last executing test programs:

8.351316529s ago: executing program 0 (id=139):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$inet6(0xa, 0x80002, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000004540)=[{{0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000001100)="15b26f226e2966667482d50903b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5d07d691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6bea1764fbde5500fa30c5f2459cff4d7f123ab94cfd5762d586ec7a28abc2f8c9e608f8f964b96ecb0883d60d444f317834a3d734cb304051a60d1a084a84da8f9a23a1b9d4951c0a81985c63ae193f40e9deb358b2f08553324fd6086be9e70e5061568abefebcda50e70f4dab2e4dc0cf6d85aced044d7005326922886194895267165f7f592036ebe11dcf1cad98f5cda766eaea90fb4cb5e793525126c7594f8599055192d63a81d3cd26aadd50983f1c3f1d4655c1b5f59e80f733e3abc4792b760729fd26298ef15141cf76cc4", 0x192}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b", 0x353}], 0x3}}], 0x1, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}, 0x400}, 0x1c)
sendmmsg$inet6(r3, 0x0, 0x0, 0x4000000)

8.29007624s ago: executing program 0 (id=141):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000200)='kmem_cache_free\x00'}, 0x18)
munlock(&(0x7f0000ff2000/0xd000)=nil, 0xd000)

8.289745431s ago: executing program 0 (id=142):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='ext4_discard_preallocations\x00', r0, 0x0, 0x2}, 0x18) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) (async)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r1, &(0x7f0000000040)="5f33594c0c99e52bb0142a3df192cca4d17026d4edcbc59431b79ef32c7347e8eacb35245e669a8984843bc591942dfb81f3c4e6e2ffb4f64c9e70", &(0x7f0000000dc0)=""/4096}, 0x20)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000380)={[{@errors_remount}, {@discard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@jqfmt_vfsv1}, {@abort}, {@data_err_ignore}]}, 0x1, 0x476, &(0x7f0000000540)="$eJzs3M1vFOUfAPDvzLblx2v7Q3wBUavE2PjS0oLKwYtGEw8YTfSAN2tbCKFQQ2sihEg1Bi8mhkTP6tHEv8CbF6OeTLzq3ZAQ5QJ6qpnZmbK7dLctLLuF/XySZZ9n5pl9nm9nnp1n5pklgJ41nP2TRGyLiN8jYrCarS8wXH27duXc1D9Xzk0lsbT05l9JXu7qlXNTZdFyu61FZiSNSD9JikrqzZ85e2JydnbmdJEfWzj53tj8mbPPHD85eWzm2MypiUOHDh4Yf/65iWfbEmcW19U9H87t3f3q2xdfmzpy8d2fv8vau61YXxtHg00N72s2nAX+91JueWFafXt83RFsbNtr0klfFxvCulQiIttd/Xn/H4xKXN95g/HKx11tHHBbZeemFie2xSXgLpZEt1sAdEd5os+uf8tXh4YeG8LlF6sXQFnc14pXdU1feameXxttv031D0fEkcV/v8pe0fo+BABAW3w29eXheHql8V8a99WU21HMoQxFxP8jYmdE3BMRuyLi3oi87P0R8cDqVaa1mcapoRvHP+mlmw5uDbLx3wvF3Fb9+G+5mUOVIrc9j78/OXp8dmZ/8TcZif5NWX68RR0/vPzb583W1Y7/sldWfzkWLNpxqa/hBt305MJkPihtg8sfRezpWyn+ZHkmIImI3RGxZ30fvaNMHH/y273NCq0efwttmGda+ibiier+X4yG+EtJ6/nJsf/F7Mz+sfKouNEvv154o1n9txR/G2T7f0v98d9YZCipna+dX38dF/74tOk1zc0e/wPJW/m2A8WyDyYXFk6PRwwkh/N83fKJ69uW+bJ8Fv/IvpX7/85imyz+ByMiO4gfioiHI+KRou2PRsRjEbGvRfw/vdR8XX38m7d1Y/9PN3z/bc7XLB//Dft//YnKiR+/X7n2r99Z2/4/mKdGiiX5998q1trAW/zzAQAAwB0hzZ+BT9LR5XSajo5Wn+HfFVvS2bn5haeOzr1/arr6rPxQ9Kflna7Bmvuh48li8YnV/ERxr7hcf6C4b/xFZXOeH52am53ucuzQ67Y26f+ZPyvdbh1w2600jzYx0IWGAB3X2P/T+uz51zvZGKCjmj5Hs6Wz7QA6b5Xn6NJOtQPoPP9fC/Sulfr/+Ya8uQC4Ozn/Q+/S/6F36f/Qu/R/6Emr/Ui+cou//Ze44xLJ2gpH2v2mboxEf0S05QMHNkQ4RaLb30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADt8V8AAAD//5qI6jE=")

7.973861586s ago: executing program 0 (id=150):
r0 = socket$inet(0x2, 0x4, 0x1)
sendmsg$inet(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)='\x00\x00', 0x2}, {&(0x7f0000000100)="6306bc3795f8", 0x6}], 0x2}, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x800000000006}, 0x18)
getitimer(0x1, &(0x7f0000000280))
r3 = getpid()
r4 = syz_pidfd_open(r3, 0x0)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x2bc3c1f, 0xffffffffffffffff, 0x7, 0x0, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
r5 = pidfd_getfd(r4, r4, 0x0)
setns(r5, 0x66020000)
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000200)='batadv_slave_0\x00', 0x10)
bind$xdp(r6, &(0x7f00000001c0)={0x2c, 0x0, 0x0, 0x4}, 0x10)
syz_clone(0x50a60080, 0x0, 0x0, 0x0, 0x0, 0x0)

7.7801767s ago: executing program 0 (id=154):
close(0xffffffffffffffff)
socket$inet_mptcp(0x2, 0x1, 0x106)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="020900000700000000000000000000000500", @ANYRES64], 0x38}}, 0x20000004)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
syz_usbip_server_init(0x2)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r6 = getpid()
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000a5e000/0x1000)=nil, 0x1000, 0x17)
process_vm_readv(r6, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)

7.546087564s ago: executing program 0 (id=161):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f687372"], 0xfc}}, 0x0)

7.540751734s ago: executing program 32 (id=161):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f687372"], 0xfc}}, 0x0)

2.20935978s ago: executing program 2 (id=236):
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000540)='kfree\x00', r0}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x80)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000007000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c}, 0x94)

2.150154631s ago: executing program 5 (id=239):
close(0xffffffffffffffff)
socket$inet_mptcp(0x2, 0x1, 0x106)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="020900000700000000000000000000000500", @ANYRES64], 0x38}}, 0x20000004)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
syz_usbip_server_init(0x2)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r6 = getpid()
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
process_vm_readv(r6, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x9}, 0x1c)
listen(r7, 0x3)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0xff, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x5, 0xc2}}}}}}}, 0x0)

2.053867433s ago: executing program 2 (id=243):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000800018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, 0x0, 0x0)

1.997190974s ago: executing program 4 (id=244):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000800018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=@newtaction={0x98, 0x30, 0x871a15abc695fb3d, 0x70bd2a, 0x400000, {}, [{0x84, 0x1, [@m_tunnel_key={0x80, 0x1, 0x0, 0x0, {{0xf}, {0x50, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0xd, @loopback}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @private0}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @private2={0xfc, 0x2, '\x00', 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x98}}, 0x0)

1.989838854s ago: executing program 3 (id=245):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000080000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1, 0x0, 0x20000000001}, 0x18)
syz_emit_ethernet(0x2a4, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd606410a6026e0000fc020000000000000000000000000000fe8000000000000000000000000000aa223427d5c9a46b9fa14172170a013589317d2af31ba554311bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6768ce2a6bf60fbb53104c7919b7cf28fa555fc9460df11e72eddebb2fc4eb6f83b16e0d65307e4210dfc209f0c68df65b57f420fd215546b798af6b6ab7bfb2fe6bd6142f877852717370b1ca39d199c149c3ead97c4e16229ce4c08a111a0fc64651c21e9174dd72442a9ae2a42d9433c7b54c8dd4b59203f9a2e227e9b043eb430e606cf98f3428ac8511948dd553bc0728c0626fbda71bd2a1d734d605e27bdb0be93b7b91284689e31fccb70c15f2c39da9011c84d36fe4b4b36ff26e45a34685fc638dbdaa068a3d3d4f5d44b74afc0fc7956e5fcc3fe405ac6d292d1d90f257f18fe14a3192d28ed369956aa2f91f9fee773cf7fb5d90705347eeadc1af86de78a498fa1a20e5b3f481a0595769654d969299506d8ffbc172a7fb9453a8a3787e80b167936863f2cc16c1d03481bd40e1abcf87a292559771572136932bf30e48174012a1d4d5f138f93140af2ceb9c821c7966ea7592d762975b5b33ef141b6b91eb388c91b924945c3231d0f299adb5a36e0c95a17872e7ebf0bc0e33baf5c46f9e2087b77bad0794d519ce7bc8674a70f3545d020454ded22f164185df3b4f952b132947b75333993fd73a"], 0x0)

1.937757935s ago: executing program 2 (id=246):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r1 = socket$kcm(0x29, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
ioperm(0x8, 0x6bc, 0x5a)
syz_io_uring_setup(0x5c2, 0x0, 0x0, 0x0)
mmap(&(0x7f0000e8f000/0x3000)=nil, 0x3000, 0x0, 0x12, r3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x1, 0x7ffc0002}]})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r4}, 0x18)
munlockall()
r5 = socket(0x28, 0x807, 0x1)
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x4800)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r6 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r7 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00'/557, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
fchmod(0xffffffffffffffff, 0x4)
ioctl$LOOP_CHANGE_FD(r6, 0x4c00, r7)
sendfile(r6, r6, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r6, 0x4c02, &(0x7f0000000280)={0x0, {}, 0x0, {}, 0x8, 0x0, 0xffffffff, 0x1, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e16bd5bba7663c435aff94793ddd7aae07ef35f17bf01933bdb6fd7ecdd91b59ca8d541", "07a9310978042a8bfe1406584a128d7469166f4f07b84819e7df4af14e1df82d", [0x200000000000006, 0x4]})
close(r1)
socket$nl_route(0x10, 0x3, 0x0)
munlockall()
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r0, 0x400c6615, 0x0)

1.910171395s ago: executing program 3 (id=247):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket$caif_seqpacket(0x25, 0x5, 0x3)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
timerfd_create(0x8, 0x80000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
pipe2$9p(&(0x7f0000001900), 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0xa00, 0x0, 0x303, 0x300}})

1.871447656s ago: executing program 3 (id=248):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000500)={r0, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x4, 0x600, 0x1}}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001000)={0x11, 0xb, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r2, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x20080fe, @loopback, 0xffffffff}, 0x1c)

1.837158197s ago: executing program 4 (id=249):
fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = open(&(0x7f0000000400)='./file0\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)

1.802392267s ago: executing program 2 (id=250):
fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x21c}, 0x18)
lsm_get_self_attr(0x67, &(0x7f0000000200)={0x0, 0x0, 0x71, 0x51, ""/81}, &(0x7f0000000280)=0x71, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000680)={0xffffffffffffffff, 0x18000000000002a0, 0x28, 0x0, &(0x7f0000000580)="b9fe030768045c8c989a14f088a8657986dda8c6e96fd9d5a77080d1016ac1eb01639fa5680155e0", 0x0, 0x9e, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000580)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r3 = open(&(0x7f0000000400)='./file0\x00', 0x64842, 0x0)
pwritev2(r3, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x143a82, 0x8)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
write$selinux_access(r5, &(0x7f0000000040)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a6c645f736f5f7420704a122f7362696e2f6468636c69656e742030"], 0x41)
tkill(0x0, 0x7)
utime(&(0x7f0000000100)='./file0\x00', 0x0)
r6 = dup(r4)
sendfile(r6, r3, 0x0, 0x8000fffffffc)

1.766786078s ago: executing program 3 (id=251):
openat$random(0xffffffffffffff9c, &(0x7f00000003c0), 0x40202, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x9, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="00009a0e90df"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
getpid()
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYRESDEC=r0, @ANYRES64], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000020"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x18)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000740))
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000440)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000080)={r4, 0x3, r1, 0x5})
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x8)
r5 = socket$packet(0x11, 0x2, 0x300)
bind$packet(r5, &(0x7f00000001c0)={0x11, 0xe9, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1000}, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000040)={0x0, 0x7, 0xfa00, {0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r6, &(0x7f00000000c0)={0x7, 0x8, 0xfa00, {r7}}, 0x10)
close(r6)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x18)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r9}, 0x10)
acct(&(0x7f0000001040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
rt_sigprocmask(0x1, 0x0, 0x0, 0x0)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000280)=@urb_type_interrupt={0x1, {0xa, 0x1}, 0x0, 0x2, &(0x7f0000000140)="23171c3ab37afb4a351df2536855ea0552b0cf6a528f4d3a03a419ca6e4c9414d119e930dc600ed6804406257dbad0cf5368410ac0a38314317ab999d7f1e75826f060cfffc1a9714db5e16fda159fe74f3860c0", 0x54, 0x3, 0xcb1c, 0x0, 0x9654, 0xfffffffe, &(0x7f00000001c0)="a1fd071b5a9c3d7002f4b266b13a45437a8203b635eaf7c7dd32eb6f4f2981c2e7a1048be3465fcc0d0038ba42ad351128c7ef3029be0dc640146b785dd70cab0e151dc979ceb8c0b6f4428d6d30db02df170985f65b478d9aa4d1219a043117214068f4a10f8d88b1d4a407d902413676129f903f9f6f45d159b61facc0e357aae64d493c11179cb02835a78c383ea5f8de032ccd9aac7a"})
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)

1.766493928s ago: executing program 4 (id=252):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
munlock(&(0x7f0000ff2000/0xd000)=nil, 0xd000)

1.745701228s ago: executing program 4 (id=253):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
clock_settime(0x7, &(0x7f0000000240))

1.681848149s ago: executing program 4 (id=254):
openat$random(0xffffffffffffff9c, &(0x7f00000003c0), 0x40202, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x9, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="00009a0e90df"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
getpid()
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYRESDEC=r0, @ANYRES64], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x18)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000740))
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000440)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000080)={r4, 0x3, r1, 0x5})
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x8)
r5 = socket$packet(0x11, 0x2, 0x300)
bind$packet(r5, &(0x7f00000001c0)={0x11, 0xe9, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1000}, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000040)={0x0, 0x7, 0xfa00, {0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r6, &(0x7f00000000c0)={0x7, 0x8, 0xfa00, {r7}}, 0x10)
close(r6)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x18)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r9}, 0x10)
acct(&(0x7f0000001040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
rt_sigprocmask(0x1, 0x0, 0x0, 0x0)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000280)=@urb_type_interrupt={0x1, {0xa, 0x1}, 0x0, 0x2, &(0x7f0000000140)="23171c3ab37afb4a351df2536855ea0552b0cf6a528f4d3a03a419ca6e4c9414d119e930dc600ed6804406257dbad0cf5368410ac0a38314317ab999d7f1e75826f060cfffc1a9714db5e16fda159fe74f3860c0", 0x54, 0x3, 0xcb1c, 0x0, 0x9654, 0xfffffffe, &(0x7f00000001c0)="a1fd071b5a9c3d7002f4b266b13a45437a8203b635eaf7c7dd32eb6f4f2981c2e7a1048be3465fcc0d0038ba42ad351128c7ef3029be0dc640146b785dd70cab0e151dc979ceb8c0b6f4428d6d30db02df170985f65b478d9aa4d1219a043117214068f4a10f8d88b1d4a407d902413676129f903f9f6f45d159b61facc0e357aae64d493c11179cb02835a78c383ea5f8de032ccd9aac7a"})
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)

1.63264122s ago: executing program 2 (id=255):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x2e, &(0x7f0000000000)=r1, 0x4)
recvmsg$unix(r1, &(0x7f00000000c0)={0x0, 0xfffffd12, 0x0, 0x0, 0x0, 0x2}, 0x100)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
io_uring_setup(0x7986, &(0x7f0000000480)={0x0, 0x8678, 0x8, 0x5, 0x9c})
r2 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r2, &(0x7f0000000680)={&(0x7f0000000000)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, &(0x7f0000000540)=[{&(0x7f0000000240)="f9", 0x1}], 0x1}, 0x4000080)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000a000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000cf02719424f9aa7cddb75c740000000800005f8af8ff00000000bfa200000000f81873b5b601eb82c0ebcad39866e9ffffb70300000800006bb133b1417f34504c7a2c00020000008500000003e6ffff94000000000000000000000000002dd1cb22f73b714b57648b075ecfb957e0e549e6e694d33dc207d9d85fe6e50d023ff9cd71c9d1674dbc"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1e, 0x0, 0x0, 0x0, 0x800}, 0x94)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r6)
close(0xffffffffffffffff)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x20)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file2\x00', 0x187842, 0x0)
ioctl(r7, 0x2, &(0x7f00000022c0)="4180cabf958c6335fc0506d136b36daaa74da703fb0bda7699ce49819a898c4bc9beee35553f5b3cc70093a2494a0766407ad94e1f94754a7febb2e49db5937b3f97b205ca9c7c18084d3ccd857d7a6163462a337b56f84ac04618eed07e911260ffeebc274045c5c70a5c28e3e888e0e5b3b4098d63aee86efa5b9a4d62bc8f9543a02affe7cd9040a2e452e882cf83f696ea19895e14100c871508bdf2e2080e8176f61c40c9ca8a947ad77fc946e3940dfdf113e7e25dee7a5d4a70c25e325fc4a5cb70e3619461d2368dab5093de5c262041aedd952a2985fe610377a31ab006568c1682b76187bebf0b8dd9bf9b644c72737bb560aaf4beb29f1d88dfe211d7f71006a260ea7140bc7bdbe573c56feffd42c3c847e11389e9512785baa23493ecd6e9d0c5e518ccc515e668967426b7a241d1ecc0e46c880803b9bc903fe3a069af6cf719a7f0090c5e0585d727bb79446b54aac201b46a323925538b54acb60368c2f64451674add352c2dd8f7123f43038cdcb844c21080718cb69ce54208ede6fd21f2c25d4b26e021a1de7a90b853cb1443f78273ce7d37c922ab67a65fc8d4b4177962f33ec797db5279e1d7cf04dbe18f15d8a75386a5b2a1d2893f24dfa0c80aa83a4683e778e2c6a140d2d9bb1fae86745ee53badd50b6365194e0051b36278750ce1ca85483d0e470b59a9b6e73fe8b291b718d79bb848c63eb7048c5790c4dbac2765daaff789444fbf587bbacf95d5fc2d22357738b7f14334bef4978d76a7d97edac7e66973dcdc17d82baac71996092a7aecec7048d8f9dbae9dbb2cc528e8640e717011ae75ec0b409deb04f917bdd6a21e4fd0f230c2e87ed445ee5e3f885dad19a88638d9f8b8e0be07ba3b68ed92fe32a153b9ff739d6dde20b0cb77beb879a1b501759842e7197f4456b3c9bb931cdd601c560d7b726b72ae0f30c496b41d1d1243be1e67915bffd0af9b02b444830eaed193432bac613aa80c2d97156c65d9e1c58c2b1b2754dce3037b6a8d3a81b73df42e6d0477f21635a21d34db9f5636847204ba067b16b401c98d9558dae75baf3919da1277888293f6d3423a2017568dcfa0d22808b33c2531f05764ff2b5a4bb5f59f3e7222c92684af4a7255bca4136524ec9e302a37cf64b0e0f76c5d37ee07ab22b9714101b1a9281c0eac442bf243fc5e5ab03c355b7b385201a7ff72bde285292b4cb5345b9ea417a09cb9b4f646e1f9d323d3f014026a3924fc221c08a6c8fca24099f448f10c63eea83532c68e2aa3cf398285abe5c5b2e0552d9f585842468503cc86074c596c854cd2007ec9cbc304941a5c7bba6d354a6edcd89656ae12c92a92106a02e8c0563f982fc5b239553a70fec88485415ac4ed64771925c81808d36b17ed637507212a20c4c02bda2b8ef63950625c823fd5b919e6efd73d18fefefe89827e0057b803428ebb780ecef18cd97cc15a8dae95b402ef2591aa82623de15b8facd6a3f937896b7f2a56bdaae7ad694c0dfc921013968e7ecf84d272128f0f737c39bb445c85ac373fbb0d9a2f7d23cc37f1662b55b79dd4a82b3c470c41f44e3216f09bc7e5b7764a3915ee06f9dd9a354d9ba0e4eb780c7101b08ea81f001349a943b8ffc309867c82a4147b6c44bb6187158d699421a20e66237e7dd73eb2700eae16eec79db107ce2f52c5a0b88a01631642276a22d170fa8eac83685f4adaf9f693f787855ecf30a7cba9e899cba56bd65354723a837eb1adf2a74f1f7950fd00133d8f1a798ebd0b002153b06da12c319b3d0880e11738559dfa68e760922118f4f2d62b29adf5a5a95afdce391d80b59c3b11f15f4ebc3a7a53c68188eff1a31afa8de4b5b1bdc6a9b61ac45f0a1664de7befc760ad985a349dfde20b6a42d832674a1a0082898b4d89c790d9011291962bb835e5511acd8422b211199f7a2c8743ab446d747b5345fb4967253f8a7bf0c722316c6cea788811cf1f614a7fbff15d89ffde315e9fe0b9e0ee64c32aa0b01537b110319e3c16567d1deee47e95c1d19486659e6cc1d3bab332b9ebc30f561660847f3730f97b08fafc562e1903b3fbdc6168b269cdb17f737c61b5131ef2b6148f2b27ccd2e7649d308bd7095a7e888639c8ad2280e7752dfa043e02dd5540dde872bbd5430ecca75afcc70db17d6e3e864aacdb3deab756e4a2cdc86b86d1cb6d82d8c0becf3c6a67d122ded6f5346bd6a399a4f6aa791c4a07ca49b6917e71a6097ecac59915cd0827d412378ffe3faff23ad926516eed5f3f8daa17914b4d39f23e9b88894c134a0eda59ca95d9ba73adf41f0c5a5d9e736ba74d0fe08a32d1d617f6dd902656d813fce283b27932a25cc22a945f357a1c2d5ddd90d388eb07ce6303d1b270c9536a9e7f6efc36c16ff1cb3f396c93794955e04baaeb786f692f90dbb4cd15af0165cfdb5ed73cced7cfb94d1fff74e59531a4cabae89f74e9d26962f876d08086c60af8cc1eb5bf9b0baecbe04d53a9599212ec97c312aa28482fd0a0febfb3e06b13ed19cb1cdea9ef40ea2709ae84315c60dd50d9e8900ff6443b87c05217a1be9cc45b630d562a3db27f8b68b8d6350d3df8312a676fef555547969efa98959b04ca5cf42099eb35c789cae6ecc53ba95305ad75977e21c62a907720ba564df260a69e0a687777e6e7e344e2871b4c678f8ff506a6ca19c2692e9a5f20df27625d4a68096e6ee78393dea094abeab5e32a60c1fea140924ff41d5e315d1885876f360ff71da2ec8958ef515a7a00a2557c30159ab46ba7c00b99c35c1ea492e9cf0cd3ed97bddddeaae320af167cd440ef4acc25fa6d3b43ba32d630cf9446dfb163bc17719e521a310943b156bfe54af0aba9e25567d0cdaaebe136cb71973e11a8ad6958980fc7b5f0a45ec71f39662f03abdb607664914cb549f8c15f12ec0734cf7956d2bab612789d82510a8567f006e8610c179776bab0a1389c77d52f0bccf59dd49ee1209dd2080ba60a0b97978e47c202b705831bb41dc8cea1677b2f779ef91bbbcb2c70d6d6f950a7a6b3814cefec6e4666842a727d6eb36660d9137c6be7f2ac14dbe77b1578654d5878b562b3128af661f0bf3e5032cd281a6ecd1fbd57123187c75b4556952a24e0789d6dc40f7cae47c5ee5428199bdf18f321fa92103a37deed5d206893f5d488744605ef8fd02372fd45589cc9fe6d4e920baaecc1a4bc42364403796db61e02bcb37aaa2a84c95fa7dfa4c4599c0ce35775b014c67889bc9425d8c1c7a0a269beba0ab3573ca78dfa81ff037117143e39db1598dc7f2a304d30c09e1c62245788bd88bb96844f9ed96cd114a9311debd3ba995f7b74f9ae5b8864d9e9676d17d3eebfad60b0c2b7ad3d7c61f74b913114461bc0a423e007df6babc3130d092927ce46185d95df172f3ac60013accf320f6b5882fd2a677890ec9961d3c3fafdffd3ac1106ebbc0908fc80664a40ef183f647b9d5c6690a3d7873e5f175c5ea03b29246cb0b8b8cf9130d2bd3d7d0e69c300fdb8ba2c9f0ba34d6cb96dea83c97a77140022f56e849fe85ccb07ec26d3751c1f31bbd3b931e4719e86ebebbe1bcc80ef242f7331dacc3a54e7ef02c6a56f5d36b41dffa7b4dff95c4b4b856536d03f751a42fe95845ca92be3b59f7284c218d536def3468673b3f4ee3a472b49ea6f096f5b788ee3e647bfcf13b94d6c6709df7c6e06872ff8802ed4a1e1531cff219e2b319e8d1da617b42174a09e57127385e02c798fd306e8d9dfda281785f86117f1f7201a88715395b4a485731ff6315c9dbf6f2f509529a8d749521d3137221554b98f14c1dd32418dd1fe4a982909ccc849e6a4cddda7da048c0d554b87afcdac3ea0136c13bf8ba4072db8c4d9cfb2c71e876b84e53f6706cc0de423c1eb0fefa528720590cebfe9272151e4a28df47fe714a18260876372446d3a7f4b2b7fd24346c91b21a4afefb8b914d88a9a9fad7c42a4b8a22780aa7c1a27a61e0dcafac399adee7acd4d8464e7657d2af13a072a7d357472bac99476aa74faf8091ec4c6af17b984b90b90b838b57adcf619f5310035d11a2b4b383ccad750281a848aa7f3cfe6d7d824f32d3eee367375d2b3f1a92849b1ccf076e914420815cc7d383768201dcd87e7dd50f13d56bfd376b0ce764a4bd5a11434d007a9cba7b3b9173444bece2901fabc807b6f0804f1bc75cf2d88c31d66961b77396c626c18c87a29faa85c7b1a233cfcd89e865fcdcb8d5161801a4b7f6b4fb81436e1eba715cb25b46682b31f06681978dd16332c4392edcf8fea967c6721bdea1b4ee4763a0685d3d1aa8a5c08cabc845c52beb0a61d2fa9d66df3a9e30f061517b414b3bf0b5d34fb744ad2f93de8f92990691ec6842762a5513ce687bb6fe8b0dff53ef25dfd9901d55ccf85d1809c7ee917183ada9880e1fc2b223ff67c765481facb1b496963db010b6e123a3b026f47ad5fcfa18a4ea8afdf332370789274bf76e98f15b1872e84f3dcafa6165b980521ea035c2c7def94d1c27622247b3b28c5c943d2295d593193957028ee1e7311d58730281dbb73b74e58d59c9ed4976f2aa31cee145d4a2edbd1870bbb16907ed5f2f8f4f3b9cdae4554fafd65135e97e877bfc2ae6ceaf16ee1330fd52c332d134845d53a5405fcab5bf750ba37a914394981fc2101916d1dd80a391f07834557b03e83ec2aa1af51656094d712cfe3028c5de5bd4215ea2c7f4eea3cbfd9f184c77bdd93c8b8e0b4b2d8c54acc1dea7b790e6cad9968361ffcd0aedcc0cc536de9bdda719e1b625dbf41ca3fbb1bc91597ea7e20619c03a1da12f8af914fde1c9978978b0d1c7d288c188f5562a98d55775a923b383c227d2db88857dd0f9eb1b1f1ba92e6fba13ebc7125518a56910e3fafc90c4437734edc532e5ad9f6171fdfbf75d35e2e735cdecdadf3c56e9b2c5912d71beda14a8f734b03da8c0b0be4fc560e973ca6fcfacb477020fe1ea64a532a2f5c14d69a362d314aeea3691d6a5f288e39f8b7bf93831604167ff8dbe0cc5f7919f9222efea61778cb2a40ae05f6bf502aa9c5aed3b4f381728b6aef5d202a677d94861cca74a15d6c76992eb1ce19ae463e5d616997ce06ff73a1c5999993a091fa4a6b00bb1af23dbe0bfb3b3d84feb2871d8e98f80fb0caa7ef43ad4349a6be6589fd4e9b0dda79bbb41a28f7ce8fac84e9190dc7466491dba5d6cb8782665022c900897ef313ac1bfc81f5e189790904e8277008bc04dca30eee5394bc5770c48ef2c2cf746ea9491a474aed4062968dd3cfa5ae5bf0e33a2828d8ae603ae16f1908af620d1bfbfbfb9c25c39c817eb2e4c3954f4c81f474110895c6c099d8a9725dccb8033f914eaf56ad4ba8a75dac4f56c62acb2fe7ae3151ec932a4a5504ac04228a90cd6311f57d348db07187d442b54c62996b5122e4d3ae75d8a0805abfae97030a40e156151d204b43cc71c4710770ca0d81a57191c71a3130cc439ca7a43332a0b40dde6fcdf496f6f6c7f80bd42ae73c1c9a98bb2dfdcdaaa1d6bcc13d961b3d6761082bdc6e4ff29a0b1ffa61101d7f1066d6a0725c3ee1fa0efa6f26d8e6b8ca2c0cb9389e8367361828e714cda6696e8dba87a91a5d17a975dab2c5e83d5c29ee9a7d808c6ff61917b18fcdadde99890694c83ba9e6f1e23da8858361f58d788a5cd1b436f52b88c6fafe6e6b58f06293558e36d462e61aae363a3ba0a5edfd32e62fa4ef9067ff564acfc3e8234a127f4117bc9ae5bef684b0dbaa30")
ioctl$EXT4_IOC_MOVE_EXT(r8, 0xc028660f, &(0x7f0000000100)={0x3920e, r4, 0x3, 0x4, 0x3, 0x6})
getsockopt$TIPC_SRC_DROPPABLE(r8, 0x10f, 0x80, &(0x7f0000000000), &(0x7f00000000c0)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001140))
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
ioctl$SIOCSIFHWADDR(r6, 0x8943, &(0x7f0000002280)={'syzkaller0\x00', @random="110000000002"})

1.389797345s ago: executing program 5 (id=256):
fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x21c}, 0x18)
lsm_get_self_attr(0x67, &(0x7f0000000200)={0x0, 0x0, 0x71, 0x51, ""/81}, &(0x7f0000000280)=0x71, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000680)={r3, 0x18000000000002a0, 0x28, 0x0, &(0x7f0000000580)="b9fe030768045c8c989a14f088a8657986dda8c6e96fd9d5a77080d1016ac1eb01639fa5680155e0", 0x0, 0x9e, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000580)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
pwritev2(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x143a82, 0x8)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = gettid()
r6 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$SO_TIMESTAMPING(r7, 0x1, 0x25, &(0x7f0000000180)=0xc0a5, 0x4)
write$selinux_access(r6, &(0x7f0000000040)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a6c645f736f5f7420704a122f7362696e2f6468636c69656e742030"], 0x41)
tkill(r5, 0x7)
capset(&(0x7f0000000040)={0x20080522, r5}, &(0x7f00000002c0)={0xfffffffe, 0x0, 0xfffff42a, 0x400, 0x3a5f, 0x8})
utime(&(0x7f0000000100)='./file0\x00', 0x0)
r8 = dup(r4)
sendfile(r8, 0xffffffffffffffff, 0x0, 0x8000fffffffc)

1.157974029s ago: executing program 5 (id=258):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket$caif_seqpacket(0x25, 0x5, 0x3)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
timerfd_create(0x8, 0x80000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
pipe2$9p(&(0x7f0000001900), 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0xa00, 0x0, 0x303, 0x300}})

1.10198788s ago: executing program 1 (id=260):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x0, 0x4, 0x8001, 0x0, 0x1, 0x200000000002, 0x7, 0x8, 0x5}, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_open_dev$ptys(0xc, 0x3, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000), 0xcff5}, 0x38)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000280)={0x0, 0x800, 0x0, 0x0, 0x4, "0062ba7d820000001652bdc5fcbdc8dace6b04"})
socket$phonet(0x23, 0x2, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, 0x0, 0x0}, 0x94)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(0xffffffffffffffff, 0x84, 0x8, &(0x7f0000000080)=0x5, 0x4)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r2, &(0x7f00000057c0)=[{{0x0, 0x0, &(0x7f0000002cc0)=[{0x0}, {&(0x7f00000017c0)=""/130, 0x82}], 0x2}, 0xa1}], 0x1, 0x0, 0x0)
add_key(&(0x7f00000000c0)='pkcs7_test\x00', 0x0, &(0x7f0000000200)="100c0608266be7", 0x7, 0xfffffffffffffffc)
r4 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
pwrite64(r4, &(0x7f0000000080)='3', 0x1, 0x0)

1.09579469s ago: executing program 5 (id=261):
fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = open(&(0x7f0000000400)='./file0\x00', 0x64842, 0x0)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x143a82, 0x8)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f00000002c0)={0xfffffffe, 0x0, 0xfffff42a, 0x400, 0x3a5f, 0x8})
r3 = dup(r2)
sendfile(r3, r1, 0x0, 0x8000fffffffc)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)

904.314774ms ago: executing program 5 (id=262):
fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = open(&(0x7f0000000400)='./file0\x00', 0x64842, 0x0)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x143a82, 0x8)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f00000002c0)={0xfffffffe, 0x0, 0xfffff42a, 0x400, 0x3a5f, 0x8})
r3 = dup(r2)
sendfile(r3, r1, 0x0, 0x8000fffffffc)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)

823.368245ms ago: executing program 3 (id=263):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
fadvise64(r2, 0x1, 0x95bd, 0x0) (fail_nth: 4)

490.337041ms ago: executing program 4 (id=264):
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000340)={[{@errors_remount}, {@nodioread_nolock}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r3, &(0x7f00000009c0)="3bf58d7d45d32cfe1da7c797b82f", 0xe)
sendfile(r3, r2, 0x0, 0x3ffff)
sendfile(r3, r2, 0x0, 0x7fffeffd)

391.698183ms ago: executing program 3 (id=265):
fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x21c}, 0x18)
lsm_get_self_attr(0x67, &(0x7f0000000200)={0x0, 0x0, 0x71, 0x51, ""/81}, &(0x7f0000000280)=0x71, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000680)={0xffffffffffffffff, 0x18000000000002a0, 0x28, 0x0, &(0x7f0000000580)="b9fe030768045c8c989a14f088a8657986dda8c6e96fd9d5a77080d1016ac1eb01639fa5680155e0", 0x0, 0x9e, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000580)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r3 = open(&(0x7f0000000400)='./file0\x00', 0x64842, 0x0)
pwritev2(r3, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x143a82, 0x8)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
write$selinux_access(r5, &(0x7f0000000040)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a6c645f736f5f7420704a122f7362696e2f6468636c69656e742030"], 0x41)
tkill(0x0, 0x7)
utime(&(0x7f0000000100)='./file0\x00', 0x0)
r6 = dup(r4)
sendfile(r6, r3, 0x0, 0x8000fffffffc)

391.099793ms ago: executing program 2 (id=266):
close(0xffffffffffffffff)
socket$inet_mptcp(0x2, 0x1, 0x106)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="020900000700000000000000000000000500", @ANYRES64], 0x38}}, 0x20000004)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
syz_usbip_server_init(0x2)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r6 = getpid()
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
process_vm_readv(r6, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x9}, 0x1c)
listen(r7, 0x3)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0xff, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x5, 0xc2}}}}}}}, 0x0)

188.453516ms ago: executing program 1 (id=267):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000010"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
clock_settime(0x7, &(0x7f0000000240))

184.033346ms ago: executing program 5 (id=268):
fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x21c}, 0x18)
lsm_get_self_attr(0x67, &(0x7f0000000200)={0x0, 0x0, 0x71, 0x51, ""/81}, &(0x7f0000000280)=0x71, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000680)={r3, 0x18000000000002a0, 0x28, 0x0, &(0x7f0000000580)="b9fe030768045c8c989a14f088a8657986dda8c6e96fd9d5a77080d1016ac1eb01639fa5680155e0", 0x0, 0x9e, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
r4 = open(&(0x7f0000000400)='./file0\x00', 0x64842, 0x0)
pwritev2(r4, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x143a82, 0x8)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = gettid()
r7 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$SO_TIMESTAMPING(r8, 0x1, 0x25, &(0x7f0000000180)=0xc0a5, 0x4)
write$selinux_access(r7, &(0x7f0000000040)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a6c645f736f5f7420704a122f7362696e2f6468636c69656e742030"], 0x41)
tkill(r6, 0x7)
capset(&(0x7f0000000040)={0x20080522, r6}, &(0x7f00000002c0)={0xfffffffe, 0x0, 0xfffff42a, 0x400, 0x3a5f, 0x8})
utime(&(0x7f0000000100)='./file0\x00', 0x0)
r9 = dup(r5)
sendfile(r9, r4, 0x0, 0x8000fffffffc)

153.969187ms ago: executing program 1 (id=269):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000080000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1, 0x0, 0x20000000001}, 0x18)
syz_emit_ethernet(0x2a4, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd606410a6026e0000fc020000000000000000000000000000fe8000000000000000000000000000aa223427d5c9a46b9fa14172170a013589317d2af31ba554311bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6768ce2a6bf60fbb53104c7919b7cf28fa555fc9460df11e72eddebb2fc4eb6f83b16e0d65307e4210dfc209f0c68df65b57f420fd215546b798af6b6ab7bfb2fe6bd6142f877852717370b1ca39d199c149c3ead97c4e16229ce4c08a111a0fc64651c21e9174dd72442a9ae2a42d9433c7b54c8dd4b59203f9a2e227e9b043eb430e606cf98f3428ac8511948dd553bc0728c0626fbda71bd2a1d734d605e27bdb0be93b7b91284689e31fccb70c15f2c39da9011c84d36fe4b4b36ff26e45a34685fc638dbdaa068a3d3d4f5d44b74afc0fc7956e5fcc3fe405ac6d292d1d90f257f18fe14a3192d28ed369956aa2f91f9fee773cf7fb5d90705347eeadc1af86de78a498fa1a20e5b3f481a0595769654d969299506d8ffbc172a7fb9453a8a3787e80b167936863f2cc16c1d03481bd40e1abcf87a292559771572136932bf30e48174012a1d4d5f138f93140af2ceb9c821c7966ea7592d762975b5b33ef141b6b91eb388c91b924945c3231d0f299adb5a36e0c95a17872e7ebf0bc0e33baf5c46f9e2087b77bad0794d519ce7bc8674a70f3545d020454ded22f164185df3b4f952b132947b75333993fd73a"], 0x0)

128.580017ms ago: executing program 1 (id=270):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000440)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
umount2(&(0x7f0000000540)='./file0\x00', 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mlockall(0x7)

29.559239ms ago: executing program 1 (id=271):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket$caif_seqpacket(0x25, 0x5, 0x3)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
timerfd_create(0x8, 0x80000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
pipe2$9p(0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0xa00, 0x0, 0x303, 0x300}})

0s ago: executing program 1 (id=272):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = open(&(0x7f0000000400)='./file0\x00', 0x64842, 0x0)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x143a82, 0x8)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f00000002c0)={0xfffffffe, 0x0, 0xfffff42a, 0x400, 0x3a5f, 0x8})
r3 = dup(r2)
sendfile(r3, r1, 0x0, 0x8000fffffffc)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)

kernel console output (not intermixed with test programs):



syzkaller
syzkaller login: [   25.234276][   T29] kauditd_printk_skb: 45 callbacks suppressed
[   25.234293][   T29] audit: type=1400 audit(1758203698.995:57): avc:  denied  { transition } for  pid=3281 comm="sshd-session" path="/bin/sh" dev="sda1" ino=90 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   25.269251][   T29] audit: type=1400 audit(1758203699.005:58): avc:  denied  { noatsecure } for  pid=3281 comm="sshd-session" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   25.288987][   T29] audit: type=1400 audit(1758203699.005:59): avc:  denied  { write } for  pid=3281 comm="sh" path="pipe:[434]" dev="pipefs" ino=434 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[   25.310947][   T29] audit: type=1400 audit(1758203699.005:60): avc:  denied  { rlimitinh } for  pid=3281 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   25.329891][   T29] audit: type=1400 audit(1758203699.005:61): avc:  denied  { siginh } for  pid=3281 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
Warning: Permanently added '10.128.1.45' (ED25519) to the list of known hosts.
[   33.702450][   T29] audit: type=1400 audit(1758203707.465:62): avc:  denied  { mounton } for  pid=3294 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   33.703647][ T3294] cgroup: Unknown subsys name 'net'
[   33.725295][   T29] audit: type=1400 audit(1758203707.465:63): avc:  denied  { mount } for  pid=3294 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   33.752601][   T29] audit: type=1400 audit(1758203707.495:64): avc:  denied  { unmount } for  pid=3294 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   33.905084][ T3294] cgroup: Unknown subsys name 'cpuset'
[   33.911528][ T3294] cgroup: Unknown subsys name 'rlimit'
[   34.062326][   T29] audit: type=1400 audit(1758203707.825:65): avc:  denied  { setattr } for  pid=3294 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   34.090270][   T29] audit: type=1400 audit(1758203707.825:66): avc:  denied  { create } for  pid=3294 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   34.110933][   T29] audit: type=1400 audit(1758203707.825:67): avc:  denied  { write } for  pid=3294 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   34.120157][ T3297] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   34.132001][   T29] audit: type=1400 audit(1758203707.825:68): avc:  denied  { read } for  pid=3294 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   34.160921][   T29] audit: type=1400 audit(1758203707.845:69): avc:  denied  { mounton } for  pid=3294 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   34.185834][   T29] audit: type=1400 audit(1758203707.845:70): avc:  denied  { mount } for  pid=3294 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   34.209246][   T29] audit: type=1400 audit(1758203707.915:71): avc:  denied  { relabelto } for  pid=3297 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   34.237145][ T3294] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   35.408776][ T3305] chnl_net:caif_netlink_parms(): no params data found
[   35.491292][ T3305] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.498553][ T3305] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.505992][ T3305] bridge_slave_0: entered allmulticast mode
[   35.512353][ T3305] bridge_slave_0: entered promiscuous mode
[   35.519407][ T3305] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.526606][ T3305] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.533716][ T3305] bridge_slave_1: entered allmulticast mode
[   35.540330][ T3305] bridge_slave_1: entered promiscuous mode
[   35.578923][ T3305] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   35.591200][ T3305] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   35.625632][ T3309] chnl_net:caif_netlink_parms(): no params data found
[   35.637393][ T3305] team0: Port device team_slave_0 added
[   35.646171][ T3304] chnl_net:caif_netlink_parms(): no params data found
[   35.670929][ T3305] team0: Port device team_slave_1 added
[   35.703839][ T3305] batman_adv: batadv0: Adding interface: batadv_slave_0
[   35.710877][ T3305] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   35.736920][ T3305] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   35.758135][ T3305] batman_adv: batadv0: Adding interface: batadv_slave_1
[   35.765179][ T3305] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   35.791164][ T3305] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   35.819459][ T3312] chnl_net:caif_netlink_parms(): no params data found
[   35.843380][ T3304] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.850524][ T3304] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.857721][ T3304] bridge_slave_0: entered allmulticast mode
[   35.864339][ T3304] bridge_slave_0: entered promiscuous mode
[   35.887292][ T3304] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.894409][ T3304] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.901627][ T3304] bridge_slave_1: entered allmulticast mode
[   35.908251][ T3304] bridge_slave_1: entered promiscuous mode
[   35.932118][ T3309] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.939222][ T3309] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.946624][ T3309] bridge_slave_0: entered allmulticast mode
[   35.953068][ T3309] bridge_slave_0: entered promiscuous mode
[   35.979469][ T3304] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   35.988706][ T3309] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.995891][ T3309] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.003418][ T3309] bridge_slave_1: entered allmulticast mode
[   36.010821][ T3309] bridge_slave_1: entered promiscuous mode
[   36.023579][ T3305] hsr_slave_0: entered promiscuous mode
[   36.029702][ T3305] hsr_slave_1: entered promiscuous mode
[   36.042376][ T3304] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   36.083753][ T3312] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.090931][ T3312] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.098326][ T3312] bridge_slave_0: entered allmulticast mode
[   36.104943][ T3312] bridge_slave_0: entered promiscuous mode
[   36.112436][ T3309] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   36.121693][ T3307] chnl_net:caif_netlink_parms(): no params data found
[   36.131144][ T3304] team0: Port device team_slave_0 added
[   36.144293][ T3312] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.151383][ T3312] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.159347][ T3312] bridge_slave_1: entered allmulticast mode
[   36.165823][ T3312] bridge_slave_1: entered promiscuous mode
[   36.178257][ T3309] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   36.204122][ T3304] team0: Port device team_slave_1 added
[   36.229508][ T3309] team0: Port device team_slave_0 added
[   36.248078][ T3312] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   36.258121][ T3309] team0: Port device team_slave_1 added
[   36.264846][ T3312] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   36.276900][ T3304] batman_adv: batadv0: Adding interface: batadv_slave_0
[   36.283863][ T3304] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.309841][ T3304] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.345860][ T3304] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.352885][ T3304] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.378844][ T3304] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   36.399701][ T3312] team0: Port device team_slave_0 added
[   36.405781][ T3309] batman_adv: batadv0: Adding interface: batadv_slave_0
[   36.412762][ T3309] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.438709][ T3309] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.471713][ T3312] team0: Port device team_slave_1 added
[   36.483123][ T3309] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.490139][ T3309] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.516104][ T3309] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   36.527027][ T3307] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.534155][ T3307] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.541414][ T3307] bridge_slave_0: entered allmulticast mode
[   36.547913][ T3307] bridge_slave_0: entered promiscuous mode
[   36.554811][ T3307] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.561896][ T3307] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.569128][ T3307] bridge_slave_1: entered allmulticast mode
[   36.575698][ T3307] bridge_slave_1: entered promiscuous mode
[   36.592627][ T3312] batman_adv: batadv0: Adding interface: batadv_slave_0
[   36.599629][ T3312] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.625579][ T3312] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.650503][ T3312] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.657543][ T3312] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.683531][ T3312] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   36.703497][ T3307] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   36.728472][ T3307] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   36.743178][ T3309] hsr_slave_0: entered promiscuous mode
[   36.749317][ T3309] hsr_slave_1: entered promiscuous mode
[   36.755195][ T3309] debugfs: 'hsr0' already exists in 'hsr'
[   36.760940][ T3309] Cannot create hsr debugfs directory
[   36.774710][ T3304] hsr_slave_0: entered promiscuous mode
[   36.780770][ T3304] hsr_slave_1: entered promiscuous mode
[   36.786612][ T3304] debugfs: 'hsr0' already exists in 'hsr'
[   36.792341][ T3304] Cannot create hsr debugfs directory
[   36.824084][ T3312] hsr_slave_0: entered promiscuous mode
[   36.830277][ T3312] hsr_slave_1: entered promiscuous mode
[   36.836335][ T3312] debugfs: 'hsr0' already exists in 'hsr'
[   36.842085][ T3312] Cannot create hsr debugfs directory
[   36.857976][ T3307] team0: Port device team_slave_0 added
[   36.887875][ T3307] team0: Port device team_slave_1 added
[   36.930189][ T3307] batman_adv: batadv0: Adding interface: batadv_slave_0
[   36.937195][ T3307] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.963303][ T3307] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.977100][ T3307] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.984075][ T3307] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.010007][ T3307] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   37.020681][ T3305] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   37.041825][ T3305] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   37.063445][ T3305] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   37.083055][ T3305] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   37.128889][ T3307] hsr_slave_0: entered promiscuous mode
[   37.134915][ T3307] hsr_slave_1: entered promiscuous mode
[   37.140738][ T3307] debugfs: 'hsr0' already exists in 'hsr'
[   37.146568][ T3307] Cannot create hsr debugfs directory
[   37.193788][ T3309] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   37.211033][ T3309] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   37.219921][ T3309] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   37.228925][ T3309] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   37.273455][ T3305] 8021q: adding VLAN 0 to HW filter on device bond0
[   37.296484][ T3304] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   37.305557][ T3304] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   37.315062][ T3304] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   37.325525][ T3304] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   37.352489][ T3305] 8021q: adding VLAN 0 to HW filter on device team0
[   37.367417][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.374554][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.395800][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.402922][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.421849][ T3312] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   37.433205][ T3312] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   37.442781][ T3312] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   37.452246][ T3312] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   37.500298][ T3307] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   37.519486][ T3307] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   37.540523][ T3307] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   37.550953][ T3309] 8021q: adding VLAN 0 to HW filter on device bond0
[   37.562452][ T3309] 8021q: adding VLAN 0 to HW filter on device team0
[   37.576128][ T3307] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   37.588923][ T1886] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.596095][ T1886] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.617124][ T1886] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.624210][ T1886] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.652229][ T3304] 8021q: adding VLAN 0 to HW filter on device bond0
[   37.674951][ T3305] 8021q: adding VLAN 0 to HW filter on device batadv0
[   37.690156][ T3309] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   37.700633][ T3309] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   37.717416][ T3304] 8021q: adding VLAN 0 to HW filter on device team0
[   37.732995][   T54] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.740198][   T54] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.749161][   T54] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.756234][   T54] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.800119][ T3312] 8021q: adding VLAN 0 to HW filter on device bond0
[   37.813477][ T3304] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   37.823967][ T3304] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   37.858432][ T3312] 8021q: adding VLAN 0 to HW filter on device team0
[   37.877019][ T3307] 8021q: adding VLAN 0 to HW filter on device bond0
[   37.890226][ T3309] 8021q: adding VLAN 0 to HW filter on device batadv0
[   37.903715][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.910912][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.928951][ T3307] 8021q: adding VLAN 0 to HW filter on device team0
[   37.944612][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.951687][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.964291][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.971610][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.984189][ T3304] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.003451][ T3429] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.010580][ T3429] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.099940][ T3305] veth0_vlan: entered promiscuous mode
[   38.118578][ T3305] veth1_vlan: entered promiscuous mode
[   38.141067][ T3305] veth0_macvtap: entered promiscuous mode
[   38.153925][ T3305] veth1_macvtap: entered promiscuous mode
[   38.174510][ T3305] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.187746][ T3309] veth0_vlan: entered promiscuous mode
[   38.215330][ T3309] veth1_vlan: entered promiscuous mode
[   38.225576][ T3312] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.239524][ T3305] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.253774][ T3304] veth0_vlan: entered promiscuous mode
[   38.262939][ T3429] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.278268][ T3307] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.287292][ T3429] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.308038][   T37] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.317780][ T3304] veth1_vlan: entered promiscuous mode
[   38.329882][ T3309] veth0_macvtap: entered promiscuous mode
[   38.336937][   T37] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.366007][ T3309] veth1_macvtap: entered promiscuous mode
[   38.375717][ T3305] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   38.380072][ T3309] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.407262][ T3304] veth0_macvtap: entered promiscuous mode
[   38.420152][ T3304] veth1_macvtap: entered promiscuous mode
[   38.433529][ T3309] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.458423][ T3304] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.469298][   T37] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.499499][   T37] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.511802][ T3304] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.527450][   T37] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.561066][   T37] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.590840][ T3312] veth0_vlan: entered promiscuous mode
[   38.598642][  T351] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.610349][ T3307] veth0_vlan: entered promiscuous mode
[   38.624194][   T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.633433][ T1886] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.651685][ T3481] SELinux: security_context_str_to_sid (Eá…) failed with errno=-22
[   38.659851][ T1886] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.671879][ T3312] veth1_vlan: entered promiscuous mode
[   38.686505][ T3307] veth1_vlan: entered promiscuous mode
[   38.708899][ T3481] loop4: detected capacity change from 0 to 1024
[   38.726058][   T29] kauditd_printk_skb: 33 callbacks suppressed
[   38.726074][   T29] audit: type=1400 audit(1758203712.495:105): avc:  denied  { execute } for  pid=3482 comm="syz.2.3" dev="tmpfs" ino=1025 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   38.726226][ T3312] veth0_macvtap: entered promiscuous mode
[   38.732340][ T3486] process 'syz.2.3' launched '/dev/fd/6' with NULL argv: empty string added
[   38.768112][ T3307] veth0_macvtap: entered promiscuous mode
[   38.774964][ T3481] EXT4-fs: Ignoring removed nomblk_io_submit option
[   38.784801][   T29] audit: type=1400 audit(1758203712.545:106): avc:  denied  { execute_no_trans } for  pid=3482 comm="syz.2.3" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=1025 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   38.818839][ T3307] veth1_macvtap: entered promiscuous mode
[   38.826248][ T3312] veth1_macvtap: entered promiscuous mode
[   38.833660][ T3481] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[   38.844986][ T3307] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.847465][ T3481] System zones: 0-1, 3-36
[   38.860513][ T3312] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.878461][ T3481] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.913696][   T29] audit: type=1400 audit(1758203712.595:107): avc:  denied  { create } for  pid=3483 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   38.933061][   T29] audit: type=1400 audit(1758203712.595:108): avc:  denied  { write } for  pid=3483 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   38.952233][   T29] audit: type=1400 audit(1758203712.595:109): avc:  denied  { connect } for  pid=3483 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   38.971680][   T29] audit: type=1400 audit(1758203712.595:110): avc:  denied  { name_connect } for  pid=3483 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[   38.987483][ T3312] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.991641][   T29] audit: type=1400 audit(1758203712.615:111): avc:  denied  { name_connect } for  pid=3483 comm="syz.0.1" dest=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[   39.003775][ T3307] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.020714][   T29] audit: type=1400 audit(1758203712.665:112): avc:  denied  { relabelfrom } for  pid=3483 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   39.047737][   T29] audit: type=1400 audit(1758203712.665:113): avc:  denied  { relabelto } for  pid=3483 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   39.076263][   T37] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.088244][   T29] audit: type=1400 audit(1758203712.725:114): avc:  denied  { mount } for  pid=3480 comm="syz.4.6" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   39.111556][ T3486] usb usb8: usbfs: process 3486 (syz.2.3) did not claim interface 0 before use
[   39.140474][   T37] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.174089][   T37] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.243223][   T37] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.280038][   T37] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.365335][   T37] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.523436][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.553220][   T37] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.725415][   T37] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.781051][ T3508] loop1: detected capacity change from 0 to 2048
[   39.822932][ T3512] FAULT_INJECTION: forcing a failure.
[   39.822932][ T3512] name failslab, interval 1, probability 0, space 0, times 1
[   39.835733][ T3512] CPU: 1 UID: 0 PID: 3512 Comm: syz.2.10 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   39.835760][ T3512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   39.835772][ T3512] Call Trace:
[   39.835779][ T3512]  <TASK>
[   39.835787][ T3512]  __dump_stack+0x1d/0x30
[   39.835882][ T3512]  dump_stack_lvl+0xe8/0x140
[   39.835974][ T3512]  dump_stack+0x15/0x1b
[   39.835992][ T3512]  should_fail_ex+0x265/0x280
[   39.836023][ T3512]  should_failslab+0x8c/0xb0
[   39.836052][ T3512]  __kvmalloc_node_noprof+0x123/0x4e0
[   39.836095][ T3512]  ? newary+0xe8/0x620
[   39.836125][ T3512]  newary+0xe8/0x620
[   39.836154][ T3512]  ? __cond_resched+0x4e/0x90
[   39.836187][ T3512]  ipcget+0x33d/0x4f0
[   39.836270][ T3512]  __x64_sys_semget+0xfb/0x130
[   39.836304][ T3512]  x64_sys_call+0x6bf/0x2ff0
[   39.836335][ T3512]  do_syscall_64+0xd2/0x200
[   39.836375][ T3512]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   39.836474][ T3512]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   39.836517][ T3512]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   39.836556][ T3512] RIP: 0033:0x7f4d0658eba9
[   39.836624][ T3512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   39.836652][ T3512] RSP: 002b:00007f4d04ff7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000040
[   39.836676][ T3512] RAX: ffffffffffffffda RBX: 00007f4d067d5fa0 RCX: 00007f4d0658eba9
[   39.836692][ T3512] RDX: 000000000000042a RSI: 0000004000000009 RDI: 0000000000000000
[   39.836707][ T3512] RBP: 00007f4d04ff7090 R08: 0000000000000000 R09: 0000000000000000
[   39.836720][ T3512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   39.836731][ T3512] R13: 00007f4d067d6038 R14: 00007f4d067d5fa0 R15: 00007ffe2bc16018
[   39.836830][ T3512]  </TASK>
[   40.100008][ T3508] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[   40.196750][ T3496] blktrace: Concurrent blktraces are not allowed on loop0
[   40.450399][ T3517] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11'.
[   40.470570][ T3517] netlink: 312 bytes leftover after parsing attributes in process `syz.2.11'.
[   40.486283][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   40.624697][ T3525] FAULT_INJECTION: forcing a failure.
[   40.624697][ T3525] name failslab, interval 1, probability 0, space 0, times 0
[   40.637407][ T3525] CPU: 1 UID: 0 PID: 3525 Comm: syz.2.14 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   40.637437][ T3525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   40.637454][ T3525] Call Trace:
[   40.637462][ T3525]  <TASK>
[   40.637472][ T3525]  __dump_stack+0x1d/0x30
[   40.637498][ T3525]  dump_stack_lvl+0xe8/0x140
[   40.637553][ T3525]  dump_stack+0x15/0x1b
[   40.637575][ T3525]  should_fail_ex+0x265/0x280
[   40.637606][ T3525]  should_failslab+0x8c/0xb0
[   40.637692][ T3525]  kmem_cache_alloc_node_noprof+0x57/0x320
[   40.637722][ T3525]  ? __alloc_skb+0x101/0x320
[   40.637746][ T3525]  __alloc_skb+0x101/0x320
[   40.637774][ T3525]  netlink_alloc_large_skb+0xba/0xf0
[   40.637946][ T3525]  netlink_sendmsg+0x3cf/0x6b0
[   40.637993][ T3525]  ? __pfx_netlink_sendmsg+0x10/0x10
[   40.638028][ T3525]  __sock_sendmsg+0x145/0x180
[   40.638066][ T3525]  ____sys_sendmsg+0x31e/0x4e0
[   40.638166][ T3525]  ___sys_sendmsg+0x17b/0x1d0
[   40.638223][ T3525]  __x64_sys_sendmsg+0xd4/0x160
[   40.638262][ T3525]  x64_sys_call+0x191e/0x2ff0
[   40.638286][ T3525]  do_syscall_64+0xd2/0x200
[   40.638378][ T3525]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   40.638411][ T3525]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   40.638448][ T3525]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   40.638473][ T3525] RIP: 0033:0x7f4d0658eba9
[   40.638521][ T3525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   40.638612][ T3525] RSP: 002b:00007f4d04ff7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   40.638631][ T3525] RAX: ffffffffffffffda RBX: 00007f4d067d5fa0 RCX: 00007f4d0658eba9
[   40.638645][ T3525] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000004
[   40.638660][ T3525] RBP: 00007f4d04ff7090 R08: 0000000000000000 R09: 0000000000000000
[   40.638671][ T3525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   40.638743][ T3525] R13: 00007f4d067d6038 R14: 00007f4d067d5fa0 R15: 00007ffe2bc16018
[   40.638765][ T3525]  </TASK>
[   40.852971][ T3522] sock: sock_timestamping_bind_phc: sock not bind to device
[   40.868917][ T3526] loop4: detected capacity change from 0 to 256
[   40.897395][ T3530] FAULT_INJECTION: forcing a failure.
[   40.897395][ T3530] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   40.910638][ T3530] CPU: 0 UID: 0 PID: 3530 Comm: syz.3.16 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   40.910669][ T3530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   40.910682][ T3530] Call Trace:
[   40.910689][ T3530]  <TASK>
[   40.910696][ T3530]  __dump_stack+0x1d/0x30
[   40.910745][ T3530]  dump_stack_lvl+0xe8/0x140
[   40.910767][ T3530]  dump_stack+0x15/0x1b
[   40.910787][ T3530]  should_fail_ex+0x265/0x280
[   40.910816][ T3530]  should_fail+0xb/0x20
[   40.910849][ T3530]  should_fail_usercopy+0x1a/0x20
[   40.910875][ T3530]  _copy_from_user+0x1c/0xb0
[   40.910917][ T3530]  __se_sys_mount+0x10d/0x2e0
[   40.910945][ T3530]  ? fput+0x8f/0xc0
[   40.910978][ T3530]  ? ksys_write+0x192/0x1a0
[   40.911004][ T3530]  __x64_sys_mount+0x67/0x80
[   40.911074][ T3530]  x64_sys_call+0x2b4d/0x2ff0
[   40.911102][ T3530]  do_syscall_64+0xd2/0x200
[   40.911138][ T3530]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   40.911165][ T3530]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   40.911261][ T3530]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   40.911331][ T3530] RIP: 0033:0x7faf7caceba9
[   40.911349][ T3530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   40.911371][ T3530] RSP: 002b:00007faf7b52f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   40.911392][ T3530] RAX: ffffffffffffffda RBX: 00007faf7cd15fa0 RCX: 00007faf7caceba9
[   40.911407][ T3530] RDX: 00002000000002c0 RSI: 0000200000000280 RDI: 0000200000000100
[   40.911422][ T3530] RBP: 00007faf7b52f090 R08: 0000200000000300 R09: 0000000000000000
[   40.911436][ T3530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   40.911483][ T3530] R13: 00007faf7cd16038 R14: 00007faf7cd15fa0 R15: 00007ffc34869b18
[   40.911503][ T3530]  </TASK>
[   41.114141][ T3535] netlink: 16 bytes leftover after parsing attributes in process `syz.3.18'.
[   41.123082][ T3535] netlink: 104 bytes leftover after parsing attributes in process `syz.3.18'.
[   41.189837][ T3535] Zero length message leads to an empty skb
[   41.241641][   T37] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[   41.249571][   T37] FAT-fs (loop4): Filesystem has been set read-only
[   41.257297][   T37] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[   41.266832][ T3547] loop2: detected capacity change from 0 to 512
[   41.270865][   T37] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[   41.281878][   T37] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[   41.295032][ T3547] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   41.335716][ T3544] sock: sock_timestamping_bind_phc: sock not bind to device
[   41.366240][ T3547] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   41.395109][ T3547] EXT4-fs (loop2): orphan cleanup on readonly fs
[   41.413693][ T3547] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.21: corrupted inode contents
[   41.475990][ T3547] EXT4-fs (loop2): Remounting filesystem read-only
[   41.482830][ T3547] EXT4-fs (loop2): 1 truncate cleaned up
[   41.489604][ T3429] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   41.500214][ T3429] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   41.522350][ T3429] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   41.683702][ T3547] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   41.900573][ T3581] netdevsim netdevsim4: Direct firmware load for ./file0/file1 failed with error -2
[   42.137070][ T3547] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.220277][ T3585] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[   42.226857][ T3585] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   42.234668][ T3585] vhci_hcd vhci_hcd.0: Device attached
[   42.368998][ T3547] loop2: detected capacity change from 0 to 512
[   42.432591][ T3547] EXT4-fs: Ignoring removed mblk_io_submit option
[   42.455117][ T3547] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   42.479365][ T3587] vhci_hcd: connection closed
[   42.480785][   T37] vhci_hcd: stop threads
[   42.489878][   T37] vhci_hcd: release socket
[   42.494346][   T37] vhci_hcd: disconnect device
[   42.499117][ T3400] vhci_hcd: vhci_device speed not set
[   42.510619][ T3547] EXT4-fs (loop2): 1 truncate cleaned up
[   42.529924][ T3547] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.559146][ T3608] sock: sock_timestamping_bind_phc: sock not bind to device
[   42.587799][ T3610] sock: sock_timestamping_bind_phc: sock not bind to device
[   42.851096][ T3617] syz.2.21 (3617) used greatest stack depth: 10688 bytes left
[   42.875800][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.225183][ T3666] loop1: detected capacity change from 0 to 128
[   43.228015][ T3669] loop4: detected capacity change from 0 to 512
[   43.247983][ T3636] netlink: 24 bytes leftover after parsing attributes in process `syz.2.38'.
[   43.257135][ T3669] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   43.273822][ T3669] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   43.328298][ T3669] EXT4-fs (loop4): 1 truncate cleaned up
[   43.344696][ T3669] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.372504][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.399256][ T3679] loop2: detected capacity change from 0 to 256
[   43.500004][ T3685] loop3: detected capacity change from 0 to 512
[   43.514748][   T31] FAT-fs (loop2): error, corrupted file size (i_pos 196, 2097152)
[   43.522695][   T31] FAT-fs (loop2): Filesystem has been set read-only
[   43.544405][ T3685] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e002e028, mo2=0002]
[   43.554422][ T3689] loop4: detected capacity change from 0 to 512
[   43.574573][ T3685] System zones: 0-2, 18-18, 34-34
[   43.579673][   T31] FAT-fs (loop2): error, corrupted file size (i_pos 196, 2097152)
[   43.591049][ T3689] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   43.591157][ T3689] EXT4-fs (loop4): orphan cleanup on readonly fs
[   43.606852][ T3685] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 42 vs 41 free clusters
[   43.609629][   T37] FAT-fs (loop2): error, corrupted file size (i_pos 196, 2097152)
[   43.630070][ T3685] EXT4-fs (loop3): Remounting filesystem read-only
[   43.639113][ T3689] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.49: corrupted inode contents
[   43.639768][   T37] FAT-fs (loop2): error, corrupted file size (i_pos 196, 2097152)
[   43.659378][ T3685] EXT4-fs (loop3): 1 truncate cleaned up
[   43.666718][ T3685] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.679631][ T3685] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   43.680393][ T3429] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   43.700805][ T3429] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   43.711874][ T3689] EXT4-fs (loop4): Remounting filesystem read-only
[   43.718678][ T3689] EXT4-fs (loop4): 1 truncate cleaned up
[   43.728024][ T3429] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   43.738422][ T3429] __quota_error: 492 callbacks suppressed
[   43.738437][ T3429] Quota error (device loop3): v2_write_file_info: Can't write info structure
[   43.753365][   T29] audit: type=1400 audit(1758203717.515:596): avc:  denied  { create } for  pid=3693 comm="syz.2.48" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   43.772948][   T29] audit: type=1400 audit(1758203717.515:597): avc:  denied  { create } for  pid=3693 comm="syz.2.48" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[   43.772980][   T29] audit: type=1400 audit(1758203717.515:598): avc:  denied  { wake_alarm } for  pid=3693 comm="syz.2.48" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   43.773411][ T3429] Quota error (device loop3): dquot_write_dquot: Can't write quota structure (error -30). Quota may get out of sync!
[   43.827075][ T3429] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   43.837181][ T3429] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   43.847885][ T3429] Quota error (device loop4): write_blk: dquota write failed
[   43.855468][ T3429] Quota error (device loop4): remove_free_dqentry: Can't write block (5) with free entries
[   43.865527][ T3429] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   43.876118][ T3429] Quota error (device loop4): write_blk: dquota write failed
[   43.883552][ T3429] Quota error (device loop4): free_dqentry: Can't move quota data block (5) to free list
[   43.903893][ T3429] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   43.906342][ T3697] netlink: 'syz.2.50': attribute type 13 has an invalid length.
[   43.914882][ T3689] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   43.935192][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.965449][ T3689] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.976900][ T3699] sock: sock_timestamping_bind_phc: sock not bind to device
[   44.031130][ T3689] loop4: detected capacity change from 0 to 512
[   44.062659][ T3689] EXT4-fs: Ignoring removed mblk_io_submit option
[   44.096988][ T3689] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   44.140660][ T3689] EXT4-fs (loop4): 1 truncate cleaned up
[   44.153805][ T3689] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.420947][ T3735] loop3: detected capacity change from 0 to 256
[   44.561345][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.697040][   T37] FAT-fs (loop3): error, corrupted file size (i_pos 196, 2097152)
[   44.704967][   T37] FAT-fs (loop3): Filesystem has been set read-only
[   44.712802][   T37] FAT-fs (loop3): error, corrupted file size (i_pos 196, 2097152)
[   44.726630][   T37] FAT-fs (loop3): error, corrupted file size (i_pos 196, 2097152)
[   44.744083][   T37] FAT-fs (loop3): error, corrupted file size (i_pos 196, 2097152)
[   44.980178][ T3763] netdevsim netdevsim3: Direct firmware load for ./file0/file1 failed with error -2
[   45.024524][ T3765] SELinux:  Context  is not valid (left unmapped).
[   45.406456][ T3779] sock: sock_timestamping_bind_phc: sock not bind to device
[   45.418792][ T3776] netlink: 24 bytes leftover after parsing attributes in process `syz.2.68'.
[   45.456090][ T3776] netlink: 4 bytes leftover after parsing attributes in process `syz.2.68'.
[   45.478364][ T3776] hsr_slave_0 (unregistering): left promiscuous mode
[   45.539705][ T3791] loop1: detected capacity change from 0 to 256
[   45.627572][   T51] FAT-fs (loop1): error, corrupted file size (i_pos 196, 2097152)
[   45.635466][   T51] FAT-fs (loop1): Filesystem has been set read-only
[   45.642194][   T51] FAT-fs (loop1): error, corrupted file size (i_pos 196, 2097152)
[   45.651846][   T37] FAT-fs (loop1): error, corrupted file size (i_pos 196, 2097152)
[   45.669584][   T37] FAT-fs (loop1): error, corrupted file size (i_pos 196, 2097152)
[   45.724034][ T3803] loop1: detected capacity change from 0 to 512
[   45.747068][ T3803] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   45.755939][ T3803] EXT4-fs (loop1): orphan cleanup on readonly fs
[   45.778968][ T3803] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.74: corrupted inode contents
[   45.804511][ T3803] EXT4-fs (loop1): Remounting filesystem read-only
[   45.811677][ T3803] EXT4-fs (loop1): 1 truncate cleaned up
[   45.818450][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   45.829066][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   45.843546][   T12] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   45.854358][ T3803] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   45.867635][ T3803] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.903435][ T3822] FAULT_INJECTION: forcing a failure.
[   45.903435][ T3822] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   45.916695][ T3822] CPU: 1 UID: 0 PID: 3822 Comm: syz.2.79 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   45.916727][ T3822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   45.916758][ T3822] Call Trace:
[   45.916767][ T3822]  <TASK>
[   45.916776][ T3822]  __dump_stack+0x1d/0x30
[   45.916798][ T3822]  dump_stack_lvl+0xe8/0x140
[   45.916823][ T3822]  dump_stack+0x15/0x1b
[   45.916922][ T3822]  should_fail_ex+0x265/0x280
[   45.916953][ T3822]  should_fail+0xb/0x20
[   45.917066][ T3822]  should_fail_usercopy+0x1a/0x20
[   45.917098][ T3822]  _copy_to_user+0x20/0xa0
[   45.917135][ T3822]  simple_read_from_buffer+0xb5/0x130
[   45.917164][ T3822]  proc_fail_nth_read+0x10e/0x150
[   45.917273][ T3822]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   45.917371][ T3822]  vfs_read+0x1a5/0x770
[   45.917391][ T3822]  ? __rcu_read_unlock+0x4f/0x70
[   45.917414][ T3822]  ? __fget_files+0x184/0x1c0
[   45.917449][ T3822]  ksys_read+0xda/0x1a0
[   45.917543][ T3822]  __x64_sys_read+0x40/0x50
[   45.917570][ T3822]  x64_sys_call+0x27bc/0x2ff0
[   45.917599][ T3822]  do_syscall_64+0xd2/0x200
[   45.917637][ T3822]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   45.917698][ T3822]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   45.917732][ T3822]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.917759][ T3822] RIP: 0033:0x7f4d0658d5bc
[   45.917839][ T3822] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   45.917858][ T3822] RSP: 002b:00007f4d04ff7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   45.917879][ T3822] RAX: ffffffffffffffda RBX: 00007f4d067d5fa0 RCX: 00007f4d0658d5bc
[   45.917894][ T3822] RDX: 000000000000000f RSI: 00007f4d04ff70a0 RDI: 0000000000000007
[   45.917909][ T3822] RBP: 00007f4d04ff7090 R08: 0000000000000000 R09: 0000000000000000
[   45.917924][ T3822] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[   45.917950][ T3822] R13: 00007f4d067d6038 R14: 00007f4d067d5fa0 R15: 00007ffe2bc16018
[   45.917974][ T3822]  </TASK>
[   46.129130][ T3803] loop1: detected capacity change from 0 to 512
[   46.136588][ T3803] EXT4-fs: Ignoring removed mblk_io_submit option
[   46.157053][ T3803] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   46.181784][ T3803] EXT4-fs (loop1): 1 truncate cleaned up
[   46.188075][ T3803] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.204016][ T3828] netlink: 'syz.0.80': attribute type 21 has an invalid length.
[   46.211827][ T3828] netlink: 156 bytes leftover after parsing attributes in process `syz.0.80'.
[   46.238034][ T3829] loop0: detected capacity change from 0 to 764
[   46.396530][ T3850] SELinux:  Context *]!^Q is not valid (left unmapped).
[   46.421253][ T3852] loop4: detected capacity change from 0 to 256
[   46.491067][   T31] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[   46.499197][   T31] FAT-fs (loop4): Filesystem has been set read-only
[   46.518754][   T31] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[   46.527127][   T51] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[   46.563208][   T51] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[   46.608213][ T3866] netlink: 'syz.4.86': attribute type 10 has an invalid length.
[   46.616072][ T3866] netlink: 40 bytes leftover after parsing attributes in process `syz.4.86'.
[   46.633659][ T3866] dummy0: entered promiscuous mode
[   46.644180][ T3866] bridge0: port 3(dummy0) entered blocking state
[   46.650874][ T3866] bridge0: port 3(dummy0) entered disabled state
[   46.686036][ T3866] dummy0: entered allmulticast mode
[   46.692149][ T3866] bridge0: port 3(dummy0) entered blocking state
[   46.698794][ T3866] bridge0: port 3(dummy0) entered forwarding state
[   46.737894][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.752481][ T3871] $Hÿ: renamed from bond0 (while UP)
[   46.766055][ T3871] $Hÿ: entered promiscuous mode
[   46.771202][ T3871] bond_slave_0: entered promiscuous mode
[   46.777246][ T3871] bond_slave_1: entered promiscuous mode
[   46.813294][ T3871] syz.2.90 (3871) used greatest stack depth: 10560 bytes left
[   46.901600][    C0] hrtimer: interrupt took 27447 ns
[   46.940065][ T3884] loop4: detected capacity change from 0 to 512
[   46.992966][ T3884] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   47.064690][ T3895] usb usb8: usbfs: process 3895 (syz.3.89) did not claim interface 0 before use
[   47.401149][ T3906] SELinux:  policydb magic number 0x85 does not match expected magic number 0xf97cff8c
[   47.412086][ T3906] SELinux: failed to load policy
[   47.620762][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.678928][ T3925] FAULT_INJECTION: forcing a failure.
[   47.678928][ T3925] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   47.692231][ T3925] CPU: 1 UID: 0 PID: 3925 Comm: syz.4.102 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   47.692264][ T3925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   47.692278][ T3925] Call Trace:
[   47.692285][ T3925]  <TASK>
[   47.692293][ T3925]  __dump_stack+0x1d/0x30
[   47.692373][ T3925]  dump_stack_lvl+0xe8/0x140
[   47.692460][ T3925]  dump_stack+0x15/0x1b
[   47.692482][ T3925]  should_fail_ex+0x265/0x280
[   47.692514][ T3925]  should_fail+0xb/0x20
[   47.692541][ T3925]  should_fail_usercopy+0x1a/0x20
[   47.692574][ T3925]  _copy_from_iter+0xd2/0xe80
[   47.692614][ T3925]  ? should_fail_ex+0xdb/0x280
[   47.692697][ T3925]  ? should_failslab+0x8c/0xb0
[   47.692727][ T3925]  ? __kmalloc_noprof+0x1dd/0x3e0
[   47.692762][ T3925]  ? kernfs_fop_write_iter+0xe2/0x300
[   47.692954][ T3925]  kernfs_fop_write_iter+0x125/0x300
[   47.692995][ T3925]  ? __import_iovec+0x428/0x540
[   47.693039][ T3925]  do_iter_readv_writev+0x499/0x540
[   47.693148][ T3925]  vfs_writev+0x2df/0x8b0
[   47.693191][ T3925]  ? mutex_lock+0xd/0x30
[   47.693224][ T3925]  do_writev+0xe7/0x210
[   47.693264][ T3925]  __x64_sys_writev+0x45/0x50
[   47.693322][ T3925]  x64_sys_call+0x1e9a/0x2ff0
[   47.693343][ T3925]  do_syscall_64+0xd2/0x200
[   47.693390][ T3925]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   47.693433][ T3925]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   47.693472][ T3925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.693500][ T3925] RIP: 0033:0x7fee37cdeba9
[   47.693520][ T3925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.693538][ T3925] RSP: 002b:00007fee3673f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   47.693580][ T3925] RAX: ffffffffffffffda RBX: 00007fee37f25fa0 RCX: 00007fee37cdeba9
[   47.693596][ T3925] RDX: 0000000000000001 RSI: 00002000000001c0 RDI: 0000000000000005
[   47.693612][ T3925] RBP: 00007fee3673f090 R08: 0000000000000000 R09: 0000000000000000
[   47.693633][ T3925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   47.693649][ T3925] R13: 00007fee37f26038 R14: 00007fee37f25fa0 R15: 00007ffcfc2352e8
[   47.693672][ T3925]  </TASK>
[   47.989435][ T3935] FAULT_INJECTION: forcing a failure.
[   47.989435][ T3935] name failslab, interval 1, probability 0, space 0, times 0
[   48.002242][ T3935] CPU: 1 UID: 0 PID: 3935 Comm: syz.1.104 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   48.002306][ T3935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   48.002395][ T3935] Call Trace:
[   48.002402][ T3935]  <TASK>
[   48.002410][ T3935]  __dump_stack+0x1d/0x30
[   48.002434][ T3935]  dump_stack_lvl+0xe8/0x140
[   48.002457][ T3935]  dump_stack+0x15/0x1b
[   48.002542][ T3935]  should_fail_ex+0x265/0x280
[   48.002574][ T3935]  should_failslab+0x8c/0xb0
[   48.002657][ T3935]  kmem_cache_alloc_noprof+0x50/0x310
[   48.002690][ T3935]  ? skb_clone+0x151/0x1f0
[   48.002726][ T3935]  skb_clone+0x151/0x1f0
[   48.002834][ T3935]  __netlink_deliver_tap+0x2c9/0x500
[   48.002873][ T3935]  netlink_unicast+0x66b/0x690
[   48.002905][ T3935]  netlink_sendmsg+0x58b/0x6b0
[   48.002942][ T3935]  ? __pfx_netlink_sendmsg+0x10/0x10
[   48.003043][ T3935]  __sock_sendmsg+0x145/0x180
[   48.003085][ T3935]  ____sys_sendmsg+0x31e/0x4e0
[   48.003130][ T3935]  ___sys_sendmsg+0x17b/0x1d0
[   48.003188][ T3935]  __x64_sys_sendmsg+0xd4/0x160
[   48.003229][ T3935]  x64_sys_call+0x191e/0x2ff0
[   48.003286][ T3935]  do_syscall_64+0xd2/0x200
[   48.003334][ T3935]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   48.003377][ T3935]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   48.003428][ T3935]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.003455][ T3935] RIP: 0033:0x7f58b0a4eba9
[   48.003474][ T3935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.003496][ T3935] RSP: 002b:00007f58af496038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   48.003519][ T3935] RAX: ffffffffffffffda RBX: 00007f58b0c96090 RCX: 00007f58b0a4eba9
[   48.003577][ T3935] RDX: 0000000004000c10 RSI: 0000200000000180 RDI: 0000000000000003
[   48.003589][ T3935] RBP: 00007f58af496090 R08: 0000000000000000 R09: 0000000000000000
[   48.003609][ T3935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.003622][ T3935] R13: 00007f58b0c96128 R14: 00007f58b0c96090 R15: 00007ffd2d85eec8
[   48.003646][ T3935]  </TASK>
[   48.003944][ T3935] netlink: 'syz.1.104': attribute type 13 has an invalid length.
[   48.532758][ T3935] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.540057][ T3935] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.618731][ T3935] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   48.631505][ T3935] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   48.699294][ T3943] netlink: 'syz.0.107': attribute type 13 has an invalid length.
[   48.707418][   T37] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   48.727311][   T37] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   48.789441][   T29] kauditd_printk_skb: 568 callbacks suppressed
[   48.789456][   T29] audit: type=1400 audit(1758203722.555:1159): avc:  denied  { open } for  pid=3948 comm="syz.2.109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   48.814984][   T29] audit: type=1400 audit(1758203722.555:1160): avc:  denied  { kernel } for  pid=3948 comm="syz.2.109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   48.841507][   T37] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   48.850938][   T37] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   48.860640][   T29] audit: type=1400 audit(1758203722.605:1161): avc:  denied  { create } for  pid=3946 comm="syz.0.110" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   48.880307][   T29] audit: type=1400 audit(1758203722.605:1162): avc:  denied  { create } for  pid=3946 comm="syz.0.110" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[   48.899760][   T29] audit: type=1400 audit(1758203722.605:1163): avc:  denied  { create } for  pid=3946 comm="syz.0.110" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   48.920144][   T29] audit: type=1400 audit(1758203722.605:1164): avc:  denied  { wake_alarm } for  pid=3946 comm="syz.0.110" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   49.065965][ T3949] loop2: detected capacity change from 0 to 512
[   49.085827][   T29] audit: type=1400 audit(1758203722.715:1165): avc:  denied  { read } for  pid=3948 comm="syz.2.109" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   49.109114][   T29] audit: type=1400 audit(1758203722.715:1166): avc:  denied  { open } for  pid=3948 comm="syz.2.109" path="/dev/input/event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   49.133197][   T29] audit: type=1400 audit(1758203722.845:1167): avc:  denied  { mounton } for  pid=3948 comm="syz.2.109" path="/33/file0" dev="tmpfs" ino=193 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   49.352396][ T3949] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.379601][   T29] audit: type=1400 audit(1758203723.095:1168): avc:  denied  { create } for  pid=3945 comm="syz.1.108" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   49.742804][ T3970] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[   49.749378][ T3970] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   49.757152][ T3970] vhci_hcd vhci_hcd.0: Device attached
[   49.847803][ T3979] loop4: detected capacity change from 0 to 256
[   49.848219][ T3978] netlink: 'syz.3.120': attribute type 13 has an invalid length.
[   49.909660][ T3981] SELinux:  policydb magic number 0x85 does not match expected magic number 0xf97cff8c
[   49.925438][ T3972] vhci_hcd: connection closed
[   49.927085][   T37] vhci_hcd: stop threads
[   49.936142][   T37] vhci_hcd: release socket
[   49.940573][   T37] vhci_hcd: disconnect device
[   49.947301][ T3400] vhci_hcd: vhci_device speed not set
[   49.958555][ T3981] SELinux: failed to load policy
[   50.012288][ T3988] Driver unsupported XDP return value 0 on prog  (id 86) dev N/A, expect packet loss!
[   50.062002][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.269771][ T4003] sock: sock_timestamping_bind_phc: sock not bind to device
[   50.304658][ T4005] usb usb8: usbfs: process 4005 (syz.1.124) did not claim interface 0 before use
[   50.665526][ T4019] loop0: detected capacity change from 0 to 512
[   50.723764][ T4019] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.758104][   T31] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[   50.766034][   T31] FAT-fs (loop4): Filesystem has been set read-only
[   50.772788][   T31] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[   50.781257][   T31] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[   50.789342][   T31] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[   50.797729][   T31] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[   50.806091][   T31] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[   50.814605][   T31] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[   50.822593][   T31] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[   51.066806][ T4043] SELinux:  policydb magic number 0x85 does not match expected magic number 0xf97cff8c
[   51.085167][ T4042] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[   51.091728][ T4042] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   51.099381][ T4042] vhci_hcd vhci_hcd.0: Device attached
[   51.170520][ T4048] loop4: detected capacity change from 0 to 512
[   51.197506][ T4043] SELinux: failed to load policy
[   51.303652][ T3393] vhci_hcd: vhci_device speed not set
[   51.354633][ T4048] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   51.362830][ T4048] EXT4-fs (loop4): orphan cleanup on readonly fs
[   51.385476][ T3393] usb 3-1: new full-speed USB device number 2 using vhci_hcd
[   51.389142][ T4044] vhci_hcd: connection closed
[   51.393078][ T4046] vhci_hcd: sendmsg failed!, ret=-32 for 48
[   51.406813][   T31] vhci_hcd: stop threads
[   51.411136][   T31] vhci_hcd: release socket
[   51.415596][   T31] vhci_hcd: disconnect device
[   51.446480][ T4048] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.135: corrupted inode contents
[   51.466703][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.503257][ T4048] EXT4-fs (loop4): Remounting filesystem read-only
[   51.528318][ T4048] EXT4-fs (loop4): 1 truncate cleaned up
[   51.538423][   T31] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   51.549106][   T31] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   51.720474][   T31] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   51.731201][ T4048] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   51.747133][ T4048] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.762026][ T4060] FAULT_INJECTION: forcing a failure.
[   51.762026][ T4060] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   51.775246][ T4060] CPU: 0 UID: 0 PID: 4060 Comm: syz.0.138 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   51.775305][ T4060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   51.775319][ T4060] Call Trace:
[   51.775326][ T4060]  <TASK>
[   51.775335][ T4060]  __dump_stack+0x1d/0x30
[   51.775361][ T4060]  dump_stack_lvl+0xe8/0x140
[   51.775416][ T4060]  dump_stack+0x15/0x1b
[   51.775458][ T4060]  should_fail_ex+0x265/0x280
[   51.775486][ T4060]  should_fail+0xb/0x20
[   51.775506][ T4060]  should_fail_usercopy+0x1a/0x20
[   51.775531][ T4060]  _copy_to_user+0x20/0xa0
[   51.775583][ T4060]  simple_read_from_buffer+0xb5/0x130
[   51.775614][ T4060]  proc_fail_nth_read+0x10e/0x150
[   51.775651][ T4060]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   51.775817][ T4060]  vfs_read+0x1a5/0x770
[   51.775845][ T4060]  ? __rcu_read_unlock+0x4f/0x70
[   51.775870][ T4060]  ? __fget_files+0x184/0x1c0
[   51.775897][ T4060]  ksys_read+0xda/0x1a0
[   51.776002][ T4060]  __x64_sys_read+0x40/0x50
[   51.776024][ T4060]  x64_sys_call+0x27bc/0x2ff0
[   51.776046][ T4060]  do_syscall_64+0xd2/0x200
[   51.776088][ T4060]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   51.776155][ T4060]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   51.776234][ T4060]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.776256][ T4060] RIP: 0033:0x7f083808d5bc
[   51.776271][ T4060] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   51.776370][ T4060] RSP: 002b:00007f0836aef030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   51.776394][ T4060] RAX: ffffffffffffffda RBX: 00007f08382d5fa0 RCX: 00007f083808d5bc
[   51.776410][ T4060] RDX: 000000000000000f RSI: 00007f0836aef0a0 RDI: 0000000000000005
[   51.776424][ T4060] RBP: 00007f0836aef090 R08: 0000000000000000 R09: 0000000000000000
[   51.776444][ T4060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   51.776470][ T4060] R13: 00007f08382d6038 R14: 00007f08382d5fa0 R15: 00007ffd6d8c2d28
[   51.776495][ T4060]  </TASK>
[   52.058292][ T4048] loop4: detected capacity change from 0 to 512
[   52.071311][ T4048] EXT4-fs: Ignoring removed mblk_io_submit option
[   52.087974][ T4068] loop0: detected capacity change from 0 to 512
[   52.107965][ T4068] EXT4-fs error (device loop0): ext4_xattr_inode_iget:442: comm syz.0.142: error while reading EA inode 32 err=-116
[   52.120769][ T4048] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   52.152327][ T4068] EXT4-fs (loop0): Remounting filesystem read-only
[   52.158924][ T4068] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   52.211046][ T4048] EXT4-fs (loop4): 1 truncate cleaned up
[   52.232119][ T4048] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.262115][ T4068] EXT4-fs (loop0): 1 orphan inode deleted
[   52.271977][ T4068] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.372317][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.404697][ T4088] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[   52.411260][ T4088] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   52.419072][ T4088] vhci_hcd vhci_hcd.0: Device attached
[   52.545333][ T4090] vhci_hcd: connection closed
[   52.545827][ T3429] vhci_hcd: stop threads
[   52.554884][ T3429] vhci_hcd: release socket
[   52.559318][ T3429] vhci_hcd: disconnect device
[   52.614428][ T3589] vhci_hcd: vhci_device speed not set
[   52.661930][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.740760][ T4114] netlink: 8 bytes leftover after parsing attributes in process `syz.1.158'.
[   52.769655][ T4114] loop1: detected capacity change from 0 to 2048
[   52.803752][ T4114] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   52.853870][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   52.869247][   T37] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.004729][ T4135] usb usb8: usbfs: process 4135 (syz.4.155) did not claim interface 0 before use
[   53.050629][   T37] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.128129][   T37] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.240467][   T37] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.435459][ T4162] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[   53.442070][ T4162] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   53.449844][ T4162] vhci_hcd vhci_hcd.0: Device attached
[   53.468729][ T4168] FAULT_INJECTION: forcing a failure.
[   53.468729][ T4168] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   53.482085][ T4168] CPU: 1 UID: 0 PID: 4168 Comm: syz.1.173 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   53.482176][ T4168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   53.482192][ T4168] Call Trace:
[   53.482198][ T4168]  <TASK>
[   53.482205][ T4168]  __dump_stack+0x1d/0x30
[   53.482229][ T4168]  dump_stack_lvl+0xe8/0x140
[   53.482253][ T4168]  dump_stack+0x15/0x1b
[   53.482276][ T4168]  should_fail_ex+0x265/0x280
[   53.482348][ T4168]  should_fail+0xb/0x20
[   53.482382][ T4168]  should_fail_usercopy+0x1a/0x20
[   53.482412][ T4168]  _copy_from_iter+0xd2/0xe80
[   53.482449][ T4168]  ? __build_skb_around+0x1a0/0x200
[   53.482560][ T4168]  ? __alloc_skb+0x223/0x320
[   53.482590][ T4168]  netlink_sendmsg+0x471/0x6b0
[   53.482628][ T4168]  ? __pfx_netlink_sendmsg+0x10/0x10
[   53.482713][ T4168]  __sock_sendmsg+0x145/0x180
[   53.482813][ T4168]  ____sys_sendmsg+0x31e/0x4e0
[   53.482845][ T4168]  ___sys_sendmsg+0x17b/0x1d0
[   53.482930][ T4168]  __x64_sys_sendmsg+0xd4/0x160
[   53.482968][ T4168]  x64_sys_call+0x191e/0x2ff0
[   53.482996][ T4168]  do_syscall_64+0xd2/0x200
[   53.483038][ T4168]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   53.483086][ T4168]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   53.483124][ T4168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.483146][ T4168] RIP: 0033:0x7f58b0a4eba9
[   53.483165][ T4168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.483187][ T4168] RSP: 002b:00007f58af4b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   53.483268][ T4168] RAX: ffffffffffffffda RBX: 00007f58b0c95fa0 RCX: 00007f58b0a4eba9
[   53.483283][ T4168] RDX: 0000000000040000 RSI: 0000200000000040 RDI: 0000000000000003
[   53.483298][ T4168] RBP: 00007f58af4b7090 R08: 0000000000000000 R09: 0000000000000000
[   53.483312][ T4168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.483326][ T4168] R13: 00007f58b0c96038 R14: 00007f58b0c95fa0 R15: 00007ffd2d85eec8
[   53.483349][ T4168]  </TASK>
[   53.497346][ T4133] chnl_net:caif_netlink_parms(): no params data found
[   53.534094][ T4166] loop2: detected capacity change from 0 to 512
[   53.700222][ T3589] vhci_hcd: vhci_device speed not set
[   53.708365][ T4166] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   53.729963][ T4166] EXT4-fs (loop2): orphan cleanup on readonly fs
[   53.737086][   T37] bridge_slave_1: left allmulticast mode
[   53.742784][   T37] bridge_slave_1: left promiscuous mode
[   53.748529][   T37] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.760494][ T4163] vhci_hcd: connection closed
[   53.760990][ T1886] vhci_hcd: stop threads
[   53.770127][ T1886] vhci_hcd: release socket
[   53.774799][ T1886] vhci_hcd: disconnect device
[   53.775850][ T4166] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.172: corrupted inode contents
[   53.791379][ T3589] usb 7-1: new full-speed USB device number 3 using vhci_hcd
[   53.803055][   T37] bridge_slave_0: left allmulticast mode
[   53.808837][   T37] bridge_slave_0: left promiscuous mode
[   53.814690][   T37] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.822062][ T3589] usb 7-1: enqueue for inactive port 0
[   53.830965][ T3589] usb 7-1: enqueue for inactive port 0
[   53.836898][ T3589] usb 7-1: enqueue for inactive port 0
[   53.838683][ T4166] EXT4-fs (loop2): Remounting filesystem read-only
[   53.862032][ T4166] EXT4-fs (loop2): 1 truncate cleaned up
[   53.868411][ T1886] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   53.879093][ T1886] __quota_error: 419 callbacks suppressed
[   53.879110][ T1886] Quota error (device loop2): write_blk: dquota write failed
[   53.892368][ T1886] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[   53.895438][ T4180] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[   53.902404][ T1886] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   53.902425][ T1886] Quota error (device loop2): write_blk: dquota write failed
[   53.902437][ T1886] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[   53.924051][ T1886] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   53.926884][ T4180] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   53.927120][ T4180] vhci_hcd vhci_hcd.0: Device attached
[   53.936794][ T1886] Quota error (device loop2): v2_write_file_info: Can't write info structure
[   53.936874][ T1886] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   53.937468][ T4166] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   53.949462][ T3589] vhci_hcd: vhci_device speed not set
[   53.997264][ T4166] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.043338][   T29] audit: type=1400 audit(1758203727.805:1580): avc:  denied  { name_bind } for  pid=4179 comm="syz.1.177" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   54.065236][   T29] audit: type=1400 audit(1758203727.805:1581): avc:  denied  { node_bind } for  pid=4179 comm="syz.1.177" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   54.072155][ T4166] loop2: detected capacity change from 0 to 512
[   54.102717][   T29] audit: type=1326 audit(1758203727.865:1582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4185 comm="syz.4.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee37cdeba9 code=0x7ffc0000
[   54.114636][ T4181] vhci_hcd: connection closed
[   54.126150][   T29] audit: type=1326 audit(1758203727.865:1583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4185 comm="syz.4.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fee37cdeba9 code=0x7ffc0000
[   54.139579][  T351] vhci_hcd: stop threads
[   54.158567][  T351] vhci_hcd: release socket
[   54.163017][  T351] vhci_hcd: disconnect device
[   54.171366][ T4166] EXT4-fs: Ignoring removed mblk_io_submit option
[   54.179780][ T4166] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   54.194150][ T4166] EXT4-fs (loop2): 1 truncate cleaned up
[   54.200841][ T4166] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.216442][   T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   54.229569][   T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   54.241088][   T37] bond0 (unregistering): Released all slaves
[   54.312415][   T37] hsr_slave_0: left promiscuous mode
[   54.354801][   T37] hsr_slave_1: left promiscuous mode
[   54.370517][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   54.378133][   T37] batman_adv: batadv0: Removing interface: batadv_slave_0
[   54.403663][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   54.411167][   T37] batman_adv: batadv0: Removing interface: batadv_slave_1
[   54.442690][   T37] veth1_macvtap: left promiscuous mode
[   54.448924][   T37] veth0_macvtap: left promiscuous mode
[   54.454803][   T37] veth1_vlan: left promiscuous mode
[   54.460158][   T37] veth0_vlan: left promiscuous mode
[   54.621697][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.689080][ T4239] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[   54.695657][ T4239] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   54.703441][ T4239] vhci_hcd vhci_hcd.0: Device attached
[   54.719255][   T37] team0 (unregistering): Port device team_slave_1 removed
[   54.737209][   T37] team0 (unregistering): Port device team_slave_0 removed
[   54.759069][ T4240] vhci_hcd: connection closed
[   54.759363][   T31] vhci_hcd: stop threads
[   54.768425][   T31] vhci_hcd: release socket
[   54.772856][   T31] vhci_hcd: disconnect device
[   54.940177][ T4133] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.947405][ T4133] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.958619][ T4234] loop4: detected capacity change from 0 to 512
[   54.974708][ T4256] loop1: detected capacity change from 0 to 512
[   54.978121][ T4234] =======================================================
[   54.978121][ T4234] WARNING: The mand mount option has been deprecated and
[   54.978121][ T4234]          and is ignored by this kernel. Remove the mand
[   54.978121][ T4234]          option from the mount to silence this warning.
[   54.978121][ T4234] =======================================================
[   55.001624][ T4133] bridge_slave_0: entered allmulticast mode
[   55.029356][ T4133] bridge_slave_0: entered promiscuous mode
[   55.046921][ T4133] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.054095][ T4133] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.064487][ T4133] bridge_slave_1: entered allmulticast mode
[   55.075476][ T4133] bridge_slave_1: entered promiscuous mode
[   55.090846][ T4261] loop3: detected capacity change from 0 to 512
[   55.106113][ T4256] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.135188][ T4261] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.150024][ T4234] EXT4-fs (loop4): orphan cleanup on readonly fs
[   55.158744][ T4133] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   55.174389][ T4234] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.182: bad orphan inode 13
[   55.186879][ T4234] ext4_test_bit(bit=12, block=18) = 1
[   55.192392][ T4234] is_bad_inode(inode)=0
[   55.196609][ T4234] NEXT_ORPHAN(inode)=2130706432
[   55.201476][ T4234] max_ino=32
[   55.204730][ T4234] i_nlink=1
[   55.232261][ T4133] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   55.274829][ T4234] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   55.295609][ T4271] SELinux:  policydb magic number 0x85 does not match expected magic number 0xf97cff8c
[   55.356396][ T4133] team0: Port device team_slave_0 added
[   55.363260][ T4133] team0: Port device team_slave_1 added
[   55.382037][ T4271] SELinux: failed to load policy
[   55.431841][ T4133] batman_adv: batadv0: Adding interface: batadv_slave_0
[   55.438937][ T4133] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   55.455949][ T4286] SELinux:  policydb magic number 0x85 does not match expected magic number 0xf97cff8c
[   55.464995][ T4133] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   55.494904][ T4234] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[   55.514136][ T4133] batman_adv: batadv0: Adding interface: batadv_slave_1
[   55.521258][ T4133] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   55.527484][ T4234] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.182: bg 0: block 248: padding at end of block bitmap is not set
[   55.547327][ T4133] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   55.560770][ T4286] SELinux: failed to load policy
[   55.598027][ T4133] hsr_slave_0: entered promiscuous mode
[   55.604210][ T4133] hsr_slave_1: entered promiscuous mode
[   55.610352][ T4133] debugfs: 'hsr0' already exists in 'hsr'
[   55.616156][ T4133] Cannot create hsr debugfs directory
[   55.635523][ T4234] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.182: Failed to acquire dquot type 1
[   55.683805][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.708673][ T4234] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   55.761004][ T4297] loop1: detected capacity change from 0 to 1024
[   55.824694][ T4297] EXT4-fs: inline encryption not supported
[   55.861401][ T4133] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   55.886995][ T4297] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.908282][ T4234] syz.4.182 (4234) used greatest stack depth: 9248 bytes left
[   55.917086][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.933761][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.970291][ T4133] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   56.020248][ T4331] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[   56.026822][ T4331] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   56.034569][ T4331] vhci_hcd vhci_hcd.0: Device attached
[   56.034711][ T4133] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   56.053574][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.081517][ T4332] vhci_hcd: connection closed
[   56.083550][   T37] vhci_hcd: stop threads
[   56.092612][   T37] vhci_hcd: release socket
[   56.097098][   T37] vhci_hcd: disconnect device
[   56.109246][ T4133] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   56.226551][ T4366] loop4: detected capacity change from 0 to 512
[   56.253192][ T4133] 8021q: adding VLAN 0 to HW filter on device bond0
[   56.288553][ T4133] 8021q: adding VLAN 0 to HW filter on device team0
[   56.302969][ T4366] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   56.316984][ T4366] EXT4-fs (loop4): orphan cleanup on readonly fs
[   56.335519][ T3429] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.342645][ T3429] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.346310][ T4366] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.203: corrupted inode contents
[   56.365280][ T4366] EXT4-fs (loop4): Remounting filesystem read-only
[   56.382559][ T4366] EXT4-fs (loop4): 1 truncate cleaned up
[   56.382771][ T3429] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.395424][ T3429] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.420646][   T37] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   56.431308][   T37] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   56.453135][   T37] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   56.464652][ T4366] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   56.486071][ T3393] usb 3-1: enqueue for inactive port 0
[   56.491599][ T3393] usb 3-1: enqueue for inactive port 0
[   56.498515][ T4366] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.552326][ T4366] loop4: detected capacity change from 0 to 512
[   56.560760][ T4133] 8021q: adding VLAN 0 to HW filter on device batadv0
[   56.572709][ T4366] EXT4-fs: Ignoring removed mblk_io_submit option
[   56.593167][ T3393] vhci_hcd: vhci_device speed not set
[   56.607031][ T4366] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   56.626388][ T4366] EXT4-fs (loop4): 1 truncate cleaned up
[   56.637548][ T4366] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.836179][ T4429] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[   56.842829][ T4429] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   56.850485][ T4429] vhci_hcd vhci_hcd.0: Device attached
[   56.868077][ T4435] capability: warning: `syz.2.217' uses deprecated v2 capabilities in a way that may be insecure
[   56.926300][ T4430] vhci_hcd: connection closed
[   56.926835][   T12] vhci_hcd: stop threads
[   56.936022][   T12] vhci_hcd: release socket
[   56.940463][   T12] vhci_hcd: disconnect device
[   56.966714][ T4445] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[   56.973353][ T4445] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   56.981168][ T4445] vhci_hcd vhci_hcd.0: Device attached
[   57.052711][ T4446] vhci_hcd: connection closed
[   57.061279][   T12] vhci_hcd: stop threads
[   57.070419][   T12] vhci_hcd: release socket
[   57.074893][   T12] vhci_hcd: disconnect device
[   57.081305][ T4133] veth0_vlan: entered promiscuous mode
[   57.093205][ T4133] veth1_vlan: entered promiscuous mode
[   57.116462][ T4133] veth0_macvtap: entered promiscuous mode
[   57.126116][ T4133] veth1_macvtap: entered promiscuous mode
[   57.142185][ T4133] batman_adv: batadv0: Interface activated: batadv_slave_0
[   57.153188][ T4133] batman_adv: batadv0: Interface activated: batadv_slave_1
[   57.166166][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.178332][   T37] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.189743][   T37] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.206044][   T37] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.225392][   T37] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   57.626506][ T4473] sock: sock_timestamping_bind_phc: sock not bind to device
[   57.815412][ T4479] loop2: detected capacity change from 0 to 2048
[   57.837962][ T4479] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.857449][ T4479] ext4 filesystem being mounted at /64/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   57.877023][ T4484] No source specified
[   57.882989][ T4484] netlink: 'syz.3.230': attribute type 1 has an invalid length.
[   57.890742][ T4484] netlink: 224 bytes leftover after parsing attributes in process `syz.3.230'.
[   57.941499][ T4491] loop3: detected capacity change from 0 to 128
[   57.942852][ T4490] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.229: bg 0: block 345: padding at end of block bitmap is not set
[   57.964209][ T4490] EXT4-fs (loop2): Remounting filesystem read-only
[   57.970979][  T351] EXT4-fs warning (device loop2): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   58.177924][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.278433][ T4526] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[   58.285008][ T4526] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   58.292771][ T4526] vhci_hcd vhci_hcd.0: Device attached
[   58.299429][ T4527] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(9)
[   58.305984][ T4527] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   58.313760][ T4527] vhci_hcd vhci_hcd.0: Device attached
[   58.363258][ T4533] sock: sock_timestamping_bind_phc: sock not bind to device
[   58.432495][ T4541] netlink: 'syz.4.244': attribute type 13 has an invalid length.
[   58.456492][ T4530] vhci_hcd: connection closed
[   58.456809][   T12] vhci_hcd: stop threads
[   58.465859][   T12] vhci_hcd: release socket
[   58.471696][   T12] vhci_hcd: disconnect device
[   58.476680][   T10] vhci_hcd: vhci_device speed not set
[   58.504629][ T3393] vhci_hcd: vhci_device speed not set
[   58.528930][ T4528] vhci_hcd: connection closed
[   58.529246][  T351] vhci_hcd: stop threads
[   58.538479][  T351] vhci_hcd: release socket
[   58.542997][  T351] vhci_hcd: disconnect device
[   58.544291][   T10] usb 3-1: new full-speed USB device number 3 using vhci_hcd
[   58.563650][   T10] usb 3-1: enqueue for inactive port 0
[   58.570474][   T10] usb 3-1: enqueue for inactive port 0
[   58.578084][   T10] usb 3-1: enqueue for inactive port 0
[   58.664473][   T10] vhci_hcd: vhci_device speed not set
[   59.004563][   T29] kauditd_printk_skb: 829 callbacks suppressed
[   59.004608][   T29] audit: type=1326 audit(1758203732.775:2403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4584 comm="syz.5.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3693eba9 code=0x7ffc0000
[   59.034454][   T29] audit: type=1326 audit(1758203732.775:2404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4584 comm="syz.5.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3693eba9 code=0x7ffc0000
[   59.073252][ T4585] sock: sock_timestamping_bind_phc: sock not bind to device
[   59.082600][   T29] audit: type=1326 audit(1758203732.775:2405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4584 comm="syz.5.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c3693eba9 code=0x7ffc0000
[   59.106064][   T29] audit: type=1326 audit(1758203732.775:2406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4584 comm="syz.5.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3693eba9 code=0x7ffc0000
[   59.129636][   T29] audit: type=1326 audit(1758203732.775:2407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4584 comm="syz.5.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c3693eba9 code=0x7ffc0000
[   59.153001][   T29] audit: type=1326 audit(1758203732.775:2408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4584 comm="syz.5.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3693eba9 code=0x7ffc0000
[   59.176429][   T29] audit: type=1326 audit(1758203732.775:2409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4584 comm="syz.5.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c3693eba9 code=0x7ffc0000
[   59.199778][   T29] audit: type=1326 audit(1758203732.825:2410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4584 comm="syz.5.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3693eba9 code=0x7ffc0000
[   59.223263][   T29] audit: type=1326 audit(1758203732.825:2411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4584 comm="syz.5.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c3693eba9 code=0x7ffc0000
[   59.246612][   T29] audit: type=1326 audit(1758203732.835:2412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4584 comm="syz.5.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7f9c3693eba9 code=0x7ffc0000
[   59.591216][ T4624] FAULT_INJECTION: forcing a failure.
[   59.591216][ T4624] name failslab, interval 1, probability 0, space 0, times 0
[   59.604021][ T4624] CPU: 1 UID: 0 PID: 4624 Comm: syz.3.263 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   59.604048][ T4624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   59.604102][ T4624] Call Trace:
[   59.604110][ T4624]  <TASK>
[   59.604120][ T4624]  __dump_stack+0x1d/0x30
[   59.604154][ T4624]  dump_stack_lvl+0xe8/0x140
[   59.604173][ T4624]  dump_stack+0x15/0x1b
[   59.604269][ T4624]  should_fail_ex+0x265/0x280
[   59.604294][ T4624]  should_failslab+0x8c/0xb0
[   59.604324][ T4624]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   59.604431][ T4624]  ? sidtab_sid2str_get+0xa0/0x130
[   59.604456][ T4624]  kmemdup_noprof+0x2b/0x70
[   59.604487][ T4624]  sidtab_sid2str_get+0xa0/0x130
[   59.604516][ T4624]  security_sid_to_context_core+0x1eb/0x2e0
[   59.604572][ T4624]  security_sid_to_context+0x27/0x40
[   59.604595][ T4624]  selinux_lsmprop_to_secctx+0x67/0xf0
[   59.604623][ T4624]  security_lsmprop_to_secctx+0x43/0x80
[   59.604661][ T4624]  audit_log_task_context+0x77/0x190
[   59.604755][ T4624]  audit_log_task+0xf4/0x250
[   59.604792][ T4624]  audit_seccomp+0x61/0x100
[   59.604822][ T4624]  ? __seccomp_filter+0x68c/0x10d0
[   59.604845][ T4624]  __seccomp_filter+0x69d/0x10d0
[   59.604957][ T4624]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   59.604992][ T4624]  ? vfs_write+0x7e8/0x960
[   59.605027][ T4624]  __secure_computing+0x82/0x150
[   59.605055][ T4624]  syscall_trace_enter+0xcf/0x1e0
[   59.605134][ T4624]  do_syscall_64+0xac/0x200
[   59.605172][ T4624]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   59.605202][ T4624]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   59.605239][ T4624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.605286][ T4624] RIP: 0033:0x7faf7caceba9
[   59.605307][ T4624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.605328][ T4624] RSP: 002b:00007faf7b52f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000dd
[   59.605356][ T4624] RAX: ffffffffffffffda RBX: 00007faf7cd15fa0 RCX: 00007faf7caceba9
[   59.605372][ T4624] RDX: 00000000000095bd RSI: 0000000000000001 RDI: 0000000000000004
[   59.605387][ T4624] RBP: 00007faf7b52f090 R08: 0000000000000000 R09: 0000000000000000
[   59.605450][ T4624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.605465][ T4624] R13: 00007faf7cd16038 R14: 00007faf7cd15fa0 R15: 00007ffc34869b18
[   59.605487][ T4624]  </TASK>
[   60.010554][ T4635] loop4: detected capacity change from 0 to 512
[   60.018420][ T4639] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[   60.024975][ T4639] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   60.032621][ T4639] vhci_hcd vhci_hcd.0: Device attached
[   60.048174][ T4635] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   60.066660][ T4635] EXT4-fs (loop4): orphan cleanup on readonly fs
[   60.083460][ T4635] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.264: corrupted inode contents
[   60.089889][ T4641] vhci_hcd: connection closed
[   60.096986][ T3429] vhci_hcd: stop threads
[   60.106299][ T3429] vhci_hcd: release socket
[   60.110736][ T3429] vhci_hcd: disconnect device
[   60.112497][ T4635] EXT4-fs (loop4): Remounting filesystem read-only
[   60.122264][ T4635] EXT4-fs (loop4): 1 truncate cleaned up
[   60.128141][ T3429] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   60.138754][ T3429] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   60.150946][ T3429] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   60.161735][ T4635] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   60.178490][ T4635] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.262327][ T4655] sock: sock_timestamping_bind_phc: sock not bind to device
[   60.275421][ T4631] loop4: detected capacity change from 0 to 512
[   60.285571][ T4631] EXT4-fs: Ignoring removed mblk_io_submit option
[   60.300196][ T4631] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   60.318586][ T4631] EXT4-fs (loop4): 1 truncate cleaned up
[   60.325056][ T4631] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   60.432418][ T4635] ==================================================================
[   60.440554][ T4635] BUG: KCSAN: data-race in filemap_splice_read / filemap_splice_read
[   60.448644][ T4635] 
[   60.450996][ T4635] write to 0xffff888116a38a68 of 8 bytes by task 4631 on cpu 0:
[   60.458647][ T4635]  filemap_splice_read+0x4f4/0x740
[   60.463802][ T4635]  ext4_file_splice_read+0x8f/0xb0
[   60.468969][ T4635]  splice_direct_to_actor+0x26c/0x680
[   60.474370][ T4635]  do_splice_direct+0xda/0x150
[   60.479169][ T4635]  do_sendfile+0x380/0x650
[   60.483622][ T4635]  __x64_sys_sendfile64+0x105/0x150
[   60.488878][ T4635]  x64_sys_call+0x2bb0/0x2ff0
[   60.493593][ T4635]  do_syscall_64+0xd2/0x200
[   60.498147][ T4635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.504073][ T4635] 
[   60.506416][ T4635] write to 0xffff888116a38a68 of 8 bytes by task 4635 on cpu 1:
[   60.514065][ T4635]  filemap_splice_read+0x4f4/0x740
[   60.519234][ T4635]  ext4_file_splice_read+0x8f/0xb0
[   60.524406][ T4635]  splice_direct_to_actor+0x26c/0x680
[   60.529816][ T4635]  do_splice_direct+0xda/0x150
[   60.534617][ T4635]  do_sendfile+0x380/0x650
[   60.539078][ T4635]  __x64_sys_sendfile64+0x105/0x150
[   60.544325][ T4635]  x64_sys_call+0x2bb0/0x2ff0
[   60.549042][ T4635]  do_syscall_64+0xd2/0x200
[   60.554034][ T4635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.559961][ T4635] 
[   60.562306][ T4635] value changed: 0x000000000000071c -> 0x000000000000072a
[   60.569430][ T4635] 
[   60.571776][ T4635] Reported by Kernel Concurrency Sanitizer on:
[   60.577958][ T4635] CPU: 1 UID: 0 PID: 4635 Comm: syz.4.264 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   60.587642][ T4635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   60.597728][ T4635] ==================================================================
[   60.877995][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.435994][   T29] kauditd_printk_skb: 240 callbacks suppressed
[   66.436013][   T29] audit: type=1400 audit(1758203740.205:2646): avc:  denied  { search } for  pid=4714 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   66.464389][   T29] audit: type=1400 audit(1758203740.205:2647): avc:  denied  { search } for  pid=4714 comm="dhcpcd-run-hook" name="dhcpcd" dev="tmpfs" ino=478 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   66.487547][   T29] audit: type=1400 audit(1758203740.205:2648): avc:  denied  { search } for  pid=4714 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=482 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   66.510802][   T29] audit: type=1400 audit(1758203740.205:2649): avc:  denied  { search } for  pid=4714 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=483 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   66.538517][   T29] audit: type=1400 audit(1758203740.205:2650): avc:  denied  { read open } for  pid=4715 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=483 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   66.564110][   T29] audit: type=1400 audit(1758203740.205:2651): avc:  denied  { getattr } for  pid=4715 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=483 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   66.589400][   T29] audit: type=1400 audit(1758203740.205:2652): avc:  denied  { getattr } for  pid=4715 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=509 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   66.615659][   T29] audit: type=1400 audit(1758203740.205:2653): avc:  denied  { read } for  pid=4717 comm="sed" name="eth0.dhcp" dev="tmpfs" ino=509 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   66.637506][   T29] audit: type=1400 audit(1758203740.205:2654): avc:  denied  { open } for  pid=4717 comm="sed" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=509 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   66.662499][   T29] audit: type=1400 audit(1758203740.255:2655): avc:  denied  { add_name } for  pid=4714 comm="dhcpcd-run-hook" name="resolv.conf.eth3.ipv4ll" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1