1 has an invalid length.
[  278.577362][T13689] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3508'.
[  278.603606][T13690] loop3: detected capacity change from 0 to 1024
[  279.392557][T13704] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  279.499987][T11543] EXT4-fs unmount: 8 callbacks suppressed
[  279.500006][T11543] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.713466][T13706] loop4: detected capacity change from 0 to 512
[  279.725670][T13710] loop2: detected capacity change from 0 to 2048
[  279.751122][T11978] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.771488][T13714] loop1: detected capacity change from 0 to 256
[  279.803904][T13706] EXT4-fs (loop4): 1 orphan inode deleted
[  279.810625][T13706] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  279.810932][T13706] ext4 filesystem being mounted at /134/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  279.841728][   T12] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 1
[  279.843161][T13723] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3517'.
[  279.861712][T13723] loop3: detected capacity change from 0 to 1024
[  279.894788][T11543] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.904895][T13723] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  279.905770][T13718] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3518'.
[  279.955657][T13728] netlink: 'syz.2.3521': attribute type 1 has an invalid length.
[  279.963606][T13728] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3521'.
[  281.422495][T13749] vhci_hcd: invalid port number 224
[  281.441321][T13758] loop2: detected capacity change from 0 to 256
[  281.452656][T13759] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3534'.
[  281.481622][T13759] loop4: detected capacity change from 0 to 1024
[  281.491068][T13764] netlink: 'syz.0.3535': attribute type 1 has an invalid length.
[  281.499090][T13764] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3535'.
[  281.528861][T13759] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  281.569454][T13767] loop2: detected capacity change from 0 to 512
[  281.611247][T13768] loop0: detected capacity change from 0 to 512
[  281.650381][T13775] loop4: detected capacity change from 0 to 1024
[  281.658678][T13767] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  281.686799][T13768] EXT4-fs (loop0): 1 orphan inode deleted
[  281.693084][T13768] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  281.710692][  T311] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:6: Failed to release dquot type 1
[  281.712313][T13775] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  281.733401][T13767] ext4 filesystem being mounted at /81/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  281.759045][T13768] ext4 filesystem being mounted at /81/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  281.828467][T12209] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.042210][T12395] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.214444][T13797] netlink: 'syz.1.3546': attribute type 1 has an invalid length.
[  282.222413][T13797] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3546'.
[  282.297839][T13799] vhci_hcd: invalid port number 224
[  282.347834][T13801] loop1: detected capacity change from 0 to 256
[  282.418705][T13804] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3549'.
[  282.452574][T13804] loop3: detected capacity change from 0 to 1024
[  282.468051][T13804] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  282.506804][   T29] kauditd_printk_skb: 3574 callbacks suppressed
[  282.506823][   T29] audit: type=1326 audit(1750103138.152:30493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13803 comm="syz.3.3549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6776ee929 code=0x7ffc0000
[  282.536688][   T29] audit: type=1326 audit(1750103138.152:30494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13803 comm="syz.3.3549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6776ee929 code=0x7ffc0000
[  282.560448][   T29] audit: type=1326 audit(1750103138.152:30495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13803 comm="syz.3.3549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb6776ee929 code=0x7ffc0000
[  282.565509][T13809] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  282.584123][   T29] audit: type=1326 audit(1750103138.152:30496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13803 comm="syz.3.3549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6776ee929 code=0x7ffc0000
[  282.615800][   T29] audit: type=1326 audit(1750103138.152:30497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13803 comm="syz.3.3549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb6776ee929 code=0x7ffc0000
[  282.639478][   T29] audit: type=1326 audit(1750103138.152:30498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13803 comm="syz.3.3549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6776ee929 code=0x7ffc0000
[  282.663203][   T29] audit: type=1326 audit(1750103138.152:30499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13803 comm="syz.3.3549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=8 compat=0 ip=0x7fb6776ee929 code=0x7ffc0000
[  282.686893][   T29] audit: type=1326 audit(1750103138.152:30500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13803 comm="syz.3.3549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6776ee929 code=0x7ffc0000
[  282.710568][   T29] audit: type=1326 audit(1750103138.152:30501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13803 comm="syz.3.3549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb6776ee929 code=0x7ffc0000
[  282.734078][   T29] audit: type=1326 audit(1750103138.152:30502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13803 comm="syz.3.3549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6776ee929 code=0x7ffc0000
[  282.848710][T13813] loop2: detected capacity change from 0 to 512
[  282.898546][T13813] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  282.912857][T11543] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.926736][T13813] ext4 filesystem being mounted at /83/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  283.044808][T13813] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #18: comm syz.2.3552: corrupted inode contents
[  283.082030][T13823] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3556'.
[  283.113011][T13813] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #18: comm syz.2.3552: mark_inode_dirty error
[  283.132209][T13826] netlink: 'syz.4.3557': attribute type 1 has an invalid length.
[  283.140151][T13826] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3557'.
[  283.140347][T13813] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #18: comm syz.2.3552: corrupted inode contents
[  283.172563][T13813] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2991: inode #18: comm syz.2.3552: mark_inode_dirty error
[  283.191654][T13813] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2994: inode #18: comm syz.2.3552: mark inode dirty (error -117)
[  283.213448][T13828] vhci_hcd: invalid port number 224
[  283.251641][T13833] loop1: detected capacity change from 0 to 512
[  283.266715][T13813] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[  283.298584][T13833] EXT4-fs (loop1): 1 orphan inode deleted
[  283.304794][T13833] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  283.317437][   T12] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 1
[  283.346712][T13833] ext4 filesystem being mounted at /91/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  283.358643][T12395] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.450709][T12643] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.527852][T13842] openvswitch: netlink: Message has 6 unknown bytes.
[  283.549616][T13842] loop2: detected capacity change from 0 to 128
[  283.556357][T13842] EXT4-fs: Ignoring removed nomblk_io_submit option
[  283.597326][T13842] EXT4-fs error (device loop2): __ext4_fill_super:5500: inode #2: comm syz.2.3562: iget: checksum invalid
[  283.616793][T13842] EXT4-fs (loop2): get root inode failed
[  283.622569][T13842] EXT4-fs (loop2): mount failed
[  283.783839][T13850] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  283.959438][T13855] netlink: 'syz.1.3569': attribute type 1 has an invalid length.
[  283.967397][T13855] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3569'.
[  284.014617][T13858] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3568'.
[  284.087182][T13861] vhci_hcd: invalid port number 224
[  284.132608][T13866] loop1: detected capacity change from 0 to 2048
[  284.170347][T13868] loop1: detected capacity change from 0 to 512
[  284.207795][T13868] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  284.256591][T13868] ext4 filesystem being mounted at /99/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  284.273112][T13876] netlink: 'syz.4.3576': attribute type 4 has an invalid length.
[  284.405544][T13868] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #18: comm syz.1.3573: corrupted inode contents
[  284.437701][T13868] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #18: comm syz.1.3573: mark_inode_dirty error
[  284.469571][T13868] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #18: comm syz.1.3573: corrupted inode contents
[  284.502034][T13868] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2991: inode #18: comm syz.1.3573: mark_inode_dirty error
[  284.536676][T13868] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2994: inode #18: comm syz.1.3573: mark inode dirty (error -117)
[  284.567572][T13868] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -117)
[  284.616380][T12643] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.730999][T13894] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3584'.
[  284.741435][T13891] vhci_hcd: invalid port number 224
[  284.776770][T13894] loop1: detected capacity change from 0 to 1024
[  284.793812][T13894] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  284.868556][T13898] loop1: detected capacity change from 0 to 128
[  284.887093][T13898] EXT4-fs: Ignoring removed nomblk_io_submit option
[  284.901137][T13898] EXT4-fs error (device loop1): __ext4_fill_super:5500: inode #2: comm syz.1.3586: iget: checksum invalid
[  284.929810][T13898] EXT4-fs (loop1): get root inode failed
[  284.935611][T13898] EXT4-fs (loop1): mount failed
[  285.042557][T13914] loop1: detected capacity change from 0 to 512
[  285.200382][T13914] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  285.226618][T13914] ext4 filesystem being mounted at /105/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  285.243983][T13914] netlink: 'syz.1.3591': attribute type 3 has an invalid length.
[  285.569474][T13921] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #18: comm syz.1.3591: corrupted inode contents
[  285.644061][T13921] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #18: comm syz.1.3591: mark_inode_dirty error
[  286.109372][T13921] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #18: comm syz.1.3591: corrupted inode contents
[  286.124994][T13930] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3597'.
[  286.174992][T13921] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2991: inode #18: comm syz.1.3591: mark_inode_dirty error
[  286.198555][T13934] loop0: detected capacity change from 0 to 128
[  286.210553][T13930] loop4: detected capacity change from 0 to 1024
[  286.216793][T13921] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2994: inode #18: comm syz.1.3591: mark inode dirty (error -117)
[  286.230122][T13921] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -117)
[  286.239712][T13934] EXT4-fs: Ignoring removed nomblk_io_submit option
[  286.250683][T13930] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  286.267538][T13934] EXT4-fs error (device loop0): __ext4_fill_super:5500: inode #2: comm syz.0.3599: iget: checksum invalid
[  286.374630][T12643] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.396583][T13934] EXT4-fs (loop0): get root inode failed
[  286.402371][T13934] EXT4-fs (loop0): mount failed
[  287.692564][T13957] loop0: detected capacity change from 0 to 256
[  287.716983][T13958] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3607'.
[  287.886339][T13968] loop4: detected capacity change from 0 to 256
[  287.909795][T13973] openvswitch: netlink: Message has 6 unknown bytes.
[  287.921409][T13973] loop0: detected capacity change from 0 to 128
[  287.943177][T13973] EXT4-fs: Ignoring removed nomblk_io_submit option
[  287.970873][T13980] loop2: detected capacity change from 0 to 128
[  287.978300][T13973] EXT4-fs error (device loop0): __ext4_fill_super:5500: inode #2: comm syz.0.3613: iget: checksum invalid
[  287.986642][T13980] EXT4-fs: Ignoring removed nomblk_io_submit option
[  287.990879][T13973] EXT4-fs (loop0): get root inode failed
[  288.002047][T13973] EXT4-fs (loop0): mount failed
[  288.012741][T13980] EXT4-fs error (device loop2): __ext4_fill_super:5500: inode #2: comm syz.2.3615: iget: checksum invalid
[  288.024841][T13980] EXT4-fs (loop2): get root inode failed
[  288.030617][T13980] EXT4-fs (loop2): mount failed
[  288.132451][T13993] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3620'.
[  288.162669][T14002] netlink: 'syz.2.3624': attribute type 1 has an invalid length.
[  288.170543][T14002] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3624'.
[  288.183472][T14000] loop0: detected capacity change from 0 to 512
[  288.202291][T14000] EXT4-fs (loop0): 1 orphan inode deleted
[  288.216620][ T4711] __quota_error: 302 callbacks suppressed
[  288.216637][ T4711] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  288.222309][T14000] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  288.222527][ T4711] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:8: Failed to release dquot type 1
[  288.244869][T14004] loop4: detected capacity change from 0 to 2048
[  288.266850][T14000] ext4 filesystem being mounted at /94/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  288.289793][T14004] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  288.320692][T14004] EXT4-fs error (device loop4): ext4_ext_precache:632: inode #2: comm syz.4.3625: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[  288.323536][   T29] audit: type=1326 audit(1750103143.972:30804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13990 comm="syz.3.3618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6776ee929 code=0x7ffc0000
[  288.361907][   T29] audit: type=1326 audit(1750103143.972:30805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13990 comm="syz.3.3618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6776ee929 code=0x7ffc0000
[  288.385870][   T29] audit: type=1326 audit(1750103143.972:30806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13990 comm="syz.3.3618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb6776e58e7 code=0x7ffc0000
[  288.409579][   T29] audit: type=1326 audit(1750103143.972:30807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13990 comm="syz.3.3618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb67768ab19 code=0x7ffc0000
[  288.433320][   T29] audit: type=1326 audit(1750103143.972:30808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13990 comm="syz.3.3618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb6776e58e7 code=0x7ffc0000
[  288.456954][   T29] audit: type=1326 audit(1750103143.972:30809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13990 comm="syz.3.3618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb67768ab19 code=0x7ffc0000
[  288.480507][   T29] audit: type=1326 audit(1750103143.972:30810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13990 comm="syz.3.3618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb6776e58e7 code=0x7ffc0000
[  288.504088][   T29] audit: type=1326 audit(1750103143.972:30811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13990 comm="syz.3.3618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb67768ab19 code=0x7ffc0000
[  288.527744][   T29] audit: type=1326 audit(1750103143.972:30812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13990 comm="syz.3.3618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb6776e58e7 code=0x7ffc0000
[  288.557082][T11543] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.567709][T12209] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.719445][T14022] loop0: detected capacity change from 0 to 512
[  288.739292][T14022] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  288.805758][T14028] FAULT_INJECTION: forcing a failure.
[  288.805758][T14028] name failslab, interval 1, probability 0, space 0, times 0
[  288.818561][T14028] CPU: 0 UID: 0 PID: 14028 Comm: syz.2.3630 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  288.818595][T14028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  288.818623][T14028] Call Trace:
[  288.818630][T14028]  <TASK>
[  288.818638][T14028]  __dump_stack+0x1d/0x30
[  288.818720][T14028]  dump_stack_lvl+0xe8/0x140
[  288.818741][T14028]  dump_stack+0x15/0x1b
[  288.818760][T14028]  should_fail_ex+0x265/0x280
[  288.818787][T14028]  ? nf_ct_tmpl_alloc+0x63/0x130
[  288.818890][T14028]  should_failslab+0x8c/0xb0
[  288.818938][T14028]  __kmalloc_cache_noprof+0x4c/0x320
[  288.818967][T14028]  nf_ct_tmpl_alloc+0x63/0x130
[  288.818995][T14028]  xt_ct_tg_check+0x173/0x660
[  288.819060][T14028]  ? finish_task_switch+0xad/0x2b0
[  288.819123][T14028]  xt_ct_tg_check_v2+0x4a/0x60
[  288.819152][T14028]  xt_check_target+0x28d/0x4c0
[  288.819187][T14028]  ? __cond_resched+0x4e/0x90
[  288.819214][T14028]  ? strcmp+0x22/0x50
[  288.819296][T14028]  ? xt_find_target+0x1cd/0x200
[  288.819338][T14028]  translate_table+0xcf5/0x1070
[  288.819376][T14028]  do_ip6t_set_ctl+0x678/0x840
[  288.819437][T14028]  nf_setsockopt+0x199/0x1b0
[  288.819460][T14028]  ipv6_setsockopt+0x11a/0x130
[  288.819487][T14028]  udpv6_setsockopt+0x99/0xb0
[  288.819534][T14028]  sock_common_setsockopt+0x66/0x80
[  288.819563][T14028]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  288.819586][T14028]  __sys_setsockopt+0x181/0x200
[  288.819615][T14028]  __x64_sys_setsockopt+0x64/0x80
[  288.819717][T14028]  x64_sys_call+0x2bd5/0x2fb0
[  288.819736][T14028]  do_syscall_64+0xd2/0x200
[  288.819753][T14028]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  288.819831][T14028]  ? clear_bhb_loop+0x40/0x90
[  288.819855][T14028]  ? clear_bhb_loop+0x40/0x90
[  288.819876][T14028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.819896][T14028] RIP: 0033:0x7f67a032e929
[  288.819911][T14028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  288.819995][T14028] RSP: 002b:00007f679e955038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  288.820019][T14028] RAX: ffffffffffffffda RBX: 00007f67a0556160 RCX: 00007f67a032e929
[  288.820034][T14028] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  288.820111][T14028] RBP: 00007f679e955090 R08: 0000000000000386 R09: 0000000000000000
[  288.820126][T14028] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000002
[  288.820140][T14028] R13: 0000000000000000 R14: 00007f67a0556160 R15: 00007ffd1d762db8
[  288.820160][T14028]  </TASK>
[  289.075245][T14022] ext4 filesystem being mounted at /95/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  289.109037][T14027] vhci_hcd: invalid port number 96
[  289.114307][T14027] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  289.123113][T14027] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3631'.
[  289.126612][T14022] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #18: comm syz.0.3628: corrupted inode contents
[  289.156830][T14022] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #18: comm syz.0.3628: mark_inode_dirty error
[  289.187618][T14022] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #18: comm syz.0.3628: corrupted inode contents
[  289.209864][T14022] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2991: inode #18: comm syz.0.3628: mark_inode_dirty error
[  289.267795][T14022] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2994: inode #18: comm syz.0.3628: mark inode dirty (error -117)
[  289.282155][T14022] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -117)
[  289.335628][T12209] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.373394][T14035] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3635'.
[  289.426272][T14043] FAULT_INJECTION: forcing a failure.
[  289.426272][T14043] name failslab, interval 1, probability 0, space 0, times 0
[  289.439045][T14043] CPU: 0 UID: 0 PID: 14043 Comm: syz.0.3637 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  289.439123][T14043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  289.439136][T14043] Call Trace:
[  289.439142][T14043]  <TASK>
[  289.439150][T14043]  __dump_stack+0x1d/0x30
[  289.439173][T14043]  dump_stack_lvl+0xe8/0x140
[  289.439262][T14043]  dump_stack+0x15/0x1b
[  289.439307][T14043]  should_fail_ex+0x265/0x280
[  289.439339][T14043]  should_failslab+0x8c/0xb0
[  289.439429][T14043]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  289.439462][T14043]  ? sidtab_sid2str_get+0xa0/0x130
[  289.439547][T14043]  kmemdup_noprof+0x2b/0x70
[  289.439587][T14043]  sidtab_sid2str_get+0xa0/0x130
[  289.439610][T14043]  security_sid_to_context_core+0x1eb/0x2e0
[  289.439634][T14043]  security_sid_to_context+0x27/0x40
[  289.439653][T14043]  selinux_lsmprop_to_secctx+0x67/0xf0
[  289.439720][T14043]  security_lsmprop_to_secctx+0x43/0x80
[  289.439753][T14043]  audit_log_task_context+0x77/0x190
[  289.439788][T14043]  audit_log_task+0xf4/0x250
[  289.439833][T14043]  audit_seccomp+0x61/0x100
[  289.439857][T14043]  ? __seccomp_filter+0x68c/0x10d0
[  289.439881][T14043]  __seccomp_filter+0x69d/0x10d0
[  289.439906][T14043]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  289.439933][T14043]  ? vfs_write+0x75e/0x8e0
[  289.439965][T14043]  ? __rcu_read_unlock+0x4f/0x70
[  289.439998][T14043]  ? __fget_files+0x184/0x1c0
[  289.440053][T14043]  __secure_computing+0x82/0x150
[  289.440077][T14043]  syscall_trace_enter+0xcf/0x1e0
[  289.440099][T14043]  do_syscall_64+0xac/0x200
[  289.440119][T14043]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  289.440172][T14043]  ? clear_bhb_loop+0x40/0x90
[  289.440197][T14043]  ? clear_bhb_loop+0x40/0x90
[  289.440218][T14043]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.440240][T14043] RIP: 0033:0x7feebaeae929
[  289.440270][T14043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  289.440289][T14043] RSP: 002b:00007feeb9517038 EFLAGS: 00000246 ORIG_RAX: 000000000000011b
[  289.440307][T14043] RAX: ffffffffffffffda RBX: 00007feebb0d5fa0 RCX: 00007feebaeae929
[  289.440386][T14043] RDX: 0000000000000000 RSI: 0000000000000800 RDI: 0000000000000000
[  289.440397][T14043] RBP: 00007feeb9517090 R08: 0000000000000000 R09: 0000000000000000
[  289.440408][T14043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  289.440419][T14043] R13: 0000000000000000 R14: 00007feebb0d5fa0 R15: 00007ffcadfe2e08
[  289.440435][T14043]  </TASK>
[  289.972306][T14050] 9pnet_fd: Insufficient options for proto=fd
[  290.372804][T14068] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3646'.
[  290.452477][T14076] SELinux: syz.3.3648 (14076) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  291.145827][T14097] loop3: detected capacity change from 0 to 512
[  291.170119][T14097] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  291.188138][T14097] ext4 filesystem being mounted at /128/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  291.243808][T14097] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm syz.3.3656: corrupted inode contents
[  291.269271][T14107] loop2: detected capacity change from 0 to 128
[  291.279372][T14106] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  291.287364][T14106] FAT-fs (loop2): Filesystem has been set read-only
[  291.294758][T14097] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #18: comm syz.3.3656: mark_inode_dirty error
[  291.307772][T14106] syz.2.3660: attempt to access beyond end of device
[  291.307772][T14106] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  291.322471][T14097] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm syz.3.3656: corrupted inode contents
[  291.323566][T14106] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  291.342202][T14106] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  291.353152][T14097] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #18: comm syz.3.3656: mark_inode_dirty error
[  291.353674][T14107] syz.2.3660: attempt to access beyond end of device
[  291.353674][T14107] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  291.376917][T14097] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #18: comm syz.3.3656: mark inode dirty (error -117)
[  291.378541][T14107] syz.2.3660: attempt to access beyond end of device
[  291.378541][T14107] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  291.400407][T14097] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  291.441323][T11978] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.557236][T14114] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  291.827751][T14129] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  292.355984][T14133] SELinux: failed to load policy
[  292.469648][T14143] loop0: detected capacity change from 0 to 128
[  292.502145][T14142] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  292.510165][T14142] FAT-fs (loop0): Filesystem has been set read-only
[  292.536579][T14142] syz.0.3674: attempt to access beyond end of device
[  292.536579][T14142] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  292.572741][T14142] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  292.580816][T14142] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  292.597856][T14143] syz.0.3674: attempt to access beyond end of device
[  292.597856][T14143] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  292.611395][T14143] syz.0.3674: attempt to access beyond end of device
[  292.611395][T14143] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  292.705041][T14151] loop3: detected capacity change from 0 to 512
[  292.713258][T14151] EXT4-fs: Ignoring removed nomblk_io_submit option
[  292.742665][T14151] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  292.756275][T14151] ext4 filesystem being mounted at /132/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  293.018830][T14154] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  293.374022][T11978] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.402418][T14173] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  293.539342][   T29] kauditd_printk_skb: 1145 callbacks suppressed
[  293.539362][   T29] audit: type=1326 audit(1750103149.192:31955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14161 comm="syz.0.3680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feebaeae929 code=0x7ffc0000
[  293.582399][   T29] audit: type=1326 audit(1750103149.192:31956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14161 comm="syz.0.3680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feebaeae929 code=0x7ffc0000
[  293.606243][   T29] audit: type=1326 audit(1750103149.192:31957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14161 comm="syz.0.3680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7feebaea58e7 code=0x7ffc0000
[  293.630000][   T29] audit: type=1326 audit(1750103149.192:31958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14161 comm="syz.0.3680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feebae4ab19 code=0x7ffc0000
[  293.653681][   T29] audit: type=1326 audit(1750103149.192:31959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14161 comm="syz.0.3680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7feebaea58e7 code=0x7ffc0000
[  293.677326][   T29] audit: type=1326 audit(1750103149.192:31960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14161 comm="syz.0.3680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feebae4ab19 code=0x7ffc0000
[  293.700939][   T29] audit: type=1326 audit(1750103149.192:31961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14161 comm="syz.0.3680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7feebaea58e7 code=0x7ffc0000
[  293.724562][   T29] audit: type=1326 audit(1750103149.192:31962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14161 comm="syz.0.3680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feebae4ab19 code=0x7ffc0000
[  293.748183][   T29] audit: type=1326 audit(1750103149.192:31963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14161 comm="syz.0.3680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7feebaea58e7 code=0x7ffc0000
[  293.771716][   T29] audit: type=1326 audit(1750103149.192:31964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14161 comm="syz.0.3680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feebae4ab19 code=0x7ffc0000
[  293.943710][T14192] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  294.536027][T14201] FAULT_INJECTION: forcing a failure.
[  294.536027][T14201] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  294.549348][T14201] CPU: 0 UID: 0 PID: 14201 Comm: syz.3.3690 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  294.549376][T14201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  294.549387][T14201] Call Trace:
[  294.549393][T14201]  <TASK>
[  294.549402][T14201]  __dump_stack+0x1d/0x30
[  294.549499][T14201]  dump_stack_lvl+0xe8/0x140
[  294.549521][T14201]  dump_stack+0x15/0x1b
[  294.549539][T14201]  should_fail_ex+0x265/0x280
[  294.549571][T14201]  should_fail+0xb/0x20
[  294.549627][T14201]  should_fail_usercopy+0x1a/0x20
[  294.549730][T14201]  _copy_to_user+0x20/0xa0
[  294.549760][T14201]  simple_read_from_buffer+0xb5/0x130
[  294.549789][T14201]  proc_fail_nth_read+0x100/0x140
[  294.549812][T14201]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  294.549834][T14201]  vfs_read+0x1a0/0x6f0
[  294.549886][T14201]  ? putname+0xda/0x100
[  294.549907][T14201]  ksys_read+0xda/0x1a0
[  294.549974][T14201]  __x64_sys_read+0x40/0x50
[  294.550009][T14201]  x64_sys_call+0x2d77/0x2fb0
[  294.550106][T14201]  do_syscall_64+0xd2/0x200
[  294.550124][T14201]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  294.550149][T14201]  ? clear_bhb_loop+0x40/0x90
[  294.550171][T14201]  ? clear_bhb_loop+0x40/0x90
[  294.550209][T14201]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.550234][T14201] RIP: 0033:0x7fb6776ed33c
[  294.550252][T14201] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  294.550328][T14201] RSP: 002b:00007fb675d57030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  294.550379][T14201] RAX: ffffffffffffffda RBX: 00007fb677915fa0 RCX: 00007fb6776ed33c
[  294.550430][T14201] RDX: 000000000000000f RSI: 00007fb675d570a0 RDI: 0000000000000006
[  294.550444][T14201] RBP: 00007fb675d57090 R08: 0000000000000000 R09: 0000000000000000
[  294.550458][T14201] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  294.550473][T14201] R13: 0000000000000000 R14: 00007fb677915fa0 R15: 00007fff88ad34e8
[  294.550493][T14201]  </TASK>
[  294.813812][T14203] loop3: detected capacity change from 0 to 512
[  294.855622][T14203] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.887760][T14203] ext4 filesystem being mounted at /136/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  294.899485][T14208] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3692'.
[  295.011895][T14203] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm syz.3.3691: corrupted inode contents
[  295.047853][T14203] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #18: comm syz.3.3691: mark_inode_dirty error
[  295.083800][T14203] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm syz.3.3691: corrupted inode contents
[  295.115621][T14203] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #18: comm syz.3.3691: mark_inode_dirty error
[  295.132944][T14225] netlink: 500 bytes leftover after parsing attributes in process `syz.4.3698'.
[  295.136334][T14203] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #18: comm syz.3.3691: mark inode dirty (error -117)
[  295.142138][T14225] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3698'.
[  295.155657][T14203] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  295.183539][T14230] loop1: detected capacity change from 0 to 256
[  295.200413][T14230] vfat: Bad value for 'fmask'
[  295.218089][T14230] loop1: detected capacity change from 0 to 128
[  295.226420][T14230] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  295.246712][T14230] ext4 filesystem being mounted at /126/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  295.371285][T11978] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.763602][T14237] infiniband syz2: set active
[  295.768392][T14237] infiniband syz2: added veth0_to_bond
[  295.880711][T14237] RDS/IB: syz2: added
[  295.885775][T14237] smc: adding ib device syz2 with port count 1
[  295.892925][T14237] smc:    ib device syz2 port 1 has pnetid 
[  295.926116][T14247] FAULT_INJECTION: forcing a failure.
[  295.926116][T14247] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  295.939270][T14247] CPU: 0 UID: 0 PID: 14247 Comm: syz.0.3706 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  295.939303][T14247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  295.939317][T14247] Call Trace:
[  295.939326][T14247]  <TASK>
[  295.939335][T14247]  __dump_stack+0x1d/0x30
[  295.939358][T14247]  dump_stack_lvl+0xe8/0x140
[  295.939380][T14247]  dump_stack+0x15/0x1b
[  295.939433][T14247]  should_fail_ex+0x265/0x280
[  295.939467][T14247]  should_fail+0xb/0x20
[  295.939569][T14247]  should_fail_usercopy+0x1a/0x20
[  295.939647][T14247]  _copy_to_user+0x20/0xa0
[  295.939679][T14247]  simple_read_from_buffer+0xb5/0x130
[  295.939779][T14247]  proc_fail_nth_read+0x100/0x140
[  295.939800][T14247]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  295.939842][T14247]  vfs_read+0x1a0/0x6f0
[  295.939868][T14247]  ? __rcu_read_unlock+0x4f/0x70
[  295.939893][T14247]  ? __fget_files+0x184/0x1c0
[  295.939917][T14247]  ksys_read+0xda/0x1a0
[  295.939959][T14247]  __x64_sys_read+0x40/0x50
[  295.939994][T14247]  x64_sys_call+0x2d77/0x2fb0
[  295.940024][T14247]  do_syscall_64+0xd2/0x200
[  295.940044][T14247]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  295.940074][T14247]  ? clear_bhb_loop+0x40/0x90
[  295.940097][T14247]  ? clear_bhb_loop+0x40/0x90
[  295.940127][T14247]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.940147][T14247] RIP: 0033:0x7feebaead33c
[  295.940163][T14247] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  295.940183][T14247] RSP: 002b:00007feeb9517030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  295.940272][T14247] RAX: ffffffffffffffda RBX: 00007feebb0d5fa0 RCX: 00007feebaead33c
[  295.940284][T14247] RDX: 000000000000000f RSI: 00007feeb95170a0 RDI: 0000000000000003
[  295.940296][T14247] RBP: 00007feeb9517090 R08: 0000000000000000 R09: 0000000000000000
[  295.940308][T14247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  295.940321][T14247] R13: 0000000000000000 R14: 00007feebb0d5fa0 R15: 00007ffcadfe2e08
[  295.940339][T14247]  </TASK>
[  296.197829][T12643] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  296.240776][T14251] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3708'.
[  296.266273][T14260] FAULT_INJECTION: forcing a failure.
[  296.266273][T14260] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  296.279427][T14260] CPU: 1 UID: 0 PID: 14260 Comm: syz.0.3713 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  296.279452][T14260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  296.279465][T14260] Call Trace:
[  296.279472][T14260]  <TASK>
[  296.279539][T14260]  __dump_stack+0x1d/0x30
[  296.279561][T14260]  dump_stack_lvl+0xe8/0x140
[  296.279630][T14260]  dump_stack+0x15/0x1b
[  296.279660][T14260]  should_fail_ex+0x265/0x280
[  296.279690][T14260]  should_fail+0xb/0x20
[  296.279718][T14260]  should_fail_usercopy+0x1a/0x20
[  296.279750][T14260]  _copy_from_user+0x1c/0xb0
[  296.279774][T14260]  ___sys_sendmsg+0xc1/0x1d0
[  296.279849][T14260]  __sys_sendmmsg+0x178/0x300
[  296.279872][T14260]  __x64_sys_sendmmsg+0x57/0x70
[  296.279890][T14260]  x64_sys_call+0x2f2f/0x2fb0
[  296.279909][T14260]  do_syscall_64+0xd2/0x200
[  296.279928][T14260]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  296.279955][T14260]  ? clear_bhb_loop+0x40/0x90
[  296.279979][T14260]  ? clear_bhb_loop+0x40/0x90
[  296.279999][T14260]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.280018][T14260] RIP: 0033:0x7feebaeae929
[  296.280092][T14260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  296.280112][T14260] RSP: 002b:00007feeb9517038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  296.280135][T14260] RAX: ffffffffffffffda RBX: 00007feebb0d5fa0 RCX: 00007feebaeae929
[  296.280151][T14260] RDX: 0000000000000001 RSI: 0000200000000780 RDI: 0000000000000004
[  296.280164][T14260] RBP: 00007feeb9517090 R08: 0000000000000000 R09: 0000000000000000
[  296.280189][T14260] R10: 0000000004008804 R11: 0000000000000246 R12: 0000000000000001
[  296.280201][T14260] R13: 0000000000000000 R14: 00007feebb0d5fa0 R15: 00007ffcadfe2e08
[  296.280217][T14260]  </TASK>
[  296.549342][T14265] loop0: detected capacity change from 0 to 2048
[  296.572757][T14268] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  296.575726][T14265]  loop0: p1 < > p3
[  296.586443][T14268] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  296.594540][T14265] loop0: p3 size 134217728 extends beyond EOD, truncated
[  296.604804][T14268] loop1: detected capacity change from 0 to 256
[  296.674984][T14276] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  331.571963][   T29] kauditd_printk_skb: 3632 callbacks suppressed
[  331.572059][   T29] audit: type=1400 audit(1750103187.222:35597): avc:  denied  { recv } for  pid=0 comm="swapper/0" saddr=10.128.0.163 src=43292 daddr=10.128.1.102 dest=22 netif=eth0 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  362.252566][   T29] audit: type=1326 audit(1750103217.902:35598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14286 comm="syz.2.3720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67a032e929 code=0x7ffc0000
[  362.276253][   T29] audit: type=1326 audit(1750103217.902:35599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14286 comm="syz.2.3720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67a032e929 code=0x7ffc0000
[  362.307901][   T29] audit: type=1326 audit(1750103217.952:35600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14286 comm="syz.2.3720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f67a032e929 code=0x7ffc0000
[  362.331544][   T29] audit: type=1326 audit(1750103217.952:35601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14286 comm="syz.2.3720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67a032e929 code=0x7ffc0000
[  362.338351][T14291] netlink: 148 bytes leftover after parsing attributes in process `syz.0.3718'.
[  362.355131][   T29] audit: type=1326 audit(1750103217.952:35602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14286 comm="syz.2.3720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67a032e929 code=0x7ffc0000
[  362.387864][   T29] audit: type=1326 audit(1750103217.952:35603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14286 comm="syz.2.3720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7f67a032e929 code=0x7ffc0000
[  362.411885][   T29] audit: type=1326 audit(1750103217.952:35604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14286 comm="syz.2.3720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67a032e929 code=0x7ffc0000
[  362.435574][   T29] audit: type=1326 audit(1750103217.952:35605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14286 comm="syz.2.3720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67a032e929 code=0x7ffc0000
[  362.459477][   T29] audit: type=1326 audit(1750103217.952:35606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14286 comm="syz.2.3720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f67a032e929 code=0x7ffc0000
[  362.483099][   T29] audit: type=1326 audit(1750103217.952:35607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14286 comm="syz.2.3720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67a032e929 code=0x7ffc0000
[  362.508284][T14291] netlink: 148 bytes leftover after parsing attributes in process `syz.0.3718'.
[  362.519040][T14291] netlink: 148 bytes leftover after parsing attributes in process `syz.0.3718'.
[  362.530599][T14291] netlink: 148 bytes leftover after parsing attributes in process `syz.0.3718'.
[  362.551752][T14291] netlink: 148 bytes leftover after parsing attributes in process `syz.0.3718'.
[  362.562528][T14291] netlink: 148 bytes leftover after parsing attributes in process `syz.0.3718'.
[  362.573654][T14291] netlink: 148 bytes leftover after parsing attributes in process `syz.0.3718'.
[  362.597503][T14288] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3720'.
[  362.630816][T14301] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3724'.
[  362.642124][T14306] loop3: detected capacity change from 0 to 512
[  362.662682][T14306] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  362.685408][T14311] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  362.698405][T14310] loop1: detected capacity change from 0 to 512
[  362.707759][T14310] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  362.726788][T14310] EXT4-fs (loop1): 1 truncate cleaned up
[  362.737111][T14310] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  362.739742][T14306] EXT4-fs (loop3): 1 truncate cleaned up
[  362.755673][T14306] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  362.778349][T14310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  362.853261][T11978] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  362.951976][T14326] FAULT_INJECTION: forcing a failure.
[  362.951976][T14326] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  362.965195][T14326] CPU: 0 UID: 0 PID: 14326 Comm: syz.4.3732 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  362.965225][T14326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  362.965237][T14326] Call Trace:
[  362.965244][T14326]  <TASK>
[  362.965290][T14326]  __dump_stack+0x1d/0x30
[  362.965313][T14326]  dump_stack_lvl+0xe8/0x140
[  362.965334][T14326]  dump_stack+0x15/0x1b
[  362.965351][T14326]  should_fail_ex+0x265/0x280
[  362.965384][T14326]  should_fail+0xb/0x20
[  362.965472][T14326]  should_fail_usercopy+0x1a/0x20
[  362.965506][T14326]  _copy_to_user+0x20/0xa0
[  362.965529][T14326]  simple_read_from_buffer+0xb5/0x130
[  362.965580][T14326]  proc_fail_nth_read+0x100/0x140
[  362.965601][T14326]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  362.965621][T14326]  vfs_read+0x1a0/0x6f0
[  362.965723][T14326]  ? __sys_setsockopt+0x18e/0x200
[  362.965756][T14326]  ? __rcu_read_unlock+0x4f/0x70
[  362.965856][T14326]  ? __fget_files+0x184/0x1c0
[  362.965879][T14326]  ksys_read+0xda/0x1a0
[  362.965982][T14326]  __x64_sys_read+0x40/0x50
[  362.966015][T14326]  x64_sys_call+0x2d77/0x2fb0
[  362.966037][T14326]  do_syscall_64+0xd2/0x200
[  362.966111][T14326]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  362.966138][T14326]  ? clear_bhb_loop+0x40/0x90
[  362.966160][T14326]  ? clear_bhb_loop+0x40/0x90
[  362.966194][T14326]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.966217][T14326] RIP: 0033:0x7f92fba2d33c
[  362.966235][T14326] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  362.966271][T14326] RSP: 002b:00007f92fa097030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  362.966293][T14326] RAX: ffffffffffffffda RBX: 00007f92fbc55fa0 RCX: 00007f92fba2d33c
[  362.966307][T14326] RDX: 000000000000000f RSI: 00007f92fa0970a0 RDI: 0000000000000006
[  362.966376][T14326] RBP: 00007f92fa097090 R08: 0000000000000000 R09: 0000000000000000
[  362.966450][T14326] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[  362.966465][T14326] R13: 0000000000000000 R14: 00007f92fbc55fa0 R15: 00007ffe99c2d0e8
[  362.966484][T14326]  </TASK>
[  363.247900][T14331] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  363.297772][T14331] netlink: 240 bytes leftover after parsing attributes in process `syz.2.3728'.
[  363.580848][T14345] loop0: detected capacity change from 0 to 512
[  363.636165][T14351] loop4: detected capacity change from 0 to 512
[  363.647196][T14345] EXT4-fs (loop0): too many log groups per flexible block group
[  363.654906][T14345] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  363.678910][T14351] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  363.694793][T14345] EXT4-fs (loop0): mount failed
[  363.699813][T14351] ext4 filesystem being mounted at /176/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  363.738357][T14351] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #18: comm syz.4.3742: corrupted inode contents
[  363.758262][T14359] loop3: detected capacity change from 0 to 1024
[  363.765468][T14351] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #18: comm syz.4.3742: mark_inode_dirty error
[  363.778482][T14359] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  363.804624][T14351] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #18: comm syz.4.3742: corrupted inode contents
[  363.885887][T14351] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #18: comm syz.4.3742: mark_inode_dirty error
[  363.902673][T14366] loop0: detected capacity change from 0 to 512
[  363.926102][T14366] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  363.956609][T14366] ext4 filesystem being mounted at /121/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  363.968194][T14364] Invalid ELF header magic: != ELF
[  363.976543][T14351] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #18: comm syz.4.3742: mark inode dirty (error -117)
[  364.017970][T14351] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  364.099599][T11543] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  364.116229][T14366] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #18: comm syz.0.3746: corrupted inode contents
[  364.130905][T14366] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #18: comm syz.0.3746: mark_inode_dirty error
[  364.143224][T14366] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #18: comm syz.0.3746: corrupted inode contents
[  364.158463][T14366] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2991: inode #18: comm syz.0.3746: mark_inode_dirty error
[  364.181694][T14383] loop4: detected capacity change from 0 to 512
[  364.189441][T14366] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2994: inode #18: comm syz.0.3746: mark inode dirty (error -117)
[  364.210177][T14366] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -117)
[  364.230291][T14387] loop3: detected capacity change from 0 to 512
[  364.253997][T12209] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  364.264340][T14383] EXT4-fs (loop4): too many log groups per flexible block group
[  364.272092][T14383] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  364.272123][T14392] loop2: detected capacity change from 0 to 128
[  364.279169][T14383] EXT4-fs (loop4): mount failed
[  364.287463][T14387] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  364.304925][T14387] ext4 filesystem being mounted at /148/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  364.372958][T14396] loop0: detected capacity change from 0 to 512
[  364.385793][T14387] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm syz.3.3755: corrupted inode contents
[  364.399272][T14387] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #18: comm syz.3.3755: mark_inode_dirty error
[  364.411623][T14387] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm syz.3.3755: corrupted inode contents
[  364.424980][T14387] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #18: comm syz.3.3755: mark_inode_dirty error
[  364.443877][T14396] EXT4-fs (loop0): too many log groups per flexible block group
[  364.451715][T14396] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  364.462281][T14396] EXT4-fs (loop0): mount failed
[  364.467414][T14387] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #18: comm syz.3.3755: mark inode dirty (error -117)
[  364.467937][T14401] loop4: detected capacity change from 0 to 1024
[  364.486691][T14387] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  364.496340][T14401] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  364.545981][T11978] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  364.584391][T14410] loop1: detected capacity change from 0 to 736
[  364.642115][T14410] rock: directory entry would overflow storage
[  364.648469][T14410] rock: sig=0x3b10, size=4, remaining=3
[  364.711519][T14420] loop0: detected capacity change from 0 to 512
[  364.719038][T14420] EXT4-fs: Ignoring removed nomblk_io_submit option
[  364.727094][T14420] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  364.739721][T14420] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  364.753320][T14420] ext4 filesystem being mounted at /125/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  364.767836][T14420] SELinux:  Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped).
[  364.796347][T12209] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  364.863089][T14432] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  364.940272][T14434] FAULT_INJECTION: forcing a failure.
[  364.940272][T14434] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  364.953768][T14434] CPU: 0 UID: 0 PID: 14434 Comm: syz.0.3769 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  364.953799][T14434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  364.953814][T14434] Call Trace:
[  364.953882][T14434]  <TASK>
[  364.953889][T14434]  __dump_stack+0x1d/0x30
[  364.953911][T14434]  dump_stack_lvl+0xe8/0x140
[  364.953934][T14434]  dump_stack+0x15/0x1b
[  364.953953][T14434]  should_fail_ex+0x265/0x280
[  364.953990][T14434]  should_fail+0xb/0x20
[  364.954020][T14434]  should_fail_usercopy+0x1a/0x20
[  364.954050][T14434]  _copy_from_user+0x1c/0xb0
[  364.954113][T14434]  memdup_user+0x5e/0xd0
[  364.954185][T14434]  strndup_user+0x68/0xb0
[  364.954209][T14434]  keyctl_restrict_keyring+0x15a/0x1b0
[  364.954245][T14434]  __se_sys_keyctl+0x1ed/0xb80
[  364.954275][T14434]  ? _raw_spin_unlock+0x26/0x50
[  364.954368][T14434]  ? finish_task_switch+0xad/0x2b0
[  364.954465][T14434]  ? xfd_validate_state+0x45/0xf0
[  364.954529][T14434]  ? restore_fpregs_from_fpstate+0x61/0x120
[  364.954555][T14434]  __x64_sys_keyctl+0x67/0x80
[  364.954586][T14434]  x64_sys_call+0x2e7f/0x2fb0
[  364.954678][T14434]  do_syscall_64+0xd2/0x200
[  364.954695][T14434]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  364.954718][T14434]  ? clear_bhb_loop+0x40/0x90
[  364.954737][T14434]  ? clear_bhb_loop+0x40/0x90
[  364.954804][T14434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.954825][T14434] RIP: 0033:0x7feebaeae929
[  364.954840][T14434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  364.954857][T14434] RSP: 002b:00007feeb9517038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  364.954876][T14434] RAX: ffffffffffffffda RBX: 00007feebb0d5fa0 RCX: 00007feebaeae929
[  364.954889][T14434] RDX: 0000200000000200 RSI: 000000003f95936a RDI: 000000000000001d
[  364.954902][T14434] RBP: 00007feeb9517090 R08: 0000000000000000 R09: 0000000000000000
[  364.954918][T14434] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  364.954989][T14434] R13: 0000000000000000 R14: 00007feebb0d5fa0 R15: 00007ffcadfe2e08
[  364.955007][T14434]  </TASK>
[  365.222133][T14440] loop0: detected capacity change from 0 to 512
[  365.235222][T14440] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  365.262183][T14440] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  365.275757][T14445] netlink: 'syz.2.3775': attribute type 6 has an invalid length.
[  365.295276][T14440] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 4294967295: comm +}[@: invalid block
[  365.314278][T14440] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm +}[@: invalid indirect mapped block 4294967295 (level 1)
[  365.330748][T14440] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm +}[@: invalid indirect mapped block 4294967295 (level 1)
[  365.347241][T14440] EXT4-fs (loop0): 2 truncates cleaned up
[  365.354479][T14450] SELinux:  policydb magic number 0x6e7cff8c does not match expected magic number 0xf97cff8c
[  365.370085][T14440] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  365.412078][T14450] SELinux: failed to load policy
[  365.533030][T12209] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  365.699560][T14460] loop3: detected capacity change from 0 to 512
[  365.706418][T14460] EXT4-fs: Ignoring removed mblk_io_submit option
[  365.712907][T14460] EXT4-fs: Ignoring removed bh option
[  366.055285][T14460] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  366.068192][T14460] EXT4-fs (loop3): 1 truncate cleaned up
[  366.074436][T14460] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  366.215341][T14471] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  366.340028][T11978] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.357984][T14476] loop1: detected capacity change from 0 to 128
[  366.557863][T14501] FAULT_INJECTION: forcing a failure.
[  366.557863][T14501] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  366.571125][T14501] CPU: 1 UID: 0 PID: 14501 Comm: syz.0.3793 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  366.571157][T14501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  366.571208][T14501] Call Trace:
[  366.571215][T14501]  <TASK>
[  366.571222][T14501]  __dump_stack+0x1d/0x30
[  366.571248][T14501]  dump_stack_lvl+0xe8/0x140
[  366.571266][T14501]  dump_stack+0x15/0x1b
[  366.571295][T14501]  should_fail_ex+0x265/0x280
[  366.571324][T14501]  should_fail+0xb/0x20
[  366.571355][T14501]  should_fail_usercopy+0x1a/0x20
[  366.571394][T14501]  _copy_from_iter+0xcf/0xe40
[  366.571439][T14501]  ? __build_skb_around+0x1a0/0x200
[  366.571549][T14501]  ? __alloc_skb+0x223/0x320
[  366.571576][T14501]  netlink_sendmsg+0x471/0x6b0
[  366.571596][T14501]  ? __pfx_netlink_sendmsg+0x10/0x10
[  366.571687][T14501]  __sock_sendmsg+0x142/0x180
[  366.571713][T14501]  ____sys_sendmsg+0x345/0x4e0
[  366.571795][T14501]  ___sys_sendmsg+0x17b/0x1d0
[  366.571827][T14501]  __sys_sendmmsg+0x178/0x300
[  366.571960][T14501]  __x64_sys_sendmmsg+0x57/0x70
[  366.572003][T14501]  x64_sys_call+0x2f2f/0x2fb0
[  366.572028][T14501]  do_syscall_64+0xd2/0x200
[  366.572140][T14501]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  366.572165][T14501]  ? clear_bhb_loop+0x40/0x90
[  366.572184][T14501]  ? clear_bhb_loop+0x40/0x90
[  366.572203][T14501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.572242][T14501] RIP: 0033:0x7feebaeae929
[  366.572298][T14501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  366.572316][T14501] RSP: 002b:00007feeb9517038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  366.572398][T14501] RAX: ffffffffffffffda RBX: 00007feebb0d5fa0 RCX: 00007feebaeae929
[  366.572414][T14501] RDX: 04000000000001f2 RSI: 0000200000000000 RDI: 0000000000000004
[  366.572429][T14501] RBP: 00007feeb9517090 R08: 0000000000000000 R09: 0000000000000000
[  366.572444][T14501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  366.572459][T14501] R13: 0000000000000000 R14: 00007feebb0d5fa0 R15: 00007ffcadfe2e08
[  366.572479][T14501]  </TASK>
[  366.842806][T14503] loop3: detected capacity change from 0 to 512
[  366.861833][T14506] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  366.939429][T14503] EXT4-fs (loop3): too many log groups per flexible block group
[  366.947300][T14503] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  366.987470][T14503] EXT4-fs (loop3): mount failed
[  367.060006][T14513] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  367.331147][   T29] kauditd_printk_skb: 255 callbacks suppressed
[  367.331163][   T29] audit: type=1326 audit(1750103222.982:35863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14529 comm="syz.3.3804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6776ee929 code=0x7ffc0000
[  367.413234][   T29] audit: type=1326 audit(1750103223.012:35864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14529 comm="syz.3.3804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb6776ee929 code=0x7ffc0000
[  367.437363][   T29] audit: type=1326 audit(1750103223.012:35865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14529 comm="syz.3.3804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6776ee929 code=0x7ffc0000
[  367.441915][T14534] netlink: 'syz.2.3805': attribute type 1 has an invalid length.
[  367.461021][   T29] audit: type=1326 audit(1750103223.012:35866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14529 comm="syz.3.3804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7fb6776ee929 code=0x7ffc0000
[  367.461062][   T29] audit: type=1326 audit(1750103223.012:35867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14529 comm="syz.3.3804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6776ee929 code=0x7ffc0000
[  367.461090][   T29] audit: type=1326 audit(1750103223.012:35868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14529 comm="syz.3.3804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb6776ee929 code=0x7ffc0000
[  367.541362][   T29] audit: type=1326 audit(1750103223.012:35869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14529 comm="syz.3.3804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6776ee929 code=0x7ffc0000
[  367.636983][T14537] FAULT_INJECTION: forcing a failure.
[  367.636983][T14537] name failslab, interval 1, probability 0, space 0, times 0
[  367.649866][T14537] CPU: 1 UID: 0 PID: 14537 Comm: syz.2.3807 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  367.649898][T14537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  367.649924][T14537] Call Trace:
[  367.649931][T14537]  <TASK>
[  367.649939][T14537]  __dump_stack+0x1d/0x30
[  367.650017][T14537]  dump_stack_lvl+0xe8/0x140
[  367.650037][T14537]  dump_stack+0x15/0x1b
[  367.650053][T14537]  should_fail_ex+0x265/0x280
[  367.650160][T14537]  should_failslab+0x8c/0xb0
[  367.650184][T14537]  kmem_cache_alloc_noprof+0x50/0x310
[  367.650207][T14537]  ? getname_flags+0x80/0x3b0
[  367.650230][T14537]  getname_flags+0x80/0x3b0
[  367.650251][T14537]  user_path_at+0x28/0x130
[  367.650316][T14537]  __se_sys_mount+0x25b/0x2e0
[  367.650333][T14537]  ? fput+0x8f/0xc0
[  367.650430][T14537]  __x64_sys_mount+0x67/0x80
[  367.650495][T14537]  x64_sys_call+0xd36/0x2fb0
[  367.650514][T14537]  do_syscall_64+0xd2/0x200
[  367.650531][T14537]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  367.650558][T14537]  ? clear_bhb_loop+0x40/0x90
[  367.650582][T14537]  ? clear_bhb_loop+0x40/0x90
[  367.650606][T14537]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.650630][T14537] RIP: 0033:0x7f67a032e929
[  367.650693][T14537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  367.650712][T14537] RSP: 002b:00007f679e997038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  367.650735][T14537] RAX: ffffffffffffffda RBX: 00007f67a0555fa0 RCX: 00007f67a032e929
[  367.650749][T14537] RDX: 0000200000000040 RSI: 0000200000000000 RDI: 0000000000000000
[  367.650794][T14537] RBP: 00007f679e997090 R08: 0000200000000140 R09: 0000000000000000
[  367.650806][T14537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  367.650818][T14537] R13: 0000000000000000 R14: 00007f67a0555fa0 R15: 00007ffd1d762db8
[  367.650835][T14537]  </TASK>
[  367.690925][   T29] audit: type=1326 audit(1750103223.272:35870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14538 comm="syz.1.3808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa43824e929 code=0x7ffc0000
[  367.748362][T14540] loop1: detected capacity change from 0 to 128
[  367.754351][   T29] audit: type=1326 audit(1750103223.272:35871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14538 comm="syz.1.3808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa43824e929 code=0x7ffc0000
[  367.754382][   T29] audit: type=1326 audit(1750103223.272:35872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14538 comm="syz.1.3808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa43824e929 code=0x7ffc0000
[  367.926616][T14542] __nla_validate_parse: 18 callbacks suppressed
[  367.926634][T14542] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3809'.
[  368.004051][T14553] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3813'.
[  368.024935][T14550] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3812'.
[  368.060682][T14557] FAULT_INJECTION: forcing a failure.
[  368.060682][T14557] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  368.073903][T14557] CPU: 0 UID: 0 PID: 14557 Comm: syz.4.3815 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  368.074012][T14557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  368.074024][T14557] Call Trace:
[  368.074030][T14557]  <TASK>
[  368.074037][T14557]  __dump_stack+0x1d/0x30
[  368.074060][T14557]  dump_stack_lvl+0xe8/0x140
[  368.074081][T14557]  dump_stack+0x15/0x1b
[  368.074176][T14557]  should_fail_ex+0x265/0x280
[  368.074210][T14557]  should_fail+0xb/0x20
[  368.074239][T14557]  should_fail_usercopy+0x1a/0x20
[  368.074271][T14557]  _copy_from_user+0x1c/0xb0
[  368.074304][T14557]  __sys_bpf+0x178/0x790
[  368.074336][T14557]  __x64_sys_bpf+0x41/0x50
[  368.074363][T14557]  x64_sys_call+0x2478/0x2fb0
[  368.074386][T14557]  do_syscall_64+0xd2/0x200
[  368.074479][T14557]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  368.074506][T14557]  ? clear_bhb_loop+0x40/0x90
[  368.074535][T14557]  ? clear_bhb_loop+0x40/0x90
[  368.074559][T14557]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.074581][T14557] RIP: 0033:0x7f92fba2e929
[  368.074595][T14557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  368.074653][T14557] RSP: 002b:00007f92fa097038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  368.074675][T14557] RAX: ffffffffffffffda RBX: 00007f92fbc55fa0 RCX: 00007f92fba2e929
[  368.074688][T14557] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  368.074701][T14557] RBP: 00007f92fa097090 R08: 0000000000000000 R09: 0000000000000000
[  368.074715][T14557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  368.074732][T14557] R13: 0000000000000000 R14: 00007f92fbc55fa0 R15: 00007ffe99c2d0e8
[  368.074750][T14557]  </TASK>
[  368.260488][T14558] loop2: detected capacity change from 0 to 4096
[  368.289664][T14558] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  368.305332][T14563] loop4: detected capacity change from 0 to 512
[  368.340373][T14556] Cannot find set identified by id 0 to match
[  368.368609][T14563] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  368.392762][T14563] ext4 filesystem being mounted at /188/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  368.511264][T14568] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #18: comm syz.4.3817: corrupted inode contents
[  368.546611][T14568] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #18: comm syz.4.3817: mark_inode_dirty error
[  368.558665][T12395] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.568112][T14568] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #18: comm syz.4.3817: corrupted inode contents
[  368.581637][T14568] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #18: comm syz.4.3817: mark_inode_dirty error
[  368.597698][T14568] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #18: comm syz.4.3817: mark inode dirty (error -117)
[  368.617642][T14568] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  368.665190][T14573] FAULT_INJECTION: forcing a failure.
[  368.665190][T14573] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  368.678441][T14573] CPU: 0 UID: 0 PID: 14573 Comm: syz.2.3820 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  368.678472][T14573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  368.678526][T14573] Call Trace:
[  368.678539][T14573]  <TASK>
[  368.678547][T14573]  __dump_stack+0x1d/0x30
[  368.678571][T14573]  dump_stack_lvl+0xe8/0x140
[  368.678628][T14573]  dump_stack+0x15/0x1b
[  368.678648][T14573]  should_fail_ex+0x265/0x280
[  368.678682][T14573]  should_fail+0xb/0x20
[  368.678708][T14573]  should_fail_usercopy+0x1a/0x20
[  368.678790][T14573]  _copy_to_user+0x20/0xa0
[  368.678809][T14573]  simple_read_from_buffer+0xb5/0x130
[  368.678836][T14573]  proc_fail_nth_read+0x100/0x140
[  368.678896][T14573]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  368.678974][T14573]  vfs_read+0x1a0/0x6f0
[  368.679001][T14573]  ? __rcu_read_unlock+0x4f/0x70
[  368.679023][T14573]  ? __fget_files+0x184/0x1c0
[  368.679048][T14573]  ksys_read+0xda/0x1a0
[  368.679137][T14573]  __x64_sys_read+0x40/0x50
[  368.679201][T14573]  x64_sys_call+0x2d77/0x2fb0
[  368.679225][T14573]  do_syscall_64+0xd2/0x200
[  368.679246][T14573]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  368.679270][T14573]  ? clear_bhb_loop+0x40/0x90
[  368.679294][T14573]  ? clear_bhb_loop+0x40/0x90
[  368.679339][T14573]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.679360][T14573] RIP: 0033:0x7f67a032d33c
[  368.679376][T14573] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  368.679392][T14573] RSP: 002b:00007f679e997030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  368.679414][T14573] RAX: ffffffffffffffda RBX: 00007f67a0555fa0 RCX: 00007f67a032d33c
[  368.679544][T14573] RDX: 000000000000000f RSI: 00007f679e9970a0 RDI: 0000000000000004
[  368.679558][T14573] RBP: 00007f679e997090 R08: 0000000000000000 R09: 0000000000000000
[  368.679572][T14573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  368.679656][T14573] R13: 0000000000000000 R14: 00007f67a0555fa0 R15: 00007ffd1d762db8
[  368.679674][T14573]  </TASK>
[  368.891594][T11543] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.980787][T14585] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  369.045752][T14587] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  369.095029][T14587] netlink: 240 bytes leftover after parsing attributes in process `syz.1.3819'.
[  369.464237][T14595] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3826'.
[  369.545904][T14600] loop3: detected capacity change from 0 to 512
[  369.577108][T14600] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  369.598345][T14600] EXT4-fs (loop3): 1 truncate cleaned up
[  369.604419][T14600] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  369.702492][T11978] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.743109][T14606] netlink: zone id is out of range
[  369.748460][T14606] netlink: zone id is out of range
[  369.753584][T14606] netlink: zone id is out of range
[  369.758877][T14606] netlink: zone id is out of range
[  369.764000][T14606] netlink: zone id is out of range
[  369.769250][T14606] netlink: zone id is out of range
[  369.774433][T14606] netlink: zone id is out of range
[  369.779616][T14606] netlink: zone id is out of range
[  369.784740][T14606] netlink: zone id is out of range
[  369.789908][T14606] netlink: zone id is out of range
[  369.808888][T14609] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3834'.
[  369.869558][T14612] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3833'.
[  369.910824][T14617] FAULT_INJECTION: forcing a failure.
[  369.910824][T14617] name failslab, interval 1, probability 0, space 0, times 0
[  369.923861][T14617] CPU: 0 UID: 0 PID: 14617 Comm: syz.4.3836 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  369.923936][T14617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  369.923947][T14617] Call Trace:
[  369.923954][T14617]  <TASK>
[  369.923964][T14617]  __dump_stack+0x1d/0x30
[  369.923999][T14617]  dump_stack_lvl+0xe8/0x140
[  369.924017][T14617]  dump_stack+0x15/0x1b
[  369.924032][T14617]  should_fail_ex+0x265/0x280
[  369.924064][T14617]  should_failslab+0x8c/0xb0
[  369.924090][T14617]  kmem_cache_alloc_noprof+0x50/0x310
[  369.924127][T14617]  ? dst_alloc+0xbd/0x100
[  369.924157][T14617]  ? __rcu_read_unlock+0x4f/0x70
[  369.924181][T14617]  dst_alloc+0xbd/0x100
[  369.924212][T14617]  ip_route_output_key_hash_rcu+0xf16/0x1440
[  369.924292][T14617]  ip_route_output_flow+0x7b/0x130
[  369.924318][T14617]  raw_sendmsg+0x9f5/0xe50
[  369.924357][T14617]  ? __pfx_raw_sendmsg+0x10/0x10
[  369.924465][T14617]  inet_sendmsg+0xc5/0xd0
[  369.924484][T14617]  __sock_sendmsg+0x102/0x180
[  369.924511][T14617]  ____sys_sendmsg+0x31e/0x4e0
[  369.924545][T14617]  ___sys_sendmsg+0x17b/0x1d0
[  369.924589][T14617]  __x64_sys_sendmsg+0xd4/0x160
[  369.924612][T14617]  x64_sys_call+0x2999/0x2fb0
[  369.924633][T14617]  do_syscall_64+0xd2/0x200
[  369.924706][T14617]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  369.924733][T14617]  ? clear_bhb_loop+0x40/0x90
[  369.924757][T14617]  ? clear_bhb_loop+0x40/0x90
[  369.924779][T14617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.924803][T14617] RIP: 0033:0x7f92fba2e929
[  369.924825][T14617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  369.924855][T14617] RSP: 002b:00007f92fa097038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  369.924876][T14617] RAX: ffffffffffffffda RBX: 00007f92fbc55fa0 RCX: 00007f92fba2e929
[  369.924888][T14617] RDX: 0000000000000004 RSI: 0000200000001000 RDI: 0000000000000003
[  369.924900][T14617] RBP: 00007f92fa097090 R08: 0000000000000000 R09: 0000000000000000
[  369.924912][T14617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  369.924925][T14617] R13: 0000000000000000 R14: 00007f92fbc55fa0 R15: 00007ffe99c2d0e8
[  369.924944][T14617]  </TASK>
[  370.237691][T14621] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3838'.
[  370.248941][T14624] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3839'.
[  370.270380][T14626] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  370.351419][T14634] loop3: detected capacity change from 0 to 512
[  370.365028][T14634] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  370.522580][T14643] bridge2: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  370.533882][T14634] EXT4-fs (loop3): 1 truncate cleaned up
[  370.543534][T14634] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  370.563832][T14643] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3844'.
[  370.619112][T11978] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.808993][T14669] loop4: detected capacity change from 0 to 2048
[  370.847745][T14669] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  370.902644][T14669] ext4 filesystem being mounted at /201/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  370.948348][T14669] futex_wake_op: syz.4.3855 tries to shift op by -1; fix this program
[  371.250826][T14684] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  371.319538][T14686] loop3: detected capacity change from 0 to 736
[  371.416169][T14686] rock: directory entry would overflow storage
[  371.422463][T14686] rock: sig=0x3b10, size=4, remaining=3
[  371.551407][T14681] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  371.657335][T14686] SELinux: ebitmap: truncated map
[  371.662919][T14686] SELinux: failed to load policy
[  371.683320][T11543] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  371.785047][T14706] loop2: detected capacity change from 0 to 512
[  371.827533][T14706] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  371.845750][T14713] syz.3.3870 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  371.910544][T14706] ext4 filesystem being mounted at /152/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  372.018593][T14724] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #18: comm syz.2.3866: corrupted inode contents
[  372.058668][T14724] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #18: comm syz.2.3866: mark_inode_dirty error
[  372.102672][T14724] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #18: comm syz.2.3866: corrupted inode contents
[  372.108106][T14719] SELinux: ebitmap: truncated map
[  372.142152][T14724] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2991: inode #18: comm syz.2.3866: mark_inode_dirty error
[  372.144976][T14719] SELinux: failed to load policy
[  372.160627][T14724] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2994: inode #18: comm syz.2.3866: mark inode dirty (error -117)
[  372.194504][T14724] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[  372.220645][T14737] loop1: detected capacity change from 0 to 736
[  372.252325][T12395] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  372.306132][T14737] rock: directory entry would overflow storage
[  372.312427][T14737] rock: sig=0x3b10, size=4, remaining=3
[  372.397121][T14737] SELinux: ebitmap: truncated map
[  372.402955][T14737] SELinux: failed to load policy
[  372.456734][   T29] kauditd_printk_skb: 4395 callbacks suppressed
[  372.456751][   T29] audit: type=1400 audit(1750103228.102:40268): avc:  denied  { create } for  pid=14756 comm="syz.0.3886" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  372.517239][T14757] lo speed is unknown, defaulting to 1000
[  372.523491][T14760] siw: device registration error -23
[  372.529181][T14757] lo speed is unknown, defaulting to 1000
[  372.535395][T14757] lo speed is unknown, defaulting to 1000
[  372.544845][T14757] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  372.554864][T14757] lo speed is unknown, defaulting to 1000
[  372.563333][T14757] lo speed is unknown, defaulting to 1000
[  372.584087][T14757] lo speed is unknown, defaulting to 1000
[  372.597748][T14757] lo speed is unknown, defaulting to 1000
[  372.620427][T14757] lo speed is unknown, defaulting to 1000
[  372.646892][   T29] audit: type=1400 audit(1750103228.302:40269): avc:  denied  { ioctl } for  pid=14766 comm="syz.3.3889" path="socket:[52856]" dev="sockfs" ino=52856 ioctlcmd=0x89f1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  372.778857][T14777] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  373.398158][T14784] lo speed is unknown, defaulting to 1000
[  373.405951][T14786] __nla_validate_parse: 19 callbacks suppressed
[  373.405975][T14786] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3895'.
[  373.660293][T14788] lo speed is unknown, defaulting to 1000
[  373.727647][   T29] audit: type=1326 audit(1750103229.362:40270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14791 comm="syz.0.3898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feebaeae929 code=0x7ffc0000
[  373.729654][T14793] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  373.751354][   T29] audit: type=1326 audit(1750103229.362:40271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14791 comm="syz.0.3898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feebaeae929 code=0x7ffc0000
[  373.751396][   T29] audit: type=1326 audit(1750103229.362:40272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14791 comm="syz.0.3898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7feebaeae929 code=0x7ffc0000
[  373.751468][   T29] audit: type=1326 audit(1750103229.362:40273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14791 comm="syz.0.3898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feebaeae929 code=0x7ffc0000
[  373.751503][   T29] audit: type=1326 audit(1750103229.362:40274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14791 comm="syz.0.3898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feebaeae929 code=0x7ffc0000
[  373.751536][   T29] audit: type=1326 audit(1750103229.362:40275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14791 comm="syz.0.3898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feebaeae929 code=0x7ffc0000
[  373.751572][   T29] audit: type=1326 audit(1750103229.362:40276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14791 comm="syz.0.3898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feebaeae929 code=0x7ffc0000
[  373.751620][   T29] audit: type=1326 audit(1750103229.362:40277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14791 comm="syz.0.3898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feebaeae929 code=0x7ffc0000
[  374.127970][T14802] lo speed is unknown, defaulting to 1000
[  374.137821][T14805] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  374.581044][T14816] lo speed is unknown, defaulting to 1000
[  374.995841][T14823] lo speed is unknown, defaulting to 1000
[  375.023392][T14830] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  375.049320][T14832] loop4: detected capacity change from 0 to 256
[  375.052365][T14824] lo speed is unknown, defaulting to 1000
[  375.065489][T14832] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  375.180786][T14827] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  375.195862][T14832] FAULT_INJECTION: forcing a failure.
[  375.195862][T14832] name failslab, interval 1, probability 0, space 0, times 0
[  375.207230][T14827] netlink: 240 bytes leftover after parsing attributes in process `syz.2.3907'.
[  375.208752][T14832] CPU: 0 UID: 0 PID: 14832 Comm: syz.4.3913 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  375.208789][T14832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  375.208801][T14832] Call Trace:
[  375.208807][T14832]  <TASK>
[  375.208815][T14832]  __dump_stack+0x1d/0x30
[  375.208917][T14832]  dump_stack_lvl+0xe8/0x140
[  375.209006][T14832]  dump_stack+0x15/0x1b
[  375.209023][T14832]  should_fail_ex+0x265/0x280
[  375.209052][T14832]  should_failslab+0x8c/0xb0
[  375.209075][T14832]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  375.209177][T14832]  ? __d_alloc+0x3d/0x350
[  375.209202][T14832]  __d_alloc+0x3d/0x350
[  375.209330][T14832]  d_alloc_parallel+0x53/0xc40
[  375.209354][T14832]  ? __rcu_read_unlock+0x4f/0x70
[  375.209376][T14832]  ? __d_lookup+0x316/0x340
[  375.209400][T14832]  ? try_to_unlazy+0x25e/0x3a0
[  375.209504][T14832]  path_openat+0x6b5/0x2170
[  375.209542][T14832]  do_filp_open+0x109/0x230
[  375.209601][T14832]  do_sys_openat2+0xa6/0x110
[  375.209627][T14832]  __x64_sys_open+0xe6/0x110
[  375.209653][T14832]  x64_sys_call+0x14d4/0x2fb0
[  375.209673][T14832]  do_syscall_64+0xd2/0x200
[  375.209777][T14832]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  375.209802][T14832]  ? clear_bhb_loop+0x40/0x90
[  375.209898][T14832]  ? clear_bhb_loop+0x40/0x90
[  375.209919][T14832]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.209942][T14832] RIP: 0033:0x7f92fba2e929
[  375.209958][T14832] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  375.209976][T14832] RSP: 002b:00007f92fa097038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  375.209997][T14832] RAX: ffffffffffffffda RBX: 00007f92fbc55fa0 RCX: 00007f92fba2e929
[  375.210010][T14832] RDX: 0000000000000000 RSI: 0000000000145142 RDI: 0000200000000240
[  375.210079][T14832] RBP: 00007f92fa097090 R08: 0000000000000000 R09: 0000000000000000
[  375.210091][T14832] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  375.210103][T14832] R13: 0000000000000000 R14: 00007f92fbc55fa0 R15: 00007ffe99c2d0e8
[  375.210121][T14832]  </TASK>
[  375.359275][T14836] loop3: detected capacity change from 0 to 512
[  375.446317][T14841] FAULT_INJECTION: forcing a failure.
[  375.446317][T14841] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  375.450814][T14843] loop4: detected capacity change from 0 to 736
[  375.459524][T14841] CPU: 1 UID: 0 PID: 14841 Comm: syz.1.3919 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  375.459554][T14841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  375.459622][T14841] Call Trace:
[  375.459628][T14841]  <TASK>
[  375.459636][T14841]  __dump_stack+0x1d/0x30
[  375.459660][T14841]  dump_stack_lvl+0xe8/0x140
[  375.459680][T14841]  dump_stack+0x15/0x1b
[  375.459697][T14841]  should_fail_ex+0x265/0x280
[  375.459798][T14841]  should_fail+0xb/0x20
[  375.459824][T14841]  should_fail_usercopy+0x1a/0x20
[  375.459922][T14841]  _copy_from_iter+0xcf/0xe40
[  375.459941][T14841]  ? __build_skb_around+0x1a0/0x200
[  375.460037][T14841]  ? __alloc_skb+0x223/0x320
[  375.460065][T14841]  netlink_sendmsg+0x471/0x6b0
[  375.460135][T14841]  ? __pfx_netlink_sendmsg+0x10/0x10
[  375.460169][T14841]  __sock_sendmsg+0x142/0x180
[  375.460194][T14841]  ____sys_sendmsg+0x31e/0x4e0
[  375.460227][T14841]  ___sys_sendmsg+0x17b/0x1d0
[  375.460255][T14841]  __x64_sys_sendmsg+0xd4/0x160
[  375.460322][T14841]  x64_sys_call+0x2999/0x2fb0
[  375.460350][T14841]  do_syscall_64+0xd2/0x200
[  375.460369][T14841]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  375.460394][T14841]  ? clear_bhb_loop+0x40/0x90
[  375.460415][T14841]  ? clear_bhb_loop+0x40/0x90
[  375.460495][T14841]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.460515][T14841] RIP: 0033:0x7fa43824e929
[  375.460533][T14841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  375.460551][T14841] RSP: 002b:00007fa4368b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  375.460629][T14841] RAX: ffffffffffffffda RBX: 00007fa438475fa0 RCX: 00007fa43824e929
[  375.460643][T14841] RDX: 0000000000000000 RSI: 00002000000037c0 RDI: 0000000000000004
[  375.460656][T14841] RBP: 00007fa4368b7090 R08: 0000000000000000 R09: 0000000000000000
[  375.460668][T14841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  375.460681][T14841] R13: 0000000000000000 R14: 00007fa438475fa0 R15: 00007ffe9f82b908
[  375.460699][T14841]  </TASK>
[  375.540538][T14836] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  375.668701][T14843] rock: directory entry would overflow storage
[  375.687452][T14843] rock: sig=0x3b10, size=4, remaining=3
[  375.731409][T14843] SELinux: ebitmap: truncated map
[  375.737293][T14843] SELinux: failed to load policy
[  375.751392][T14851] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3922'.
[  375.762510][T14851] netlink: 'syz.2.3922': attribute type 6 has an invalid length.
[  375.771928][T14853] loop0: detected capacity change from 0 to 256
[  375.779343][T14836] EXT4-fs (loop3): 1 truncate cleaned up
[  375.786180][T14836] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  375.789346][T14853] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  375.834655][T14853] SELinux:  Context Ü is not valid (left unmapped).
[  375.854443][T14859] loop1: detected capacity change from 0 to 512
[  375.872387][T11978] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  375.882792][T14859] EXT4-fs: Ignoring removed nomblk_io_submit option
[  375.889845][T14859] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  375.911058][T14863] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3926'.
[  375.922023][T14859] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  375.939660][T14859] ext4 filesystem being mounted at /174/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  375.953271][T14861] lo speed is unknown, defaulting to 1000
[  376.029060][T12643] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  376.080493][T14877] FAULT_INJECTION: forcing a failure.
[  376.080493][T14877] name failslab, interval 1, probability 0, space 0, times 0
[  376.093306][T14877] CPU: 1 UID: 0 PID: 14877 Comm: syz.0.3931 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  376.093334][T14877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  376.093346][T14877] Call Trace:
[  376.093353][T14877]  <TASK>
[  376.093361][T14877]  __dump_stack+0x1d/0x30
[  376.093383][T14877]  dump_stack_lvl+0xe8/0x140
[  376.093456][T14877]  dump_stack+0x15/0x1b
[  376.093471][T14877]  should_fail_ex+0x265/0x280
[  376.093513][T14877]  should_failslab+0x8c/0xb0
[  376.093534][T14877]  kmem_cache_alloc_noprof+0x50/0x310
[  376.093572][T14877]  ? skb_clone+0x151/0x1f0
[  376.093628][T14877]  skb_clone+0x151/0x1f0
[  376.093647][T14877]  nfnetlink_rcv+0x305/0x1690
[  376.093673][T14877]  ? __kfree_skb+0x109/0x150
[  376.093702][T14877]  ? nlmon_xmit+0x4f/0x60
[  376.093764][T14877]  ? nlmon_xmit+0x4f/0x60
[  376.093781][T14877]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  376.093941][T14877]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  376.093970][T14877]  ? __dev_queue_xmit+0x182/0x1fb0
[  376.094000][T14877]  ? ref_tracker_free+0x37d/0x3e0
[  376.094128][T14877]  netlink_unicast+0x59e/0x670
[  376.094158][T14877]  netlink_sendmsg+0x58b/0x6b0
[  376.094179][T14877]  ? __pfx_netlink_sendmsg+0x10/0x10
[  376.094198][T14877]  __sock_sendmsg+0x142/0x180
[  376.094264][T14877]  ____sys_sendmsg+0x31e/0x4e0
[  376.094300][T14877]  ___sys_sendmsg+0x17b/0x1d0
[  376.094330][T14877]  __x64_sys_sendmsg+0xd4/0x160
[  376.094353][T14877]  x64_sys_call+0x2999/0x2fb0
[  376.094405][T14877]  do_syscall_64+0xd2/0x200
[  376.094424][T14877]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  376.094452][T14877]  ? clear_bhb_loop+0x40/0x90
[  376.094526][T14877]  ? clear_bhb_loop+0x40/0x90
[  376.094548][T14877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  376.094580][T14877] RIP: 0033:0x7feebaeae929
[  376.094598][T14877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  376.094664][T14877] RSP: 002b:00007feeb9517038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  376.094685][T14877] RAX: ffffffffffffffda RBX: 00007feebb0d5fa0 RCX: 00007feebaeae929
[  376.094698][T14877] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  376.094711][T14877] RBP: 00007feeb9517090 R08: 0000000000000000 R09: 0000000000000000
[  376.094725][T14877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  376.094738][T14877] R13: 0000000000000000 R14: 00007feebb0d5fa0 R15: 00007ffcadfe2e08
[  376.094777][T14877]  </TASK>
[  376.096180][T14876] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3930'.
[  376.388792][T14885] loop3: detected capacity change from 0 to 736
[  376.407832][T14885] rock: directory entry would overflow storage
[  376.414198][T14885] rock: sig=0x3b10, size=4, remaining=3
[  376.442161][T14885] SELinux: ebitmap: truncated map
[  376.447886][T14885] SELinux: failed to load policy
[  376.620298][T14894] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  376.631961][T14897] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3938'.
[  376.637379][T14894] netlink: 240 bytes leftover after parsing attributes in process `syz.1.3932'.
[  376.689488][T14899] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3939'.
[  376.733007][T14899] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3939'.
[  376.777160][T14899] bridge_slave_1: left allmulticast mode
[  376.782869][T14899] bridge_slave_1: left promiscuous mode
[  376.788725][T14899] bridge0: port 2(bridge_slave_1) entered disabled state
[  376.796997][T14899] bridge_slave_0: left allmulticast mode
[  376.802701][T14899] bridge_slave_0: left promiscuous mode
[  376.808580][T14899] bridge0: port 1(bridge_slave_0) entered disabled state
[  376.896187][T14901] loop4: detected capacity change from 0 to 164
[  376.903131][T14901] iso9660: Bad value for 'block'
[  377.021307][T14908] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3943'.
[  377.032203][T14908] netlink: 'syz.2.3943': attribute type 6 has an invalid length.
[  377.092763][ T4711] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  377.147414][ T4711] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  377.202198][ T4711] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  377.275185][ T4711] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  377.381699][ T4711] bridge_slave_1: left allmulticast mode
[  377.387751][ T4711] bridge_slave_1: left promiscuous mode
[  377.393697][ T4711] bridge0: port 2(bridge_slave_1) entered disabled state
[  377.427903][ T4711] bridge_slave_0: left allmulticast mode
[  377.433726][ T4711] bridge_slave_0: left promiscuous mode
[  377.439617][ T4711] bridge0: port 1(bridge_slave_0) entered disabled state
[  377.573480][   T29] kauditd_printk_skb: 81 callbacks suppressed
[  377.573499][   T29] audit: type=1326 audit(1750103233.222:40359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14923 comm="syz.1.3948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa43824e929 code=0x7ffc0000
[  377.603631][   T29] audit: type=1326 audit(1750103233.222:40360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14923 comm="syz.1.3948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa43824e929 code=0x7ffc0000
[  377.627580][   T29] audit: type=1326 audit(1750103233.222:40361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14923 comm="syz.1.3948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa43824e929 code=0x7ffc0000
[  377.652095][   T29] audit: type=1326 audit(1750103233.222:40362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14923 comm="syz.1.3948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa43824e929 code=0x7ffc0000
[  377.768572][ T4711] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  377.778789][ T4711] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  377.790018][ T4711] bond0 (unregistering): Released all slaves
[  377.798866][   T29] audit: type=1326 audit(1750103233.452:40363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14923 comm="syz.1.3948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa43824e929 code=0x7ffc0000
[  377.822837][   T29] audit: type=1326 audit(1750103233.452:40364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14923 comm="syz.1.3948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa43824e929 code=0x7ffc0000
[  377.850807][T14910] lo speed is unknown, defaulting to 1000
[  377.896123][ T4711] hsr_slave_0: left promiscuous mode
[  377.901973][ T4711] hsr_slave_1: left promiscuous mode
[  377.907792][ T4711] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  377.915411][ T4711] batman_adv: batadv0: Removing interface: batadv_slave_0
[  377.924079][ T4711] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  377.931752][ T4711] batman_adv: batadv0: Removing interface: batadv_slave_1
[  377.941397][ T4711] veth1_macvtap: left promiscuous mode
[  377.947048][ T4711] veth0_macvtap: left promiscuous mode
[  377.952677][ T4711] veth1_vlan: left promiscuous mode
[  377.958457][ T4711] veth0_vlan: left promiscuous mode
[  378.031417][ T4711] team0 (unregistering): Port device team_slave_1 removed
[  378.042520][ T4711] team0 (unregistering): Port device team_slave_0 removed
[  378.114275][T14910] chnl_net:caif_netlink_parms(): no params data found
[  378.137716][T14934] lo speed is unknown, defaulting to 1000
[  378.162784][T14910] bridge0: port 1(bridge_slave_0) entered blocking state
[  378.170041][T14910] bridge0: port 1(bridge_slave_0) entered disabled state
[  378.177745][T14910] bridge_slave_0: entered allmulticast mode
[  378.184259][T14910] bridge_slave_0: entered promiscuous mode
[  378.192612][T14910] bridge0: port 2(bridge_slave_1) entered blocking state
[  378.199841][T14910] bridge0: port 2(bridge_slave_1) entered disabled state
[  378.207310][T14910] bridge_slave_1: entered allmulticast mode
[  378.213947][T14910] bridge_slave_1: entered promiscuous mode
[  378.239873][T14910] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  378.250516][T14910] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  378.269691][T14910] team0: Port device team_slave_0 added
[  378.276299][T14910] team0: Port device team_slave_1 added
[  378.292794][T14910] batman_adv: batadv0: Adding interface: batadv_slave_0
[  378.299813][T14910] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  378.325934][T14910] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  378.337406][T14910] batman_adv: batadv0: Adding interface: batadv_slave_1
[  378.344468][T14910] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  378.370855][T14910] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  378.399252][ T4711] IPVS: stop unused estimator thread 0...
[  378.400585][T14910] hsr_slave_0: entered promiscuous mode
[  378.415175][T14910] hsr_slave_1: entered promiscuous mode
[  378.422710][T14910] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  378.430889][T14910] Cannot create hsr debugfs directory
[  378.450934][T14943] __nla_validate_parse: 2 callbacks suppressed
[  378.450977][T14943] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3952'.
[  378.515451][T14910] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  378.524190][T14951] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3955'.
[  378.524980][T14910] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  378.533388][T14951] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3955'.
[  378.550937][T14910] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  378.560092][T14910] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  378.579897][T14951] loop1: detected capacity change from 0 to 1024
[  378.587321][T14951] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  378.600133][   T29] audit: type=1326 audit(1750103234.252:40365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14950 comm="syz.1.3955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa43824e929 code=0x7ffc0000
[  378.606646][T14910] bridge0: port 2(bridge_slave_1) entered blocking state
[  378.624136][   T29] audit: type=1326 audit(1750103234.252:40366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14950 comm="syz.1.3955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa43824e929 code=0x7ffc0000
[  378.631074][T14910] bridge0: port 2(bridge_slave_1) entered forwarding state
[  378.662215][T14910] bridge0: port 1(bridge_slave_0) entered blocking state
[  378.669300][T14910] bridge0: port 1(bridge_slave_0) entered forwarding state
[  378.685983][   T29] audit: type=1326 audit(1750103234.312:40367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14950 comm="syz.1.3955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa43824e929 code=0x7ffc0000
[  378.706197][T14910] 8021q: adding VLAN 0 to HW filter on device bond0
[  378.709725][   T29] audit: type=1326 audit(1750103234.312:40368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14950 comm="syz.1.3955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa43824e929 code=0x7ffc0000
[  378.754951][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  378.763903][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  378.782847][T14910] 8021q: adding VLAN 0 to HW filter on device team0
[  378.815378][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  378.822587][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  378.834315][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  378.841687][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  378.846944][T14969] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3960'.
[  378.985677][T14977] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3962'.
[  379.001333][T14910] 8021q: adding VLAN 0 to HW filter on device batadv0
[  379.003457][T14982] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3964'.
[  379.114731][T14993] loop2: detected capacity change from 0 to 512
[  379.139670][T14993] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  379.163875][T14993] ext4 filesystem being mounted at /167/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  379.178571][T14991] lo speed is unknown, defaulting to 1000
[  379.239813][T12395] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.241869][T14910] veth0_vlan: entered promiscuous mode
[  379.259019][T14910] veth1_vlan: entered promiscuous mode
[  379.282667][T14910] veth0_macvtap: entered promiscuous mode
[  379.298814][T14910] veth1_macvtap: entered promiscuous mode
[  379.315317][T14910] batman_adv: batadv0: Interface activated: batadv_slave_0
[  379.331821][T14910] batman_adv: batadv0: Interface activated: batadv_slave_1
[  379.348416][T14910] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  379.357232][T14910] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  379.365999][T14910] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  379.375018][T14910] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  379.466302][T15010] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3945'.
[  379.482354][ T6002] IPVS: starting estimator thread 0...
[  379.518008][T15019] loop5: detected capacity change from 0 to 512
[  379.535843][T15017] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3971'.
[  379.563159][T15007] lo speed is unknown, defaulting to 1000
[  379.586527][T15015] IPVS: using max 2784 ests per chain, 139200 per kthread
[  379.749885][T15026] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3974'.
[  379.789509][T15033] loop4: detected capacity change from 0 to 736
[  379.794938][T15034] loop1: detected capacity change from 0 to 736
[  379.819296][T15033] ==================================================================
[  379.827472][T15033] BUG: KCSAN: data-race in find_get_block_common / has_bh_in_lru
[  379.835330][T15033] 
[  379.837679][T15033] read-write to 0xffff888237c26f10 of 8 bytes by task 15034 on cpu 0:
[  379.845981][T15033]  find_get_block_common+0x4f0/0x960
[  379.851306][T15033]  bdev_getblk+0x83/0x3d0
[  379.855659][T15033]  __bread_gfp+0x51/0x250
[  379.860007][T15033]  isofs_fill_super+0x3dc/0x1280
[  379.864958][T15033]  get_tree_bdev_flags+0x28e/0x300
[  379.870093][T15033]  get_tree_bdev+0x1f/0x30
[  379.874529][T15033]  isofs_get_tree+0x1c/0x30
[  379.879041][T15033]  vfs_get_tree+0x57/0x1d0
[  379.883553][T15033]  do_new_mount+0x207/0x680
[  379.888075][T15033]  path_mount+0x4a4/0xb20
[  379.892423][T15033]  __se_sys_mount+0x28f/0x2e0
[  379.897115][T15033]  __x64_sys_mount+0x67/0x80
[  379.901711][T15033]  x64_sys_call+0xd36/0x2fb0
[  379.906313][T15033]  do_syscall_64+0xd2/0x200
[  379.910913][T15033]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  379.916821][T15033] 
[  379.919237][T15033] read to 0xffff888237c26f10 of 8 bytes by task 15033 on cpu 1:
[  379.926961][T15033]  has_bh_in_lru+0x35/0x1f0
[  379.931480][T15033]  smp_call_function_many_cond+0x389/0xbf0
[  379.937398][T15033]  on_each_cpu_cond_mask+0x3c/0x80
[  379.942709][T15033]  invalidate_bh_lrus+0x2a/0x30
[  379.947596][T15033]  set_blocksize+0x24f/0x310
[  379.952211][T15033]  sb_set_blocksize+0x7a/0x100
[  379.956985][T15033]  isofs_fill_super+0xa73/0x1280
[  379.961936][T15033]  get_tree_bdev_flags+0x28e/0x300
[  379.967067][T15033]  get_tree_bdev+0x1f/0x30
[  379.971501][T15033]  isofs_get_tree+0x1c/0x30
[  379.976012][T15033]  vfs_get_tree+0x57/0x1d0
[  379.980522][T15033]  do_new_mount+0x207/0x680
[  379.985051][T15033]  path_mount+0x4a4/0xb20
[  379.989407][T15033]  __se_sys_mount+0x28f/0x2e0
[  379.994736][T15033]  __x64_sys_mount+0x67/0x80
[  379.999333][T15033]  x64_sys_call+0xd36/0x2fb0
[  380.003934][T15033]  do_syscall_64+0xd2/0x200
[  380.008463][T15033]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  380.014391][T15033] 
[  380.016727][T15033] value changed: 0xffff88811a5cd138 -> 0xffff88811a5cd068
[  380.023841][T15033] 
[  380.026173][T15033] Reported by Kernel Concurrency Sanitizer on:
[  380.032329][T15033] CPU: 1 UID: 0 PID: 15033 Comm: syz.4.3978 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  380.043163][T15033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  380.053227][T15033] ==================================================================
[  380.070248][T15030] lo speed is unknown, defaulting to 1000
[  380.070365][T15033] rock: directory entry would overflow storage
[  380.082314][T15033] rock: sig=0x3b10, size=4, remaining=3
[  380.088940][T15034] rock: directory entry would overflow storage
[  380.095217][T15034] rock: sig=0x3b10, size=4, remaining=3
[  380.159445][T15033] SELinux:  policydb magic number 0x625 does not match expected magic number 0xf97cff8c
[  380.176339][T15033] SELinux: failed to load policy
[  380.182229][T15034] SELinux: ebitmap: truncated map
[  380.189263][T15034] SELinux: failed to load policy