last executing test programs:

2m29.176791975s ago: executing program 4 (id=1753):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4814)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a00)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r4, {0x0, 0x10}, {}, {0xc, 0x6}}, [@filter_kind_options=@f_flow={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x4000000, 0x0, 0x1}, 0x0)

2m28.920471317s ago: executing program 4 (id=1758):
socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x44}}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

2m28.864289787s ago: executing program 4 (id=1759):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4814)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a00)=@newtfilter={0x140, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r4, {0x0, 0x10}, {}, {0xc, 0x6}}, [@filter_kind_options=@f_flow={{0x9}, {0x110, 0x2, [@TCA_FLOW_EMATCHES={0xd4, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6}}, @TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_META={0xc, 0x2, 0x0, 0x0, {{0x1, 0x4, 0x7ff}}}]}, @TCA_EMATCH_TREE_LIST={0x80, 0x2, 0x0, 0x1, [@TCF_EM_META={0x2c, 0x3, 0x0, 0x0, {{0x2, 0x4, 0x2}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x2, 0x58, 0x1}, {0x8, 0x6}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0x6e36, 0x3, 0x2}, {0x9, 0x7, 0x2}}}, @TCA_EM_META_LVALUE={0x8, 0x2, [@TCF_META_TYPE_INT=0x4]}]}}, @TCF_EM_META={0x50, 0x2, 0x0, 0x0, {{0x2, 0x4, 0x1000}, [@TCA_EM_META_LVALUE={0x2c, 0x2, [@TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_VAR="fce729b62d43c6a288", @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_VAR="d102f1aec4b2e752a31d", @TCF_META_TYPE_VAR="111d0746fe90d4", @TCF_META_TYPE_VAR='|', @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_VAR="96"]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x69, 0xfe}, {0xfff, 0x4}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0x9, 0x18, 0x2}, {0x1}}}]}}]}, @TCA_EMATCH_TREE_LIST={0x24, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x20, 0x3, 0x0, 0x0, {{0x3, 0x9, 0x81}, [@TCA_EM_IPT_MATCH_DATA={0x4}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x3}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0xa}]}}]}, @TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0x401, 0x8, 0x84e}, {0xffffffffffffffff, 0x4, 0x2}}}]}]}, @TCA_FLOW_POLICE={0x18, 0xa, 0x0, 0x1, [@TCA_POLICE_AVRATE={0x8, 0x4, 0x6}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x9}]}, @TCA_FLOW_MASK={0x8, 0x6, 0x7fffffff}, @TCA_FLOW_ADDEND={0x8, 0x5, 0x1}, @TCA_FLOW_RSHIFT={0x8, 0x4, 0x6}, @TCA_FLOW_BASECLASS={0x8, 0x3, {0x12, 0x1}}]}}]}, 0x140}, 0x1, 0x4000000, 0x0, 0x1}, 0x0)

2m28.731208518s ago: executing program 4 (id=1763):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
socket$kcm(0x11, 0xa, 0x300)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a000000050000000200000004"], 0x50)
creat(&(0x7f0000000240)='./file1\x00', 0x0)
socket$inet6(0xa, 0x2, 0x0)
open(&(0x7f0000000280)='.\x00', 0x20000, 0x124)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c00000003080102000000074441980000000000050003"], 0x1c}, 0x1, 0x0, 0x0, 0x50}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$nci(r0, 0x0, 0xfffffeea)

2m28.635922848s ago: executing program 4 (id=1764):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x15b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00\x00\x00\x00\x00\x00\x00'}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = getpid()
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r5, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r3}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)

2m25.424520357s ago: executing program 4 (id=1801):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x18)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bond0\x00'})
sendmsg$nl_route_sched(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=ANY=[@ANYBLOB="1809000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000100000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x2, 0x0, 0x80000, 0x8000}, 0x50)
r2 = syz_io_uring_setup(0x5d0d, &(0x7f00000003c0)={0x0, 0xf568, 0x8000, 0x0, 0x34d}, &(0x7f00000000c0)=<r3=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(r3, 0x0, &(0x7f0000000200)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8})
io_uring_enter(r2, 0x47bc, 0x0, 0x0, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000004c0), 0x208e24b)
unshare(0x22020600)
socket$packet(0x11, 0x2, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x2)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x2000000, 0x300)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kfree\x00', 0xffffffffffffffff, 0x0, 0x100000000000000}, 0x18)

2m10.378510389s ago: executing program 32 (id=1801):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x18)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bond0\x00'})
sendmsg$nl_route_sched(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=ANY=[@ANYBLOB="1809000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000100000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x2, 0x0, 0x80000, 0x8000}, 0x50)
r2 = syz_io_uring_setup(0x5d0d, &(0x7f00000003c0)={0x0, 0xf568, 0x8000, 0x0, 0x34d}, &(0x7f00000000c0)=<r3=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(r3, 0x0, &(0x7f0000000200)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8})
io_uring_enter(r2, 0x47bc, 0x0, 0x0, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000004c0), 0x208e24b)
unshare(0x22020600)
socket$packet(0x11, 0x2, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x2)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x2000000, 0x300)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kfree\x00', 0xffffffffffffffff, 0x0, 0x100000000000000}, 0x18)

5.693600675s ago: executing program 2 (id=4174):
bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r2)
sendmsg$NFC_CMD_DEP_LINK_UP(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002abd7000fbdbdf250400000005000a0000000000080001"], 0x3c}, 0x1, 0x0, 0x0, 0x26040041}, 0x40)

5.665518036s ago: executing program 2 (id=4175):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x200000, &(0x7f00000008c0)={[{@noblock_validity}, {}, {@auto_da_alloc}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x571, &(0x7f00000009c0)="$eJzs3c9rFFccAPDvbBJ/t0YQaXsoAQ+1WDcm6Q8LBe2xtFKhvdslGYNk40p2IyYV1EO99FKkUEqF0j+gd4/Sf6B/hVAFKRLaQy8ps5nVNcnml2t37Xw+sPrezGzevH3zffudnVk2gMIayf4pRbweEd8lEQfb1g1GvnJkZbulx9cms0cSy8tf/JlEki9rbZ/k/+/PK69FxG/fRBwvrW23vrA4U6lW07m8PtqYvTxaX1g8cXG2Mp1Op5fGJyZOvTcx/uEH73etr2+f+/vHz+99curbo0s//Prw0O0kzsSBfF17P57DjfbKSIzkr8lQnFm14VgXGusnSa93gB0ZyON8KLI54GAM5FEP/P9dj4hloKAS8Q8F1coDWuf2XToPfmk8+njlBGht/wdXPhuJPc1zo31LyTNnRtn57nAX2s/auPsgibsP7tyOTT6HuN6F9gBabtyMiJODg2vnvySf/3buZPPD442tbqNo7z/QS/ey/Oed9fKf0pP8J9bJf/avE7s7sXn8lx52oZmOsvzvo3Xz3ydT1/BAXnulmfMNJRcuVtOTEfFqRByLod1ZfaPrOaeW7i93WreS/9253Xpk7bdywXw/Hg7ufvY5U5VG5Xn63O7RzYg3nua/SayZ//c0c93V45+9Hue22MaR9M6bndZt3v923c+Al3+JeGvd8X96RSvZ+PrkaPN4GG0dFWv9devI753a317/uy8b/30b9384ab9eW99+Gz/v+SfttG6nx/+u5MtmeVe+7Gql0Zgbi9iVfLZ2+fjT57bqre2z/h87urr/7Zdx1z/+90bEV1vs/63Dtzpu2g/jP7Wt8d9+4f6nX//Uqf2tjf+7zdKxfMlW5r+t7uDzvHYAAAAAAADQb0oRcSCSUvlJuVQql1fu7zgc+0rVWr1x/EJt/tJUNL8rOxxDpdaV7oNt90OM5ffDturjq+oTEXEoIr4f2Nuslydr1aledx4AAAAAAAAAAAAAAAAAAAD6xP4O3//P/DHQ670DXjg/+Q3FtWn8d+OXnoC+5P0fikv8Q3GJfygu8Q/FJf6huMQ/FJf4h+IS/wAAAAAAAAAAAAAAAAAAAAAAAAAAANBV586ezR7LS4+vTWb1qSsL8zO1Kyem0vpMeXZ+sjxZm7tcnq7VpqtpebI2u9nfq9Zql8fGY/7qaCOtN0brC4vnZ2vzlxrnL85WptPz6dB/0isAAAAAAAAAAAAAAAAAAAB4udQXFmcq1Wo6p9CxcDr6Yjd2XEg2G+XT+cGwoyYGe99BhRdQ6PHEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABt/g0AAP//7Kky+A==")
r1 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
fallocate(r1, 0x0, 0x0, 0x1001f0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="07000000040000008000000004"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000700000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='kmem_cache_free\x00', r3}, 0x18)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000740)='./file1\x00', 0x183042, 0x15)
ioctl$NS_GET_OWNER_UID(r1, 0xb704, &(0x7f0000000100)=<r5=>0x0)
setsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000340)={{{@in=@dev={0xac, 0x14, 0x14, 0x14}, @in=@empty, 0x4e23, 0xc420, 0x4e22, 0x7ff, 0xa, 0x20, 0x0, 0x88, 0x0, r5}, {0x56, 0xffffffff, 0xa, 0xfffffffffffff800, 0x3, 0x3, 0x80000000, 0x5}, {0x6c7, 0x7, 0x323d, 0x4}, 0xffffffa4, 0x0, 0x1, 0x1, 0x3}, {{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x4d3, 0x33}, 0x2, @in6=@private0={0xfc, 0x0, '\x00', 0x7}, 0x0, 0x0, 0x3, 0x9, 0x5, 0x5, 0x3}}, 0xe8)
pwrite64(r4, &(0x7f0000000140)='2', 0x1, 0x5e39)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000002c0)=<r6=>0x0)
personality(0x500006)
r7 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap(&(0x7f000073f000/0x3000)=nil, 0x3000, 0x1, 0x10, r7, 0xdb602000)
prlimit64(r6, 0xa, 0x0, &(0x7f0000000300))
unlink(0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
socket$key(0xf, 0x3, 0x2)
unshare(0x22000400)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x80000000000000}, 0x18)
r8 = creat(&(0x7f00000000c0)='./file0\x00', 0xf4)
dup2(r8, r8)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa4000000", @ANYRES32=r9, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)

5.616715776s ago: executing program 2 (id=4177):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffff000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x101}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioprio_get$uid(0x3, 0xffffffffffffffff) (fail_nth: 9)
r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x2000004, 0x10, 0xffffffffffffffff, 0x8000000)
r2 = open$dir(&(0x7f0000000040)='./file2\x00', 0x0, 0x20)
syz_io_uring_submit(r1, 0x0, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x10, 0x0, r2, &(0x7f00000000c0)='./file2\x00', &(0x7f0000000280)='./file2\x00', 0xffffffffffffffff, 0x400})
munlockall()
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000c40)=ANY=[@ANYBLOB="9feb0100180000000000000030000000300000000400000002000000000000110300000001000000000000000100000d000000000000000000000000020000000000000c02000000000061"], 0x0, 0x4c, 0x0, 0x1}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x65, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r3}, 0x38)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
recvmsg(r4, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r5, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
getsockopt$TIPC_CONN_TIMEOUT(r4, 0x10f, 0x82, &(0x7f0000000580), &(0x7f00000005c0)=0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r6, 0x0, 0x115}, 0x18)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRESOCT], 0x5c}}, 0x0)
fstat(0xffffffffffffffff, &(0x7f0000000440))
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6e}}, {@user_xattr}, {@lazytime}, {@quota}]}, 0x3, 0x441, &(0x7f0000000440)="$eJzs3MtvG0UYAPBv10lLXyRUpdAHECiIikfSpKX0wAUEEgeQkOBQjiFJq1K3QXWQaBRBQKgcUSXuiCMSfwEHBBcEnJC4wh1VqlAuLZyM1vYmjmuncepkC/79pI1ndseZ+bw79sxOnAD61kj2I4nYHRG/R8RQPbu6wEj94ebSwtTfSwtTSVSrb/6V1MrdWFqYyovmz9uVZwYi0k+TONSm3srl+fOT5fLMpUZ+bO7Ce2OVy/PPnrsweXbm7MzFiVOnThwff/7kxHM9iTOL68bBD2cPH3j17auvT52++s7P3yR5/C1x9MjIWgefqFZ7XF2x9jSlk4ECG0JXSvVuGoO1/j8UpVg5eUPxyieFNg7YVNVqtbo/4rsOhxerwP9YEkW3AChG/kGfzX/zbetGH8W7/mJ9ApTFfbOx1Y8MRNooM9gyv+2lkYg4vfjPl9kWm3MfAgBgle+z8c8z7cZ/aexvKndvYw1lOCLui4i9EXEyIvZFxP0RtbIPRMSDXdbfukhy6/gnvdb+mdu7rKm9bPz3QmNta/X4Lx/9xXCpkdtTi38wOXOuPHOs8ZocjcHtWX58jTp+ePm3zzsdax7/ZVtWf/a4sjqUXhtoCXV6cm7yjoJucv3jiIMD7eJPllcCkog4EBEHN1jHuae+PtzpWKf41/WLe7DOVP0q4sn6+V+Mlvhzydrrk2P3RHnm2Fh+Vdzql1+vvNGp/juKvwey87+z7fW/HP9w0rxeW+m+jit/fNZxTnP7+Ntf/9uSt1bt+2Bybu7SeMS25LV6o5v3T7SUm1gpn8V/9Ej7/r83Vl6JQxGRXcQPRcTDEfFIo+2PRsRjEXFkjfh/eunxdzce/+bK4p/u6vyvJLZF6572idL5H79dVelwN/Fn5/9ELXW0sWc973/radfGrmYAAAD470kjYnck6ehyOk1HR+t/w78vdqbl2crc02dm3784Xf+OwHAMpvmdrqGm+6HjjWl9np9oyR9v3Df+orSjlh+dmi1PFx089LldHfp/5s9S0a0DNp3va0H/0v+hf+n/0L/0f+hfbfr/jiLaAWy9dp//HxXQDmDrtfR/y37QR8z/oX/p/9C/9H/oS5UdcfsvyUsUncj/GcPd0p7K5flI74pmSGxSouA3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgB75NwAA//9wCOUr")

4.702258031s ago: executing program 2 (id=4189):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095", @ANYRESHEX], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={0x0, r1, 0x0, 0x5}, 0x18)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'bond0\x00', <r4=>0x0})
sendmsg$nl_xfrm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="5c0100001000130700000000fcdbdf25e0000001000000000000000000000000ff020000000000000000000000010001000400004e2100020000000021000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fc010000000000000000000000000000000004d632000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000090000000000000001000000ffffffff0000000000000000010000800000000043050000000000000400000000000000ffffffffffffff7f000000000000000001000000000000000000000000000000000000002cbd70000035000002000000500000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000060000000210466d38547aa140db9a200000000c538c7cb7a0c001c00", @ANYRES32=r4], 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x2014)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x24040000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00'}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x16, 0xc, &(0x7f00000004c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='task_newtask\x00', r6}, 0x18)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r7, 0xc0f85403, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x1fffffe, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r8}, 0x18)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='kfree\x00', r9, 0x0, 0xffffffffffffffff}, 0x18)
io_uring_setup(0x1de0, &(0x7f00000000c0)={0x0, 0x45d6, 0x0, 0x3, 0x24d})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x9, 0x5d032, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, &(0x7f0000000000)=0xc, 0x400008, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))

4.675295252s ago: executing program 2 (id=4192):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000001900)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYRES32=r0], &(0x7f0000000140)='syzkaller\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5f}, 0x94)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000080), &(0x7f0000000200)=0x4)
r3 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x200002, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000004c0)={{{@in=@dev, @in6=@ipv4={""/10, ""/2, @multicast2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@ipv4={""/10, ""/2, @broadcast}}, 0x0, @in6=@empty}}, &(0x7f00000005c0)=0xe8)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000400)={r1, r3, 0x31, 0x0, @val=@netfilter={0x0, 0x0, 0x401}}, 0x20)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0xfffffffffffffe3c, 0x0, 0x40f00, 0xaf, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sched_switch\x00', r5}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1000000004000000040000000200000000000000", @ANYRESOCT, @ANYRES8], 0x48)
socket$nl_netfilter(0x10, 0x3, 0xc)
pwritev2(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0xffffffffffffff22}, 0x2e)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB="18000000041401002dbd7000fedbdf250800010000000000ba30b28e994c1a08d1ca4eb6b8b4889cdd4e786eb807e04eb88b935d785f3d3201c58033"], 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f00000006c0), 0x4)
ioctl$EXT4_IOC_GET_ES_CACHE(0xffffffffffffffff, 0xc020662a, &(0x7f0000000380)={0x3fffffffbfb, 0x5, 0x5, 0x7f})
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000d00)={&(0x7f0000000740)=@hci, 0x80, &(0x7f0000000c40)=[{&(0x7f0000000a00)=""/7, 0x7}, {&(0x7f0000000a40)=""/160, 0xa0}, {&(0x7f0000000b00)=""/98, 0x62}, {&(0x7f0000000b80)=""/160, 0xa0}], 0x4, &(0x7f0000000c80)=""/125, 0x7d}, 0x10000)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000007c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB, @ANYRES16, @ANYBLOB="000126bd7000fedbdf25060000004c0001801400020069703665727370616e30000000000000080003000100000008000100", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32=r4, @ANYBLOB="315f6d7c63767461700000009aafa7fd6e7915e00335230f65005638f0d733e7603555946bc66a014b40c1318d29598617f897a6b150930bd681bf5dc0384bba09a482dc3ef4ef4c5cda2eb9b47899a3ba007a4615d5533f25498c31810dc013ae663fd4a73d4c40fdd304e7644bdc6aefa70a3c46bebfa1df5baa01eba232c200a2cf379fab9372b085630a3f041178e3c1d9cc79fce39f381703e2376298631ea72cfe64e5afda7c05df091f6f7aa08b93de72c1f62796a7242f973dc2b61115c0bfa26e48c18b23b5c0c43ae80f4ee06747fa3ed8ac9d7c967912c03e710c080f36c971"], 0x60}}, 0x24008010)

4.641457341s ago: executing program 2 (id=4194):
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4001, 0x0, @loopback}, 0x1c)
r0 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r0, &(0x7f0000000280)=[{&(0x7f00000005c0)="580000001400192340834b80040d8c560a06ffffff7f000000010000000058000b480400945f64009400050038925a01000000800000008004000000ff0109000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)={0x34, r4, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x8000)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x8923, &(0x7f0000000000)={'vlan1\x00', @broadcast})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1}, 0x50)

3.676005137s ago: executing program 3 (id=4205):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x7, 0x4, 0x80, 0x1, 0x28}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x400, &(0x7f0000000100)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54dabaa5206d4a2a060b5ccc774b3ec4c81a1a9852327ff871d16d0d9344e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9aeb8576d329be6e4bb168f1434000000", @ANYRESHEX=0x0], 0xfd, 0x296, &(0x7f0000001080)="$eJzs3M1qE1EUwPFj0o80tU0WIiiIB92oi6GNL2CQFsSAUhtRF8LUTjRkTMrMWImI7c6tz1FcuhPUF+jGnQt30k0XCm66UCOdjzatQ6u2yYTm/4Myp3Pvydz5CmcGctfvvHpcq7hGxfQklVFJiSzLhkh+MwodC5cpPx6SdstycfT7pzO37t67XiyVpmZUp4uzlwuqOn723dPnr8998EZvvxl/Oyyr+fvr3wpfVk+unlr/NRt9esNTU+caDc+csy2dr7o1Q/WmbZmupdW6azk72it2Y2GhqWZ9fiy74Fiuq2a9qTWrqV5DPaep5kOzWlfDMHQsK/0m/c8Z5ZWZGbPYkcEgCSNxKx2naKZjG8sr3RgUAADoLUnV/4+qrlZdre9X/6eE+r9zqP+PkuNrEvsUuFn/Z8P7d8uln10cGQAAAAAAAAAAAAAAAAAAAAAAOIiNVivXarVy0TL6GxaRjIhE/yc9TnTGQc7/cPeHi0PW9sO9jIj9crG8WA6WQXuxIlWxxZKJQZEf/vUQCuLpa6WpCfXl5b29FOYvLZbT/vXh50fy8fmTQb7uzB+UbPv2C5KTE/I5Lr8Qmz8kF8635RuSk48PpCG2zPvX9Xb+i0nVqzdKu/JH/H4AAAAAABwFhm754/ndbzc0mjZkV3uwcvv9gOT2eT+w6/l6QE4PJLffAAAAAAD0E7f5rGbatuUQ7AiuiMiefZI+dCM9cqA6GKQ2z0HXt/41ujV64yAcarD2JNi1v+mc4JcSAAAAgI7YLvqTHgkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1rj2nAMmEXf03U/3/mHmvbXLr7ewgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0jt8BAAD//ysQG/U=")
mkdir(&(0x7f0000000080)='./bus\x00', 0x0)
r2 = openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000200), 0x2, 0x0)
madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x16)
write$cgroup_type(r2, &(0x7f0000000240), 0x9)
unlinkat(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file0\x00', 0x0)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x20, 0x1412, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_STAT_RES={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x20}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000140)='./bus/file0\x00', 0x6480, &(0x7f0000000340)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@sb={'sb', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {}, {@errors_continue}, {@norecovery}], [{@smackfsroot={'smackfsroot', 0x3d, 'debug_want_extra_isize'}}, {@dont_hash}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
semctl$GETZCNT(0x0, 0x3, 0xf, &(0x7f0000000a80)=""/4096)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f0000000a00)='./bus/file0\x00')
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r5, 0x0, 0x3}, 0x18)
r6 = socket$inet(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f00000006c0)=@raw={'raw\x00', 0x2, 0x3, 0x200, 0xb, 0x0, 0xf0, 0xf8, 0xf0, 0x1f8, 0x1f8, 0x1f8, 0x1f8, 0x1f8, 0x3, 0x0, {[{{@ip={@multicast1, @multicast1, 0x0, 0x0, 'ip6gretap0\x00', 'syzkaller1\x00', {}, {}, 0x11}, 0xb000000, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x260)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xe)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x200000000000000)

3.649275718s ago: executing program 3 (id=4206):
newfstatat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x4000)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x48, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x48}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000380)={'vcan0\x00', <r5=>0x0})
setsockopt$packet_int(r4, 0x107, 0x14, &(0x7f0000000080)=0x8000, 0x4)
sendto$packet(r4, &(0x7f0000000180)='\x00', 0x1, 0x0, &(0x7f0000000140)={0x11, 0x0, r5, 0x1, 0x80, 0x6, @broadcast}, 0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)=@getchain={0x2c, 0x66, 0x100, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {0xfff2, 0x1}, {0x5}, {0x9, 0x10}}, [{0x8, 0xb, 0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x48840}, 0x800)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x1c, 0x7, 0x6, 0x101, 0x0, 0x0, {0x2, 0x0, 0x8}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x111}, 0x1008)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f00000001c0), 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r7}, 0x10)
sendfile(r6, 0xffffffffffffffff, 0x0, 0x3ffff)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x6c, 0x9, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x44, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3a}}}}, @IPSET_ATTR_IP2={0x18, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @rand_addr=' \x01\x00'}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e1f}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x29}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)

3.613343568s ago: executing program 3 (id=4208):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000006c0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
semget$private(0x0, 0x20000000102, 0x200)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x18, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x7, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="720ec4ff0000000071"], &(0x7f0000000480)='GPL\x00'}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x18, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x9, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r4, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x3}, 0x8)
sendto$inet6(r4, &(0x7f0000000000)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x6}, 0x3}, 0x1c)
shutdown(r4, 0x1)
set_mempolicy(0x4005, 0x0, 0x9)
setsockopt$sock_int(r3, 0x1, 0x5, &(0x7f0000000140)=0x30d9d0c3, 0x4)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000002c0)={'syztnl1\x00', &(0x7f0000000500)={'gretap0\x00', <r5=>0x0, 0x80, 0x8000, 0x80000000, 0x9, {{0x15, 0x4, 0x3, 0x7, 0x54, 0x66, 0x0, 0x0, 0x29, 0x0, @multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@end, @ssrr={0x89, 0x27, 0xb9, [@empty, @initdev={0xac, 0x1e, 0x1, 0x0}, @local, @private=0xa010101, @remote, @remote, @loopback, @private=0xa010101, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @ssrr={0x89, 0x17, 0x45, [@loopback, @rand_addr=0x64010101, @local, @multicast1, @multicast2]}]}}}}})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000700000018110000", @ANYRES32=r0, @ANYRESOCT=r1], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r5, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6, 0x0, 0x2000}, 0x18)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000840)="08006024d0de5da67c", 0x9}, {0x0}], 0x2}, 0x20008040)

2.040749778s ago: executing program 5 (id=4227):
socket$inet6(0xa, 0x1, 0x0)
syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0xf96d, 0x3010, 0x4, 0xe6}, &(0x7f0000000040), &(0x7f0000000080))
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x58, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5, 0x0, 0x6}, 0x18)
syz_clone(0x63081180, 0x0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x1], 0x0, 0x0, 0x1, 0x1}}, 0x40)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x20040014)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x80800)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x2, 0x0, 0x25dfdbfb, {{@in6=@private0, @in=@broadcast, 0x0, 0x4, 0x0, 0x0, 0xa, 0x60, 0x80, 0x3b, 0x0, 0xee01}, {0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, {0xfffffffffffffffe}, 0x9, 0x0, 0x0, 0x1, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x50)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x5, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
memfd_create(0x0, 0x5)
sendmsg$nl_xfrm(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e"], 0xb8}, 0x1, 0x0, 0x0, 0x40000000}, 0x4008000)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc0000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)

1.887676258s ago: executing program 1 (id=4229):
syz_emit_ethernet(0x253, &(0x7f0000001c80)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @local, @void, {@ipv4={0x8100, @gre={{0xc, 0x4, 0x2, 0x20, 0x245, 0x68, 0x0, 0x1, 0x2f, 0x0, @empty, @multicast1, {[@generic={0x44, 0x8, "b63b8f29d51e"}, @ssrr={0x89, 0x13, 0x46, [@rand_addr=0x64010101, @rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x1, 0x0}, @local]}]}}, {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x880b, 0x0, 0x1}, {0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x800, [0x8], "5ab57302ff05213d534fab3600ec604744045cbe67b753f804b514bbccd68c14a295f49d972698509435b1e12d083101d0"}, {0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x86dd, [], "5f35f2d0218d84d6f180a637ae2b88da003b8ac27413dbc5e7e66a44655b83ebe118c6694e7cbd12661866bd5789ff8b4e4e503c80b50c42e560a22ab7c1a5102462dc789a31a45816f76dbdab0845d27ede8db170120b5c40aaea442ad635c3d972a4d8f7d026a28b794d804ccf0cd8fe3fd90d0bba0c60322e8155ffdc5411933c2d2c633b0bd73fac642790aeeffa92b9e91e4d856fe2af7f354b23a455a0ad7850c4e41365122a1401bf94b0e5f25ef4554705f6a7e229290a945c604bcc3b2f5e68274509982b4ed256f959de6ecfbd8fecee29fa3496b9ffc4b8aa671063a644507b6df29f1d15e74c10cdb8ee2207156e5cd1dbdae5fb0e4cb041"}, {0x8, 0x88be, 0x2, {{0x3, 0x1, 0x8, 0x3, 0x0, 0x0, 0x1, 0x2}, 0x1, {0x6}}}, {0x8, 0x22eb, 0x3, {{0x3, 0x2, 0x6, 0x3, 0x1, 0x3, 0x1, 0x80}, 0x2, {0x8, 0x0, 0x1, 0x5, 0x1, 0x1, 0x2}}}, {0x8, 0x6558, 0x4, "e4bcd9691297004c850d0158684c6b9e32bd63b0010ca7d1ddf0e55fe05a73ecec79e1fa208f10e52cea02c0126e81098a76823106f29b39947039514146ec39f5c317352bc338299d605e2efb7ab4c42faae5245f47c57c6a2c70a56ca333ec9c67ebf348f9f7989755f4e0ee4ba9c37c62df604119b8815afa5dbed3af0aedf137c752782b3511050ec1b88f86704b087d4017b074736e7d9fe3312dd3643a"}}}}}}, 0x0)

1.873520239s ago: executing program 1 (id=4230):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x1e8, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0xd}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0xd8}]}}, @TCA_RATE={0x6, 0x5, {0xb, 0x40}}, @filter_kind_options=@f_bpf={{0x8}, {0x1a0, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x188, 0x1, [@m_nat={0x104, 0x0, 0x0, 0x0, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x9, 0x6, 0x10000000, 0x80000001}, @empty, @multicast1, 0xffffff00}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x2, 0x6, 0x6, 0x6979, 0x28}, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, 0xffffffff, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x4, 0x0, 0x6, 0x3, 0x9f}, @empty, @multicast1}}]}, {0x61, 0x6, "525dfeac86ce84c0651b02d8cfcfb2e8ebe4fa883a2e8593252c80a728a5f4291635480f6cbc84b2432cef684200149d9d5edd825c13eb2d4d0d699ac1ca3cc36e4a09f088dc445f0783cc90f1d501855767e6d7c186ca9b4e0cb1c4bf"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_simple={0x48, 0x1e, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x9, 0x4, 0x10000000, 0x633, 0xe2d}}]}, {0x4}, {0xc, 0x7, {0x0, 0x79d0f023c2b305dd}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_mpls={0x38, 0x13, 0x0, 0x0, {{0x9}, {0xc, 0x2, 0x0, 0x1, [@TCA_MPLS_TC={0x5, 0x6, 0x4}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2}}}}]}]}}]}, 0x1e8}, 0x1, 0x0, 0x0, 0x40008c5}, 0x20000080)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r0, 0x6, 0x10, 0x0, &(0x7f00000000c0))
r1 = socket(0x10, 0x803, 0x0)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r3}, 0x10)
recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

1.806869629s ago: executing program 1 (id=4231):
socket$inet6(0xa, 0x1, 0x0)
syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0xf96d, 0x3010, 0x4, 0xe6}, 0x0, &(0x7f0000000080))
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x58, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5, 0x0, 0x6}, 0x18)
syz_clone(0x63081180, 0x0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x1], 0x0, 0x0, 0x1, 0x1}}, 0x40)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x20040014)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x80800)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x2, 0x0, 0x25dfdbfb, {{@in6=@private0, @in=@broadcast, 0x0, 0x4, 0x0, 0x0, 0xa, 0x60, 0x80, 0x3b, 0x0, 0xee01}, {0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, {0xfffffffffffffffe}, 0x9, 0x0, 0x0, 0x1, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x50)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x5, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
memfd_create(0x0, 0x5)
sendmsg$nl_xfrm(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e"], 0xb8}, 0x1, 0x0, 0x0, 0x40000000}, 0x4008000)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc0000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_xfrm(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x40, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0xaa3, 0xfffffffffffffff8}, {0x0, 0x8}}}, 0xb8}}, 0x0)

1.64519768s ago: executing program 3 (id=4233):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYRES64, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
shmget$private(0x0, 0xfffffffffeffffff, 0x4800, &(0x7f0000ffc000/0x3000)=nil)
r1 = socket$xdp(0x2c, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2, 0x0, 0x2000000000}, 0x18)
r3 = socket(0x10, 0x803, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000500)='westwood', 0x8)
r4 = socket$netlink(0x10, 0x3, 0x400000000000004)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f00000004c0)=0x1000000, 0x4)
writev(r4, &(0x7f0000000000)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80ffe0090f000000000000a2bc5603ca00000f7f89000000200000004a24", 0x35}], 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0}, 0x18)
socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r5=>0x0})
bind$can_j1939(0xffffffffffffffff, &(0x7f00000000c0)={0x1d, r5, 0xfffffffffffffffd, {0x0, 0x1, 0x1}, 0xfe}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket$netlink(0x10, 0x3, 0x10)
setsockopt$sock_int(r7, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r7, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x40)
sendmsg$kcm(r8, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x8000)

1.241955422s ago: executing program 0 (id=4235):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000180)={0x0, 0x228000, 0x1000, 0x0, 0x4}, 0x20)

1.217519542s ago: executing program 0 (id=4236):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095", @ANYRESHEX], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r1, 0x0, 0x5}, 0x18)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'bond0\x00'})
sendmsg$nl_xfrm(r2, 0x0, 0x2014)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x24040000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00'}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x16, 0xc, &(0x7f00000004c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='task_newtask\x00', r5}, 0x18)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r6, 0xc0f85403, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x1fffffe, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r7}, 0x18)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='kfree\x00', r8, 0x0, 0xffffffffffffffff}, 0x18)
io_uring_setup(0x1de0, &(0x7f00000000c0)={0x0, 0x45d6, 0x0, 0x3, 0x24d})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x9, 0x5d032, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, &(0x7f0000000000)=0xc, 0x400008, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))

1.163921223s ago: executing program 0 (id=4237):
socket$inet6(0xa, 0x1, 0x0)
syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0xf96d, 0x3010, 0x4, 0xe6}, &(0x7f0000000040), &(0x7f0000000080))
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x58, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5, 0x0, 0x6}, 0x18)
syz_clone(0x63081180, 0x0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x1], 0x0, 0x0, 0x1, 0x1}}, 0x40)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x20040014)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x80800)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x2, 0x0, 0x25dfdbfb, {{@in6=@private0, @in=@broadcast, 0x0, 0x4, 0x0, 0x0, 0xa, 0x60, 0x80, 0x3b, 0x0, 0xee01}, {0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, {0xfffffffffffffffe}, 0x9, 0x0, 0x0, 0x1, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x50)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x5, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
memfd_create(0x0, 0x5)
sendmsg$nl_xfrm(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e"], 0xb8}, 0x1, 0x0, 0x0, 0x40000000}, 0x4008000)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc0000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)

1.154540043s ago: executing program 3 (id=4238):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000000)={0x0, 0x1}, 0xfffffffffffffd8c)
close(r1)
socket$inet(0xa, 0x801, 0x84) (async)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) (async)
listen(r0, 0x8) (async)
accept4(r0, 0x0, 0x0, 0x0) (async)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000000)={0x0, 0x1}, 0xfffffffffffffd8c) (async)
close(r1) (async)

1.067163883s ago: executing program 5 (id=4239):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x486, 0x0, &(0x7f0000000200)=0x421)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xd}}, './file0\x00'})
bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0), 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x264e7528}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0x10000001}, 0x18)
r5 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000300)={'bond0\x00', <r6=>0x0})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000ac0)=@newqdisc={0x94, 0x24, 0xf0b, 0x70bd2c, 0x0, {0x0, 0x0, 0x12, r6, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x64, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x5, 0x4, 0x0, 0x0, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee11, 0x0, 0x0, 0x3], [0x0, 0x8, 0x3]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x8, 0x2, 0x0, 0x1, [{0x4}]}]}}]}, 0x94}, 0x1, 0x0, 0x0, 0x48804}, 0x0)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x2600, 0x0)

996.198604ms ago: executing program 5 (id=4240):
syz_emit_ethernet(0x253, &(0x7f0000001c80)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @local, @void, {@ipv4={0x8100, @gre={{0xc, 0x4, 0x2, 0x20, 0x245, 0x68, 0x0, 0x1, 0x2f, 0x0, @empty, @multicast1, {[@generic={0x44, 0x8, "b63b8f29d51e"}, @ssrr={0x89, 0x13, 0x46, [@rand_addr=0x64010101, @rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x1, 0x0}, @local]}]}}, {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x880b, 0x0, 0x1}, {0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x800, [0x8], "5ab57302ff05213d534fab3600ec604744045cbe67b753f804b514bbccd68c14a295f49d972698509435b1e12d083101d0"}, {0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x86dd, [], "5f35f2d0218d84d6f180a637ae2b88da003b8ac27413dbc5e7e66a44655b83ebe118c6694e7cbd12661866bd5789ff8b4e4e503c80b50c42e560a22ab7c1a5102462dc789a31a45816f76dbdab0845d27ede8db170120b5c40aaea442ad635c3d972a4d8f7d026a28b794d804ccf0cd8fe3fd90d0bba0c60322e8155ffdc5411933c2d2c633b0bd73fac642790aeeffa92b9e91e4d856fe2af7f354b23a455a0ad7850c4e41365122a1401bf94b0e5f25ef4554705f6a7e229290a945c604bcc3b2f5e68274509982b4ed256f959de6ecfbd8fecee29fa3496b9ffc4b8aa671063a644507b6df29f1d15e74c10cdb8ee2207156e5cd1dbdae5fb0e4cb041"}, {0x8, 0x88be, 0x2, {{0x3, 0x1, 0x8, 0x3, 0x0, 0x0, 0x1, 0x2}, 0x1, {0x6}}}, {0x8, 0x22eb, 0x3, {{0x3, 0x2, 0x6, 0x3, 0x1, 0x3, 0x1, 0x80}, 0x2, {0x8, 0x0, 0x1, 0x5, 0x1, 0x1, 0x2}}}, {0x8, 0x6558, 0x4, "e4bcd9691297004c850d0158684c6b9e32bd63b0010ca7d1ddf0e55fe05a73ecec79e1fa208f10e52cea02c0126e81098a76823106f29b39947039514146ec39f5c317352bc338299d605e2efb7ab4c42faae5245f47c57c6a2c70a56ca333ec9c67ebf348f9f7989755f4e0ee4ba9c37c62df604119b8815afa5dbed3af0aedf137c752782b3511050ec1b88f86704b087d4017b074736e7d9fe3312dd3643a"}}}}}}, 0x0)

995.888804ms ago: executing program 3 (id=4241):
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x2, 0x3, 0x801, 0x0, 0x0, 0xfffffffc)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000003400000034000000020000000000000002000004000000000000000002000000000000000000000002000000000000000100000000000001"], 0x0, 0x4e, 0x0, 0x1}, 0x28)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"6b3bfb24a49cb307ac6500", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0xc0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r5, 0x0, 0xffffffffffffffff}, 0x18)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000004000000020000000000000800000000000061"], 0x0, 0x28}, 0x28)
recvmmsg(r3, &(0x7f0000003d40)=[{{0x0, 0x94, 0x0, 0x0, 0x0, 0x40000}, 0x5}], 0x1, 0x2, 0x0)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r7 = socket$packet(0x11, 0x2, 0x300)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f00000000c0)={<r8=>0x0, @remote, @dev}, &(0x7f0000000200)=0xc)
bind$packet(r7, &(0x7f0000000280)={0x11, 0x9, r8, 0x1, 0x41}, 0x14)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="15065ff22290790b19cc57feff0000000414cc0000e8080000ff0100000080000000", @ANYRES32=0x1, @ANYBLOB="4ba5048000"/20, @ANYRES32=0x0, @ANYRES32=r0, @ANYBLOB="010000000100"/28], 0x50)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mmap(&(0x7f0000202000/0x2000)=nil, 0x2000, 0x3000003, 0x4008032, 0xffffffffffffffff, 0x55b23000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, &(0x7f00001c9000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000040)=[{0x1000}], 0x1, 0xe4, 0x0, 0x0, 0x50, 0x2})
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0)

995.413834ms ago: executing program 5 (id=4242):
socket$inet6(0xa, 0x1, 0x0)
syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0xf96d, 0x3010, 0x4, 0xe6}, 0x0, &(0x7f0000000080))
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x58, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5, 0x0, 0x6}, 0x18)
syz_clone(0x63081180, 0x0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x1], 0x0, 0x0, 0x1, 0x1}}, 0x40)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x20040014)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x80800)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x2, 0x0, 0x25dfdbfb, {{@in6=@private0, @in=@broadcast, 0x0, 0x4, 0x0, 0x0, 0xa, 0x60, 0x80, 0x3b, 0x0, 0xee01}, {0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, {0xfffffffffffffffe}, 0x9, 0x0, 0x0, 0x1, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x50)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x5, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
memfd_create(0x0, 0x5)
sendmsg$nl_xfrm(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e"], 0xb8}, 0x1, 0x0, 0x0, 0x40000000}, 0x4008000)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc0000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_xfrm(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x40, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0xaa3, 0xfffffffffffffff8}, {0x0, 0x8}}}, 0xb8}}, 0x0)

519.952717ms ago: executing program 1 (id=4243):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r0}, &(0x7f0000000840), &(0x7f0000000880)=r1}, 0x20)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="07000000040000008000000004"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000700000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='kmem_cache_free\x00', r5}, 0x18)
socket$key(0xf, 0x3, 0x2)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r1, r3, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x1253, &(0x7f0000001c80)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @local, @void, {@ipv4={0x8100, @gre={{0xc, 0x4, 0x2, 0x20, 0x1245, 0x68, 0x0, 0x1, 0x2f, 0x0, @empty, @multicast1, {[@generic={0x44, 0x8, "b63b8f29d51e"}, @ssrr={0x89, 0x13, 0x46, [@rand_addr=0x64010101, @rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x1, 0x0}, @local]}]}}, {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x880b, 0x1000, 0x1, [], "d17bd11cd8657bc84d0a2ca86897b496ec6f10e9793d165c346d968d55719b974256c37daa9f5a823f9e8e0710e66f860d574dde4665297324d14516e4401d6dd31cbe659fe4c9b5f65336ce5297787c535b061da0742213343284592827959fa0567b06a3025c989af9aba3663db32b7e33a6c4ca4f8722321420aeae1cb477fd9759f39664f8cfa957e28014b74a180fb1085f22f037f2965ab680457aaa28ea1f7483412c28ec3ea7a78eca66ac5080c37bf88d0017a8d6d31de8aea2c0fa6ab674c7d768011f01a20cda80aec85160440b9c9ff9819b78cf03e05dfaa320ba4cf1a8961fb8cffa27251901bdc92b0d0786c5816995d6ed0b4b83678f7833e0f1ea27a797b12db84d475d94b6496738bb0c558cd650036a21ec40fffc374b2f6e8df49fcb64f00c38f79729bf915c6e477440b79ef9ffa4ab1abe528bab6d5c57975901e7cfb521709718115870af03d859145d4af9a1159dcca58358b0617a5d072756ddd38edb570da9444b0cc4c69af8fe4ca4fb556720371794e4047ee00f1a5572dbb10ce747498a58e04f0094e8e75bf8ec4d4097e6850137c90d5b08c158ae3c35c25ec6f51ec17796f21de06105407a02a96f2b6bdd63fc1d4a67758a3c1a3a433ca6d1abf12b3aca959d85dd1ab96487df9befdc20a3f893aad3cd80d3773232247ccb7ee0d27470c0e57fa007940ab7e47062f8ebcddb301380f3c366dd1a38d2e35506e77e076a0543271758bd48322da36d591dd8e898dc2f906d4316757796da5912358aa3db6afa6a0e2eaf8f96569a766f5edfdfa3c4a30db9b0c78b7615db9c1f820595f79170836073c35033ade2d6db83184c65b9412ad5f43179d91247ac4245343d38ee9cd18a4781656c3a08fb71e4631be0e24e1b8a17a39da6263bf4f52748fe046b11d52eed61bb9b4ed5dd2d5d2eca764d221d524e863fc1a24394cdb4d899af4660b70fdef9225f49f7904a4f47e90c3693745c67a842d79b4469d70f43a1b049c89b1b4e0769c1666ebaf15a9f47ef419234dfd1b01e5c5788f3d25c345a42acb985d5dff5676a25bbd782ff264c1f99aa05f32449c032a422180a87b633878193446ebbf4de31e1a9b673ee9620c86570fa9bdf30254a522f467a349e86b1e93d739c09e210f7120fa95cf3938547fc24475cb6c5ce476651c29b88609ca8ced1aa937e3231214d02e6e8a3ea950d2b72616d871a5a0260652f1d3917cf96ccf1fd372a8007c9dc7d689882453174831e0a5e7fe64cc95c4640f3090e23ac3d50958fcbcf4196a6cbe60eb479d3a972c8686c87ee488b51704675456e863a2651fb7666abd13963b8e0607338304911c0bebf3635d6f5ed244f9ef49392f5d1fc2d6d5ab44d3e2d0264a0eea428a52e29d7b671c0e21bce4eb6047bb37f97efd67b1b3ac99d6b9dee6f79d394fd689db47bdd831c2b2ac8ebb1f64377bc3f3d790b0b339f4b6aa1cf8ef66d84d47eeff61e8189f6381bd8b255a89f2860b565eb4e145544b804e5420b661e2d313085b7bd47143c153574de8e8a2f6803452c7cc54ef0c17db2b8c84aae696490af29c2941171986a0305a208ce66ab559b50528aba2acf4d87a6cebf4cf622b0abc65d5f404ea0f89ea4368f9d2325219c6fee2d390e0e7da364d2b59ed2e8b1e7504a0945575745577142eb691449716419f528dc2fd822f66d274bc98d91d33f7b5026efa7e084e4800ffa2695b0701ee6e34a06409ca111fde99633020f747543ed874510f85a747921f88be8eca893b70357c5172c5c30f1ac7b13334529cdba0d28c9a27a8b40af31bb23516c4443c955c35ad7a67b75225936003e2c84f2d2b1d573b47676e6ae0aa79e3a0e341d468a126c88f3b89f8a93a3af47e717a2489aca1fc574a10f8dd914689b796fddea0a8c9d3d7ba63af14c608eb07b879cef326fea97b1f321d5d1d2d1649deb11436e30500650ca4cacbb16f7648673bb0b4bee69eb4f199fb7ed49f4eb7cd39ae939f969225e980bae4d938330a86c1ec1b64be4fedc56e3f5266e3eff6f917fb8fbde887788789259582b8e54a9579cd67b62b0f689db835b9c4584e05d28a03178885170afaa6161e9a87c6bc725f43df042c9ec8d65fe573ddd9f4125bcb1c6d97d5314518e003f602fac05bb961b5b1f6fdfb45fb8aea13722c082b9804f1fb6838f7573b3eef88f922f5b81b655048714fa8fae9b689a71f82a94d12156efff1f302701b4a3e912ab964262b462471e40832d6a0e86ed40981f62c77e0778c4b504e863e03efdfc52e7fc99e10d9265e810b968a66f26a243a4066dbac516fb3da389e31b94f163c74055391bdb0862efba463f6ba2fe0164b520c43cd9a6595f43aea354ffe1c35467211dad5951a6800da537940cea3dd8c2eb34ee999a87053ba57b8e0fac3fd4d7a28f1fba424d0c4f21e28c7e3562269239a944a8ef60368c80431182511be93ba69008eefd90b8d6f1694d4e97f187cba28c6395e26b2a50d86a31cad10ddcaf88f30d0cfbd01ed5aa59a800432ac943f67720af1084fb9fb8d75525d5ec00af5255f9fba045a52b70fa5734fef3b527e0cca09c394e8d549631bf995230a5fa3a0846654377452f2882762ec5e19e9383ebf66b659fe458b0899b00336953cb658b953914a18d587e74a48f6fb920a35440ddaa6255c0c0b634dec8c95da381d08a5f8d77ec6ef11a00caca9f9801014f895661651ace77adfedef536a2b1ab9c38678573707825b84fb3e2d8f62befe091fb9864dd43be894c7285594acc893d73d1decb0a719dec989d64e17f1039748ea16329729e139fec2e393a4c5a8b18ad644ff3ddca21dc99e3c96f9a10d5b87a2af128f6fadb358974fc9c2a74b7740eab244b2d4f292d2f4d26f03f4bdb1f1973c507d958965e23ec02596fb91eec4e14f72b7234f229935ab1c21b71e10d7af52a74289616da1a5bb81ea66f21ee06c0de8d7c187ae1fc2f17d72fd0e720f6ba0d3ec1ca5981b683b58ef48ea44f1906528bd57e99b868373c375629d585e5dbb4ef983103cb32629c1f01e97c250b96e13276504f6e529d783ac1873753f2e04f8d961c96f2cea4b3dc4a2f446403eb9d80a69efbe2bc85cc35cec213731b3fdf4929746089988db1df2add2888c19e8dfe4dedfc2730bb99289cefd2f6f839e7d909aefa80082d8ec7a8c066728f69aac5182de4520a8e2d3b9e017a4f55870aa8532078c53099c58cc40231f266d47b98a9049f13c9965e3975ec60ec62a845ab5069f4a5bb3ffa65c416ee6b3ed4b51314297a78eba121657f01f3c731f6035761feb4363a16accdab5618721569f3bb2dff887f2868f3aaa57211ae529ba349b8cdf0e412c60024b4df58da2d02b5dd5c9674b32ab7c6e05838851b6fc916d6877437700d8e0d2838067c2b7ee17bf995c3a1fd23676090d429c948c5a7d02fc0cbe7812decefa9dfbcc140995724c6d2c5451869fc69947bddb22f5b6e513c65fe4f857dbcb9358999279e09555481d681f3d52d27fd6affce3268656c01e3be0da43105f884f6cb1dbf5d5685b0d448fac8fb4bd2cd27c9aa0fefc9f1cfc49390dae33100c5d0ec4a9eb2b6dafa7b2079d9c7791372bbb8b3e2c2edfe3859dc678deb854fefa905fe2ad3bd40744f1dee568d421f207976fe8a7c0da1fd28b127c866a724db6ec00a1aa12c80eae02283da4e1a048546dd800e929d0791eab5093412f424051d1f5ce7205977e6d198e1fa203239b73f6f90fe724df30a8f36f3f5989f2d10369a7625d32f66f4880b7a9dcacabf50289a1913f621a956a490ac9dbc59dc8507fff618d009a3354c483bade4b045c41e7ac6dcb8faa695e6912b47fc9b1e8b5e231f2dcc35aefa26bbfeb6b7bcbaf30f5f5e1e0d7abd45ecb2da4d2637ca47ff547cf33dff479f77340e7bf6ce7d33467e0370b13ea61346f0deed969ffeaf17570e0f12db677276638f739668fd359392ffbebaf2962324f0810271552af29d99e03ca4617afc8547d88ebea71f778b98d8f5230ca51a7dfd186f5fbad1e7c839dc7019e5b76616559679d3f5d560796f3b5a6f2837283d019b490be8df9049490f737567199f3aee551cfea8535d7a0a7f4949c99e23373a8d86b55f2c9f7c555dfb3c4603061eb9b06ce039c19290378d3e56ca33be5687c0b0d8e1768dfc7fb28c2860146484a3182cc5254c862a7a11a46b6baceced19391fbfaab16978fdd3a109bbb084f27d05df71b362ffe397a83a9c954c85819af26ec446cae32c15db8a9deff6b7dbaf54d7708e985a1c281dc4b8e5cf775f431b8fa9e2be27120240430a08626ce50c35f7569309932bf5093d6a812ca3d775b214f1522233be2dba9ec70f4718faa5e4562f995295f26bcb48a211625ebb93eb0a93b72c1543a958354ca9bd796278c513ba3288f8b17349cc3a0bb47bf9a72f79aad3bba54cc40eee114a23b249b7da63c21e5a9a48fd2bd160739f727ca17c41a24d98fc62793553068a3eee4026911ac8d57fa6157ae0da08dd442bb84682171404152f539b512f6ad7b414e1d9620fcadc66bd6b7c8e452930f1fe1a8dd82b20e92a6aa5876131fde2527d85cf135952f962f0d908fb45effdc540bae5729e7f9ec4999959bd7b6a038ad490fb38bd388496f27d4528d2ab46459a48874d10314c13a0591241edce5c1b1bbf9af0ff3feea6dca1d9def83db19e48fd11543193751e68b64a22d573187c535fd52c6ad0ab4632931d4cc718855433cad5f30a8ef9e052e96e5e0947e9b0d992c90ee2d911ea7294461a0a73f2bc046941655cb3b8e19f4fbf825ca7a17d2bde891ac6e2a8094e384c82c8e0a86e47a2cab94cb8ed10f733283ad032db7025b9552f3ae9c1c524953b6e5860aba5bcec5895f0d59abd48e0f2ebfabfc0445a804ec0550de9658e9f8ef5c157a2fff2167c236df7aa6db0067af003ac42d02bed6fa9d6d47347a47524d0abfb9c058ab81255c9b87f98de463704388cf203e4f96b5152d7403154d0279713469dc1e05c51ac109eaf1292722fd15132c0abc93e61b313357dd33e1a6bb6ac597a490834f8baafaaf0581fda747ae8b3ed3590c503f0c5e5f67401ff5f85bf6bbf9dfdee5243f1b09a8e72476fa7e9b60e3c2fe31fac63992653fc7b063317ee1660101cad58b8c49738fc75d4892513d65fa1109f38bbf0bd4c0d9559fdedddd44554a0919d0b1904dcc87bf2ea49d728c068ed8621e8e60b820362ff71dce194392bb8a55fc3f115d708cdee70bb021d240734b26b4f225d926fbb29be2505743c3e01b0c76b28c88fb152ad7c070b7a5549a9f1e0e58c5245b5ad324c50764cb44ccd69b14c246c70aa1daa78d735398a45b0492d1e9f3725ad5827110d15d01dbc2b7b826557ed7084ef215602ebfab2a2babe6077ed056c7d0f0175fb8224bec656168cd4fc5fe778c67b9cb48eabf8ced748510da90ce13128d5ba69e5792def7638a16f64a98f0e5bbcdbefc2f5942ef9260f7b75478d0bb870415330fca985b7312fdeb0adc6ad0fbcf4017309321fab0dac98a76b74d9d554ccc7d6b11f5cb264d1cb300e250357b82f71065a28a429ccfb6db65f376fe5c7b903ce2c5c8a3de091afe1c65d6b71c108b9c6926ecbf4c78738d4db886b4fe8f8e3adbe218e48990f1f0804fde22f3e8566c6839f1bc71b77aa133217c7fed4755daf79c2f814623d98d29d4a79dee7027e2be6716ea1fca39a0de99006e58c03d882daf5779e453a02b85d7f06a04321d1cd5a2a9e0aeb"}, {0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x800, [0x8], "5ab57302ff05213d534fab3600ec604744045cbe67b753f804b514bbccd68c14a295f49d972698509435b1e12d083101d0"}, {0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x86dd, [], "5f35f2d0218d84d6f180a637ae2b88da003b8ac27413dbc5e7e66a44655b83ebe118c6694e7cbd12661866bd5789ff8b4e4e503c80b50c42e560a22ab7c1a5102462dc789a31a45816f76dbdab0845d27ede8db170120b5c40aaea442ad635c3d972a4d8f7d026a28b794d804ccf0cd8fe3fd90d0bba0c60322e8155ffdc5411933c2d2c633b0bd73fac642790aeeffa92b9e91e4d856fe2af7f354b23a455a0ad7850c4e41365122a1401bf94b0e5f25ef4554705f6a7e229290a945c604bcc3b2f5e68274509982b4ed256f959de6ecfbd8fecee29fa3496b9ffc4b8aa671063a644507b6df29f1d15e74c10cdb8ee2207156e5cd1dbdae5fb0e4cb041"}, {0x8, 0x88be, 0x2, {{0x3, 0x1, 0x8, 0x3, 0x0, 0x0, 0x1, 0x2}, 0x1, {0x6}}}, {0x8, 0x22eb, 0x3, {{0x3, 0x2, 0x6, 0x3, 0x1, 0x3, 0x1, 0x80}, 0x2, {0x8, 0x0, 0x1, 0x5, 0x1, 0x1, 0x2}}}, {0x8, 0x6558, 0x4, "e4bcd9691297004c850d0158684c6b9e32bd63b0010ca7d1ddf0e55fe05a73ecec79e1fa208f10e52cea02c0126e81098a76823106f29b39947039514146ec39f5c317352bc338299d605e2efb7ab4c42faae5245f47c57c6a2c70a56ca333ec9c67ebf348f9f7989755f4e0ee4ba9c37c62df604119b8815afa5dbed3af0aedf137c752782b3511050ec1b88f86704b087d4017b074736e7d9fe3312dd3643a"}}}}}}, 0x0)

434.104017ms ago: executing program 1 (id=4244):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0xe, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000018c0), r2)
sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000004c0)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002abd03800800010001000000080003000400000014000000000000bee85b9d2b91fa2b00"], 0x78}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

335.439278ms ago: executing program 1 (id=4245):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x1c5ed000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
pipe(&(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write$P9_RGETLOCK(r4, &(0x7f00000002c0)=ANY=[], 0x200002e6)
fcntl$setpipe(r3, 0x407, 0x7000000)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
write$selinux_load(r2, &(0x7f0000000580)={0xf97cff8c, 0x8}, 0x10)

248.901678ms ago: executing program 0 (id=4246):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000180)={0x0, 0x228000, 0x1000, 0x0, 0x4}, 0x20)

225.561139ms ago: executing program 0 (id=4247):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095", @ANYRESHEX], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r1, 0x0, 0x5}, 0x18)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'bond0\x00'})
sendmsg$nl_xfrm(r2, 0x0, 0x2014)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x24040000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00'}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x16, 0xc, &(0x7f00000004c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='task_newtask\x00', r5}, 0x18)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r6, 0xc0f85403, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x1fffffe, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r7}, 0x18)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='kfree\x00', r8, 0x0, 0xffffffffffffffff}, 0x18)
io_uring_setup(0x1de0, &(0x7f00000000c0)={0x0, 0x45d6, 0x0, 0x3, 0x24d})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x9, 0x5d032, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, &(0x7f0000000000)=0xc, 0x400008, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))

109.637009ms ago: executing program 0 (id=4248):
r0 = socket(0x840000000002, 0x3, 0xff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000005c0)={'netpci0\x00'})
syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001240000000000500150004000000050005000000000005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000740)=ANY=[], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[@ANYRESOCT=r4], 0x78}, 0x1, 0x7}, 0x0)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
r7 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0x1f9}, &(0x7f0000000000)=<r8=>0x0, &(0x7f0000000300)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYRESDEC=r1], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000540)='kmem_cache_free\x00'}, 0x14)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r7, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x12345})
r10 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r11 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSW(r10, 0x5403, &(0x7f0000000080)={0x9, 0x403, 0xfff, 0x86aa, 0x9, "0058c90a00800000000000000000f900"})
ioctl$TIOCSTI(r11, 0x5412, &(0x7f0000010300)=0xa)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
io_uring_enter(r7, 0x47f6, 0x0, 0x0, 0x0, 0x0)

108.447159ms ago: executing program 5 (id=4249):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000e7ef90030000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x76}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000780)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x20, 0x7ffc1ffb}]})
getitimer(0x0, &(0x7f0000000080))

0s ago: executing program 5 (id=4250):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xb, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xd07, 0x40}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0x80b, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r1, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb3a}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x79, 0x10, 0x90}, [@ldst={0x3, 0x0, 0xb, 0xa}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0x7300, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x21}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
mount$9p_tcp(0x0, &(0x7f0000000680)='.\x00', &(0x7f00000006c0), 0x8010, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=tcp'])

kernel console output (not intermixed with test programs):

etdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  231.785761][ T7767] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  231.828057][ T7767] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  231.836379][ T7767] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  231.874204][T13595] loop5: detected capacity change from 0 to 2048
[  231.892360][ T3389] hid_parser_main: 66 callbacks suppressed
[  231.892378][ T3389] hid-generic 0000:0000:10001.0004: unknown main item tag 0x0
[  231.906099][ T3389] hid-generic 0000:0000:10001.0004: unknown main item tag 0x0
[  231.913753][ T3389] hid-generic 0000:0000:10001.0004: unknown main item tag 0x0
[  231.921308][ T3389] hid-generic 0000:0000:10001.0004: unknown main item tag 0x0
[  231.928940][ T3389] hid-generic 0000:0000:10001.0004: unknown main item tag 0x0
[  231.936679][ T3389] hid-generic 0000:0000:10001.0004: unknown main item tag 0x0
[  231.944192][ T3389] hid-generic 0000:0000:10001.0004: unknown main item tag 0x0
[  231.951910][ T3389] hid-generic 0000:0000:10001.0004: unknown main item tag 0x0
[  231.959467][ T3389] hid-generic 0000:0000:10001.0004: unknown main item tag 0x0
[  231.966981][ T3389] hid-generic 0000:0000:10001.0004: unknown main item tag 0x0
[  232.062130][ T3389] hid-generic 0000:0000:10001.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  232.072404][T13595] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  232.676569][T13631] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3554'.
[  232.712931][T13595] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  232.729829][T13595] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  232.742312][T13595] EXT4-fs (loop5): This should not happen!! Data will be lost
[  232.742312][T13595] 
[  232.752054][T13595] EXT4-fs (loop5): Total free blocks count 0
[  232.758023][T13595] EXT4-fs (loop5): Free/Dirty block details
[  232.763929][T13595] EXT4-fs (loop5): free_blocks=2415919104
[  232.769678][T13595] EXT4-fs (loop5): dirty_blocks=7072
[  232.774961][T13595] EXT4-fs (loop5): Block reservation details
[  232.780965][T13595] EXT4-fs (loop5): i_reserved_data_blocks=442
[  232.824998][  T114] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[  232.844879][T13630] FAULT_INJECTION: forcing a failure.
[  232.844879][T13630] name failslab, interval 1, probability 0, space 0, times 0
[  232.857551][T13630] CPU: 1 UID: 0 PID: 13630 Comm: syz.2.3555 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  232.857576][T13630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  232.857587][T13630] Call Trace:
[  232.857594][T13630]  <TASK>
[  232.857604][T13630]  __dump_stack+0x1d/0x30
[  232.857627][T13630]  dump_stack_lvl+0xe8/0x140
[  232.857672][T13630]  dump_stack+0x15/0x1b
[  232.857687][T13630]  should_fail_ex+0x265/0x280
[  232.857703][T13630]  ? audit_log_d_path+0x8d/0x150
[  232.857721][T13630]  should_failslab+0x8c/0xb0
[  232.857793][T13630]  __kmalloc_cache_noprof+0x4c/0x4a0
[  232.857822][T13630]  audit_log_d_path+0x8d/0x150
[  232.857842][T13630]  audit_log_d_path_exe+0x42/0x70
[  232.857879][T13630]  audit_log_task+0x1e9/0x250
[  232.857906][T13630]  ? kstrtouint+0x76/0xc0
[  232.857931][T13630]  audit_seccomp+0x61/0x100
[  232.858034][T13630]  ? __seccomp_filter+0x82d/0x1250
[  232.858059][T13630]  __seccomp_filter+0x83e/0x1250
[  232.858082][T13630]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  232.858116][T13630]  ? vfs_write+0x7e8/0x960
[  232.858144][T13630]  ? __rcu_read_unlock+0x4f/0x70
[  232.858169][T13630]  ? __fget_files+0x184/0x1c0
[  232.858250][T13630]  __secure_computing+0x82/0x150
[  232.858309][T13630]  syscall_trace_enter+0xcf/0x1e0
[  232.858335][T13630]  do_syscall_64+0xac/0x200
[  232.858350][T13630]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  232.858453][T13630]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  232.858476][T13630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.858496][T13630] RIP: 0033:0x7fd2e3b6efc9
[  232.858512][T13630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.858543][T13630] RSP: 002b:00007fd2e25d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  232.858560][T13630] RAX: ffffffffffffffda RBX: 00007fd2e3dc5fa0 RCX: 00007fd2e3b6efc9
[  232.858571][T13630] RDX: 00002000000083c0 RSI: 0000000040345410 RDI: 000000000000000b
[  232.858584][T13630] RBP: 00007fd2e25d7090 R08: 0000000000000000 R09: 0000000000000000
[  232.858597][T13630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  232.858609][T13630] R13: 00007fd2e3dc6038 R14: 00007fd2e3dc5fa0 R15: 00007ffefda8fc58
[  232.858631][T13630]  </TASK>
[  233.171358][T13642] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3559'.
[  233.180541][T13642] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3559'.
[  233.192091][T13642] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3559'.
[  233.201674][T13642] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3559'.
[  233.276152][T13650] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  233.286178][T13650] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.319988][T13657] loop5: detected capacity change from 0 to 128
[  233.327157][T13657] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  233.347165][T13657] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  233.367976][T13650] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  233.377853][T13650] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.393247][T13657] SELinux: failed to load policy
[  233.413179][ T7775] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  233.524040][T13650] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  233.533990][T13650] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.571895][T13667] vhci_hcd: invalid port number 85
[  233.577050][T13667] vhci_hcd: default hub control req: 1f12 v0000 i0055 l0
[  234.391010][T13650] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  234.401044][T13650] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.641590][T13696] SELinux: failed to load policy
[  234.676165][T13699] loop5: detected capacity change from 0 to 1024
[  234.690029][T13701] __nla_validate_parse: 1 callbacks suppressed
[  234.690042][T13701] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3582'.
[  234.722041][T13699] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  234.827847][ T9191] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.110686][T13727] SELinux: failed to load policy
[  236.124042][T13738] netlink: 'syz.5.3593': attribute type 10 has an invalid length.
[  236.177328][   T29] kauditd_printk_skb: 233 callbacks suppressed
[  236.177343][   T29] audit: type=1326 audit(1761766569.644:9894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13740 comm="syz.3.3594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76bd5defc9 code=0x7ffc0000
[  236.210083][   T29] audit: type=1326 audit(1761766569.644:9895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13740 comm="syz.3.3594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76bd5defc9 code=0x7ffc0000
[  236.235557][   T29] audit: type=1326 audit(1761766569.664:9896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13740 comm="syz.3.3594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=179 compat=0 ip=0x7f76bd5defc9 code=0x7ffc0000
[  236.298720][T13743] FAULT_INJECTION: forcing a failure.
[  236.298720][T13743] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  236.312201][T13743] CPU: 0 UID: 0 PID: 13743 Comm: syz.3.3594 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  236.312229][T13743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  236.312240][T13743] Call Trace:
[  236.312245][T13743]  <TASK>
[  236.312259][T13743]  __dump_stack+0x1d/0x30
[  236.312279][T13743]  dump_stack_lvl+0xe8/0x140
[  236.312348][T13743]  dump_stack+0x15/0x1b
[  236.312365][T13743]  should_fail_ex+0x265/0x280
[  236.312499][T13743]  should_fail_alloc_page+0xf2/0x100
[  236.312527][T13743]  __alloc_frozen_pages_noprof+0xff/0x360
[  236.312622][T13743]  alloc_pages_mpol+0xb3/0x260
[  236.312644][T13743]  ? __pfx_anon_pipe_write+0x1/0x10
[  236.312689][T13743]  alloc_pages_noprof+0x90/0x130
[  236.312710][T13743]  anon_pipe_write+0x6a1/0xb30
[  236.312746][T13743]  ? __pfx_anon_pipe_write+0x1/0x10
[  236.312778][T13743]  ? __pfx_anon_pipe_write+0x10/0x10
[  236.312858][T13743]  vfs_write+0x52a/0x960
[  236.312948][T13743]  ksys_write+0xda/0x1a0
[  236.312969][T13743]  __x64_sys_write+0x40/0x50
[  236.312988][T13743]  x64_sys_call+0x2802/0x3000
[  236.313076][T13743]  do_syscall_64+0xd2/0x200
[  236.313093][T13743]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  236.313126][T13743]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  236.313173][T13743]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.313194][T13743] RIP: 0033:0x7f76bd5defc9
[  236.313210][T13743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.313225][T13743] RSP: 002b:00007f76bc026038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  236.313244][T13743] RAX: ffffffffffffffda RBX: 00007f76bd836090 RCX: 00007f76bd5defc9
[  236.313264][T13743] RDX: 0000000000011000 RSI: 0000200000000040 RDI: 0000000000000009
[  236.313308][T13743] RBP: 00007f76bc026090 R08: 0000000000000000 R09: 0000000000000000
[  236.313319][T13743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  236.313329][T13743] R13: 00007f76bd836128 R14: 00007f76bd836090 R15: 00007ffdebbc7138
[  236.313410][T13743]  </TASK>
[  236.343463][   T29] audit: type=1326 audit(1761766569.814:9897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13740 comm="syz.3.3594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76bd5defc9 code=0x7ffc0000
[  236.545910][   T29] audit: type=1326 audit(1761766569.814:9898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13740 comm="syz.3.3594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76bd5defc9 code=0x7ffc0000
[  236.569641][   T29] audit: type=1326 audit(1761766569.854:9899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13740 comm="syz.3.3594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f76bd5defc9 code=0x7ffc0000
[  236.593029][   T29] audit: type=1326 audit(1761766569.854:9900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13740 comm="syz.3.3594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76bd5defc9 code=0x7ffc0000
[  236.617007][   T29] audit: type=1326 audit(1761766569.854:9901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13740 comm="syz.3.3594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76bd5defc9 code=0x7ffc0000
[  236.641302][   T29] audit: type=1326 audit(1761766569.864:9902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13746 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850d6aefc9 code=0x7ffc0000
[  236.664863][   T29] audit: type=1326 audit(1761766569.864:9903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13746 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f850d6aefc9 code=0x7ffc0000
[  236.770777][T13755] loop5: detected capacity change from 0 to 1024
[  236.823493][T13755] EXT4-fs: Ignoring removed orlov option
[  236.829415][T13755] EXT4-fs: Ignoring removed nomblk_io_submit option
[  236.903071][T13755] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.945658][T13755] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 23 with max blocks 1 with error 28
[  236.958419][T13755] EXT4-fs (loop5): This should not happen!! Data will be lost
[  236.958419][T13755] 
[  236.968750][T13755] EXT4-fs (loop5): Total free blocks count 0
[  236.975026][T13755] EXT4-fs (loop5): Free/Dirty block details
[  236.981307][T13755] EXT4-fs (loop5): free_blocks=0
[  236.986585][T13755] EXT4-fs (loop5): dirty_blocks=0
[  236.992642][T13755] EXT4-fs (loop5): Block reservation details
[  237.000239][T13755] EXT4-fs (loop5): i_reserved_data_blocks=0
[  237.009251][T13768] FAULT_INJECTION: forcing a failure.
[  237.009251][T13768] name failslab, interval 1, probability 0, space 0, times 0
[  237.024353][T13768] CPU: 0 UID: 0 PID: 13768 Comm: syz.3.3601 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  237.024379][T13768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  237.024507][T13768] Call Trace:
[  237.024514][T13768]  <TASK>
[  237.024523][T13768]  __dump_stack+0x1d/0x30
[  237.024546][T13768]  dump_stack_lvl+0xe8/0x140
[  237.024563][T13768]  dump_stack+0x15/0x1b
[  237.024640][T13768]  should_fail_ex+0x265/0x280
[  237.024660][T13768]  ? __pfx_proc_alloc_inode+0x10/0x10
[  237.024680][T13768]  should_failslab+0x8c/0xb0
[  237.024736][T13768]  kmem_cache_alloc_lru_noprof+0x55/0x490
[  237.024765][T13768]  ? proc_alloc_inode+0x34/0x90
[  237.024782][T13768]  ? __pfx_proc_alloc_inode+0x10/0x10
[  237.024797][T13768]  proc_alloc_inode+0x34/0x90
[  237.024834][T13768]  alloc_inode+0x40/0x170
[  237.024857][T13768]  new_inode+0x1d/0xe0
[  237.024882][T13768]  proc_get_inode+0x21/0x370
[  237.024916][T13768]  proc_lookup_de+0x196/0x240
[  237.024934][T13768]  proc_tgid_net_lookup+0x43/0xd0
[  237.024951][T13768]  ? __pfx_proc_tgid_net_lookup+0x10/0x10
[  237.024968][T13768]  path_openat+0xcf3/0x2170
[  237.025047][T13768]  do_filp_open+0x109/0x230
[  237.025071][T13768]  ? __pfx_kfree_link+0x10/0x10
[  237.025164][T13768]  do_sys_openat2+0xa6/0x110
[  237.025184][T13768]  __x64_sys_openat+0xf2/0x120
[  237.025201][T13768]  x64_sys_call+0x2eab/0x3000
[  237.025253][T13768]  do_syscall_64+0xd2/0x200
[  237.025323][T13768]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  237.025428][T13768]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.025446][T13768] RIP: 0033:0x7f76bd5defc9
[  237.025462][T13768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.025481][T13768] RSP: 002b:00007f76bc005038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  237.025533][T13768] RAX: ffffffffffffffda RBX: 00007f76bd836180 RCX: 00007f76bd5defc9
[  237.025544][T13768] RDX: 0000000000000800 RSI: 00002000000005c0 RDI: ffffffffffffff9c
[  237.025556][T13768] RBP: 00007f76bc005090 R08: 0000000000000000 R09: 0000000000000000
[  237.025569][T13768] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  237.025582][T13768] R13: 00007f76bd836218 R14: 00007f76bd836180 R15: 00007ffdebbc7138
[  237.025602][T13768]  </TASK>
[  237.601743][ T9191] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.837162][T13777] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3603'.
[  237.863990][T13775] netlink: 'syz.5.3603': attribute type 21 has an invalid length.
[  238.021155][T13784] SELinux: failed to load policy
[  238.056629][T13795] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3611'.
[  238.066217][T13795] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3611'.
[  238.107427][T13799] loop5: detected capacity change from 0 to 1024
[  238.114341][T13799] EXT4-fs: Ignoring removed orlov option
[  238.120284][T13799] EXT4-fs: Ignoring removed nomblk_io_submit option
[  238.179540][T13799] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  238.196832][T13799] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 23 with max blocks 1 with error 28
[  238.209431][T13799] EXT4-fs (loop5): This should not happen!! Data will be lost
[  238.209431][T13799] 
[  238.219262][T13799] EXT4-fs (loop5): Total free blocks count 0
[  238.221879][T13804] syz_tun: entered allmulticast mode
[  238.225597][T13799] EXT4-fs (loop5): Free/Dirty block details
[  238.236222][T13804] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3614'.
[  238.236649][T13799] EXT4-fs (loop5): free_blocks=0
[  238.250750][T13799] EXT4-fs (loop5): dirty_blocks=0
[  238.255795][T13799] EXT4-fs (loop5): Block reservation details
[  238.261853][T13799] EXT4-fs (loop5): i_reserved_data_blocks=0
[  238.274356][T13804] syz_tun (unregistering): left allmulticast mode
[  238.298510][ T9191] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.497234][T13816] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3619'.
[  238.507079][T13816] netlink: 'syz.5.3619': attribute type 21 has an invalid length.
[  238.726974][T13832] SELinux: failed to load policy
[  238.912526][ T7775] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  238.920813][ T7775] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  238.948679][ T7775] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  238.956908][ T7775] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  239.000501][ T7775] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  239.008767][ T7775] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  239.023237][ T7775] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  239.032147][ T7775] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  239.441700][T13871] netlink: 'syz.1.3637': attribute type 10 has an invalid length.
[  239.610149][T13877] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  239.619085][T13877] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  239.637200][T13881] loop5: detected capacity change from 0 to 1024
[  239.644271][T13881] EXT4-fs: Ignoring removed orlov option
[  239.650077][T13881] EXT4-fs: Ignoring removed nomblk_io_submit option
[  239.717828][T13881] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.733755][T13881] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 23 with max blocks 1 with error 28
[  239.746191][T13881] EXT4-fs (loop5): This should not happen!! Data will be lost
[  239.746191][T13881] 
[  239.755899][T13881] EXT4-fs (loop5): Total free blocks count 0
[  239.761925][T13881] EXT4-fs (loop5): Free/Dirty block details
[  239.767831][T13881] EXT4-fs (loop5): free_blocks=0
[  239.772798][T13881] EXT4-fs (loop5): dirty_blocks=0
[  239.777825][T13881] EXT4-fs (loop5): Block reservation details
[  239.783825][T13881] EXT4-fs (loop5): i_reserved_data_blocks=0
[  240.141514][T13890] random: crng reseeded on system resumption
[  240.371554][ T9191] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.404778][T13900] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3646'.
[  240.498675][T13908] netlink: 'syz.3.3649': attribute type 10 has an invalid length.
[  240.547517][T13914] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3653'.
[  240.556538][T13914] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3653'.
[  240.566250][T13914] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3653'.
[  240.575292][T13914] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3653'.
[  240.930008][T13946] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3666'.
[  240.939092][T13946] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3666'.
[  240.982101][T13949] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  241.006453][T13946] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3666'.
[  241.015507][T13946] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3666'.
[  241.163602][T13965] loop5: detected capacity change from 0 to 128
[  241.285948][   T29] kauditd_printk_skb: 441 callbacks suppressed
[  241.286012][   T29] audit: type=1326 audit(1761766574.754:10345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13968 comm="syz.5.3677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850d6aefc9 code=0x7ffc0000
[  241.306890][T13972] loop5: detected capacity change from 0 to 128
[  241.318971][   T29] audit: type=1326 audit(1761766574.754:10346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13968 comm="syz.5.3677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850d6aefc9 code=0x7ffc0000
[  241.346654][   T29] audit: type=1326 audit(1761766574.754:10347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13968 comm="syz.5.3677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7f850d6aefc9 code=0x7ffc0000
[  241.370768][   T29] audit: type=1326 audit(1761766574.754:10348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13968 comm="syz.5.3677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850d6aefc9 code=0x7ffc0000
[  241.394650][   T29] audit: type=1326 audit(1761766574.754:10349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13968 comm="syz.5.3677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850d6aefc9 code=0x7ffc0000
[  241.420736][T13972] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  241.433019][T13972] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  241.446710][T13972] SELinux: failed to load policy
[  241.450953][   T29] audit: type=1326 audit(1761766574.904:10350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13967 comm="syz.2.3676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2e3b6efc9 code=0x7ffc0000
[  241.475363][   T29] audit: type=1326 audit(1761766574.904:10351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13967 comm="syz.2.3676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2e3b6efc9 code=0x7ffc0000
[  241.499317][   T29] audit: type=1326 audit(1761766574.904:10352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13967 comm="syz.2.3676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7fd2e3b6efc9 code=0x7ffc0000
[  241.522913][   T29] audit: type=1326 audit(1761766574.904:10353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13967 comm="syz.2.3676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2e3b6efc9 code=0x7ffc0000
[  241.546677][   T29] audit: type=1326 audit(1761766574.914:10354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13967 comm="syz.2.3676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2e3b6efc9 code=0x7ffc0000
[  241.546829][T13978] syzkaller0: entered allmulticast mode
[  241.596297][T13963] syzkaller0: entered promiscuous mode
[  241.602091][ T7775] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  241.630583][T13963] syzkaller0 (unregistering): left allmulticast mode
[  241.637363][T13963] syzkaller0 (unregistering): left promiscuous mode
[  241.665404][T13990] loop5: detected capacity change from 0 to 512
[  241.672773][T13990] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  242.409281][T14029] veth2: entered promiscuous mode
[  242.414515][T14029] veth2: entered allmulticast mode
[  242.662804][  T114] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  242.697955][T14037] FAULT_INJECTION: forcing a failure.
[  242.697955][T14037] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  242.711186][T14037] CPU: 0 UID: 0 PID: 14037 Comm: syz.5.3702 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  242.711275][T14037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  242.711354][T14037] Call Trace:
[  242.711362][T14037]  <TASK>
[  242.711371][T14037]  __dump_stack+0x1d/0x30
[  242.711394][T14037]  dump_stack_lvl+0xe8/0x140
[  242.711463][T14037]  dump_stack+0x15/0x1b
[  242.711512][T14037]  should_fail_ex+0x265/0x280
[  242.711533][T14037]  should_fail+0xb/0x20
[  242.711555][T14037]  should_fail_usercopy+0x1a/0x20
[  242.711575][T14037]  _copy_from_user+0x1c/0xb0
[  242.711677][T14037]  kstrtouint_from_user+0x69/0xf0
[  242.711698][T14037]  ? 0xffffffff81000000
[  242.711712][T14037]  ? selinux_file_permission+0x1e4/0x320
[  242.711752][T14037]  proc_fail_nth_write+0x50/0x160
[  242.711839][T14037]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  242.711865][T14037]  vfs_write+0x269/0x960
[  242.711907][T14037]  ? vfs_read+0x4e6/0x770
[  242.711928][T14037]  ? __rcu_read_unlock+0x4f/0x70
[  242.711951][T14037]  ? __fget_files+0x184/0x1c0
[  242.712030][T14037]  ksys_write+0xda/0x1a0
[  242.712053][T14037]  __x64_sys_write+0x40/0x50
[  242.712081][T14037]  x64_sys_call+0x2802/0x3000
[  242.712120][T14037]  do_syscall_64+0xd2/0x200
[  242.712140][T14037]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  242.712168][T14037]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  242.712189][T14037] RIP: 0033:0x7f850d6ada7f
[  242.712204][T14037] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  242.712303][T14037] RSP: 002b:00007f850c10f030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  242.712323][T14037] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f850d6ada7f
[  242.712336][T14037] RDX: 0000000000000001 RSI: 00007f850c10f0a0 RDI: 0000000000000006
[  242.712349][T14037] RBP: 00007f850c10f090 R08: 0000000000000000 R09: 0000000000000000
[  242.712362][T14037] R10: ffffffffffffffff R11: 0000000000000293 R12: 0000000000000002
[  242.712375][T14037] R13: 00007f850d906038 R14: 00007f850d905fa0 R15: 00007ffd75cbdee8
[  242.712394][T14037]  </TASK>
[  242.779873][T14040] 9pnet_fd: Insufficient options for proto=fd
[  242.975071][T14040] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3703'.
[  243.431964][T14065] loop5: detected capacity change from 0 to 128
[  244.314403][ T3402] hid_parser_main: 33 callbacks suppressed
[  244.314431][ T3402] hid-generic 0000:0440:2000.0005: unknown main item tag 0x0
[  244.350789][ T3402] hid-generic 0000:0440:2000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  245.235741][T14135] FAULT_INJECTION: forcing a failure.
[  245.235741][T14135] name failslab, interval 1, probability 0, space 0, times 0
[  245.248415][T14135] CPU: 0 UID: 0 PID: 14135 Comm: syz.2.3739 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  245.248443][T14135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  245.248457][T14135] Call Trace:
[  245.248464][T14135]  <TASK>
[  245.248519][T14135]  __dump_stack+0x1d/0x30
[  245.248542][T14135]  dump_stack_lvl+0xe8/0x140
[  245.248637][T14135]  dump_stack+0x15/0x1b
[  245.248654][T14135]  should_fail_ex+0x265/0x280
[  245.248673][T14135]  ? flow_change+0x1bf/0xc80
[  245.248698][T14135]  should_failslab+0x8c/0xb0
[  245.248768][T14135]  __kmalloc_cache_noprof+0x4c/0x4a0
[  245.248924][T14135]  flow_change+0x1bf/0xc80
[  245.248953][T14135]  ? flow_init+0x31/0x80
[  245.248984][T14135]  ? __pfx_flow_change+0x10/0x10
[  245.249015][T14135]  tc_new_tfilter+0xde4/0x10a0
[  245.249031][T14135]  ? __rcu_read_unlock+0x4f/0x70
[  245.249059][T14135]  ? ns_capable+0x7d/0xb0
[  245.249078][T14135]  ? __pfx_tc_new_tfilter+0x10/0x10
[  245.249163][T14135]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  245.249191][T14135]  netlink_rcv_skb+0x123/0x220
[  245.249283][T14135]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  245.249312][T14135]  rtnetlink_rcv+0x1c/0x30
[  245.249332][T14135]  netlink_unicast+0x5c0/0x690
[  245.249358][T14135]  netlink_sendmsg+0x58b/0x6b0
[  245.249422][T14135]  ? __pfx_netlink_sendmsg+0x10/0x10
[  245.249470][T14135]  __sock_sendmsg+0x145/0x180
[  245.249494][T14135]  ____sys_sendmsg+0x31e/0x4e0
[  245.249525][T14135]  ___sys_sendmsg+0x17b/0x1d0
[  245.249679][T14135]  __x64_sys_sendmsg+0xd4/0x160
[  245.249706][T14135]  x64_sys_call+0x191e/0x3000
[  245.249726][T14135]  do_syscall_64+0xd2/0x200
[  245.249744][T14135]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  245.249766][T14135]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  245.249868][T14135]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.249892][T14135] RIP: 0033:0x7fd2e3b6efc9
[  245.249906][T14135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.249921][T14135] RSP: 002b:00007fd2e25d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  245.249939][T14135] RAX: ffffffffffffffda RBX: 00007fd2e3dc5fa0 RCX: 00007fd2e3b6efc9
[  245.249951][T14135] RDX: 0000000020040054 RSI: 00002000000000c0 RDI: 0000000000000005
[  245.249962][T14135] RBP: 00007fd2e25d7090 R08: 0000000000000000 R09: 0000000000000000
[  245.249993][T14135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  245.250054][T14135] R13: 00007fd2e3dc6038 R14: 00007fd2e3dc5fa0 R15: 00007ffefda8fc58
[  245.250074][T14135]  </TASK>
[  245.691528][T14155] netlink: 'syz.2.3745': attribute type 10 has an invalid length.
[  245.721238][T14155] team0 (unregistering): Port device team_slave_0 removed
[  245.779429][T14155] team0 (unregistering): Port device team_slave_1 removed
[  245.814483][T14158] SELinux: failed to load policy
[  246.333172][T14209] netlink: 'syz.3.3768': attribute type 10 has an invalid length.
[  247.258745][   T29] kauditd_printk_skb: 232 callbacks suppressed
[  247.258760][   T29] audit: type=1326 audit(1761766580.704:10587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14221 comm="syz.1.3773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff85dbbefc9 code=0x7ffc0000
[  247.288532][   T29] audit: type=1326 audit(1761766580.704:10588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14221 comm="syz.1.3773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff85dbbefc9 code=0x7ffc0000
[  247.312217][   T29] audit: type=1326 audit(1761766580.714:10589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14221 comm="syz.1.3773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7ff85dbbefc9 code=0x7ffc0000
[  247.335687][   T29] audit: type=1326 audit(1761766580.714:10590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14221 comm="syz.1.3773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff85dbbefc9 code=0x7ffc0000
[  247.359679][   T29] audit: type=1326 audit(1761766580.714:10591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14221 comm="syz.1.3773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff85dbbefc9 code=0x7ffc0000
[  247.462153][   T29] audit: type=1326 audit(1761766580.934:10592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14226 comm="syz.0.3776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71b5a8efc9 code=0x7ffc0000
[  247.486325][   T29] audit: type=1326 audit(1761766580.934:10593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14226 comm="syz.0.3776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71b5a8efc9 code=0x7ffc0000
[  247.509996][   T29] audit: type=1326 audit(1761766580.934:10594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14226 comm="syz.0.3776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f71b5a8efc9 code=0x7ffc0000
[  247.534158][   T29] audit: type=1326 audit(1761766580.934:10595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14226 comm="syz.0.3776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71b5a8efc9 code=0x7ffc0000
[  247.558743][   T29] audit: type=1326 audit(1761766580.934:10596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14226 comm="syz.0.3776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f71b5a8efc9 code=0x7ffc0000
[  247.651019][T14245] __nla_validate_parse: 13 callbacks suppressed
[  247.651034][T14245] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3780'.
[  247.675960][T14244] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  247.686384][T14244] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.713750][T14238] netlink: 'syz.2.3780': attribute type 21 has an invalid length.
[  247.724322][T14248] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  247.734161][T14248] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.764319][T14251] ������: renamed from vlan1 (while UP)
[  247.811251][T14244] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  247.822482][T14244] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.843284][T14248] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  247.853637][T14248] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.887860][T14244] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  247.898369][T14244] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.907001][T14264] loop5: detected capacity change from 0 to 512
[  247.920552][T14264] EXT4-fs error (device loop5): ext4_orphan_get:1418: comm syz.5.3788: bad orphan inode 11862016
[  247.931780][T14264] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  247.944515][T14264] ext4 filesystem being mounted at /343/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  247.957848][T14248] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  247.967703][T14248] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.988399][ T9191] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  248.007028][T14244] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  248.017350][T14244] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.035908][T14248] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  248.045806][T14248] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.082546][T14281] wg2: entered promiscuous mode
[  248.087531][T14281] wg2: entered allmulticast mode
[  248.102070][T14285] loop5: detected capacity change from 0 to 256
[  248.110139][T14285] FAT-fs (loop5): bogus number of FAT sectors
[  248.116194][T14285] FAT-fs (loop5): Can't find a valid FAT filesystem
[  248.138685][ T7771] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  248.146975][ T7771] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  248.159467][T14281] vhci_hcd: invalid port number 255
[  248.180307][ T7771] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  248.188541][ T7771] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  248.197999][ T7771] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  248.206412][ T7771] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  248.229036][ T7771] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  248.237419][ T7771] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  248.247013][ T7771] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  248.255627][ T7771] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  248.285762][ T7771] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  248.294295][ T7771] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  248.320926][ T7771] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  248.329583][ T7771] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  248.338099][ T7771] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  248.346894][ T7771] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  248.389057][T14302] netlink: 72 bytes leftover after parsing attributes in process `syz.2.3800'.
[  248.421551][T14297] infiniband syz!: set down
[  248.426172][T14297] infiniband syz!: added team_slave_0
[  248.450142][T14306] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  248.455980][T14297] RDS/IB: syz!: added
[  248.466114][T14297] smc: adding ib device syz! with port count 1
[  248.472505][T14297] smc:    ib device syz! port 1 has no pnetid
[  248.494591][T14314] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  248.542549][T14314] SELinux: failed to load policy
[  248.596835][   T12] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  248.605145][   T12] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  248.637789][   T12] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  248.646090][   T12] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  248.664484][   T12] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  248.672808][   T12] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  248.686718][   T12] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  248.695299][   T12] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  248.956245][T14337] SELinux: failed to load policy
[  249.088874][T14340] netlink: 72 bytes leftover after parsing attributes in process `syz.5.3812'.
[  249.176423][T14344] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3814'.
[  249.502053][T14361] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  249.511874][T14361] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  249.622011][T14361] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  249.631883][T14361] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  249.654092][T14371] loop5: detected capacity change from 0 to 512
[  249.757628][T14371] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3823: bg 0: block 248: padding at end of block bitmap is not set
[  249.774548][T14361] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  249.784629][T14361] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  249.831420][T14361] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  249.841368][T14361] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  249.854532][T14371] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.3823: Failed to acquire dquot type 1
[  249.879290][T14371] EXT4-fs (loop5): 1 truncate cleaned up
[  249.926626][T14371] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  249.953080][T14371] ext4 filesystem being mounted at /352/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  250.398428][ T9191] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.427000][T14379] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3824'.
[  250.458998][T14379] netlink: 'syz.5.3824': attribute type 21 has an invalid length.
[  250.481654][T14379] netlink: 'syz.5.3824': attribute type 1 has an invalid length.
[  250.489524][T14379] netlink: 144 bytes leftover after parsing attributes in process `syz.5.3824'.
[  250.581111][T14386] loop5: detected capacity change from 0 to 512
[  250.603264][T14386] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.3827: error while reading EA inode 32 err=-116
[  250.635788][T14386] EXT4-fs (loop5): Remounting filesystem read-only
[  250.648904][T14386] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  250.659134][T14386] EXT4-fs (loop5): 1 orphan inode deleted
[  250.665277][T14386] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  250.715329][T14396] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3831'.
[  250.726395][ T9191] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.799750][T14400] loop5: detected capacity change from 0 to 128
[  250.806652][T14400] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  250.829589][T14396] random: crng reseeded on system resumption
[  250.841358][T14396] Restarting kernel threads ...
[  250.847735][T14396] Done restarting kernel threads.
[  250.860491][T14400] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  250.883722][   T52] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  250.915858][T14415] netlink: 'syz.3.3836': attribute type 10 has an invalid length.
[  250.952066][T14416] loop5: detected capacity change from 0 to 128
[  250.961175][T14416] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  250.973677][T14416] ext4 filesystem being mounted at /356/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  251.091413][T14424] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3840'.
[  251.759676][ T9191] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  251.807929][T14442] loop5: detected capacity change from 0 to 512
[  251.815004][T14442] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  251.832426][T14442] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #2: block 9: comm syz.5.3846: lblock 0 mapped to illegal pblock 9 (length 1)
[  251.846860][T14442] EXT4-fs (loop5): mount failed
[  251.909816][T14444] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  251.916378][T14444] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  251.924615][T14444] vhci_hcd vhci_hcd.0: Device attached
[  251.945142][T14452] netdevsim netdevsim5 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  251.955085][T14452] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.011262][T14452] netdevsim netdevsim5 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  252.011296][T14452] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.040283][T14460] random: crng reseeded on system resumption
[  252.066125][T14463] netlink: 'syz.2.3850': attribute type 10 has an invalid length.
[  252.090399][T14452] netdevsim netdevsim5 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  252.100304][T14452] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.150898][T14452] netdevsim netdevsim5 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  252.150934][T14452] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.215064][   T52] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  252.215096][   T52] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  252.224033][ T3602] usb 8-1: SetAddress Request (2) to port 0
[  252.224058][ T3602] usb 8-1: new SuperSpeed USB device number 2 using vhci_hcd
[  252.227046][T14467] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3852'.
[  252.254742][   T12] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  252.254773][   T12] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  252.254825][   T12] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  252.254992][   T12] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  252.255032][   T12] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  252.255060][   T12] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  252.343930][   T12] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  252.343974][   T12] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  252.353219][   T12] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  252.363437][T14467] netlink: 'syz.2.3852': attribute type 21 has an invalid length.
[  252.369330][   T12] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  252.481355][   T12] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  252.481391][   T12] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  252.481437][   T12] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  252.481508][   T12] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  252.501024][T14448] vhci_hcd: connection reset by peer
[  252.586499][   T12] vhci_hcd: stop threads
[  252.586511][   T12] vhci_hcd: release socket
[  252.586693][   T12] vhci_hcd: disconnect device
[  252.611880][T14482] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3856'.
[  252.615962][   T29] kauditd_printk_skb: 161 callbacks suppressed
[  252.615974][   T29] audit: type=1326 audit(1761766586.074:10756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14480 comm="syz.5.3857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850d6aefc9 code=0x7ffc0000
[  252.616019][   T29] audit: type=1326 audit(1761766586.074:10757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14480 comm="syz.5.3857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850d6aefc9 code=0x7ffc0000
[  252.616041][   T29] audit: type=1326 audit(1761766586.084:10758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14480 comm="syz.5.3857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7f850d6aefc9 code=0x7ffc0000
[  252.616064][   T29] audit: type=1326 audit(1761766586.084:10759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14480 comm="syz.5.3857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850d6aefc9 code=0x7ffc0000
[  252.643035][T14486] loop5: detected capacity change from 0 to 512
[  252.643626][T14486] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  252.647265][T14486] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #2: block 9: comm syz.5.3858: lblock 0 mapped to illegal pblock 9 (length 1)
[  252.726184][T14482] __nla_validate_parse: 3 callbacks suppressed
[  252.726198][T14482] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3856'.
[  252.793585][T14482] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3856'.
[  252.824526][T14486] EXT4-fs (loop5): mount failed
[  252.881432][T14492] block device autoloading is deprecated and will be removed.
[  252.944544][T14492] loop0: detected capacity change from 0 to 512
[  252.950874][   T29] audit: type=1400 audit(1761766586.414:10760): avc:  denied  { read write } for  pid=14491 comm="syz.0.3860" name="loop0" dev="devtmpfs" ino=710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  252.974105][   T29] audit: type=1400 audit(1761766586.414:10761): avc:  denied  { open } for  pid=14491 comm="syz.0.3860" path="/dev/loop0" dev="devtmpfs" ino=710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  252.997620][   T29] audit: type=1400 audit(1761766586.414:10762): avc:  denied  { ioctl } for  pid=14491 comm="syz.0.3860" path="/dev/loop0" dev="devtmpfs" ino=710 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  253.022825][T14492] /dev/loop0: Can't open blockdev
[  253.120452][T14499] loop0: detected capacity change from 0 to 512
[  253.120700][T14499] EXT4-fs: Ignoring removed nobh option
[  253.158936][T14499] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #3: comm syz.0.3862: corrupted inode contents
[  253.174399][T14499] EXT4-fs error (device loop0): ext4_dirty_inode:6517: inode #3: comm syz.0.3862: mark_inode_dirty error
[  253.186192][T14499] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #3: comm syz.0.3862: corrupted inode contents
[  253.202824][   T29] audit: type=1326 audit(1761766586.674:10763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14502 comm="syz.3.3863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76bd5defc9 code=0x7ffc0000
[  253.203556][T14499] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.3862: mark_inode_dirty error
[  253.226486][   T29] audit: type=1326 audit(1761766586.674:10764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14502 comm="syz.3.3863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76bd5defc9 code=0x7ffc0000
[  253.226515][   T29] audit: type=1326 audit(1761766586.674:10765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14502 comm="syz.3.3863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76bd5defc9 code=0x7ffc0000
[  253.256059][T14499] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.3862: Failed to acquire dquot type 0
[  253.297384][T14499] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.3862: corrupted inode contents
[  253.338434][T14511] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3866'.
[  253.347741][T14499] EXT4-fs error (device loop0): ext4_dirty_inode:6517: inode #16: comm syz.0.3862: mark_inode_dirty error
[  253.367092][T14510] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3865'.
[  253.377182][T14510] netlink: 'syz.3.3865': attribute type 21 has an invalid length.
[  253.401289][T14499] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.3862: corrupted inode contents
[  253.421156][T14511] bond1: entered allmulticast mode
[  253.436842][T14511] 8021q: adding VLAN 0 to HW filter on device bond1
[  253.452206][T14515] vlan1: entered allmulticast mode
[  253.463473][T14511] netlink: 52 bytes leftover after parsing attributes in process `syz.5.3866'.
[  253.475104][T14499] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.3862: mark_inode_dirty error
[  253.539299][T14499] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.3862: corrupted inode contents
[  253.559103][T14499] EXT4-fs error (device loop0) in ext4_orphan_del:301: Corrupt filesystem
[  253.569063][T14499] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.3862: corrupted inode contents
[  253.588909][T14499] EXT4-fs error (device loop0): ext4_truncate:4637: inode #16: comm syz.0.3862: mark_inode_dirty error
[  253.589440][T14530] netlink: 'syz.1.3869': attribute type 10 has an invalid length.
[  253.610550][T14499] EXT4-fs error (device loop0) in ext4_process_orphan:343: Corrupt filesystem
[  253.610702][T14530] bond0: (slave dummy0): Releasing backup interface
[  253.629437][T14499] EXT4-fs (loop0): 1 truncate cleaned up
[  253.635514][T14499] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  253.649885][T14531] netlink: 'syz.1.3869': attribute type 10 has an invalid length.
[  253.658103][T14499] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  253.681457][T14531] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  253.986207][T14550] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3877'.
[  253.995983][T14550] netlink: 'syz.2.3877': attribute type 21 has an invalid length.
[  254.235172][T14562] loop5: detected capacity change from 0 to 256
[  254.251201][T14562] FAT-fs (loop5): bogus number of FAT sectors
[  254.257334][T14562] FAT-fs (loop5): Can't find a valid FAT filesystem
[  254.406613][T12141] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.480862][T14576] loop0: detected capacity change from 0 to 1024
[  254.487740][T14576] EXT4-fs: Ignoring removed orlov option
[  254.493591][T14576] EXT4-fs: Ignoring removed nomblk_io_submit option
[  254.531219][T14576] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.559741][T14576] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 23 with max blocks 1 with error 28
[  254.572797][T14576] EXT4-fs (loop0): This should not happen!! Data will be lost
[  254.572797][T14576] 
[  254.584037][T14576] EXT4-fs (loop0): Total free blocks count 0
[  254.590703][T14576] EXT4-fs (loop0): Free/Dirty block details
[  254.597074][T14576] EXT4-fs (loop0): free_blocks=0
[  254.602191][T14576] EXT4-fs (loop0): dirty_blocks=0
[  254.607456][T14576] EXT4-fs (loop0): Block reservation details
[  254.613589][T14576] EXT4-fs (loop0): i_reserved_data_blocks=0
[  254.639365][T12141] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.983027][T14604] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  254.993054][T14604] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.020254][T14606] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3897'.
[  255.070054][T14604] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  255.079968][T14604] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.151196][T14604] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  255.161021][T14604] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.221231][T14604] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  255.231113][T14604] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.296240][ T7771] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  255.304466][ T7771] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  255.316331][ T7771] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  255.324674][ T7771] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  255.351206][ T7771] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  255.359976][ T7771] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  255.377999][ T7771] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  255.386541][ T7771] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  255.697017][T14622] loop0: detected capacity change from 0 to 512
[  255.728479][T14622] EXT4-fs error (device loop0): ext4_orphan_get:1418: comm syz.0.3901: bad orphan inode 11862016
[  255.739892][T14622] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  255.752744][T14622] ext4 filesystem being mounted at /175/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  255.766441][T14622] EXT4-fs (loop0): shut down requested (1)
[  255.783199][T12141] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  256.291619][T14645] loop0: detected capacity change from 0 to 1024
[  256.330102][T14645] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  256.374991][T12141] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.046431][T14665] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  257.056292][T14665] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.111371][T14665] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  257.121365][T14665] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.190284][T14665] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  257.200082][T14665] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.251723][T14665] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  257.261591][T14665] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.309551][ T3602] usb 8-1: device descriptor read/8, error -110
[  257.326198][ T7771] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  257.334553][ T7771] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  257.359550][ T7771] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  257.367822][ T7771] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  257.379845][ T7771] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  257.388072][ T7771] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  257.396376][ T7771] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  257.404620][ T7771] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  257.418734][ T3602] usb 8-1: new SuperSpeed USB device number 2 using vhci_hcd
[  257.439480][ T3602] usb 8-1: enqueue for inactive port 0
[  257.451180][ T3602] usb 8-1: enqueue for inactive port 0
[  257.463255][ T3602] usb 8-1: enqueue for inactive port 0
[  257.485367][T14681] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3921'.
[  257.540340][T14683] loop0: detected capacity change from 0 to 128
[  257.711381][   T29] kauditd_printk_skb: 204 callbacks suppressed
[  257.711397][   T29] audit: type=1326 audit(1761766591.184:10968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14689 comm="syz.3.3925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76bd5defc9 code=0x7ffc0000
[  257.741731][   T29] audit: type=1326 audit(1761766591.184:10969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14689 comm="syz.3.3925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76bd5defc9 code=0x7ffc0000
[  257.765764][   T29] audit: type=1326 audit(1761766591.184:10970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14689 comm="syz.3.3925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76bd5defc9 code=0x7ffc0000
[  257.789488][   T29] audit: type=1326 audit(1761766591.184:10971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14689 comm="syz.3.3925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76bd5defc9 code=0x7ffc0000
[  257.813093][   T29] audit: type=1326 audit(1761766591.184:10972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14689 comm="syz.3.3925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=210 compat=0 ip=0x7f76bd5defc9 code=0x7ffc0000
[  257.836773][   T29] audit: type=1326 audit(1761766591.184:10973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14689 comm="syz.3.3925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76bd5defc9 code=0x7ffc0000
[  257.860314][   T29] audit: type=1326 audit(1761766591.184:10974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14689 comm="syz.3.3925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f76bd5defc9 code=0x7ffc0000
[  257.883952][   T29] audit: type=1326 audit(1761766591.184:10975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14689 comm="syz.3.3925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76bd5defc9 code=0x7ffc0000
[  257.907571][   T29] audit: type=1326 audit(1761766591.184:10976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14689 comm="syz.3.3925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76bd5defc9 code=0x7ffc0000
[  257.931232][   T29] audit: type=1326 audit(1761766591.184:10977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14689 comm="syz.3.3925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f76bd5defc9 code=0x7ffc0000
[  257.972233][T14695] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3927'.
[  257.981684][T14695] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3927'.
[  258.371668][T14700] loop0: detected capacity change from 0 to 512
[  258.381544][T14700] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.3929: error while reading EA inode 32 err=-116
[  258.394657][T14700] EXT4-fs (loop0): Remounting filesystem read-only
[  258.395273][T14702] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  258.401517][T14700] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  258.411535][T14702] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.421579][T14700] EXT4-fs (loop0): 1 orphan inode deleted
[  258.421870][T14700] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.465535][T12141] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.485909][T14706] loop0: detected capacity change from 0 to 1024
[  258.492886][T14706] EXT4-fs: Ignoring removed orlov option
[  258.494286][T14702] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  258.498803][T14706] EXT4-fs: Ignoring removed nomblk_io_submit option
[  258.515208][T14702] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.529246][T14706] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.552201][T14706] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 23 with max blocks 1 with error 28
[  258.564695][T14706] EXT4-fs (loop0): This should not happen!! Data will be lost
[  258.564695][T14706] 
[  258.574446][T14706] EXT4-fs (loop0): Total free blocks count 0
[  258.580447][T14706] EXT4-fs (loop0): Free/Dirty block details
[  258.586548][T14706] EXT4-fs (loop0): free_blocks=0
[  258.591540][T14706] EXT4-fs (loop0): dirty_blocks=0
[  258.596636][T14706] EXT4-fs (loop0): Block reservation details
[  258.602785][T14706] EXT4-fs (loop0): i_reserved_data_blocks=0
[  258.603800][ T3602] usb usb8-port1: attempt power cycle
[  258.620761][T14702] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  258.630563][T14702] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.652743][T12141] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.680494][T14702] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  258.690335][T14702] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.753843][T14727] xt_CT: You must specify a L4 protocol and not use inversions on it
[  258.876880][T14734] program syz.1.3941 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  260.519436][ T3602] usb usb8-port1: unable to enumerate USB device
[  260.688203][T14772] loop0: detected capacity change from 0 to 1024
[  260.694948][T14772] EXT4-fs: Ignoring removed orlov option
[  260.700613][T14772] EXT4-fs: Ignoring removed nomblk_io_submit option
[  260.724066][T14772] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  260.755158][T14772] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 23 with max blocks 1 with error 28
[  260.767850][T14772] EXT4-fs (loop0): This should not happen!! Data will be lost
[  260.767850][T14772] 
[  260.777498][T14772] EXT4-fs (loop0): Total free blocks count 0
[  260.783586][T14772] EXT4-fs (loop0): Free/Dirty block details
[  260.789490][T14772] EXT4-fs (loop0): free_blocks=0
[  260.794414][T14772] EXT4-fs (loop0): dirty_blocks=0
[  260.799469][T14772] EXT4-fs (loop0): Block reservation details
[  260.805494][T14772] EXT4-fs (loop0): i_reserved_data_blocks=0
[  260.830276][T12141] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.966793][T14786] FAULT_INJECTION: forcing a failure.
[  260.966793][T14786] name failslab, interval 1, probability 0, space 0, times 0
[  260.979464][T14786] CPU: 0 UID: 0 PID: 14786 Comm: syz.0.3961 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  260.979563][T14786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  260.979576][T14786] Call Trace:
[  260.979583][T14786]  <TASK>
[  260.979590][T14786]  __dump_stack+0x1d/0x30
[  260.979609][T14786]  dump_stack_lvl+0xe8/0x140
[  260.979667][T14786]  dump_stack+0x15/0x1b
[  260.979703][T14786]  should_fail_ex+0x265/0x280
[  260.979720][T14786]  should_failslab+0x8c/0xb0
[  260.979792][T14786]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  260.979883][T14786]  ? __alloc_skb+0x101/0x320
[  260.979906][T14786]  __alloc_skb+0x101/0x320
[  260.979929][T14786]  netlink_alloc_large_skb+0xbf/0xf0
[  260.979963][T14786]  netlink_sendmsg+0x3cf/0x6b0
[  260.980011][T14786]  ? __pfx_netlink_sendmsg+0x10/0x10
[  260.980027][T14786]  __sock_sendmsg+0x145/0x180
[  260.980049][T14786]  ____sys_sendmsg+0x31e/0x4e0
[  260.980119][T14786]  ___sys_sendmsg+0x17b/0x1d0
[  260.980156][T14786]  __x64_sys_sendmsg+0xd4/0x160
[  260.980213][T14786]  x64_sys_call+0x191e/0x3000
[  260.980231][T14786]  do_syscall_64+0xd2/0x200
[  260.980246][T14786]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  260.980341][T14786]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  260.980403][T14786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.980491][T14786] RIP: 0033:0x7f71b5a8efc9
[  260.980508][T14786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  260.980540][T14786] RSP: 002b:00007f71b44f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  260.980559][T14786] RAX: ffffffffffffffda RBX: 00007f71b5ce5fa0 RCX: 00007f71b5a8efc9
[  260.980572][T14786] RDX: 0000000020040844 RSI: 0000200000000340 RDI: 0000000000000003
[  260.980586][T14786] RBP: 00007f71b44f7090 R08: 0000000000000000 R09: 0000000000000000
[  260.980675][T14786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  260.980687][T14786] R13: 00007f71b5ce6038 R14: 00007f71b5ce5fa0 R15: 00007ffc3b71c078
[  260.980911][T14786]  </TASK>
[  261.324943][T14794] loop0: detected capacity change from 0 to 2048
[  261.348133][T14794] EXT4-fs: Ignoring removed bh option
[  261.388416][   T12] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  261.397140][   T12] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  261.407780][T14794] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.440535][T14702] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  261.450602][T14702] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.461366][T12141] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.501710][T14804] SELinux:  policydb version -2020545441 does not match my version range 15-35
[  261.514286][T14804] SELinux: failed to load policy
[  261.567069][T14811] loop0: detected capacity change from 0 to 512
[  261.581284][T14811] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.3970: error while reading EA inode 32 err=-116
[  261.594329][T14811] EXT4-fs (loop0): Remounting filesystem read-only
[  261.601173][T14811] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  261.611827][T14811] EXT4-fs (loop0): 1 orphan inode deleted
[  261.618160][T14811] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.659023][T12141] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.764254][T14821] netlink: 'syz.0.3973': attribute type 10 has an invalid length.
[  261.883300][T14823] FAULT_INJECTION: forcing a failure.
[  261.883300][T14823] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  261.896769][T14823] CPU: 0 UID: 0 PID: 14823 Comm: syz.0.3974 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  261.896805][T14823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  261.896817][T14823] Call Trace:
[  261.896827][T14823]  <TASK>
[  261.896835][T14823]  __dump_stack+0x1d/0x30
[  261.896858][T14823]  dump_stack_lvl+0xe8/0x140
[  261.896879][T14823]  dump_stack+0x15/0x1b
[  261.896943][T14823]  should_fail_ex+0x265/0x280
[  261.896967][T14823]  should_fail+0xb/0x20
[  261.896988][T14823]  should_fail_usercopy+0x1a/0x20
[  261.897008][T14823]  _copy_from_iter+0xd2/0xe80
[  261.897029][T14823]  ? __build_skb_around+0x1ab/0x200
[  261.897134][T14823]  ? __alloc_skb+0x223/0x320
[  261.897192][T14823]  netlink_sendmsg+0x471/0x6b0
[  261.897234][T14823]  ? __pfx_netlink_sendmsg+0x10/0x10
[  261.897249][T14823]  __sock_sendmsg+0x145/0x180
[  261.897268][T14823]  ____sys_sendmsg+0x31e/0x4e0
[  261.897398][T14823]  ___sys_sendmsg+0x17b/0x1d0
[  261.897459][T14823]  __x64_sys_sendmsg+0xd4/0x160
[  261.897550][T14823]  x64_sys_call+0x191e/0x3000
[  261.897567][T14823]  do_syscall_64+0xd2/0x200
[  261.897581][T14823]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  261.897603][T14823]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  261.897742][T14823]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.897793][T14823] RIP: 0033:0x7f71b5a8efc9
[  261.897806][T14823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.897821][T14823] RSP: 002b:00007f71b44f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  261.897837][T14823] RAX: ffffffffffffffda RBX: 00007f71b5ce5fa0 RCX: 00007f71b5a8efc9
[  261.897847][T14823] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000004
[  261.897882][T14823] RBP: 00007f71b44f7090 R08: 0000000000000000 R09: 0000000000000000
[  261.897892][T14823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.897908][T14823] R13: 00007f71b5ce6038 R14: 00007f71b5ce5fa0 R15: 00007ffc3b71c078
[  261.897922][T14823]  </TASK>
[  262.366949][T14838] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3981'.
[  262.423815][T14843] netlink: 'syz.1.3983': attribute type 1 has an invalid length.
[  262.522276][T14850] netlink: 'syz.1.3984': attribute type 10 has an invalid length.
[  262.730298][   T29] kauditd_printk_skb: 129 callbacks suppressed
[  262.730313][   T29] audit: type=1326 audit(1761766596.204:11107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14856 comm="syz.1.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff85dbbefc9 code=0x7ffc0000
[  262.762602][ T3431] usb usb8-port1: attempt power cycle
[  262.768736][   T29] audit: type=1326 audit(1761766596.204:11108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14856 comm="syz.1.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff85dbbefc9 code=0x7ffc0000
[  262.794362][   T29] audit: type=1326 audit(1761766596.204:11109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14856 comm="syz.1.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff85dbbefc9 code=0x7ffc0000
[  262.820701][   T29] audit: type=1326 audit(1761766596.204:11110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14856 comm="syz.1.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff85dbbefc9 code=0x7ffc0000
[  262.845670][   T29] audit: type=1326 audit(1761766596.204:11111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14856 comm="syz.1.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff85dbbefc9 code=0x7ffc0000
[  262.871239][   T29] audit: type=1326 audit(1761766596.204:11112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14856 comm="syz.1.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ff85dbbefc9 code=0x7ffc0000
[  262.896074][   T29] audit: type=1326 audit(1761766596.204:11113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14856 comm="syz.1.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff85dbbefc9 code=0x7ffc0000
[  262.920300][   T29] audit: type=1326 audit(1761766596.204:11114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14856 comm="syz.1.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff85dbbefc9 code=0x7ffc0000
[  262.944112][   T29] audit: type=1326 audit(1761766596.204:11115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14856 comm="syz.1.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff85dbbefc9 code=0x7ffc0000
[  262.968133][   T29] audit: type=1326 audit(1761766596.204:11116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14856 comm="syz.1.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff85dbbefc9 code=0x7ffc0000
[  263.075468][T14861] loop0: detected capacity change from 0 to 512
[  263.090151][T14861] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3988: bg 0: block 248: padding at end of block bitmap is not set
[  263.105049][T14861] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.3988: Failed to acquire dquot type 1
[  263.116994][T14861] EXT4-fs (loop0): 1 truncate cleaned up
[  263.123283][T14861] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.136018][T14861] ext4 filesystem being mounted at /207/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  263.150392][T14861] EXT4-fs error (device loop0): ext4_lookup:1791: inode #2: comm syz.0.3988: deleted inode referenced: 12
[  263.218951][T12141] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.251640][T14873] FAULT_INJECTION: forcing a failure.
[  263.251640][T14873] name failslab, interval 1, probability 0, space 0, times 0
[  263.264401][T14873] CPU: 0 UID: 0 PID: 14873 Comm: syz.0.3990 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  263.264430][T14873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  263.264444][T14873] Call Trace:
[  263.264451][T14873]  <TASK>
[  263.264475][T14873]  __dump_stack+0x1d/0x30
[  263.264499][T14873]  dump_stack_lvl+0xe8/0x140
[  263.264520][T14873]  dump_stack+0x15/0x1b
[  263.264551][T14873]  should_fail_ex+0x265/0x280
[  263.264616][T14873]  should_failslab+0x8c/0xb0
[  263.264644][T14873]  kmem_cache_alloc_noprof+0x50/0x480
[  263.264672][T14873]  ? getname_flags+0x80/0x3b0
[  263.264711][T14873]  getname_flags+0x80/0x3b0
[  263.264740][T14873]  do_sys_openat2+0x60/0x110
[  263.264761][T14873]  __x64_sys_open+0xe6/0x110
[  263.264782][T14873]  x64_sys_call+0x1457/0x3000
[  263.264861][T14873]  do_syscall_64+0xd2/0x200
[  263.264879][T14873]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  263.264905][T14873]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  263.264954][T14873]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.264976][T14873] RIP: 0033:0x7f71b5a8efc9
[  263.264993][T14873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.265031][T14873] RSP: 002b:00007f71b44f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  263.265052][T14873] RAX: ffffffffffffffda RBX: 00007f71b5ce5fa0 RCX: 00007f71b5a8efc9
[  263.265065][T14873] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000080
[  263.265145][T14873] RBP: 00007f71b44f7090 R08: 0000000000000000 R09: 0000000000000000
[  263.265158][T14873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  263.265171][T14873] R13: 00007f71b5ce6038 R14: 00007f71b5ce5fa0 R15: 00007ffc3b71c078
[  263.265191][T14873]  </TASK>
[  263.470130][T14875] loop0: detected capacity change from 0 to 128
[  263.799434][T14879] SELinux: failed to load policy
[  264.008551][T14887] netlink: 'syz.1.3995': attribute type 10 has an invalid length.
[  264.123046][T14889] SELinux: failed to load policy
[  264.988833][ T3431] usb usb8-port1: unable to enumerate USB device
[  265.098890][T14922] loop5: detected capacity change from 0 to 1024
[  265.105548][T14922] EXT4-fs: Ignoring removed orlov option
[  265.111426][T14922] EXT4-fs: Ignoring removed nomblk_io_submit option
[  265.120116][T14923] netlink: 'syz.0.4007': attribute type 10 has an invalid length.
[  265.140202][T14922] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.156679][T14922] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 23 with max blocks 1 with error 28
[  265.169175][T14922] EXT4-fs (loop5): This should not happen!! Data will be lost
[  265.169175][T14922] 
[  265.178877][T14922] EXT4-fs (loop5): Total free blocks count 0
[  265.184945][T14922] EXT4-fs (loop5): Free/Dirty block details
[  265.190946][T14922] EXT4-fs (loop5): free_blocks=0
[  265.195924][T14922] EXT4-fs (loop5): dirty_blocks=0
[  265.200967][T14922] EXT4-fs (loop5): Block reservation details
[  265.206960][T14922] EXT4-fs (loop5): i_reserved_data_blocks=0
[  265.321872][ T9191] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.356061][T14934] FAULT_INJECTION: forcing a failure.
[  265.356061][T14934] name failslab, interval 1, probability 0, space 0, times 0
[  265.368765][T14934] CPU: 0 UID: 0 PID: 14934 Comm: syz.5.4013 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  265.368793][T14934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  265.368804][T14934] Call Trace:
[  265.368810][T14934]  <TASK>
[  265.368817][T14934]  __dump_stack+0x1d/0x30
[  265.368886][T14934]  dump_stack_lvl+0xe8/0x140
[  265.368952][T14934]  dump_stack+0x15/0x1b
[  265.368970][T14934]  should_fail_ex+0x265/0x280
[  265.368989][T14934]  should_failslab+0x8c/0xb0
[  265.369016][T14934]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  265.369043][T14934]  ? __alloc_skb+0x101/0x320
[  265.369134][T14934]  __alloc_skb+0x101/0x320
[  265.369156][T14934]  ? audit_log_start+0x342/0x720
[  265.369201][T14934]  audit_log_start+0x3a0/0x720
[  265.369218][T14934]  ? kstrtouint+0x76/0xc0
[  265.369305][T14934]  audit_seccomp+0x48/0x100
[  265.369334][T14934]  ? __seccomp_filter+0x82d/0x1250
[  265.369421][T14934]  __seccomp_filter+0x83e/0x1250
[  265.369447][T14934]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  265.369514][T14934]  ? vfs_write+0x7e8/0x960
[  265.369604][T14934]  ? __rcu_read_unlock+0x4f/0x70
[  265.369625][T14934]  ? __fget_files+0x184/0x1c0
[  265.369716][T14934]  __secure_computing+0x82/0x150
[  265.369739][T14934]  syscall_trace_enter+0xcf/0x1e0
[  265.369765][T14934]  do_syscall_64+0xac/0x200
[  265.369801][T14934]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  265.369904][T14934]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  265.369928][T14934]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.369960][T14934] RIP: 0033:0x7f850d6aefc9
[  265.369976][T14934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  265.369994][T14934] RSP: 002b:00007f850c10f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  265.370013][T14934] RAX: ffffffffffffffda RBX: 00007f850d905fa0 RCX: 00007f850d6aefc9
[  265.370026][T14934] RDX: 0000200000000300 RSI: 0000200000000200 RDI: 0000200000000080
[  265.370039][T14934] RBP: 00007f850c10f090 R08: fffffffffffffffc R09: 0000000000000000
[  265.370051][T14934] R10: 0000000000000048 R11: 0000000000000246 R12: 0000000000000001
[  265.370076][T14934] R13: 00007f850d906038 R14: 00007f850d905fa0 R15: 00007ffd75cbdee8
[  265.370091][T14934]  </TASK>
[  265.602653][T14935] FAULT_INJECTION: forcing a failure.
[  265.602653][T14935] name failslab, interval 1, probability 0, space 0, times 0
[  265.615389][T14935] CPU: 1 UID: 0 PID: 14935 Comm: syz.0.4011 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  265.615484][T14935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  265.615497][T14935] Call Trace:
[  265.615504][T14935]  <TASK>
[  265.615511][T14935]  __dump_stack+0x1d/0x30
[  265.615531][T14935]  dump_stack_lvl+0xe8/0x140
[  265.615616][T14935]  dump_stack+0x15/0x1b
[  265.615642][T14935]  should_fail_ex+0x265/0x280
[  265.615660][T14935]  should_failslab+0x8c/0xb0
[  265.615682][T14935]  __kvmalloc_node_noprof+0x12e/0x670
[  265.615709][T14935]  ? io_alloc_cache_init+0x36/0xb0
[  265.615768][T14935]  io_alloc_cache_init+0x36/0xb0
[  265.615791][T14935]  io_rsrc_cache_init+0x26/0x50
[  265.615812][T14935]  io_ring_ctx_alloc+0x31c/0x670
[  265.615844][T14935]  io_uring_create+0x134/0x630
[  265.615868][T14935]  __se_sys_io_uring_setup+0x1f7/0x210
[  265.615979][T14935]  __x64_sys_io_uring_setup+0x31/0x40
[  265.616006][T14935]  x64_sys_call+0x2b25/0x3000
[  265.616041][T14935]  do_syscall_64+0xd2/0x200
[  265.616056][T14935]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  265.616081][T14935]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  265.616110][T14935]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.616171][T14935] RIP: 0033:0x7f71b5a8efc9
[  265.616187][T14935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  265.616202][T14935] RSP: 002b:00007f71b44b4fc8 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  265.616317][T14935] RAX: ffffffffffffffda RBX: 00007f71b5ce6180 RCX: 00007f71b5a8efc9
[  265.616330][T14935] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000111
[  265.616350][T14935] RBP: 0000200000000340 R08: 0000000000000000 R09: 0000000000000000
[  265.616363][T14935] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[  265.616376][T14935] R13: 0000000000000000 R14: 0000000000000111 R15: 0000000000000000
[  265.616435][T14935]  </TASK>
[  265.971035][T14943] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4017'.
[  266.128146][T14951] loop5: detected capacity change from 0 to 1024
[  266.140230][T14951] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.179357][ T9191] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.251005][T14960] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[  266.261157][T14962] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  266.277764][T14959] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4025'.
[  266.292564][T14959] netlink: 'syz.5.4025': attribute type 21 has an invalid length.
[  266.390973][T14971] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4028'.
[  266.400496][ T7771] tipc: Subscription rejected, illegal request
[  266.421990][T14973] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4029'.
[  266.516697][   T12] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  266.525023][   T12] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  266.543636][T14985] loop5: detected capacity change from 0 to 512
[  266.549986][  T114] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  266.559657][  T114] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  266.573686][  T114] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  266.573917][T14985] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.4035: error while reading EA inode 32 err=-116
[  266.581982][  T114] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  266.603064][  T114] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  266.611389][  T114] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  266.619979][T14985] EXT4-fs (loop5): Remounting filesystem read-only
[  266.626779][T14985] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  266.636967][T14985] EXT4-fs (loop5): 1 orphan inode deleted
[  266.643214][T14985] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  266.678930][ T9191] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.705457][T14990] loop5: detected capacity change from 0 to 2048
[  266.725999][T14990] EXT4-fs: Ignoring removed bh option
[  266.753527][T14990] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  266.791683][ T9191] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.821827][T15002] netlink: 72 bytes leftover after parsing attributes in process `syz.2.4042'.
[  266.846808][T15004] loop5: detected capacity change from 0 to 256
[  266.861228][T15004] FAT-fs (loop5): bogus number of FAT sectors
[  266.867352][T15004] FAT-fs (loop5): Can't find a valid FAT filesystem
[  266.890701][T15008] SELinux: failed to load policy
[  266.911203][T15010] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4045'.
[  266.959175][ T3602] usb usb8-port1: attempt power cycle
[  267.016533][T15020] FAULT_INJECTION: forcing a failure.
[  267.016533][T15020] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  267.029934][T15020] CPU: 0 UID: 0 PID: 15020 Comm: syz.2.4049 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  267.029960][T15020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  267.030000][T15020] Call Trace:
[  267.030007][T15020]  <TASK>
[  267.030020][T15020]  __dump_stack+0x1d/0x30
[  267.030040][T15020]  dump_stack_lvl+0xe8/0x140
[  267.030057][T15020]  dump_stack+0x15/0x1b
[  267.030152][T15020]  should_fail_ex+0x265/0x280
[  267.030171][T15020]  should_fail+0xb/0x20
[  267.030192][T15020]  should_fail_usercopy+0x1a/0x20
[  267.030209][T15020]  _copy_to_user+0x20/0xa0
[  267.030233][T15020]  simple_read_from_buffer+0xb5/0x130
[  267.030257][T15020]  proc_fail_nth_read+0x10e/0x150
[  267.030308][T15020]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  267.030412][T15020]  vfs_read+0x1a8/0x770
[  267.030435][T15020]  ? __rcu_read_unlock+0x4f/0x70
[  267.030460][T15020]  ? __fget_files+0x184/0x1c0
[  267.030551][T15020]  ksys_read+0xda/0x1a0
[  267.030572][T15020]  __x64_sys_read+0x40/0x50
[  267.030596][T15020]  x64_sys_call+0x27c0/0x3000
[  267.030618][T15020]  do_syscall_64+0xd2/0x200
[  267.030636][T15020]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  267.030764][T15020]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  267.030793][T15020]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.030813][T15020] RIP: 0033:0x7fd2e3b6d9dc
[  267.030830][T15020] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  267.030854][T15020] RSP: 002b:00007fd2e25d7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  267.030874][T15020] RAX: ffffffffffffffda RBX: 00007fd2e3dc5fa0 RCX: 00007fd2e3b6d9dc
[  267.030887][T15020] RDX: 000000000000000f RSI: 00007fd2e25d70a0 RDI: 0000000000000006
[  267.030897][T15020] RBP: 00007fd2e25d7090 R08: 0000000000000000 R09: 0000000000000000
[  267.030910][T15020] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  267.030923][T15020] R13: 00007fd2e3dc6038 R14: 00007fd2e3dc5fa0 R15: 00007ffefda8fc58
[  267.030970][T15020]  </TASK>
[  267.321471][T15026] loop5: detected capacity change from 0 to 128
[  267.334380][T15027] netlink: 'syz.2.4051': attribute type 10 has an invalid length.
[  267.352233][T15027] bond0: (slave dummy0): Releasing backup interface
[  267.379679][T15027] netlink: 'syz.2.4051': attribute type 10 has an invalid length.
[  267.396829][T15027] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  267.401626][T15029] SELinux: failed to load policy
[  267.485806][T15035] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4056'.
[  267.514223][T15037] loop5: detected capacity change from 0 to 256
[  267.521241][T15037] FAT-fs (loop5): bogus number of FAT sectors
[  267.527334][T15037] FAT-fs (loop5): Can't find a valid FAT filesystem
[  267.749902][T15048] loop5: detected capacity change from 0 to 8192
[  267.777392][   T29] kauditd_printk_skb: 365 callbacks suppressed
[  267.777458][   T29] audit: type=1400 audit(1761766601.244:11478): avc:  denied  { mount } for  pid=15047 comm="syz.5.4061" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  267.828703][T15052] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4063'.
[  267.867745][   T29] audit: type=1400 audit(1761766601.334:11479): avc:  denied  { ioctl } for  pid=15055 comm="syz.1.4065" path="socket:[53975]" dev="sockfs" ino=53975 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sock_file permissive=1
[  267.921794][T15062] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4068'.
[  267.965705][   T29] audit: type=1326 audit(1761766601.424:11480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15063 comm="syz.2.4069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2e3b6efc9 code=0x7ffc0000
[  267.989473][   T29] audit: type=1326 audit(1761766601.424:11481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15063 comm="syz.2.4069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7fd2e3b6efc9 code=0x7ffc0000
[  268.013279][   T29] audit: type=1326 audit(1761766601.424:11482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15063 comm="syz.2.4069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2e3b6efc9 code=0x7ffc0000
[  268.040764][T15069] netlink: 'syz.5.4070': attribute type 10 has an invalid length.
[  268.050545][T15069] $H�: (slave dummy0): Releasing backup interface
[  268.057642][T15069] dummy0: left promiscuous mode
[  268.063781][T15069] netlink: 'syz.5.4070': attribute type 10 has an invalid length.
[  268.076472][T15069] dummy0: entered promiscuous mode
[  268.082016][T15069] $H�: (slave dummy0): Enslaving as an active interface with an up link
[  268.139860][   T29] audit: type=1326 audit(1761766601.614:11483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15076 comm="syz.5.4075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850d6aefc9 code=0x7ffc0000
[  268.164147][   T29] audit: type=1326 audit(1761766601.614:11484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15076 comm="syz.5.4075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850d6aefc9 code=0x7ffc0000
[  268.187786][   T29] audit: type=1326 audit(1761766601.614:11485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15076 comm="syz.5.4075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f850d6aefc9 code=0x7ffc0000
[  268.211444][   T29] audit: type=1326 audit(1761766601.614:11486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15076 comm="syz.5.4075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850d6aefc9 code=0x7ffc0000
[  268.235091][   T29] audit: type=1326 audit(1761766601.614:11487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15076 comm="syz.5.4075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f850d6aefc9 code=0x7ffc0000
[  268.266071][T15084] netlink: 48 bytes leftover after parsing attributes in process `syz.5.4078'.
[  268.333957][T15084] FAULT_INJECTION: forcing a failure.
[  268.333957][T15084] name failslab, interval 1, probability 0, space 0, times 0
[  268.346840][T15084] CPU: 0 UID: 0 PID: 15084 Comm: syz.5.4078 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  268.346857][T15084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  268.346907][T15084] Call Trace:
[  268.346913][T15084]  <TASK>
[  268.346921][T15084]  __dump_stack+0x1d/0x30
[  268.346973][T15084]  dump_stack_lvl+0xe8/0x140
[  268.346985][T15084]  dump_stack+0x15/0x1b
[  268.346994][T15084]  should_fail_ex+0x265/0x280
[  268.347006][T15084]  should_failslab+0x8c/0xb0
[  268.347022][T15084]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  268.347091][T15084]  ? __alloc_skb+0x101/0x320
[  268.347126][T15084]  __alloc_skb+0x101/0x320
[  268.347139][T15084]  ? audit_log_start+0x342/0x720
[  268.347165][T15084]  audit_log_start+0x3a0/0x720
[  268.347185][T15084]  audit_seccomp+0x48/0x100
[  268.347202][T15084]  ? __seccomp_filter+0x82d/0x1250
[  268.347217][T15084]  __seccomp_filter+0x83e/0x1250
[  268.347276][T15084]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  268.347351][T15084]  ? vfs_write+0x7e8/0x960
[  268.347364][T15084]  ? __rcu_read_unlock+0x4f/0x70
[  268.347419][T15084]  ? __fget_files+0x184/0x1c0
[  268.347491][T15084]  __secure_computing+0x82/0x150
[  268.347505][T15084]  syscall_trace_enter+0xcf/0x1e0
[  268.347520][T15084]  do_syscall_64+0xac/0x200
[  268.347583][T15084]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  268.347597][T15084]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  268.347680][T15084]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.347691][T15084] RIP: 0033:0x7f850d6ad9dc
[  268.347702][T15084] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  268.347760][T15084] RSP: 002b:00007f850c10f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  268.347772][T15084] RAX: ffffffffffffffda RBX: 00007f850d905fa0 RCX: 00007f850d6ad9dc
[  268.347779][T15084] RDX: 000000000000000f RSI: 00007f850c10f0a0 RDI: 0000000000000008
[  268.347786][T15084] RBP: 00007f850c10f090 R08: 0000000000000000 R09: 0000000000000000
[  268.347793][T15084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  268.347800][T15084] R13: 00007f850d906038 R14: 00007f850d905fa0 R15: 00007ffd75cbdee8
[  268.347824][T15084]  </TASK>
[  268.576608][T15092] FAULT_INJECTION: forcing a failure.
[  268.576608][T15092] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  268.590021][T15092] CPU: 0 UID: 0 PID: 15092 Comm: syz.2.4080 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  268.590058][T15092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  268.590069][T15092] Call Trace:
[  268.590075][T15092]  <TASK>
[  268.590083][T15092]  __dump_stack+0x1d/0x30
[  268.590101][T15092]  dump_stack_lvl+0xe8/0x140
[  268.590160][T15092]  dump_stack+0x15/0x1b
[  268.590214][T15092]  should_fail_ex+0x265/0x280
[  268.590230][T15092]  should_fail+0xb/0x20
[  268.590247][T15092]  should_fail_usercopy+0x1a/0x20
[  268.590268][T15092]  _copy_from_user+0x1c/0xb0
[  268.590293][T15092]  __copy_msghdr+0x244/0x300
[  268.590436][T15092]  ___sys_sendmsg+0x109/0x1d0
[  268.590492][T15092]  __sys_sendmmsg+0x178/0x300
[  268.590517][T15092]  __x64_sys_sendmmsg+0x57/0x70
[  268.590533][T15092]  x64_sys_call+0x1c4a/0x3000
[  268.590552][T15092]  do_syscall_64+0xd2/0x200
[  268.590645][T15092]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  268.590668][T15092]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  268.590695][T15092]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.590756][T15092] RIP: 0033:0x7fd2e3b6efc9
[  268.590769][T15092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.590784][T15092] RSP: 002b:00007fd2e25d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  268.590802][T15092] RAX: ffffffffffffffda RBX: 00007fd2e3dc5fa0 RCX: 00007fd2e3b6efc9
[  268.590815][T15092] RDX: 0000000000000001 RSI: 00002000000025c0 RDI: 0000000000000003
[  268.590826][T15092] RBP: 00007fd2e25d7090 R08: 0000000000000000 R09: 0000000000000000
[  268.590861][T15092] R10: 0000000020080058 R11: 0000000000000246 R12: 0000000000000001
[  268.590874][T15092] R13: 00007fd2e3dc6038 R14: 00007fd2e3dc5fa0 R15: 00007ffefda8fc58
[  268.590951][T15092]  </TASK>
[  268.902777][T15120] netdevsim netdevsim5 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  268.912717][T15120] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.925488][T15121] netlink: 'syz.1.4086': attribute type 10 has an invalid length.
[  268.946988][T15121] bond0: (slave dummy0): Releasing backup interface
[  268.955390][T15121] netlink: 'syz.1.4086': attribute type 10 has an invalid length.
[  268.965174][T15121] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  268.984538][T15120] netdevsim netdevsim5 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  268.994446][T15120] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.004618][ T3602] usb usb8-port1: unable to enumerate USB device
[  269.073937][T15120] netdevsim netdevsim5 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  269.083775][T15120] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.123177][T15120] netdevsim netdevsim5 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  269.132963][T15120] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.251658][ T7771] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  269.259997][ T7771] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  269.275439][ T7771] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  269.283785][ T7771] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  269.446797][ T7771] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  269.455188][ T7771] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  269.477470][ T7771] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  269.486709][ T7771] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  269.557483][T15181] loop5: detected capacity change from 0 to 512
[  269.567368][T15181] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.4111: error while reading EA inode 32 err=-116
[  269.580147][T15181] EXT4-fs (loop5): Remounting filesystem read-only
[  269.586787][T15181] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  269.597255][T15181] EXT4-fs (loop5): 1 orphan inode deleted
[  269.603665][T15181] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  269.631386][ T9191] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.760639][T15197] netlink: 'syz.1.4117': attribute type 21 has an invalid length.
[  270.014568][T15227] netlink: 'syz.2.4129': attribute type 21 has an invalid length.
[  270.106461][T15225] pim6reg: entered allmulticast mode
[  270.112819][T15225] pim6reg: left allmulticast mode
[  270.131899][T15234] bond0: (slave dummy0): Releasing backup interface
[  270.157235][   T52] Bluetooth: hci0: Frame reassembly failed (-84)
[  270.744978][T15259] loop5: detected capacity change from 0 to 2048
[  270.752419][T15259] EXT4-fs: Ignoring removed bh option
[  270.802984][T15259] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  270.851320][ T9191] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.920216][T15266] FAULT_INJECTION: forcing a failure.
[  270.920216][T15266] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  270.933370][T15266] CPU: 0 UID: 0 PID: 15266 Comm: syz.5.4142 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  270.933393][T15266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  270.933431][T15266] Call Trace:
[  270.933439][T15266]  <TASK>
[  270.933487][T15266]  __dump_stack+0x1d/0x30
[  270.933509][T15266]  dump_stack_lvl+0xe8/0x140
[  270.933529][T15266]  dump_stack+0x15/0x1b
[  270.933569][T15266]  should_fail_ex+0x265/0x280
[  270.933588][T15266]  should_fail+0xb/0x20
[  270.933603][T15266]  should_fail_usercopy+0x1a/0x20
[  270.933622][T15266]  _copy_from_iter+0xd2/0xe80
[  270.933710][T15266]  ? __build_skb_around+0x1ab/0x200
[  270.933737][T15266]  ? __alloc_skb+0x223/0x320
[  270.933764][T15266]  netlink_sendmsg+0x471/0x6b0
[  270.933884][T15266]  ? __pfx_netlink_sendmsg+0x10/0x10
[  270.933902][T15266]  __sock_sendmsg+0x145/0x180
[  270.933925][T15266]  ____sys_sendmsg+0x31e/0x4e0
[  270.933956][T15266]  ___sys_sendmsg+0x17b/0x1d0
[  270.934011][T15266]  __x64_sys_sendmsg+0xd4/0x160
[  270.934050][T15266]  x64_sys_call+0x191e/0x3000
[  270.934071][T15266]  do_syscall_64+0xd2/0x200
[  270.934088][T15266]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  270.934190][T15266]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  270.934217][T15266]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.934264][T15266] RIP: 0033:0x7f850d6aefc9
[  270.934280][T15266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  270.934297][T15266] RSP: 002b:00007f850c10f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  270.934315][T15266] RAX: ffffffffffffffda RBX: 00007f850d905fa0 RCX: 00007f850d6aefc9
[  270.934352][T15266] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000004
[  270.934364][T15266] RBP: 00007f850c10f090 R08: 0000000000000000 R09: 0000000000000000
[  270.934376][T15266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  270.934388][T15266] R13: 00007f850d906038 R14: 00007f850d905fa0 R15: 00007ffd75cbdee8
[  270.934404][T15266]  </TASK>
[  271.169074][ T3602] usb usb8-port1: attempt power cycle
[  271.256960][T15274] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  271.286062][T15270] dummy0: entered allmulticast mode
[  271.462479][T15291] __nla_validate_parse: 13 callbacks suppressed
[  271.462495][T15291] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4151'.
[  271.613057][T15295] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4152'.
[  271.640003][T15297] xt_CT: You must specify a L4 protocol and not use inversions on it
[  271.662586][T15297] hub 9-0:1.0: USB hub found
[  271.667262][T15297] hub 9-0:1.0: 8 ports detected
[  272.188734][ T3929] Bluetooth: hci0: command 0x1003 tx timeout
[  272.194845][ T3515] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  272.224275][T15322] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4163'.
[  272.331003][T15333] netlink: 'syz.2.4168': attribute type 1 has an invalid length.
[  272.415448][T15334] Q�6��\b��Y�4��: renamed from lo (while UP)
[  272.741411][T15336] FAULT_INJECTION: forcing a failure.
[  272.741411][T15336] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  272.754820][T15336] CPU: 0 UID: 0 PID: 15336 Comm: syz.0.4169 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  272.754873][T15336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  272.754886][T15336] Call Trace:
[  272.754894][T15336]  <TASK>
[  272.754903][T15336]  __dump_stack+0x1d/0x30
[  272.754924][T15336]  dump_stack_lvl+0xe8/0x140
[  272.754992][T15336]  dump_stack+0x15/0x1b
[  272.755007][T15336]  should_fail_ex+0x265/0x280
[  272.755026][T15336]  should_fail_alloc_page+0xf2/0x100
[  272.755050][T15336]  __alloc_frozen_pages_noprof+0xff/0x360
[  272.755146][T15336]  alloc_pages_mpol+0xb3/0x260
[  272.755171][T15336]  alloc_frozen_pages_noprof+0x90/0x110
[  272.755191][T15336]  ___kmalloc_large_node+0x52/0x100
[  272.755243][T15336]  __kmalloc_large_node_noprof+0x16/0xa0
[  272.755307][T15336]  __kmalloc_noprof+0x348/0x570
[  272.755334][T15336]  ? iovec_from_user+0x84/0x210
[  272.755358][T15336]  iovec_from_user+0x84/0x210
[  272.755439][T15336]  __import_iovec+0xf3/0x540
[  272.755464][T15336]  ? __kmalloc_noprof+0x2a2/0x570
[  272.755486][T15336]  ? io_cache_alloc_new+0x2a/0xb0
[  272.755556][T15336]  io_import_rw_buffer+0x245/0x380
[  272.755579][T15336]  io_prep_rwv+0xae/0x250
[  272.755606][T15336]  io_prep_writev+0x22/0x30
[  272.755707][T15336]  io_submit_sqes+0x5ef/0x1060
[  272.755741][T15336]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  272.755821][T15336]  ? 0xffffffff81000000
[  272.755833][T15336]  ? __rcu_read_unlock+0x4f/0x70
[  272.755861][T15336]  ? get_pid_task+0x96/0xd0
[  272.755890][T15336]  ? proc_fail_nth_write+0x13b/0x160
[  272.755915][T15336]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  272.755948][T15336]  ? vfs_write+0x7e8/0x960
[  272.756007][T15336]  ? __rcu_read_unlock+0x4f/0x70
[  272.756027][T15336]  ? __fget_files+0x184/0x1c0
[  272.756049][T15336]  ? fput+0x8f/0xc0
[  272.756065][T15336]  __x64_sys_io_uring_enter+0x78/0x90
[  272.756149][T15336]  x64_sys_call+0x2df0/0x3000
[  272.756172][T15336]  do_syscall_64+0xd2/0x200
[  272.756188][T15336]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  272.756368][T15336]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  272.756392][T15336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.756410][T15336] RIP: 0033:0x7f71b5a8efc9
[  272.756424][T15336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  272.756469][T15336] RSP: 002b:00007f71b44f7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  272.756486][T15336] RAX: ffffffffffffffda RBX: 00007f71b5ce5fa0 RCX: 00007f71b5a8efc9
[  272.756498][T15336] RDX: 000000000000d480 RSI: 00000000000029ab RDI: 0000000000000005
[  272.756511][T15336] RBP: 00007f71b44f7090 R08: 0000000000000000 R09: 0000000000000000
[  272.756596][T15336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  272.756647][T15336] R13: 00007f71b5ce6038 R14: 00007f71b5ce5fa0 R15: 00007ffc3b71c078
[  272.756702][T15336]  </TASK>
[  273.038001][   T29] kauditd_printk_skb: 913 callbacks suppressed
[  273.038015][   T29] audit: type=1326 audit(1761766606.504:12399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15332 comm="syz.2.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd2e3ba1885 code=0x7ffc0000
[  273.067829][   T29] audit: type=1326 audit(1761766606.504:12400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15332 comm="syz.2.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd2e3ba1885 code=0x7ffc0000
[  273.091465][   T29] audit: type=1326 audit(1761766606.504:12401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15332 comm="syz.2.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd2e3ba1885 code=0x7ffc0000
[  273.115531][   T29] audit: type=1326 audit(1761766606.504:12402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15332 comm="syz.2.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd2e3ba1885 code=0x7ffc0000
[  273.139260][   T29] audit: type=1326 audit(1761766606.504:12403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15332 comm="syz.2.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd2e3ba1885 code=0x7ffc0000
[  273.162935][   T29] audit: type=1326 audit(1761766606.504:12404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15332 comm="syz.2.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd2e3ba1885 code=0x7ffc0000
[  273.186516][   T29] audit: type=1326 audit(1761766606.524:12405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15332 comm="syz.2.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd2e3ba1885 code=0x7ffc0000
[  273.210090][   T29] audit: type=1326 audit(1761766606.524:12406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15332 comm="syz.2.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd2e3ba1885 code=0x7ffc0000
[  273.233789][   T29] audit: type=1326 audit(1761766606.524:12407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15332 comm="syz.2.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd2e3ba1885 code=0x7ffc0000
[  273.257400][   T29] audit: type=1326 audit(1761766606.524:12408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15332 comm="syz.2.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd2e3ba1885 code=0x7ffc0000
[  273.396141][T15346] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4174'.
[  273.444901][T15350] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4176'.
[  273.488991][ T3602] usb usb8-port1: unable to enumerate USB device
[  273.495607][T15161] vhci_hcd: invalid port number 255
[  273.519520][T15353] FAULT_INJECTION: forcing a failure.
[  273.519520][T15353] name failslab, interval 1, probability 0, space 0, times 0
[  273.532287][T15353] CPU: 0 UID: 0 PID: 15353 Comm: syz.2.4177 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  273.532342][T15353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  273.532355][T15353] Call Trace:
[  273.532363][T15353]  <TASK>
[  273.532372][T15353]  __dump_stack+0x1d/0x30
[  273.532395][T15353]  dump_stack_lvl+0xe8/0x140
[  273.532415][T15353]  dump_stack+0x15/0x1b
[  273.532491][T15353]  should_fail_ex+0x265/0x280
[  273.532512][T15353]  should_failslab+0x8c/0xb0
[  273.532596][T15353]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[  273.532628][T15353]  ? sidtab_sid2str_get+0xa0/0x130
[  273.532678][T15353]  kmemdup_noprof+0x2b/0x70
[  273.532699][T15353]  sidtab_sid2str_get+0xa0/0x130
[  273.532726][T15353]  security_sid_to_context_core+0x1eb/0x2e0
[  273.532848][T15353]  security_sid_to_context+0x27/0x40
[  273.532878][T15353]  selinux_lsmprop_to_secctx+0x67/0xf0
[  273.532907][T15353]  security_lsmprop_to_secctx+0x1a3/0x1c0
[  273.532995][T15353]  audit_log_subj_ctx+0xa4/0x3e0
[  273.533016][T15353]  ? skb_put+0xa9/0xf0
[  273.533093][T15353]  audit_log_task_context+0x48/0x70
[  273.533116][T15353]  audit_log_task+0xf4/0x250
[  273.533163][T15353]  audit_seccomp+0x61/0x100
[  273.533217][T15353]  ? __seccomp_filter+0x82d/0x1250
[  273.533243][T15353]  __seccomp_filter+0x83e/0x1250
[  273.533341][T15353]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  273.533405][T15353]  ? vfs_write+0x7e8/0x960
[  273.533424][T15353]  ? __rcu_read_unlock+0x4f/0x70
[  273.533446][T15353]  ? __fget_files+0x184/0x1c0
[  273.533497][T15353]  __secure_computing+0x82/0x150
[  273.533521][T15353]  syscall_trace_enter+0xcf/0x1e0
[  273.533543][T15353]  do_syscall_64+0xac/0x200
[  273.533627][T15353]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  273.533653][T15353]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  273.533682][T15353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.533750][T15353] RIP: 0033:0x7fd2e3b6d9dc
[  273.533763][T15353] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  273.533779][T15353] RSP: 002b:00007fd2e25d7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  273.533800][T15353] RAX: ffffffffffffffda RBX: 00007fd2e3dc5fa0 RCX: 00007fd2e3b6d9dc
[  273.533813][T15353] RDX: 000000000000000f RSI: 00007fd2e25d70a0 RDI: 0000000000000005
[  273.533826][T15353] RBP: 00007fd2e25d7090 R08: 0000000000000000 R09: 0000000000000000
[  273.533904][T15353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  273.533922][T15353] R13: 00007fd2e3dc6038 R14: 00007fd2e3dc5fa0 R15: 00007ffefda8fc58
[  273.533942][T15353]  </TASK>
[  273.937494][T15360] can0: slcan on ttyS3.
[  273.949273][T15361] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4180'.
[  273.999171][T15360] can0 (unregistered): slcan off ttyS3.
[  274.097717][T15360] netlink: 68 bytes leftover after parsing attributes in process `syz.3.4179'.
[  274.348527][T15385] xt_hashlimit: max too large, truncated to 1048576
[  274.559062][T15405] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  274.568872][T15405] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.579245][T15410] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4196'.
[  274.630953][T15403] netlink: 'syz.3.4196': attribute type 21 has an invalid length.
[  274.926534][T15405] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  274.936536][T15405] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.956293][T15417] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4198'.
[  275.009392][T15417] netlink: 'syz.5.4198': attribute type 21 has an invalid length.
[  275.030212][T15405] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  275.040146][T15405] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  275.100682][T15431] FAULT_INJECTION: forcing a failure.
[  275.100682][T15431] name failslab, interval 1, probability 0, space 0, times 0
[  275.113407][T15431] CPU: 0 UID: 0 PID: 15431 Comm: syz.3.4204 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  275.113451][T15431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  275.113462][T15431] Call Trace:
[  275.113468][T15431]  <TASK>
[  275.113515][T15431]  __dump_stack+0x1d/0x30
[  275.113548][T15431]  dump_stack_lvl+0xe8/0x140
[  275.113566][T15431]  dump_stack+0x15/0x1b
[  275.113584][T15431]  should_fail_ex+0x265/0x280
[  275.113605][T15431]  ? v9fs_mount+0x51/0x5c0
[  275.113690][T15431]  should_failslab+0x8c/0xb0
[  275.113715][T15431]  __kmalloc_cache_noprof+0x4c/0x4a0
[  275.113834][T15431]  v9fs_mount+0x51/0x5c0
[  275.113850][T15431]  ? selinux_capable+0x31/0x40
[  275.113913][T15431]  ? __pfx_v9fs_mount+0x10/0x10
[  275.113934][T15431]  legacy_get_tree+0x78/0xd0
[  275.113959][T15431]  vfs_get_tree+0x57/0x1d0
[  275.113980][T15431]  do_new_mount+0x24d/0x660
[  275.114030][T15431]  ? security_capable+0x83/0x90
[  275.114060][T15431]  path_mount+0x4a5/0xb70
[  275.114091][T15431]  ? user_path_at+0x109/0x130
[  275.114149][T15431]  __se_sys_mount+0x28c/0x2e0
[  275.114176][T15431]  ? fput+0x8f/0xc0
[  275.114196][T15431]  __x64_sys_mount+0x67/0x80
[  275.114260][T15431]  x64_sys_call+0x2b51/0x3000
[  275.114280][T15431]  do_syscall_64+0xd2/0x200
[  275.114295][T15431]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  275.114367][T15431]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  275.114465][T15431]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.114488][T15431] RIP: 0033:0x7f76bd5defc9
[  275.114501][T15431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  275.114516][T15431] RSP: 002b:00007f76bc047038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  275.114609][T15431] RAX: ffffffffffffffda RBX: 00007f76bd835fa0 RCX: 00007f76bd5defc9
[  275.114624][T15431] RDX: 00002000000006c0 RSI: 0000200000000680 RDI: 0000000000000000
[  275.114635][T15431] RBP: 00007f76bc047090 R08: 0000200000000380 R09: 0000000000000000
[  275.114646][T15431] R10: 0000000000008010 R11: 0000000000000246 R12: 0000000000000001
[  275.114658][T15431] R13: 00007f76bd836038 R14: 00007f76bd835fa0 R15: 00007ffdebbc7138
[  275.114688][T15431]  </TASK>
[  275.377158][T15405] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  275.386998][T15405] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  275.452679][T15438] loop5: detected capacity change from 0 to 512
[  275.459498][T15438] EXT4-fs: Ignoring removed oldalloc option
[  275.467218][T15438] EXT4-fs (loop5): 1 truncate cleaned up
[  275.474269][T15438] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  275.544900][T15444] FAULT_INJECTION: forcing a failure.
[  275.544900][T15444] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  275.558264][T15444] CPU: 1 UID: 0 PID: 15444 Comm: syz.0.4207 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  275.558296][T15444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  275.558309][T15444] Call Trace:
[  275.558316][T15444]  <TASK>
[  275.558324][T15444]  __dump_stack+0x1d/0x30
[  275.558427][T15444]  dump_stack_lvl+0xe8/0x140
[  275.558521][T15444]  dump_stack+0x15/0x1b
[  275.558535][T15444]  should_fail_ex+0x265/0x280
[  275.558610][T15444]  should_fail_alloc_page+0xf2/0x100
[  275.558640][T15444]  __alloc_frozen_pages_noprof+0xff/0x360
[  275.558745][T15444]  alloc_pages_mpol+0xb3/0x260
[  275.558834][T15444]  alloc_pages_noprof+0x90/0x130
[  275.558851][T15444]  pte_alloc_one+0x1e/0xd0
[  275.558870][T15444]  __pte_alloc+0x32/0x290
[  275.558900][T15444]  handle_mm_fault+0x1c18/0x2be0
[  275.558993][T15444]  ? check_vma_flags+0x26e/0x340
[  275.559019][T15444]  __get_user_pages+0x102a/0x1ed0
[  275.559124][T15444]  get_user_pages_remote+0x1d5/0x6c0
[  275.559146][T15444]  __access_remote_vm+0x15c/0x590
[  275.559229][T15444]  access_remote_vm+0x32/0x40
[  275.559247][T15444]  environ_read+0x1d3/0x320
[  275.559268][T15444]  ? __pfx_environ_read+0x10/0x10
[  275.559288][T15444]  vfs_readv+0x3fb/0x690
[  275.559361][T15444]  __x64_sys_preadv+0xfd/0x1c0
[  275.559417][T15444]  x64_sys_call+0x282e/0x3000
[  275.559504][T15444]  do_syscall_64+0xd2/0x200
[  275.559519][T15444]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  275.559539][T15444]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  275.559630][T15444]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.559647][T15444] RIP: 0033:0x7f71b5a8efc9
[  275.559660][T15444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  275.559724][T15444] RSP: 002b:00007f71b44b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  275.559739][T15444] RAX: ffffffffffffffda RBX: 00007f71b5ce6180 RCX: 00007f71b5a8efc9
[  275.559749][T15444] RDX: 0000000000000001 RSI: 0000200000001400 RDI: 0000000000000007
[  275.559766][T15444] RBP: 00007f71b44b5090 R08: 0000000000000000 R09: 0000000000000000
[  275.559857][T15444] R10: 0000000000c002a0 R11: 0000000000000246 R12: 0000000000000001
[  275.559867][T15444] R13: 00007f71b5ce6218 R14: 00007f71b5ce6180 R15: 00007ffc3b71c078
[  275.559882][T15444]  </TASK>
[  275.846241][ T7771] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  275.854874][ T7771] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  275.911290][T15405] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  275.921134][T15405] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.053130][T15450] netlink: 72 bytes leftover after parsing attributes in process `syz.1.4209'.
[  276.120064][ T9191] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.137760][T15452] SELinux: failed to load policy
[  276.164666][T15454] loop5: detected capacity change from 0 to 512
[  276.203553][T15454] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  276.217135][T15454] ext4 filesystem being mounted at /430/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  276.247196][T15454] EXT4-fs error (device loop5): ext4_lookup:1787: inode #12: comm syz.5.4210: iget: bad i_size value: 2533274857506816
[  276.349128][T15467] netlink: 'syz.0.4215': attribute type 10 has an invalid length.
[  276.566781][ T9191] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.580621][T15474] loop0: detected capacity change from 0 to 128
[  276.611294][T15476] loop5: detected capacity change from 0 to 1024
[  276.639232][T15476] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  276.683506][ T9191] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.757865][T15484] netlink: 72 bytes leftover after parsing attributes in process `syz.5.4221'.
[  276.804524][T15488] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4223'.
[  276.907429][T15494] loop5: detected capacity change from 0 to 512
[  276.916962][T15494] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.4225: error while reading EA inode 32 err=-116
[  276.929457][T15494] EXT4-fs (loop5): Remounting filesystem read-only
[  276.935951][T15494] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  276.946725][T15494] EXT4-fs (loop5): 1 orphan inode deleted
[  276.952929][T15494] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  276.992589][ T9191] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.173872][T15502] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4228'.
[  277.602426][T15512] netlink: 72 bytes leftover after parsing attributes in process `syz.0.4232'.
[  277.701481][T15518] netlink: 'syz.3.4233': attribute type 10 has an invalid length.
[  277.770104][T15518] netlink: 'syz.3.4233': attribute type 10 has an invalid length.
[  277.787077][T15518] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  277.796468][T15523] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4234'.
[  277.806318][T15520] netlink: 'syz.0.4234': attribute type 21 has an invalid length.
[  278.675839][T15558] netlink: 72 bytes leftover after parsing attributes in process `syz.1.4244'.
[  278.688160][   T29] kauditd_printk_skb: 307 callbacks suppressed
[  278.688174][   T29] audit: type=1400 audit(1761766612.164:12715): avc:  denied  { bind } for  pid=15544 comm="syz.3.4241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  278.995101][   T29] audit: type=1326 audit(1761766612.464:12716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15568 comm="syz.5.4249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850d6aefc9 code=0x7ffc0000
[  279.018959][   T29] audit: type=1326 audit(1761766612.464:12717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15568 comm="syz.5.4249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850d6aefc9 code=0x7ffc0000
[  279.042574][   T29] audit: type=1326 audit(1761766612.464:12718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15568 comm="syz.5.4249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7f850d6aefc9 code=0x7ffc0000
[  279.066189][   T29] audit: type=1326 audit(1761766612.464:12719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15568 comm="syz.5.4249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850d6aefc9 code=0x7ffc0000
[  279.089779][   T29] audit: type=1326 audit(1761766612.464:12720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15568 comm="syz.5.4249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850d6aefc9 code=0x7ffc0000
[  279.123810][   T29] audit: type=1400 audit(1761766612.594:12721): avc:  denied  { read } for  pid=15569 comm="syz.0.4248" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  279.149285][   T29] audit: type=1400 audit(1761766612.594:12722): avc:  denied  { open } for  pid=15569 comm="syz.0.4248" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  279.174348][   T29] audit: type=1400 audit(1761766612.594:12723): avc:  denied  { ioctl } for  pid=15569 comm="syz.0.4248" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  279.201105][   T29] audit: type=1400 audit(1761766612.594:12724): avc:  denied  { write } for  pid=15569 comm="syz.0.4248" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  279.256863][T15576] ==================================================================
[  279.265065][T15576] BUG: KCSAN: data-race in selinux_inode_permission / selinux_inode_permission
[  279.274009][T15576] 
[  279.276334][T15576] read to 0xffff88811fe84420 of 4 bytes by task 15577 on cpu 0:
[  279.283954][T15576]  selinux_inode_permission+0x334/0x740
[  279.289508][T15576]  security_inode_permission+0x6d/0xb0
[  279.294971][T15576]  inode_permission+0x106/0x310
[  279.299842][T15576]  link_path_walk+0x162/0x900
[  279.304529][T15576]  path_openat+0x1de/0x2170
[  279.309027][T15576]  do_filp_open+0x109/0x230
[  279.313893][T15576]  io_openat2+0x272/0x390
[  279.318333][T15576]  io_openat+0x1b/0x30
[  279.322399][T15576]  __io_issue_sqe+0xfe/0x2e0
[  279.327007][T15576]  io_issue_sqe+0x56/0xa80
[  279.331547][T15576]  io_wq_submit_work+0x3f7/0x5f0
[  279.336592][T15576]  io_worker_handle_work+0x44e/0x9b0
[  279.341911][T15576]  io_wq_worker+0x22e/0x860
[  279.346432][T15576]  ret_from_fork+0x122/0x1b0
[  279.351126][T15576]  ret_from_fork_asm+0x1a/0x30
[  279.356078][T15576] 
[  279.358494][T15576] write to 0xffff88811fe84420 of 4 bytes by task 15576 on cpu 1:
[  279.366287][T15576]  selinux_inode_permission+0x3ac/0x740
[  279.371842][T15576]  security_inode_permission+0x6d/0xb0
[  279.377306][T15576]  inode_permission+0x106/0x310
[  279.382160][T15576]  link_path_walk+0x162/0x900
[  279.386924][T15576]  path_openat+0x1de/0x2170
[  279.391416][T15576]  do_filp_open+0x109/0x230
[  279.395966][T15576]  io_openat2+0x272/0x390
[  279.400295][T15576]  io_openat+0x1b/0x30
[  279.404360][T15576]  __io_issue_sqe+0xfe/0x2e0
[  279.408942][T15576]  io_issue_sqe+0x56/0xa80
[  279.413351][T15576]  io_submit_sqes+0x675/0x1060
[  279.418114][T15576]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  279.424106][T15576]  __x64_sys_io_uring_enter+0x78/0x90
[  279.429489][T15576]  x64_sys_call+0x2df0/0x3000
[  279.434169][T15576]  do_syscall_64+0xd2/0x200
[  279.438708][T15576]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.444591][T15576] 
[  279.446896][T15576] value changed: 0x00000000 -> 0x00000001
[  279.453033][T15576] 
[  279.455337][T15576] Reported by Kernel Concurrency Sanitizer on:
[  279.461556][T15576] CPU: 1 UID: 0 PID: 15576 Comm: syz.0.4248 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  279.471348][T15576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  279.481390][T15576] ==================================================================
[  279.639555][T15564] SELinux: failed to load policy