last executing test programs:

29.818958393s ago: executing program 1 (id=239):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, 0x0, 0x5c8}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0eab070004000523"], 0xfe33)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) (fail_nth: 2)

29.779778894s ago: executing program 2 (id=240):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000380)={[{@noauto_da_alloc}]}, 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
unshare(0x22020400)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x54, r2, 0x5, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0x8f}, {0xc, 0x90, 0x1}}]}, 0x54}}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'ip6tnl0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newqdisc={0x58, 0x24, 0xf0b, 0x20000000, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0x8}, {0xffff, 0xffff}, {0xd, 0xc}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x4}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x1, 0x1, 0xfffe, 0x5, 0x3, 0x1, 0x100}}, {0x4}}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x20044081}, 0x0)
getsockopt$inet_mreqsrc(r3, 0x0, 0x27, &(0x7f00000000c0)={@empty, @remote, @remote}, &(0x7f0000000100)=0xc)
r5 = getpid()
r6 = syz_pidfd_open(r5, 0x0)
setns(r6, 0x24020000)

29.593013358s ago: executing program 2 (id=243):
setregid(0xee00, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000200)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000380)={0x2, 0x4e25, @dev={0xac, 0x14, 0x14, 0x3e}}, 0x10)
sendmmsg(r1, &(0x7f0000006140)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000002c0)="b16b5d1ddcad4b5eedb9593060ada4a1778939f40388ef540871ce291c1010f3310edf7028093cf8709632cad4866d5e448d5385c80db3518564b1194247acfb3b463ee97c794123a991311e51e1790748a23c3301974b905bbd18b3e54cb3cc90c180fba7461df205130349d430083d2c66", 0x72}], 0x1}}], 0x1, 0x4000)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)=ANY=[@ANYBLOB="740000000306010a0000000000000000010000070900020073797a30000000000900020073797a3000000000050001000700000005000100070000000900020073797a30000000000900020073797a31000000000500010007000000050001000700000005000100070000000500010007000000"], 0x74}, 0x1, 0x0, 0x0, 0x800}, 0x4000000)
r3 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000040)=@generic={&(0x7f0000000000)='./file0\x00'}, 0x18)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={r3, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x6, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x40, &(0x7f0000000140)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000180), &(0x7f00000001c0), 0x8, 0x38, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10)
process_vm_readv(r0, &(0x7f0000001600)=[{&(0x7f0000000200)=""/185, 0xb9}], 0x1, &(0x7f0000001780)=[{&(0x7f0000001680)=""/236, 0xec}], 0x1, 0x0)

26.117537246s ago: executing program 2 (id=245):
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'syztnl1\x00', &(0x7f00000001c0)={'ip6tnl0\x00', 0x0, 0x2, 0xd7, 0x8c, 0x1ff, 0x61, @local, @mcast2, 0x40, 0x1, 0xfffffff9, 0x80000003}})
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
r1 = socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0x8, &(0x7f0000000000)={0xfffffffffffffffb, 0xfffffffffffffffc}, 0x0)
getrlimit(0x5, &(0x7f00000000c0))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='sched_switch\x00', r2, 0x0, 0x2}, 0x18)
r3 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="0c0100001000130428bd700000000000e0000001000000000000000000000000000000000000000000000000000000014e2100004e2400000200202000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000001000000003c0000000a0101000000000000000000000000000400000000000000060000000000000002000000000000000400000000004000ffffffffffffffff03000000000000007f00000000000000000000000000000000000000000000000800150000000000cc000000000000000000000000000000f600000000000000000000002abd7000000000000200010500000000000000001c00040002004e2100270000fe880000000000000000000000000101"], 0x10c}}, 0x804)
write$binfmt_aout(r3, &(0x7f00000000c0)=ANY=[], 0x20)
r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000a40)={0x8, 0x80, 0x0, 0x4, 0x0, 0x7, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x2, 0x0, 0x2, 0x0, 0x8000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6, 0x0, 0x2}, 0x18)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000380)={[{@errors_remount}, {@discard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@jqfmt_vfsv1}, {@abort}, {@data_err_ignore}]}, 0x1, 0x476, &(0x7f0000000540)="$eJzs3M1vFOUfAPDvzLblx2v7Q3wBUavE2PjS0oLKwYtGEw8YTfSAN2tbCKFQQ2sihEg1Bi8mhkTP6tHEv8CbF6OeTLzq3ZAQ5QJ6qpnZmbK7dLctLLuF/XySZZ9n5pl9nm9nnp1n5pklgJ41nP2TRGyLiN8jYrCarS8wXH27duXc1D9Xzk0lsbT05l9JXu7qlXNTZdFyu61FZiSNSD9JikrqzZ85e2JydnbmdJEfWzj53tj8mbPPHD85eWzm2MypiUOHDh4Yf/65iWfbEmcW19U9H87t3f3q2xdfmzpy8d2fv8vau61YXxtHg00N72s2nAX+91JueWFafXt83RFsbNtr0klfFxvCulQiIttd/Xn/H4xKXN95g/HKx11tHHBbZeemFie2xSXgLpZEt1sAdEd5os+uf8tXh4YeG8LlF6sXQFnc14pXdU1feameXxttv031D0fEkcV/v8pe0fo+BABAW3w29eXheHql8V8a99WU21HMoQxFxP8jYmdE3BMRuyLi3oi87P0R8cDqVaa1mcapoRvHP+mlmw5uDbLx3wvF3Fb9+G+5mUOVIrc9j78/OXp8dmZ/8TcZif5NWX68RR0/vPzb583W1Y7/sldWfzkWLNpxqa/hBt305MJkPihtg8sfRezpWyn+ZHkmIImI3RGxZ30fvaNMHH/y273NCq0efwttmGda+ibiier+X4yG+EtJ6/nJsf/F7Mz+sfKouNEvv154o1n9txR/G2T7f0v98d9YZCipna+dX38dF/74tOk1zc0e/wPJW/m2A8WyDyYXFk6PRwwkh/N83fKJ69uW+bJ8Fv/IvpX7/85imyz+ByMiO4gfioiHI+KRou2PRsRjEbGvRfw/vdR8XX38m7d1Y/9PN3z/bc7XLB//Dft//YnKiR+/X7n2r99Z2/4/mKdGiiX5998q1trAW/zzAQAAwB0hzZ+BT9LR5XSajo5Wn+HfFVvS2bn5haeOzr1/arr6rPxQ9Kflna7Bmvuh48li8YnV/ERxr7hcf6C4b/xFZXOeH52am53ucuzQ67Y26f+ZPyvdbh1w2600jzYx0IWGAB3X2P/T+uz51zvZGKCjmj5Hs6Wz7QA6b5Xn6NJOtQPoPP9fC/Sulfr/+Ya8uQC4Ozn/Q+/S/6F36f/Qu/R/6Emr/Ui+cou//Ze44xLJ2gpH2v2mboxEf0S05QMHNkQ4RaLb30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADt8V8AAAD//5qI6jE=")
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fdd411efc40800040000000000000000", 0x39}], 0x1)

26.115760886s ago: executing program 1 (id=248):
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'syztnl1\x00', &(0x7f00000001c0)={'ip6tnl0\x00', 0x0, 0x2, 0xd7, 0x8c, 0x1ff, 0x61, @local, @mcast2, 0x40, 0x1, 0xfffffff9, 0x80000003}})
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
r1 = socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0x8, &(0x7f0000000000)={0xfffffffffffffffb, 0xfffffffffffffffc}, 0x0)
getrlimit(0x5, &(0x7f00000000c0))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='sched_switch\x00', r2, 0x0, 0x2}, 0x18)
r3 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="0c0100001000130428bd700000000000e0000001000000000000000000000000000000000000000000000000000000014e2100004e2400000200202000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000001000000003c0000000a0101000000000000000000000000000400000000000000060000000000000002000000000000000400000000004000ffffffffffffffff03000000000000007f00000000000000000000000000000000000000000000000800150000000000cc000000000000000000000000000000f600000000000000000000002abd7000000000000200010500000000000000001c00040002004e2100270000fe880000000000000000000000000101"], 0x10c}}, 0x804)
write$binfmt_aout(r3, &(0x7f00000000c0)=ANY=[], 0x20)
r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000a40)={0x8, 0x80, 0x0, 0x4, 0x0, 0x7, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x2, 0x0, 0x2, 0x0, 0x8000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6, 0x0, 0x2}, 0x18)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000380)={[{@errors_remount}, {@discard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@jqfmt_vfsv1}, {@abort}, {@data_err_ignore}]}, 0x1, 0x476, &(0x7f0000000540)="$eJzs3M1vFOUfAPDvzLblx2v7Q3wBUavE2PjS0oLKwYtGEw8YTfSAN2tbCKFQQ2sihEg1Bi8mhkTP6tHEv8CbF6OeTLzq3ZAQ5QJ6qpnZmbK7dLctLLuF/XySZZ9n5pl9nm9nnp1n5pklgJ41nP2TRGyLiN8jYrCarS8wXH27duXc1D9Xzk0lsbT05l9JXu7qlXNTZdFyu61FZiSNSD9JikrqzZ85e2JydnbmdJEfWzj53tj8mbPPHD85eWzm2MypiUOHDh4Yf/65iWfbEmcW19U9H87t3f3q2xdfmzpy8d2fv8vau61YXxtHg00N72s2nAX+91JueWFafXt83RFsbNtr0klfFxvCulQiIttd/Xn/H4xKXN95g/HKx11tHHBbZeemFie2xSXgLpZEt1sAdEd5os+uf8tXh4YeG8LlF6sXQFnc14pXdU1feameXxttv031D0fEkcV/v8pe0fo+BABAW3w29eXheHql8V8a99WU21HMoQxFxP8jYmdE3BMRuyLi3oi87P0R8cDqVaa1mcapoRvHP+mlmw5uDbLx3wvF3Fb9+G+5mUOVIrc9j78/OXp8dmZ/8TcZif5NWX68RR0/vPzb583W1Y7/sldWfzkWLNpxqa/hBt305MJkPihtg8sfRezpWyn+ZHkmIImI3RGxZ30fvaNMHH/y273NCq0efwttmGda+ibiier+X4yG+EtJ6/nJsf/F7Mz+sfKouNEvv154o1n9txR/G2T7f0v98d9YZCipna+dX38dF/74tOk1zc0e/wPJW/m2A8WyDyYXFk6PRwwkh/N83fKJ69uW+bJ8Fv/IvpX7/85imyz+ByMiO4gfioiHI+KRou2PRsRjEbGvRfw/vdR8XX38m7d1Y/9PN3z/bc7XLB//Dft//YnKiR+/X7n2r99Z2/4/mKdGiiX5998q1trAW/zzAQAAwB0hzZ+BT9LR5XSajo5Wn+HfFVvS2bn5haeOzr1/arr6rPxQ9Kflna7Bmvuh48li8YnV/ERxr7hcf6C4b/xFZXOeH52am53ucuzQ67Y26f+ZPyvdbh1w2600jzYx0IWGAB3X2P/T+uz51zvZGKCjmj5Hs6Wz7QA6b5Xn6NJOtQPoPP9fC/Sulfr/+Ya8uQC4Ozn/Q+/S/6F36f/Qu/R/6Emr/Ui+cou//Ze44xLJ2gpH2v2mboxEf0S05QMHNkQ4RaLb30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADt8V8AAAD//5qI6jE=")
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fdd411efc40800040000000000000000", 0x39}], 0x1)

26.114776556s ago: executing program 0 (id=250):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, 0x0, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
pipe(0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x4)
vmsplice(0xffffffffffffffff, &(0x7f0000000880)=[{&(0x7f0000000180)="04", 0x1}, {&(0x7f0000000200)='\b', 0x1}, {&(0x7f0000001300)}, {0x0}], 0x4, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000800000000005e002200850000006d00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r2, &(0x7f0000000880)=[{{&(0x7f0000000080)={0x2, 0x0, @rand_addr=0xac1414bb}, 0x3804, &(0x7f0000000100)=[{&(0x7f00000000c0)='Q', 0x1}], 0x1}, 0x20000000}, {{&(0x7f0000000180)={0x2, 0x0, @remote}, 0x69, &(0x7f0000000400)=[{&(0x7f0000000240)="b9", 0x26892}], 0xbb}}], 0x2, 0x0)
ioctl$sock_inet_udp_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000300)={0x7, 0x8, 0xfa00, {0xffffffffffffffff, 0x1000}}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x25, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x2a)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f0800034000000004640000000e0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000380003803400008028000180230001"], 0xf0}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r6 = syz_init_net_socket$llc(0x1a, 0x802, 0x0)
bind$llc(r6, &(0x7f0000000000)={0x1a, 0x0, 0x1, 0x3, 0x3, 0x4a}, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="380100000001010400000001141a00000200ffff0800074000000001240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002007f0000010c000280050001000000000024000e800c0002800500010093000000140001"], 0x138}}, 0x0)

26.109015746s ago: executing program 2 (id=251):
setregid(0xee00, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000200)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000380)={0x2, 0x4e25, @dev={0xac, 0x14, 0x14, 0x3e}}, 0x10)
sendmmsg(r1, &(0x7f0000006140)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000740)="65c6d96326a838047976a77611d4c4ecc94b3585c42786716ad7c93fd3a228e9a1cd93801f5b4033ea9ae2b561128c2893aba2af73f86ac4a65917672e186b297cada86c7b329c4831efa7d660040c757e6ce437d7853ac2cca9605a2e18bf6529e94453fac161511f4483dc8b5294583cc78cd79fb68fb57bd8697ac1639517070e92cd2d36932b0e26cf8fdd87e817f08f7d937282c63371e22e43e8ab5c2b3d851d147f260004a12512be6e3b6b48a430a4e4747a28d766c634658499181a54867295ad5496ef6eed69b0da6b885004a5bc869e090798f4a1139e098f282ab4aefc8a67fe2087e1eadd30c54f4c87b1fb7a", 0xf3}, {&(0x7f00000002c0)="b16b5d1ddcad4b5eedb9593060ada4a1778939f40388ef540871ce291c1010f3310edf7028093cf8709632cad4866d5e448d5385c80db3518564b1194247acfb3b463ee97c794123a991311e51e1790748a23c3301974b905bbd18b3e54cb3cc90c180fba7461df2051303", 0x6b}], 0x2}}], 0x1, 0x4000)
close(r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)=ANY=[@ANYBLOB="740000000306010a0000000000000000010000070900020073797a30000000000900020073797a3000000000050001000700000005000100070000000900020073797a30000000000900020073797a31000000000500010007000000050001000700000005000100070000000500010007000000"], 0x74}, 0x1, 0x0, 0x0, 0x800}, 0x4000000)
r3 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000040)=@generic={&(0x7f0000000000)='./file0\x00'}, 0x18)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={r3, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x6, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x40, &(0x7f0000000140)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000180), &(0x7f00000001c0), 0x8, 0x38, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10)
process_vm_readv(r0, &(0x7f0000001600)=[{&(0x7f0000000200)=""/185, 0xb9}], 0x1, &(0x7f0000001780)=[{&(0x7f0000001680)=""/236, 0xec}], 0x1, 0x0)

26.108367646s ago: executing program 0 (id=252):
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'syztnl1\x00', &(0x7f00000001c0)={'ip6tnl0\x00', 0x0, 0x2, 0xd7, 0x8c, 0x1ff, 0x61, @local, @mcast2, 0x40, 0x1, 0xfffffff9, 0x80000003}})
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
r1 = socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0x8, &(0x7f0000000000)={0xfffffffffffffffb, 0xfffffffffffffffc}, 0x0)
getrlimit(0x5, &(0x7f00000000c0))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='sched_switch\x00', r2, 0x0, 0x2}, 0x18)
r3 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="0c0100001000130428bd700000000000e0000001000000000000000000000000000000000000000000000000000000014e2100004e2400000200202000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000001000000003c0000000a0101000000000000000000000000000400000000000000060000000000000002000000000000000400000000004000ffffffffffffffff03000000000000007f00000000000000000000000000000000000000000000000800150000000000cc000000000000000000000000000000f600000000000000000000002abd7000000000000200010500000000000000001c00040002004e2100270000fe880000000000000000000000000101"], 0x10c}}, 0x804)
write$binfmt_aout(r3, &(0x7f00000000c0)=ANY=[], 0x20)
r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000a40)={0x8, 0x80, 0x0, 0x4, 0x0, 0x7, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x2, 0x0, 0x2, 0x0, 0x8000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6, 0x0, 0x2}, 0x18)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000380)={[{@errors_remount}, {@discard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@jqfmt_vfsv1}, {@abort}, {@data_err_ignore}]}, 0x1, 0x476, &(0x7f0000000540)="$eJzs3M1vFOUfAPDvzLblx2v7Q3wBUavE2PjS0oLKwYtGEw8YTfSAN2tbCKFQQ2sihEg1Bi8mhkTP6tHEv8CbF6OeTLzq3ZAQ5QJ6qpnZmbK7dLctLLuF/XySZZ9n5pl9nm9nnp1n5pklgJ41nP2TRGyLiN8jYrCarS8wXH27duXc1D9Xzk0lsbT05l9JXu7qlXNTZdFyu61FZiSNSD9JikrqzZ85e2JydnbmdJEfWzj53tj8mbPPHD85eWzm2MypiUOHDh4Yf/65iWfbEmcW19U9H87t3f3q2xdfmzpy8d2fv8vau61YXxtHg00N72s2nAX+91JueWFafXt83RFsbNtr0klfFxvCulQiIttd/Xn/H4xKXN95g/HKx11tHHBbZeemFie2xSXgLpZEt1sAdEd5os+uf8tXh4YeG8LlF6sXQFnc14pXdU1feameXxttv031D0fEkcV/v8pe0fo+BABAW3w29eXheHql8V8a99WU21HMoQxFxP8jYmdE3BMRuyLi3oi87P0R8cDqVaa1mcapoRvHP+mlmw5uDbLx3wvF3Fb9+G+5mUOVIrc9j78/OXp8dmZ/8TcZif5NWX68RR0/vPzb583W1Y7/sldWfzkWLNpxqa/hBt305MJkPihtg8sfRezpWyn+ZHkmIImI3RGxZ30fvaNMHH/y273NCq0efwttmGda+ibiier+X4yG+EtJ6/nJsf/F7Mz+sfKouNEvv154o1n9txR/G2T7f0v98d9YZCipna+dX38dF/74tOk1zc0e/wPJW/m2A8WyDyYXFk6PRwwkh/N83fKJ69uW+bJ8Fv/IvpX7/85imyz+ByMiO4gfioiHI+KRou2PRsRjEbGvRfw/vdR8XX38m7d1Y/9PN3z/bc7XLB//Dft//YnKiR+/X7n2r99Z2/4/mKdGiiX5998q1trAW/zzAQAAwB0hzZ+BT9LR5XSajo5Wn+HfFVvS2bn5haeOzr1/arr6rPxQ9Kflna7Bmvuh48li8YnV/ERxr7hcf6C4b/xFZXOeH52am53ucuzQ67Y26f+ZPyvdbh1w2600jzYx0IWGAB3X2P/T+uz51zvZGKCjmj5Hs6Wz7QA6b5Xn6NJOtQPoPP9fC/Sulfr/+Ya8uQC4Ozn/Q+/S/6F36f/Qu/R/6Emr/Ui+cou//Ze44xLJ2gpH2v2mboxEf0S05QMHNkQ4RaLb30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADt8V8AAAD//5qI6jE=")
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fdd411efc40800040000000000000000", 0x39}], 0x1)

695.119736ms ago: executing program 0 (id=253):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0108000002000000e27f000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00') (async)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r2, &(0x7f0000000080)=[{&(0x7f0000000100)="04", 0x1}], 0x1) (async)
writev(r2, &(0x7f0000000080)=[{&(0x7f0000000100)="04", 0x1}], 0x1)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003380)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX=r2, @ANYRES16=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x807, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000845, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r6, 0x0, 0xb}, 0x18)
r7 = socket(0x15, 0x5, 0x0)
getsockopt(r7, 0x200000000114, 0x271d, 0x0, &(0x7f0000000000))
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r8, 0x0, 0x3}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r8, 0x0, 0x3}, 0x18)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r9}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r9}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)
ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f00000002c0)={0x0, 0x1, 0x8, 0xa, 0x1d6, &(0x7f0000000f80)="38e4694d43b8ffa234d6064be9a2b44f8cef1c39ef0d9b6065bd9e0a7565d16348dec316eb4940ae37d839c06cfa1fe08ac944b57b9d82e5d9207ad2f643e0c079a546b2c9582820c6b62ddcd02cf960784562c3260d86d819484d53f5cc98a8ee910b773c6c89fb0b11100ef3c5a30f992d1b27810e1bd97a39931c66960d0451c5d36ef195aa7daac675323bed93f851c539880bf96299c9154c610bcdc1ab19ac4dfc86d582fc3713cc3a741461de5945224199dc80ffae37951cae643ba98d16a72ac0d3f4653d4e9576f01249e0c2354a5a3df8f5e44215d70876d9761a49f33dda3410150f5eeb7584a5d0397a0128a481ea4034e10b9360ecb8aabdf8e6ed082842ee9ef93fa7cde8a5545401c3d5672aaddc94e9e00d3138be810a4574b5d7155da42e21fdcedfd017b88695f78eaa987acbc3ef8b5a23aabb50762f9ddf04d8544a881eefa423e20626feb7d4a76e4fdf5c6185054d17416e1acbd660d66f7c5c2c876f14acff4afcb6574ef8789179800122236ec3e7a69b107a0d26ba6ac57f537db662749ceee43323473c853ad1a207d6ab035e23c42ae276bbb6e388780a6718bd251885f6634a3f67b63a34166aad8543a74d6338d151875853e08e4c3cde9179684d8a97d37cfd8c3f5d64b69948b567f58ca323f76ccb0be699d3a6c250f158a4fbc83e07894760dddefad2780d1c30f98ea75b11142cd84f2f83b73df573c9042e604f92d4b221b7055f9d153206bc85c0931d23ddee05e02cb581be131fbb40c2b521b7b1336c1c7b347a566aef37639f532e0e7192c4740395b9673af424c502b3a76e99c020a1c6da0416f45bd0b52765173b3f1c369c3ef4b108deff965c0b9801e3236a58c67d0f5f8af78ded2db2b674b0ce199f2cbc8f7cc3c1b05afca88454a0bbf004d66a70e663023857d6dd469231c5f39cec8337032acb289c62313bf4f02443ef0119a7af8590403105726b7ac2fcf32df8c2b27083f3a89154b75b57fd756120866e080f5b57b70bb3fb6af02ee0804e5212cc564b44c6602d6abede108a651dd11f21df9f25e9bb6df05cd40cc835600c2bda81a8fb0a5444c6c81c7073f2851d71701d94bef522009a4a0fb4ce7e3f375e2f1f700997440a1b3784306dbeb13b2a86f27ab4f862d117cb2bfa2dcc7d5f5a55688b6c7a4d23d824f9ff48ec93ec188480fa9c1b00b825ef6c512b91a70daaee1df3b4ee9a78830f0a6b8f40e00c0368a28e9cc8dfa38d435783ed69df0e9d926d03b8188bbb0c83cd2d3663112dd754094787b13cb420523fa517eb8ee4db43c431ec2028fbf9bf4db8307cc8435bd216608b502dea7a73aa0ebcfba4c5719603db0c0054de04bd6830194aeca68a3b3272a51717543c5ef768778287daf1348862d80e1a804fea4e235128bdd48ce46f5e21efcabf512ee9c187461b"}) (async)
ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f00000002c0)={0x0, 0x1, 0x8, 0xa, 0x1d6, &(0x7f0000000f80)="38e4694d43b8ffa234d6064be9a2b44f8cef1c39ef0d9b6065bd9e0a7565d16348dec316eb4940ae37d839c06cfa1fe08ac944b57b9d82e5d9207ad2f643e0c079a546b2c9582820c6b62ddcd02cf960784562c3260d86d819484d53f5cc98a8ee910b773c6c89fb0b11100ef3c5a30f992d1b27810e1bd97a39931c66960d0451c5d36ef195aa7daac675323bed93f851c539880bf96299c9154c610bcdc1ab19ac4dfc86d582fc3713cc3a741461de5945224199dc80ffae37951cae643ba98d16a72ac0d3f4653d4e9576f01249e0c2354a5a3df8f5e44215d70876d9761a49f33dda3410150f5eeb7584a5d0397a0128a481ea4034e10b9360ecb8aabdf8e6ed082842ee9ef93fa7cde8a5545401c3d5672aaddc94e9e00d3138be810a4574b5d7155da42e21fdcedfd017b88695f78eaa987acbc3ef8b5a23aabb50762f9ddf04d8544a881eefa423e20626feb7d4a76e4fdf5c6185054d17416e1acbd660d66f7c5c2c876f14acff4afcb6574ef8789179800122236ec3e7a69b107a0d26ba6ac57f537db662749ceee43323473c853ad1a207d6ab035e23c42ae276bbb6e388780a6718bd251885f6634a3f67b63a34166aad8543a74d6338d151875853e08e4c3cde9179684d8a97d37cfd8c3f5d64b69948b567f58ca323f76ccb0be699d3a6c250f158a4fbc83e07894760dddefad2780d1c30f98ea75b11142cd84f2f83b73df573c9042e604f92d4b221b7055f9d153206bc85c0931d23ddee05e02cb581be131fbb40c2b521b7b1336c1c7b347a566aef37639f532e0e7192c4740395b9673af424c502b3a76e99c020a1c6da0416f45bd0b52765173b3f1c369c3ef4b108deff965c0b9801e3236a58c67d0f5f8af78ded2db2b674b0ce199f2cbc8f7cc3c1b05afca88454a0bbf004d66a70e663023857d6dd469231c5f39cec8337032acb289c62313bf4f02443ef0119a7af8590403105726b7ac2fcf32df8c2b27083f3a89154b75b57fd756120866e080f5b57b70bb3fb6af02ee0804e5212cc564b44c6602d6abede108a651dd11f21df9f25e9bb6df05cd40cc835600c2bda81a8fb0a5444c6c81c7073f2851d71701d94bef522009a4a0fb4ce7e3f375e2f1f700997440a1b3784306dbeb13b2a86f27ab4f862d117cb2bfa2dcc7d5f5a55688b6c7a4d23d824f9ff48ec93ec188480fa9c1b00b825ef6c512b91a70daaee1df3b4ee9a78830f0a6b8f40e00c0368a28e9cc8dfa38d435783ed69df0e9d926d03b8188bbb0c83cd2d3663112dd754094787b13cb420523fa517eb8ee4db43c431ec2028fbf9bf4db8307cc8435bd216608b502dea7a73aa0ebcfba4c5719603db0c0054de04bd6830194aeca68a3b3272a51717543c5ef768778287daf1348862d80e1a804fea4e235128bdd48ce46f5e21efcabf512ee9c187461b"})
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) (async)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_emit_ethernet(0x86, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaace3500590a7f080000000078000000020011907800020000000000004e23000000649078020000000000000000000000a1ee206bf1c7506f731484b6a8ad6ba5fec73600c960a5e1e5c011534bb8c6bede64811c7d96f65f8d1da3bea3c456fef675c1b12460def9e400d5e0eec96a2ba94b486b52a6d43942bc09e9bc342016"], 0x0) (async)
syz_emit_ethernet(0x86, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaace3500590a7f080000000078000000020011907800020000000000004e23000000649078020000000000000000000000a1ee206bf1c7506f731484b6a8ad6ba5fec73600c960a5e1e5c011534bb8c6bede64811c7d96f65f8d1da3bea3c456fef675c1b12460def9e400d5e0eec96a2ba94b486b52a6d43942bc09e9bc342016"], 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000500)=ANY=[@ANYBLOB="ffffffffffff67eaa8fce2500800451200240000e0000311907800000000000000002906b7943a68d5f341ddf6234e0004000000109078b5ace4c71521b9b46d7fb2a956d793f134c9cd9439f44db5ccdc956958f1d5537963cccb91432e02e351434d2fdb656330a533b87bcb41f4789bf60172b7d4fa7d2cab11928e6133e8fe51f8f05780df6c9ff3ee07858091c81ff800b6939d411a1f60339ad26f7d79d90921a7f9d83ce12c369212f565aa874ff6f7395186da759608882989490c5fafe045aa746a42ebfe8f62058e3d0f2a21c0a0bcc71481a05414ba87"], 0x0)

694.791376ms ago: executing program 1 (id=254):
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'syztnl1\x00', &(0x7f00000001c0)={'ip6tnl0\x00', 0x0, 0x2, 0xd7, 0x8c, 0x1ff, 0x61, @local, @mcast2, 0x40, 0x1, 0xfffffff9, 0x80000003}})
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
r1 = socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0x8, &(0x7f0000000000)={0xfffffffffffffffb, 0xfffffffffffffffc}, 0x0)
getrlimit(0x5, &(0x7f00000000c0))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='sched_switch\x00', r2, 0x0, 0x2}, 0x18)
r3 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="0c0100001000130428bd700000000000e0000001000000000000000000000000000000000000000000000000000000014e2100004e2400000200202000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000001000000003c0000000a0101000000000000000000000000000400000000000000060000000000000002000000000000000400000000004000ffffffffffffffff03000000000000007f00000000000000000000000000000000000000000000000800150000000000cc000000000000000000000000000000f600000000000000000000002abd7000000000000200010500000000000000001c00040002004e2100270000fe880000000000000000000000000101"], 0x10c}}, 0x804)
write$binfmt_aout(r3, &(0x7f00000000c0)=ANY=[], 0x20)
r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000a40)={0x8, 0x80, 0x0, 0x4, 0x0, 0x7, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x2, 0x0, 0x2, 0x0, 0x8000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6, 0x0, 0x2}, 0x18)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000380)={[{@errors_remount}, {@discard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@jqfmt_vfsv1}, {@abort}, {@data_err_ignore}]}, 0x1, 0x476, &(0x7f0000000540)="$eJzs3M1vFOUfAPDvzLblx2v7Q3wBUavE2PjS0oLKwYtGEw8YTfSAN2tbCKFQQ2sihEg1Bi8mhkTP6tHEv8CbF6OeTLzq3ZAQ5QJ6qpnZmbK7dLctLLuF/XySZZ9n5pl9nm9nnp1n5pklgJ41nP2TRGyLiN8jYrCarS8wXH27duXc1D9Xzk0lsbT05l9JXu7qlXNTZdFyu61FZiSNSD9JikrqzZ85e2JydnbmdJEfWzj53tj8mbPPHD85eWzm2MypiUOHDh4Yf/65iWfbEmcW19U9H87t3f3q2xdfmzpy8d2fv8vau61YXxtHg00N72s2nAX+91JueWFafXt83RFsbNtr0klfFxvCulQiIttd/Xn/H4xKXN95g/HKx11tHHBbZeemFie2xSXgLpZEt1sAdEd5os+uf8tXh4YeG8LlF6sXQFnc14pXdU1feameXxttv031D0fEkcV/v8pe0fo+BABAW3w29eXheHql8V8a99WU21HMoQxFxP8jYmdE3BMRuyLi3oi87P0R8cDqVaa1mcapoRvHP+mlmw5uDbLx3wvF3Fb9+G+5mUOVIrc9j78/OXp8dmZ/8TcZif5NWX68RR0/vPzb583W1Y7/sldWfzkWLNpxqa/hBt305MJkPihtg8sfRezpWyn+ZHkmIImI3RGxZ30fvaNMHH/y273NCq0efwttmGda+ibiier+X4yG+EtJ6/nJsf/F7Mz+sfKouNEvv154o1n9txR/G2T7f0v98d9YZCipna+dX38dF/74tOk1zc0e/wPJW/m2A8WyDyYXFk6PRwwkh/N83fKJ69uW+bJ8Fv/IvpX7/85imyz+ByMiO4gfioiHI+KRou2PRsRjEbGvRfw/vdR8XX38m7d1Y/9PN3z/bc7XLB//Dft//YnKiR+/X7n2r99Z2/4/mKdGiiX5998q1trAW/zzAQAAwB0hzZ+BT9LR5XSajo5Wn+HfFVvS2bn5haeOzr1/arr6rPxQ9Kflna7Bmvuh48li8YnV/ERxr7hcf6C4b/xFZXOeH52am53ucuzQ67Y26f+ZPyvdbh1w2600jzYx0IWGAB3X2P/T+uz51zvZGKCjmj5Hs6Wz7QA6b5Xn6NJOtQPoPP9fC/Sulfr/+Ya8uQC4Ozn/Q+/S/6F36f/Qu/R/6Emr/Ui+cou//Ze44xLJ2gpH2v2mboxEf0S05QMHNkQ4RaLb30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADt8V8AAAD//5qI6jE=")
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fdd411efc40800040000000000000000", 0x39}], 0x1)

694.434206ms ago: executing program 2 (id=255):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000100)=<r1=>0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f0000000340)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='kfree\x00', r3}, 0x18)
r4 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_opts(r4, 0x0, 0x4, &(0x7f0000000000), 0x0)
bind$bt_sco(r2, 0x0, 0x0)
setsockopt$bt_BT_DEFER_SETUP(r2, 0x112, 0x7, 0x0, 0x0)
timer_settime(r1, 0x0, &(0x7f0000001180)={{0x77359400}}, 0x0)
r5 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0)
read$qrtrtun(r5, 0x0, 0xeffd)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fchmod(r5, 0x4)
socket(0x2c, 0x3, 0x0)
keyctl$chown(0x4, 0x0, 0xee01, 0xee00)
ioctl$BTRFS_IOC_QGROUP_LIMIT(r2, 0x8030942b, &(0x7f0000000000)={0x7, {0x26, 0xc, 0xffffffffffffffff, 0x9, 0x9}})
kexec_load(0x3e00, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0xff600000, 0x1000000}], 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r6, &(0x7f0000000080)="09490871f207bfc2c353589a7d1deb9e9eb2cd4ed332a5a51c35ff3c2916df67a0fc61748dc9d243e2fe69b5332698a58aa51bd22557dd5682c822bd72b3eccd55fe23e8cc18fe0e34f1d7da82356a9b82f6133defeee02ea90665f1bd263463d64e079c2015", &(0x7f0000000140)=""/139, 0x4}, 0x20)
unshare(0x22020400)
r7 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0500000004000000080000000900000000000000", @ANYRES32, @ANYBLOB='\a\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/20], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000800000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10)
r10 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_DAEMON(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="0100000000000000000009000000440003800800010002000000140002007663616e300000000000000000000000080003000000000014"], 0x58}}, 0x0)

693.111336ms ago: executing program 4 (id=258):
kexec_load(0x3e00, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0xff600000, 0x1000000}], 0x0)

690.415886ms ago: executing program 3 (id=259):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0x2400, @rand_addr=0x64010101}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f00000004c0)="1ed8b7f9d457", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000810b040a0101027f00000100000000001c"], 0x40}, 0x0) (fail_nth: 2)

690.022546ms ago: executing program 3 (id=260):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x2300, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="7f454c46fdc30003070000000000000002000300030000000903000038000000fcffffff0e000000000020000100050000000000000000000300000008000000f30000007f00000004"], 0x58)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x1, 0x7ffc1ffb}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRESOCT=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff000000a811a200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095", @ANYRESHEX=r0, @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x8000000, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='kmem_cache_free\x00', r3}, 0x18)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000180)={[0x4000000000]}, 0x8, 0x0)
faccessat2(r4, &(0x7f0000000040)='\x00', 0x2, 0x1200)
close(r1)
ioctl$sock_SIOCGIFCONF(r1, 0x8912, &(0x7f00000002c0)=@req={0x28, &(0x7f0000000140)={'pimreg\x00', @ifru_data=&(0x7f00000000c0)="4b2cf07e07efa2cbb6e4e501bb43899a6de283e534f20aaad565df93cbcdc317"}})
socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r6, <r7=>0xffffffffffffffff}, 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x2f, 0x10, &(0x7f0000000400)=ANY=[@ANYRESHEX, @ANYRES32=r7, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000300)='io_uring_fail_link\x00', r8, 0x0, 0x8000000000000001}, 0x18)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000140), 0x1, 0x4fa, &(0x7f0000000a00)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r9 = open(&(0x7f0000000780)='./bus\x00', 0x4c07e, 0x0)
io_setup(0x7d, &(0x7f0000000600)=<r10=>0x0)
io_submit(r10, 0x1, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x8, 0x0, r9, &(0x7f0000000040)="6a6301000000", 0x6}])
r11 = socket(0x10, 0x3, 0x9)
connect$netlink(r11, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2a, 0xfffffbff, 0x3, 0x2, 0x0, 0x2, 0x0, 0x0, 0x0, 0xa9e9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x5, 0x3, 0xfb, 0x0, 0x0, 0x0, 0x4026, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_bp={0x0, 0x6}, 0x6600, 0x0, 0xfffffffc, 0x54740b8bdb5deec3, 0x2, 0x11, 0x0, 0x0, 0x8000000, 0x0, 0x10000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x200, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x3, 0x0, 0x100000, 0x0, 0x2, 0x0, 0x80}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x8)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

689.606166ms ago: executing program 4 (id=261):
r0 = gettid()
r1 = eventfd2(0x0, 0x0)
write$eventfd(r1, &(0x7f0000000140)=0xfffffffffffffff8, 0x8)
write$eventfd(r1, &(0x7f0000000040)=0x8, 0x8) (fail_nth: 2)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x5421, 0x0)

689.458106ms ago: executing program 4 (id=262):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x14, r1, 0x1, 0x0, 0x0, {0x3}}, 0x14}}, 0x0) (fail_nth: 2)

684.719836ms ago: executing program 0 (id=263):
r0 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0), 0x4)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x1fffffd, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xb851}, 0x1c)

684.332456ms ago: executing program 1 (id=264):
setregid(0xee00, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000200)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000380)={0x2, 0x4e25, @dev={0xac, 0x14, 0x14, 0x3e}}, 0x10)
sendmmsg(r1, &(0x7f0000006140)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000740)="65c6d96326a838047976a77611d4c4ecc94b3585c42786716ad7c93fd3a228e9a1cd93801f5b4033ea9ae2b561128c2893aba2af73f86ac4a65917672e186b297cada86c7b329c4831efa7d660040c757e6ce437d7853ac2cca9605a2e18bf6529e94453fac161511f4483dc8b5294583cc78cd79fb68fb57bd8697ac1639517070e92cd2d36932b0e26cf8fdd87e817f08f7d937282c63371e22e43e8ab5c2b3d851d147f260004a12512be6e3b6b48a430a4e4747a28d766c634658499181a54867295ad5496ef6eed69b0da6b885004a5bc869e090798f4a1139e098f282ab4aefc8a67fe2087e1eadd30c54f4c87b1fb7a", 0xf3}, {&(0x7f00000002c0)="b16b5d1ddcad4b5eedb9593060ada4a1778939f40388ef540871ce291c1010f3310edf7028093cf8709632cad4866d5e448d5385c80db3518564b1194247acfb3b463ee97c794123a991311e51e1790748a23c3301974b905bbd18b3e54cb3cc90c180fba7461df205130349d430083d2c66", 0x72}], 0x2}}], 0x1, 0x4000)
close(r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)=ANY=[@ANYBLOB="740000000306010a0000000000000000010000070900020073797a30000000000900020073797a3000000000050001000700000005000100070000000900020073797a30000000000900020073797a31000000000500010007000000050001000700000005000100070000000500010007000000"], 0x74}, 0x1, 0x0, 0x0, 0x800}, 0x4000000)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000040)=@generic={&(0x7f0000000000)='./file0\x00'}, 0x18)
process_vm_readv(r0, &(0x7f0000001600)=[{&(0x7f0000000200)=""/185, 0xb9}], 0x1, &(0x7f0000001780)=[{&(0x7f0000001680)=""/236, 0xec}], 0x1, 0x0)

684.051786ms ago: executing program 2 (id=265):
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'syztnl1\x00', &(0x7f00000001c0)={'ip6tnl0\x00', 0x0, 0x2, 0xd7, 0x8c, 0x1ff, 0x61, @local, @mcast2, 0x40, 0x1, 0xfffffff9, 0x80000003}})
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
r1 = socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0x8, &(0x7f0000000000)={0xfffffffffffffffb, 0xfffffffffffffffc}, 0x0)
getrlimit(0x5, &(0x7f00000000c0))
r2 = socket$inet(0xa, 0x801, 0x84)
listen(r2, 0x8)
sendmmsg(r2, &(0x7f00000049c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='sched_switch\x00', r3, 0x0, 0x2}, 0x18)
r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="0c0100001000130428bd700000000000e0000001000000000000000000000000000000000000000000000000000000014e2100004e2400000200202000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000001000000003c0000000a0101000000000000000000000000000400000000000000060000000000000002000000000000000400000000004000ffffffffffffffff03000000000000007f00000000000000000000000000000000000000000000000800150000000000cc000000000000000000000000000000f600000000000000000000002abd7000000000000200010500000000000000001c00040002004e2100270000fe880000000000000000000000000101"], 0x10c}}, 0x804)
write$binfmt_aout(r4, &(0x7f00000000c0)=ANY=[], 0x20)
r6 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r6, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000a40)={0x8, 0x80, 0x0, 0x4, 0x0, 0x7, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x2, 0x0, 0x2, 0x0, 0x8000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7, 0x0, 0x2}, 0x18)
r8 = socket$isdn_base(0x22, 0x3, 0x0)
ioctl$IMGETVERSION(r8, 0x80044942, &(0x7f0000000140))
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000380)={[{@errors_remount}, {@discard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@jqfmt_vfsv1}, {@abort}, {@data_err_ignore}]}, 0x1, 0x476, &(0x7f0000000540)="$eJzs3M1vFOUfAPDvzLblx2v7Q3wBUavE2PjS0oLKwYtGEw8YTfSAN2tbCKFQQ2sihEg1Bi8mhkTP6tHEv8CbF6OeTLzq3ZAQ5QJ6qpnZmbK7dLctLLuF/XySZZ9n5pl9nm9nnp1n5pklgJ41nP2TRGyLiN8jYrCarS8wXH27duXc1D9Xzk0lsbT05l9JXu7qlXNTZdFyu61FZiSNSD9JikrqzZ85e2JydnbmdJEfWzj53tj8mbPPHD85eWzm2MypiUOHDh4Yf/65iWfbEmcW19U9H87t3f3q2xdfmzpy8d2fv8vau61YXxtHg00N72s2nAX+91JueWFafXt83RFsbNtr0klfFxvCulQiIttd/Xn/H4xKXN95g/HKx11tHHBbZeemFie2xSXgLpZEt1sAdEd5os+uf8tXh4YeG8LlF6sXQFnc14pXdU1feameXxttv031D0fEkcV/v8pe0fo+BABAW3w29eXheHql8V8a99WU21HMoQxFxP8jYmdE3BMRuyLi3oi87P0R8cDqVaa1mcapoRvHP+mlmw5uDbLx3wvF3Fb9+G+5mUOVIrc9j78/OXp8dmZ/8TcZif5NWX68RR0/vPzb583W1Y7/sldWfzkWLNpxqa/hBt305MJkPihtg8sfRezpWyn+ZHkmIImI3RGxZ30fvaNMHH/y273NCq0efwttmGda+ibiier+X4yG+EtJ6/nJsf/F7Mz+sfKouNEvv154o1n9txR/G2T7f0v98d9YZCipna+dX38dF/74tOk1zc0e/wPJW/m2A8WyDyYXFk6PRwwkh/N83fKJ69uW+bJ8Fv/IvpX7/85imyz+ByMiO4gfioiHI+KRou2PRsRjEbGvRfw/vdR8XX38m7d1Y/9PN3z/bc7XLB//Dft//YnKiR+/X7n2r99Z2/4/mKdGiiX5998q1trAW/zzAQAAwB0hzZ+BT9LR5XSajo5Wn+HfFVvS2bn5haeOzr1/arr6rPxQ9Kflna7Bmvuh48li8YnV/ERxr7hcf6C4b/xFZXOeH52am53ucuzQ67Y26f+ZPyvdbh1w2600jzYx0IWGAB3X2P/T+uz51zvZGKCjmj5Hs6Wz7QA6b5Xn6NJOtQPoPP9fC/Sulfr/+Ya8uQC4Ozn/Q+/S/6F36f/Qu/R/6Emr/Ui+cou//Ze44xLJ2gpH2v2mboxEf0S05QMHNkQ4RaLb30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADt8V8AAAD//5qI6jE=")
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fdd411efc40800040000000000000000", 0x39}], 0x1)

659.220447ms ago: executing program 3 (id=266):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r0, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b3709094bf70e0dd038e7ff7fc6e5539b324c078b089b3438076d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b39310d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e01000000138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12d3099dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f6dc7bcbf2a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509301815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827466cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d951061ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033095563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db87195358bfee2916580dacae008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2df086dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36ffffffff00000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817b97c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d00000f4ff000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1061}}, 0x1006)

658.480057ms ago: executing program 4 (id=267):
r0 = eventfd2(0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x80000020000005}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000180)=0xe)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r1, 0x0, 0xf, &(0x7f0000000180)=0x8, 0x4)
bind$inet(r1, &(0x7f00000006c0)={0x2, 0x4ea3, @local}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r2, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x600, 0x1}}, 0x20)
r3 = socket$kcm(0x2, 0x5, 0x0)
sendmsg$inet(r3, &(0x7f00000004c0)={&(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xff}}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000140)="9f", 0x1}], 0x1}, 0x3e8)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000000)=<r4=>0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
syz_io_uring_setup(0xd5, &(0x7f0000000640)={0x0, 0xc12d, 0x8, 0xfffffffe, 0x109}, &(0x7f0000000000)=<r6=>0x0, &(0x7f00000000c0)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r8 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$SO_ATTACH_FILTER(r8, 0x1, 0x45, &(0x7f0000000000)={0x0, 0x0}, 0x10)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r8, 0x84, 0x71, &(0x7f0000000240)={0x0, 0x401}, &(0x7f0000000280)=0x8)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r5, 0xffffffffffffffff, 0x0})
ioctl$sock_SIOCDELDLCI(r5, 0x8981, &(0x7f0000000100)={'netdevsim0\x00', 0x26})
ptrace$getregset(0x4204, r4, 0x202, &(0x7f00000000c0)={&(0x7f0000000040)=""/117, 0x75})
connect$l2tp6(r5, &(0x7f00000001c0)={0xa, 0x0, 0x94, @dev={0xfe, 0x80, '\x00', 0xa}, 0x3}, 0x20)
r9 = eventfd(0x4)
write$eventfd(r9, 0x0, 0x0)
ioctl$AUTOFS_IOC_READY(r0, 0x9360, 0xdad)

638.004107ms ago: executing program 0 (id=268):
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'syztnl1\x00', &(0x7f00000001c0)={'ip6tnl0\x00', 0x0, 0x2, 0xd7, 0x8c, 0x1ff, 0x61, @local, @mcast2, 0x40, 0x1, 0xfffffff9, 0x80000003}})
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
r1 = socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0x8, &(0x7f0000000000)={0xfffffffffffffffb, 0xfffffffffffffffc}, 0x0)
getrlimit(0x5, &(0x7f00000000c0))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='sched_switch\x00', r2, 0x0, 0x2}, 0x18)
r3 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="0c0100001000130428bd700000000000e0000001000000000000000000000000000000000000000000000000000000014e2100004e2400000200202000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000001000000003c0000000a0101000000000000000000000000000400000000000000060000000000000002000000000000000400000000004000ffffffffffffffff03000000000000007f00000000000000000000000000000000000000000000000800150000000000cc000000000000000000000000000000f600000000000000000000002abd7000000000000200010500000000000000001c00040002004e2100270000fe880000000000000000000000000101"], 0x10c}}, 0x804)
write$binfmt_aout(r3, &(0x7f00000000c0)=ANY=[], 0x20)
r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000a40)={0x8, 0x80, 0x0, 0x4, 0x0, 0x7, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x2, 0x0, 0x2, 0x0, 0x8000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6, 0x0, 0x2}, 0x18)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000380)={[{@errors_remount}, {@discard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@jqfmt_vfsv1}, {@abort}, {@data_err_ignore}]}, 0x1, 0x476, &(0x7f0000000540)="$eJzs3M1vFOUfAPDvzLblx2v7Q3wBUavE2PjS0oLKwYtGEw8YTfSAN2tbCKFQQ2sihEg1Bi8mhkTP6tHEv8CbF6OeTLzq3ZAQ5QJ6qpnZmbK7dLctLLuF/XySZZ9n5pl9nm9nnp1n5pklgJ41nP2TRGyLiN8jYrCarS8wXH27duXc1D9Xzk0lsbT05l9JXu7qlXNTZdFyu61FZiSNSD9JikrqzZ85e2JydnbmdJEfWzj53tj8mbPPHD85eWzm2MypiUOHDh4Yf/65iWfbEmcW19U9H87t3f3q2xdfmzpy8d2fv8vau61YXxtHg00N72s2nAX+91JueWFafXt83RFsbNtr0klfFxvCulQiIttd/Xn/H4xKXN95g/HKx11tHHBbZeemFie2xSXgLpZEt1sAdEd5os+uf8tXh4YeG8LlF6sXQFnc14pXdU1feameXxttv031D0fEkcV/v8pe0fo+BABAW3w29eXheHql8V8a99WU21HMoQxFxP8jYmdE3BMRuyLi3oi87P0R8cDqVaa1mcapoRvHP+mlmw5uDbLx3wvF3Fb9+G+5mUOVIrc9j78/OXp8dmZ/8TcZif5NWX68RR0/vPzb583W1Y7/sldWfzkWLNpxqa/hBt305MJkPihtg8sfRezpWyn+ZHkmIImI3RGxZ30fvaNMHH/y273NCq0efwttmGda+ibiier+X4yG+EtJ6/nJsf/F7Mz+sfKouNEvv154o1n9txR/G2T7f0v98d9YZCipna+dX38dF/74tOk1zc0e/wPJW/m2A8WyDyYXFk6PRwwkh/N83fKJ69uW+bJ8Fv/IvpX7/85imyz+ByMiO4gfioiHI+KRou2PRsRjEbGvRfw/vdR8XX38m7d1Y/9PN3z/bc7XLB//Dft//YnKiR+/X7n2r99Z2/4/mKdGiiX5998q1trAW/zzAQAAwB0hzZ+BT9LR5XSajo5Wn+HfFVvS2bn5haeOzr1/arr6rPxQ9Kflna7Bmvuh48li8YnV/ERxr7hcf6C4b/xFZXOeH52am53ucuzQ67Y26f+ZPyvdbh1w2600jzYx0IWGAB3X2P/T+uz51zvZGKCjmj5Hs6Wz7QA6b5Xn6NJOtQPoPP9fC/Sulfr/+Ya8uQC4Ozn/Q+/S/6F36f/Qu/R/6Emr/Ui+cou//Ze44xLJ2gpH2v2mboxEf0S05QMHNkQ4RaLb30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADt8V8AAAD//5qI6jE=")
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fdd411efc40800040000000000000000", 0x39}], 0x1) (fail_nth: 2)

440.128051ms ago: executing program 3 (id=269):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0x2400, @rand_addr=0x64010101}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f00000004c0)="1ed8b7f9d457", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000810b040a0101027f00000100000000001c"], 0x40}, 0x0)

393.847812ms ago: executing program 4 (id=270):
r0 = semget$private(0x0, 0x6, 0x0)
semtimedop(r0, &(0x7f00000003c0)=[{0x2, 0x4, 0x1800}], 0x1, 0x0)
semop(r0, &(0x7f00000000c0)=[{0x2}], 0x1)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f00000008c0))

392.789612ms ago: executing program 1 (id=271):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00'}, 0x10)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
timerfd_create(0x0, 0x800)

386.520702ms ago: executing program 3 (id=272):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
r1 = socket$netlink(0x10, 0x3, 0x4)
write(r1, &(0x7f00000000c0)="29000000140005b7ff000051915f95eb01010003a606a40e07fff024bb000000000000000040000000", 0x29)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x408a73, 0x100, 0x0, 0x1b7}, &(0x7f0000000300)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000000)=0x103, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r3, 0x47ba, 0x3000000, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2, 0x0, 0x4}, 0x18)
ioctl$sock_inet_SIOCSIFBRDADDR(r0, 0x891a, &(0x7f0000000000)={'batadv_slave_1\x00', {0x2, 0x4e24, @private=0xa010100}})

315.843894ms ago: executing program 1 (id=273):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a80)={0xffffffffffffffff, 0xe0, &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000ac0)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa, &(0x7f00000006c0)=[0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r3=>0x0, 0x5d, &(0x7f00000007c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f00000008c0), &(0x7f0000000900), 0x8, 0xb3, 0x8, 0x8, &(0x7f0000000940)}}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
r5 = openat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x4000c0, 0x9)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000640)={&(0x7f0000000280)="4482b7f59e606b56c5e744e2cab5a54ac7fa602d23aa46c3180cdac7770a2c35b7b9ca4ab98c7476b0a74ac5b1238c12daac3fea404d87b781fa2852c5024281b60a5c6c4c03c14a53f3e0ac", &(0x7f0000000340)=""/86, &(0x7f00000003c0)="59c07fd5b1656edaefbc93d91c49febbe0041b2f522981ed117fc0239ac98309543e4f603ed6dd60a3a9040d9bbb4e8ffdf3f4733be8557f848220c2f9a01b6d91dc16aa06f31f54f965fc4b43b0e2ba2e33fa48eb79c61b334ff33b9497ebc3f45c1b297268b7bb4553487ef981c0218aba9cf2d3325c0917fa0a85fdb81a024cf7fa3ad78ca9b0e7c4e8d0aefd4c61310908609eaa9a0c008a61df598ff7f81858589a3d83e87b0ae09535214f6b74066440ed842da82224cf496d7320482917e44205eb12fb2a5b180bb4c1b84b2dc809baab32a70ba025b846198edd033cdc6ea0de916560158452cbbb", &(0x7f0000000540)="899c77a8953d5c4f9e0e9179dbe89af174b1563da8cb74f531fa9a07694ff3e858502c4654f72a06dcfa4eba8cbcae7e24bd3d74c7f7224c12dadaab97b060b11718ed30219f44a440abb52e14631d2c601a10969c4e8c3a77532501f2c55a6d07639e2f3911d76b414a555628147986ab602d60ee5c2bf54c3b168570ae80f036f8da", 0x6, r5}, 0x38)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r6, 0x1, 0x3, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r7 = socket$key(0xf, 0x3, 0x2)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r8, <r9=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r10, 0x0, 0xfffffffffffffffe}, 0x18)
r11 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)={0x1b, 0x0, 0x0, 0x4, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x1, 0x2}, 0x50)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r7, 0x8933, &(0x7f0000000300)={'wg0\x00', <r12=>0x0})
r13 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2)
r14 = dup(r13)
ioctl$USBDEVFS_CONTROL(r14, 0xc0185500, &(0x7f00000008c0)={0x80, 0x6, 0xf00, 0x0, 0x0, 0x5, 0x0})
sigaltstack(&(0x7f0000000880)={&(0x7f0000000ec0)=""/4096, 0x2, 0x1000}, 0x0)
r15 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f00000005c0), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x17, 0x1b, &(0x7f00000004c0)=ANY=[@ANYBLOB="18004963d81300000000000008fff10018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000183b000004000000000000000000000018400000020000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000050000008500000006000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x7e, &(0x7f0000000280)=""/126, 0x0, 0x24, '\x00', r12, @cgroup_sysctl, r14, 0x8, &(0x7f0000000380)={0x2, 0x1}, 0x8, 0x10, &(0x7f00000003c0)={0x4, 0xe, 0xfff, 0xfffffffb}, 0x10, 0x0, r15, 0x5, &(0x7f0000000600)=[r9, r9, r8, r9, r9, r8, r9], &(0x7f0000000640)=[{0x5, 0x1, 0xd, 0x5}, {0x4, 0x4, 0x9, 0xb}, {0x0, 0x1, 0xb, 0x1}, {0x3, 0x5, 0xa, 0x5}, {0x5, 0x4, 0x6, 0x5}], 0x10, 0xfffff4f0}, 0x94)
sendmsg$key(r7, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)={0x2, 0x3, 0x0, 0x3, 0xc, 0x0, 0x700, 0x0, [@sadb_key={0x2, 0x9, 0x8, 0x0, "01"}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @private}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x2, 0xd}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @dev}}]}, 0x60}, 0x1, 0x7}, 0x0)
syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240))

266.083384ms ago: executing program 4 (id=274):
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000280)={0xffffffff}, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x26}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$netlink(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)

134.087087ms ago: executing program 3 (id=275):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0xd146, 0x0, 0xc, 0x288}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r0, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='0'], 0x30}})
io_uring_enter(r1, 0x3516, 0x0, 0x4, 0x0, 0x0)

0s ago: executing program 0 (id=276):
r0 = socket(0xa, 0x3, 0x3a)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r2, 0x0, 0x8000000000004}, 0x18)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x400000000000000)
r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x101201, 0x0)
ioctl$IMADDTIMER(r3, 0x80044940, &(0x7f0000000600)=0x14)
ioctl$IMADDTIMER(r3, 0x80044940, &(0x7f0000000080)=0x14)
close(r3)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1, 0x8, 0x0, 0x401}, 0xc)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x2, 0x2, &(0x7f0000000000)=[0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0], 0x0, 0x61, &(0x7f00000001c0)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f0000000200), &(0x7f0000000240), 0x8, 0x5f, 0x8, 0x8, &(0x7f0000000280)}}, 0x10)
r5 = creat(&(0x7f0000000600)='./file0\x00', 0x42)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b00000000000000000000000001000000000000", @ANYRES32, @ANYBLOB="0500"/20, @ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="00000000000000000400000000000000000000000000000000000000f80b426a325b6e0f17318693706bb5569a5e2cb7b3437c3f7d1ce3c99700cfb0a855a04304094cd72c5d6923ed035caa620f1dcdadeca6e0b5fbf6347d41b45895f8be52d04140c7aab62c678c1be34aba56d243a1cb3d9b161817670f7169647aaa15f86ba1ac4679bfa19fa6313edae40b9aa24caf33797f9034ccd4e6fa6fbe50f7ebaf84885fdf81f7dc5e00c8e4c0523a59a21c1c6be811eb98b97080ece5"], 0x50)
sendmsg$nl_route_sched(r0, &(0x7f00000005c0)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000440)=@newqdisc={0x110, 0x24, 0x400, 0x70bd29, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0xf, 0x6}, {0x5, 0xffe0}, {0x9, 0xfff2}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x5}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x1c}, @qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0xe, 0x5, 0xfffffffa, 0x5, 0x6}, 0xb20, 0x0, 0x56de, 0x4, 0x5, 0x15, 0x1c, 0x5, 0x1, 0x7f, {0x7bad, 0x10001, 0x64, 0x1ff, 0x2, 0x8001}}}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xf0, 0xff, 0x60, 0x4, 0x2, 0x80000001, 0x6, 0x1}}, {0x6, 0x2, [0xfffa]}}]}, @qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0xaefd03f}}, @qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x0, 0x8, 0x5d, 0x6691, 0x7, 0x2, 0x2, 0x2, 0x2}}}}, @TCA_RATE={0x6, 0x5, {0x7e, 0x9}}, @TCA_RATE={0x6, 0x5, {0x3, 0x6}}]}, 0x110}, 0x1, 0x0, 0x0, 0x40084}, 0x51)
r6 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r6, &(0x7f0000000040)={0x28, 0x0, 0x2710}, 0x10)
connect$vsock_stream(r6, &(0x7f0000000400)={0x28, 0x0, 0x2710, @host}, 0x10)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r7, 0xc0c0583b, &(0x7f0000001f40)={0x0, 0x2904c, 0x0, 0x10003, '\x00', [{0x0, 0x5, 0x0, 0xffffffffffffffff}, {0xffffffff, 0x0, 0x9, 0x100000000002}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=@bloom_filter={0x1e, 0x0, 0xffff, 0x9, 0x14020, r7, 0x2, '\x00', r4, r5, 0x2, 0x0, 0x0, 0x8, @void, @value, @value=r5}, 0x50)
perf_event_open(&(0x7f00000010c0)={0x2, 0x80, 0x99, 0x0, 0x0, 0x0, 0x0, 0x2, 0x80040, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xa, 0x7}, 0x8781, 0x2000000, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r8, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0xc0}, 0x94)
recvmmsg(r8, &(0x7f0000003d40)=[{{0x0, 0x94, 0x0}, 0x5}], 0x1, 0x2, 0x0)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r9, 0x5, 0x1, 0x0, &(0x7f0000000000)='%', 0x0, 0xd03, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040), 0x4)

kernel console output (not intermixed with test programs):

 audit(1758492553.347:63): avc:  denied  { mount } for  pid=3293 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   33.152734][   T29] audit: type=1400 audit(1758492553.387:64): avc:  denied  { unmount } for  pid=3293 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   33.291433][ T3293] cgroup: Unknown subsys name 'cpuset'
[   33.297831][ T3293] cgroup: Unknown subsys name 'rlimit'
[   33.449199][   T29] audit: type=1400 audit(1758492553.687:65): avc:  denied  { setattr } for  pid=3293 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   33.474085][   T29] audit: type=1400 audit(1758492553.697:66): avc:  denied  { create } for  pid=3293 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   33.494592][   T29] audit: type=1400 audit(1758492553.697:67): avc:  denied  { write } for  pid=3293 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   33.514997][   T29] audit: type=1400 audit(1758492553.697:68): avc:  denied  { read } for  pid=3293 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   33.519954][ T3295] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[   33.535323][   T29] audit: type=1400 audit(1758492553.697:69): avc:  denied  { mounton } for  pid=3293 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   33.568748][   T29] audit: type=1400 audit(1758492553.697:70): avc:  denied  { mount } for  pid=3293 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   33.583878][ T3293] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   33.592122][   T29] audit: type=1400 audit(1758492553.797:71): avc:  denied  { relabelto } for  pid=3295 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   34.686198][ T3302] chnl_net:caif_netlink_parms(): no params data found
[   34.778219][ T3302] bridge0: port 1(bridge_slave_0) entered blocking state
[   34.785357][ T3302] bridge0: port 1(bridge_slave_0) entered disabled state
[   34.792745][ T3302] bridge_slave_0: entered allmulticast mode
[   34.799377][ T3302] bridge_slave_0: entered promiscuous mode
[   34.806202][ T3302] bridge0: port 2(bridge_slave_1) entered blocking state
[   34.813488][ T3302] bridge0: port 2(bridge_slave_1) entered disabled state
[   34.820659][ T3302] bridge_slave_1: entered allmulticast mode
[   34.827026][ T3302] bridge_slave_1: entered promiscuous mode
[   34.870141][ T3302] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   34.883864][ T3303] chnl_net:caif_netlink_parms(): no params data found
[   34.898491][ T3302] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   34.923081][ T3302] team0: Port device team_slave_0 added
[   34.931610][ T3310] chnl_net:caif_netlink_parms(): no params data found
[   34.951636][ T3302] team0: Port device team_slave_1 added
[   34.988611][ T3303] bridge0: port 1(bridge_slave_0) entered blocking state
[   34.995744][ T3303] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.003055][ T3303] bridge_slave_0: entered allmulticast mode
[   35.009412][ T3303] bridge_slave_0: entered promiscuous mode
[   35.028484][ T3303] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.035602][ T3303] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.043687][ T3303] bridge_slave_1: entered allmulticast mode
[   35.050023][ T3303] bridge_slave_1: entered promiscuous mode
[   35.062855][ T3302] batman_adv: batadv0: Adding interface: batadv_slave_0
[   35.069819][ T3302] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   35.095826][ T3302] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   35.121755][ T3303] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   35.131234][ T3302] batman_adv: batadv0: Adding interface: batadv_slave_1
[   35.138212][ T3302] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   35.164127][ T3302] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   35.184543][ T3303] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   35.219030][ T3308] chnl_net:caif_netlink_parms(): no params data found
[   35.237525][ T3302] hsr_slave_0: entered promiscuous mode
[   35.243856][ T3302] hsr_slave_1: entered promiscuous mode
[   35.271161][ T3310] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.278242][ T3310] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.285455][ T3310] bridge_slave_0: entered allmulticast mode
[   35.291873][ T3310] bridge_slave_0: entered promiscuous mode
[   35.299150][ T3303] team0: Port device team_slave_0 added
[   35.327334][ T3310] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.334526][ T3310] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.341734][ T3310] bridge_slave_1: entered allmulticast mode
[   35.348195][ T3310] bridge_slave_1: entered promiscuous mode
[   35.355248][ T3303] team0: Port device team_slave_1 added
[   35.389556][ T3303] batman_adv: batadv0: Adding interface: batadv_slave_0
[   35.396563][ T3303] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   35.422675][ T3303] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   35.435569][ T3303] batman_adv: batadv0: Adding interface: batadv_slave_1
[   35.442573][ T3303] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   35.468533][ T3303] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   35.484632][ T3308] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.491729][ T3308] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.498914][ T3308] bridge_slave_0: entered allmulticast mode
[   35.505513][ T3308] bridge_slave_0: entered promiscuous mode
[   35.516970][ T3311] chnl_net:caif_netlink_parms(): no params data found
[   35.533132][ T3308] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.540206][ T3308] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.547493][ T3308] bridge_slave_1: entered allmulticast mode
[   35.553938][ T3308] bridge_slave_1: entered promiscuous mode
[   35.561285][ T3310] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   35.571704][ T3310] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   35.630666][ T3310] team0: Port device team_slave_0 added
[   35.637242][ T3310] team0: Port device team_slave_1 added
[   35.649545][ T3308] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   35.681231][ T3308] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   35.697682][ T3303] hsr_slave_0: entered promiscuous mode
[   35.703814][ T3303] hsr_slave_1: entered promiscuous mode
[   35.709586][ T3303] debugfs: 'hsr0' already exists in 'hsr'
[   35.715342][ T3303] Cannot create hsr debugfs directory
[   35.721149][ T3310] batman_adv: batadv0: Adding interface: batadv_slave_0
[   35.728121][ T3310] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   35.754126][ T3310] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   35.783489][ T3308] team0: Port device team_slave_0 added
[   35.790053][ T3308] team0: Port device team_slave_1 added
[   35.796783][ T3310] batman_adv: batadv0: Adding interface: batadv_slave_1
[   35.803751][ T3310] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   35.829750][ T3310] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   35.870314][ T3311] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.877592][ T3311] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.885129][ T3311] bridge_slave_0: entered allmulticast mode
[   35.891595][ T3311] bridge_slave_0: entered promiscuous mode
[   35.915488][ T3310] hsr_slave_0: entered promiscuous mode
[   35.921649][ T3310] hsr_slave_1: entered promiscuous mode
[   35.927588][ T3310] debugfs: 'hsr0' already exists in 'hsr'
[   35.933358][ T3310] Cannot create hsr debugfs directory
[   35.939006][ T3311] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.946134][ T3311] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.953337][ T3311] bridge_slave_1: entered allmulticast mode
[   35.959703][ T3311] bridge_slave_1: entered promiscuous mode
[   35.966130][ T3308] batman_adv: batadv0: Adding interface: batadv_slave_0
[   35.973133][ T3308] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   35.999055][ T3308] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.024654][ T3308] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.032102][ T3308] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.058000][ T3308] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   36.074337][ T3302] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   36.097522][ T3311] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   36.110293][ T3311] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   36.122543][ T3302] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   36.132406][ T3302] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   36.141198][ T3302] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   36.184374][ T3311] team0: Port device team_slave_0 added
[   36.203399][ T3311] team0: Port device team_slave_1 added
[   36.213974][ T3308] hsr_slave_0: entered promiscuous mode
[   36.220060][ T3308] hsr_slave_1: entered promiscuous mode
[   36.226067][ T3308] debugfs: 'hsr0' already exists in 'hsr'
[   36.231843][ T3308] Cannot create hsr debugfs directory
[   36.252675][ T3311] batman_adv: batadv0: Adding interface: batadv_slave_0
[   36.259645][ T3311] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.285621][ T3311] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.307921][ T3311] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.314931][ T3311] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.340876][ T3311] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   36.416512][ T3311] hsr_slave_0: entered promiscuous mode
[   36.422580][ T3311] hsr_slave_1: entered promiscuous mode
[   36.428545][ T3311] debugfs: 'hsr0' already exists in 'hsr'
[   36.434328][ T3311] Cannot create hsr debugfs directory
[   36.490327][ T3303] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   36.504876][ T3303] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   36.521100][ T3303] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   36.536220][ T3303] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   36.569126][ T3310] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   36.578068][ T3310] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   36.587268][ T3310] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   36.596095][ T3310] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   36.614993][ T3302] 8021q: adding VLAN 0 to HW filter on device bond0
[   36.633880][ T3308] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   36.644995][ T3308] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   36.654152][ T3308] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   36.666754][ T3308] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   36.688173][ T3302] 8021q: adding VLAN 0 to HW filter on device team0
[   36.720222][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.727315][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[   36.742196][ T3311] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   36.752790][ T3311] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   36.763879][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.770959][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[   36.782735][ T3311] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   36.792516][ T3311] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   36.840751][ T3310] 8021q: adding VLAN 0 to HW filter on device bond0
[   36.865929][ T3303] 8021q: adding VLAN 0 to HW filter on device bond0
[   36.875658][ T3310] 8021q: adding VLAN 0 to HW filter on device team0
[   36.893051][ T3303] 8021q: adding VLAN 0 to HW filter on device team0
[   36.907027][ T3308] 8021q: adding VLAN 0 to HW filter on device bond0
[   36.917349][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.924521][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[   36.933586][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.940676][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[   36.965396][ T3310] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   36.975867][ T3310] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   36.992151][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.999277][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.018639][  T180] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.025743][  T180] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.064628][ T3311] 8021q: adding VLAN 0 to HW filter on device bond0
[   37.074025][ T3308] 8021q: adding VLAN 0 to HW filter on device team0
[   37.091585][  T180] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.098692][  T180] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.114738][ T2751] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.121862][ T2751] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.136609][ T3302] 8021q: adding VLAN 0 to HW filter on device batadv0
[   37.160476][ T3311] 8021q: adding VLAN 0 to HW filter on device team0
[   37.176358][ T2751] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.183497][ T2751] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.204698][ T2751] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.211826][ T2751] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.231586][ T3310] 8021q: adding VLAN 0 to HW filter on device batadv0
[   37.249827][ T3311] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   37.260326][ T3311] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   37.315184][ T3308] 8021q: adding VLAN 0 to HW filter on device batadv0
[   37.362477][ T3303] 8021q: adding VLAN 0 to HW filter on device batadv0
[   37.377877][ T3302] veth0_vlan: entered promiscuous mode
[   37.398540][ T3302] veth1_vlan: entered promiscuous mode
[   37.438094][ T3311] 8021q: adding VLAN 0 to HW filter on device batadv0
[   37.452725][ T3302] veth0_macvtap: entered promiscuous mode
[   37.469815][ T3302] veth1_macvtap: entered promiscuous mode
[   37.521969][ T3308] veth0_vlan: entered promiscuous mode
[   37.531028][ T3302] batman_adv: batadv0: Interface activated: batadv_slave_0
[   37.541673][ T3302] batman_adv: batadv0: Interface activated: batadv_slave_1
[   37.575341][ T3303] veth0_vlan: entered promiscuous mode
[   37.593566][ T3425] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   37.605459][ T3425] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   37.614550][ T3425] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   37.623886][ T3303] veth1_vlan: entered promiscuous mode
[   37.633353][ T3425] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   37.643239][ T3310] veth0_vlan: entered promiscuous mode
[   37.650860][ T3308] veth1_vlan: entered promiscuous mode
[   37.664114][ T3310] veth1_vlan: entered promiscuous mode
[   37.691193][ T3311] veth0_vlan: entered promiscuous mode
[   37.699417][ T3311] veth1_vlan: entered promiscuous mode
[   37.712438][ T3303] veth0_macvtap: entered promiscuous mode
[   37.728101][ T3302] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   37.744876][ T3303] veth1_macvtap: entered promiscuous mode
[   37.760053][ T3308] veth0_macvtap: entered promiscuous mode
[   37.778103][ T3310] veth0_macvtap: entered promiscuous mode
[   37.789409][ T3303] batman_adv: batadv0: Interface activated: batadv_slave_0
[   37.799081][ T3311] veth0_macvtap: entered promiscuous mode
[   37.816368][ T3310] veth1_macvtap: entered promiscuous mode
[   37.824405][ T3303] batman_adv: batadv0: Interface activated: batadv_slave_1
[   37.839125][ T3308] veth1_macvtap: entered promiscuous mode
[   37.848504][   T37] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   37.858576][ T3311] veth1_macvtap: entered promiscuous mode
[   37.871510][   T37] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   37.880255][   T37] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   37.889440][   T37] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   37.909646][ T3311] batman_adv: batadv0: Interface activated: batadv_slave_0
[   37.917660][ T3310] batman_adv: batadv0: Interface activated: batadv_slave_0
[   37.928196][ T3308] batman_adv: batadv0: Interface activated: batadv_slave_0
[   37.940170][ T3310] batman_adv: batadv0: Interface activated: batadv_slave_1
[   37.954726][ T3308] batman_adv: batadv0: Interface activated: batadv_slave_1
[   37.969172][ T3311] batman_adv: batadv0: Interface activated: batadv_slave_1
[   37.987505][ T3425] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.026135][ T3425] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.078173][ T3425] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.114332][ T3425] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.170642][   T29] kauditd_printk_skb: 26 callbacks suppressed
[   38.170659][   T29] audit: type=1400 audit(1758492558.407:98): avc:  denied  { create } for  pid=3492 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   38.216533][   T29] audit: type=1400 audit(1758492558.457:99): avc:  denied  { setopt } for  pid=3492 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   38.216537][ T3425] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.216583][ T3425] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.235705][   T29] audit: type=1400 audit(1758492558.457:100): avc:  denied  { open } for  pid=3492 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   38.272117][   T29] audit: type=1400 audit(1758492558.457:101): avc:  denied  { perfmon } for  pid=3492 comm="syz.2.3" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   38.284140][ T3425] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.292743][   T29] audit: type=1400 audit(1758492558.457:102): avc:  denied  { kernel } for  pid=3492 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   38.319050][ T3425] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.363445][ T3425] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.373630][ T3425] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.460442][   T29] audit: type=1326 audit(1758492558.577:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3492 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1c1bfec29 code=0x7ffc0000
[   38.483702][   T29] audit: type=1326 audit(1758492558.577:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3492 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe1c1bfec29 code=0x7ffc0000
[   38.506821][   T29] audit: type=1400 audit(1758492558.577:105): avc:  denied  { map_create } for  pid=3492 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   38.525635][   T29] audit: type=1400 audit(1758492558.577:106): avc:  denied  { bpf } for  pid=3492 comm="syz.2.3" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   38.545944][   T29] audit: type=1400 audit(1758492558.577:107): avc:  denied  { map_write } for  pid=3492 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   38.600995][ T3425] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.654838][ T3515] siw: device registration error -23
[   38.680246][ T3425] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.692971][ T3516] siw: device registration error -23
[   38.730611][ T3497] lo speed is unknown, defaulting to 1000
[   38.762229][ T3497] lo speed is unknown, defaulting to 1000
[   38.859782][ T3497] lo speed is unknown, defaulting to 1000
[   38.921246][ T3497] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   39.013000][ T3497] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   39.111197][ T3497] lo speed is unknown, defaulting to 1000
[   39.137983][ T3497] lo speed is unknown, defaulting to 1000
[   39.166240][ T3497] lo speed is unknown, defaulting to 1000
[   39.206932][ T3497] lo speed is unknown, defaulting to 1000
[   39.250913][ T3497] lo speed is unknown, defaulting to 1000
[   39.293006][ T3526] siw: device registration error -23
[   39.334410][ T3528] siw: device registration error -23
[   39.644675][ T3535] loop0: detected capacity change from 0 to 512
[   39.681834][ T3535] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[   39.766051][ T3497] syz.2.3 (3497) used greatest stack depth: 10712 bytes left
[   39.925855][ T3544] siw: device registration error -23
[   40.103844][ T3551] siw: device registration error -23
[   40.222696][ T3554] siw: device registration error -23
[   40.522369][ T3561] siw: device registration error -23
[   40.724878][ T3565] loop4: detected capacity change from 0 to 512
[   40.766393][ T3565] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
[   40.839682][ T3569] lo speed is unknown, defaulting to 1000
[   40.897851][ T3575] siw: device registration error -23
[   41.208129][ T3589] siw: device registration error -23
[   41.394135][ T3606] siw: device registration error -23
[   41.731552][ T3616] siw: device registration error -23
[   41.809896][ T3617] siw: device registration error -23
[   42.065161][ T3624] siw: device registration error -23
[   42.416132][ T3637] siw: device registration error -23
[   42.712320][ T3645] siw: device registration error -23
[   42.787423][ T3650] loop0: detected capacity change from 0 to 128
[   42.800182][ T3650] syz.0.39: attempt to access beyond end of device
[   42.800182][ T3650] loop0: rw=2049, sector=154, nr_sectors = 8 limit=128
[   42.816021][ T3650] syz.0.39: attempt to access beyond end of device
[   42.816021][ T3650] loop0: rw=2049, sector=160, nr_sectors = 2 limit=128
[   42.829477][ T3650] Buffer I/O error on dev loop0, logical block 80, lost async page write
[   42.863824][ T3650] syz.0.39: attempt to access beyond end of device
[   42.863824][ T3650] loop0: rw=2049, sector=162, nr_sectors = 8 limit=128
[   42.891707][ T3650] syz.0.39: attempt to access beyond end of device
[   42.891707][ T3650] loop0: rw=2049, sector=168, nr_sectors = 2 limit=128
[   42.905123][ T3650] Buffer I/O error on dev loop0, logical block 84, lost async page write
[   42.938970][ T3650] syz.0.39: attempt to access beyond end of device
[   42.938970][ T3650] loop0: rw=2049, sector=186, nr_sectors = 8 limit=128
[   43.010847][ T3650] syz.0.39: attempt to access beyond end of device
[   43.010847][ T3650] loop0: rw=2049, sector=192, nr_sectors = 2 limit=128
[   43.024323][ T3650] Buffer I/O error on dev loop0, logical block 96, lost async page write
[   43.075655][ T3656] serio: Serial port ptm0
[   43.082468][ T3650] syz.0.39: attempt to access beyond end of device
[   43.082468][ T3650] loop0: rw=2049, sector=194, nr_sectors = 8 limit=128
[   43.125407][ T3650] syz.0.39: attempt to access beyond end of device
[   43.125407][ T3650] loop0: rw=2049, sector=200, nr_sectors = 2 limit=128
[   43.139162][ T3650] Buffer I/O error on dev loop0, logical block 100, lost async page write
[   43.185576][ T3650] syz.0.39: attempt to access beyond end of device
[   43.185576][ T3650] loop0: rw=2049, sector=218, nr_sectors = 8 limit=128
[   43.211773][   T29] kauditd_printk_skb: 512 callbacks suppressed
[   43.211789][   T29] audit: type=1326 audit(2000000000.440:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3657 comm="syz.1.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d09bdec29 code=0x7ffc0000
[   43.240312][ T3650] syz.0.39: attempt to access beyond end of device
[   43.240312][ T3650] loop0: rw=2049, sector=224, nr_sectors = 2 limit=128
[   43.254456][ T3650] Buffer I/O error on dev loop0, logical block 112, lost async page write
[   43.283449][   T29] audit: type=1326 audit(2000000000.440:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3657 comm="syz.1.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d09bdec29 code=0x7ffc0000
[   43.306821][   T29] audit: type=1326 audit(2000000000.440:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3657 comm="syz.1.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d09bdec29 code=0x7ffc0000
[   43.307554][ T3650] Buffer I/O error on dev loop0, logical block 116, lost async page write
[   43.330171][   T29] audit: type=1326 audit(2000000000.440:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3657 comm="syz.1.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d09bdec29 code=0x7ffc0000
[   43.362355][   T29] audit: type=1326 audit(2000000000.440:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3657 comm="syz.1.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d09bdec29 code=0x7ffc0000
[   43.373152][ T3663] siw: device registration error -23
[   43.386233][   T29] audit: type=1326 audit(2000000000.440:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3657 comm="syz.1.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d09bdec29 code=0x7ffc0000
[   43.412979][ T3650] Buffer I/O error on dev loop0, logical block 88, lost async page write
[   43.414130][   T29] audit: type=1326 audit(2000000000.440:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3657 comm="syz.1.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4d09bdec29 code=0x7ffc0000
[   43.445859][   T29] audit: type=1326 audit(2000000000.440:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3657 comm="syz.1.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d09bdec29 code=0x7ffc0000
[   43.446364][ T3650] Buffer I/O error on dev loop0, logical block 92, lost async page write
[   43.469439][   T29] audit: type=1326 audit(2000000000.440:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3657 comm="syz.1.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d09bdec29 code=0x7ffc0000
[   43.500893][   T29] audit: type=1326 audit(2000000000.440:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3657 comm="syz.1.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4d09bdec29 code=0x7ffc0000
[   43.586135][ T3650] Buffer I/O error on dev loop0, logical block 120, lost async page write
[   43.652715][ T3650] Buffer I/O error on dev loop0, logical block 124, lost async page write
[   43.854346][ T3673] loop4: detected capacity change from 0 to 256
[   43.865451][ T3673] vfat: Unknown parameter 'rodirt'
[   44.153258][ T3677] siw: device registration error -23
[   44.341564][ T3681] loop2: detected capacity change from 0 to 512
[   44.348402][ T3681] ext4: Bad value for 'auto_da_alloc'
[   44.504809][ T3689] loop1: detected capacity change from 0 to 1024
[   44.512598][ T3689] =======================================================
[   44.512598][ T3689] WARNING: The mand mount option has been deprecated and
[   44.512598][ T3689]          and is ignored by this kernel. Remove the mand
[   44.512598][ T3689]          option from the mount to silence this warning.
[   44.512598][ T3689] =======================================================
[   44.587145][ T3689] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.619897][ T3699] loop0: detected capacity change from 0 to 512
[   44.646126][ T3689] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.48: Allocating blocks 465-513 which overlap fs metadata
[   44.679223][ T3690] siw: device registration error -23
[   44.690574][ T3699] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   44.703755][ T3699] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   44.722794][ T3689] EXT4-fs (loop1): pa ffff888100620070: logic 256, phys. 369, len 9
[   44.730884][ T3689] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   44.770773][ T3689] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   44.785198][ T3699] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   44.833753][ T3699] EXT4-fs (loop0): 1 truncate cleaned up
[   44.839981][ T3699] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.980667][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.023879][ T3709] syz.0.51 uses obsolete (PF_INET,SOCK_PACKET)
[   45.056669][ T3709] GUP no longer grows the stack in syz.0.51 (3709): 200000004000-20000000a000 (200000002000)
[   45.066981][ T3709] CPU: 1 UID: 0 PID: 3709 Comm: syz.0.51 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   45.067016][ T3709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   45.067081][ T3709] Call Trace:
[   45.067087][ T3709]  <TASK>
[   45.067094][ T3709]  __dump_stack+0x1d/0x30
[   45.067118][ T3709]  dump_stack_lvl+0xe8/0x140
[   45.067142][ T3709]  dump_stack+0x15/0x1b
[   45.067168][ T3709]  __get_user_pages+0x198d/0x1fa0
[   45.067257][ T3709]  ? __rcu_read_unlock+0x4f/0x70
[   45.067287][ T3709]  get_user_pages_remote+0x1d5/0x6d0
[   45.067390][ T3709]  __access_remote_vm+0x15c/0x590
[   45.067418][ T3709]  access_remote_vm+0x32/0x40
[   45.067469][ T3709]  proc_pid_cmdline_read+0x32b/0x6c0
[   45.067550][ T3709]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[   45.067696][ T3709]  vfs_readv+0x3f8/0x690
[   45.067733][ T3709]  __x64_sys_preadv+0xfd/0x1c0
[   45.067761][ T3709]  x64_sys_call+0x282a/0x2ff0
[   45.067845][ T3709]  do_syscall_64+0xd2/0x200
[   45.067887][ T3709]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   45.067990][ T3709]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   45.068028][ T3709]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.068053][ T3709] RIP: 0033:0x7f80b083ec29
[   45.068073][ T3709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.068105][ T3709] RSP: 002b:00007f80af286038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[   45.068126][ T3709] RAX: ffffffffffffffda RBX: 00007f80b0a86090 RCX: 00007f80b083ec29
[   45.068141][ T3709] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 000000000000000a
[   45.068225][ T3709] RBP: 00007f80b08c1e41 R08: 00000000fffffffe R09: 0000000000000000
[   45.068240][ T3709] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[   45.068255][ T3709] R13: 00007f80b0a86128 R14: 00007f80b0a86090 R15: 00007fff44d16fb8
[   45.068278][ T3709]  </TASK>
[   45.310140][ T3715] siw: device registration error -23
[   45.317419][ T3714] process 'syz.1.55' launched '/dev/fd/4' with NULL argv: empty string added
[   45.430112][ T3719] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   45.438665][ T3719] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   45.491674][ T3722] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   45.499933][ T3722] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   45.530455][ T3723] siw: device registration error -23
[   45.563280][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.647592][ T3730] loop0: detected capacity change from 0 to 1024
[   45.682245][ T3730] EXT4-fs: Ignoring removed oldalloc option
[   45.704744][ T3730] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   45.800501][ T3730] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   45.863153][ T3740] siw: device registration error -23
[   45.938851][ T3741] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #15: comm syz.0.60: lblock 0 mapped to illegal pblock 0 (length 6)
[   45.961825][ T3741] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.60: bg 0: block 3: invalid block bitmap
[   45.974241][ T3741] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 117
[   45.986812][ T3741] EXT4-fs (loop0): This should not happen!! Data will be lost
[   45.986812][ T3741] 
[   46.225079][ T3745] loop4: detected capacity change from 0 to 764
[   46.236278][ T3745] iso9660: Unknown parameter 'U����f"����f�6h�� O:�~��F�����&�<Q8�X�� ��.�'
[   46.321327][ T3749] loop1: detected capacity change from 0 to 512
[   46.361667][ T3751] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[   46.361667][ T3751] The task syz.4.63 (3751) triggered the difference, watch for misbehavior.
[   46.396175][ T3749] EXT4-fs (loop1): too many log groups per flexible block group
[   46.404042][ T3749] EXT4-fs (loop1): failed to initialize mballoc (-12)
[   46.445413][ T3749] EXT4-fs (loop1): mount failed
[   46.445768][ T3741] syz.0.60 (3741) used greatest stack depth: 10040 bytes left
[   46.472554][ T3749] loop1: detected capacity change from 0 to 512
[   46.481179][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[   46.490360][ T3757] loop2: detected capacity change from 0 to 512
[   46.497079][ T3757] EXT4-fs: Ignoring removed bh option
[   46.530604][ T3749] EXT4-fs: Ignoring removed nobh option
[   46.564938][ T3764] siw: device registration error -23
[   46.577108][ T3757] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.616471][ T3749] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.65: corrupted inode contents
[   46.632606][ T3757] ext4 filesystem being mounted at /13/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   46.643338][ T3749] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #3: comm syz.1.65: mark_inode_dirty error
[   46.694636][ T3749] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.65: corrupted inode contents
[   46.716820][ T3749] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.65: mark_inode_dirty error
[   46.749444][ T3749] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.65: Failed to acquire dquot type 0
[   46.764372][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.794139][ T3749] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.65: corrupted inode contents
[   46.874845][ T3774] siw: device registration error -23
[   46.910677][ T3749] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #16: comm syz.1.65: mark_inode_dirty error
[   47.022654][ T3749] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.65: corrupted inode contents
[   47.070499][ T3749] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.65: mark_inode_dirty error
[   47.089665][ T3749] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.65: corrupted inode contents
[   47.170635][ T3749] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[   47.194460][ T3782] loop3: detected capacity change from 0 to 764
[   47.201152][ T3749] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.65: corrupted inode contents
[   47.221696][ T3749] EXT4-fs error (device loop1): ext4_truncate:4666: inode #16: comm syz.1.65: mark_inode_dirty error
[   47.236077][ T3782] iso9660: Unknown parameter 'U����f"����f�6h�� O:�~��F�����&�<Q8�X�� ��.�'
[   47.258835][ T3749] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[   47.269241][ T3749] EXT4-fs (loop1): 1 truncate cleaned up
[   47.280048][ T3749] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.294854][ T3749] ext4 filesystem being mounted at /13/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   47.323400][ T3749] netlink: 4 bytes leftover after parsing attributes in process `syz.1.65'.
[   47.332206][ T3749] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   47.339597][ T3749] batman_adv: batadv0: Removing interface: batadv_slave_0
[   47.348419][ T3749] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   47.355940][ T3749] batman_adv: batadv0: Removing interface: batadv_slave_1
[   47.450565][ T3749] syz.1.65 (3749) used greatest stack depth: 9760 bytes left
[   47.476622][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.495851][ T3789] loop0: detected capacity change from 0 to 512
[   47.528147][ T3789] EXT4-fs: Ignoring removed bh option
[   47.635758][ T3789] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.664068][ T3789] ext4 filesystem being mounted at /14/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   47.738038][ T3802] lo speed is unknown, defaulting to 1000
[   47.743880][ T3802] lo speed is unknown, defaulting to 1000
[   47.749975][ T3802] lo speed is unknown, defaulting to 1000
[   47.757205][ T3802] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   47.770644][ T3802] lo speed is unknown, defaulting to 1000
[   47.776931][ T3802] lo speed is unknown, defaulting to 1000
[   47.783400][ T3802] lo speed is unknown, defaulting to 1000
[   47.789877][ T3802] lo speed is unknown, defaulting to 1000
[   47.796318][ T3802] lo speed is unknown, defaulting to 1000
[   47.977182][ T3800] loop1: detected capacity change from 0 to 512
[   48.029464][ T3800] EXT4-fs: Ignoring removed bh option
[   48.132817][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.143169][ T3812] loop2: detected capacity change from 0 to 512
[   48.146742][ T3800] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.150021][ T3812] EXT4-fs: Ignoring removed bh option
[   48.169397][ T3800] ext4 filesystem being mounted at /14/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   48.204356][ T3812] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.221708][ T3812] ext4 filesystem being mounted at /15/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   48.288746][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.305295][   T29] kauditd_printk_skb: 388 callbacks suppressed
[   48.305309][   T29] audit: type=1326 audit(2000000005.530:1016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3808 comm="syz.4.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9240b1ec29 code=0x7ffc0000
[   48.334876][   T29] audit: type=1400 audit(2000000005.540:1017): avc:  denied  { execute } for  pid=3821 comm="syz.0.82" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=5487 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[   48.343638][ T3822] loop0: detected capacity change from 0 to 512
[   48.360897][   T29] audit: type=1326 audit(2000000005.560:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3808 comm="syz.4.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9240b1ec29 code=0x7ffc0000
[   48.407546][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.423904][ T3809] siw: device registration error -23
[   48.471498][   T29] audit: type=1326 audit(2000000005.650:1019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3808 comm="syz.4.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f9240b1ec29 code=0x7ffc0000
[   48.494798][   T29] audit: type=1326 audit(2000000005.650:1020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3808 comm="syz.4.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9240b1ec29 code=0x7ffc0000
[   48.518045][   T29] audit: type=1326 audit(2000000005.650:1021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3808 comm="syz.4.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9240b1ec29 code=0x7ffc0000
[   48.541371][   T29] audit: type=1326 audit(2000000005.650:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3808 comm="syz.4.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9240b1ec29 code=0x7ffc0000
[   48.564755][   T29] audit: type=1326 audit(2000000005.650:1023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3808 comm="syz.4.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9240b1ec29 code=0x7ffc0000
[   48.587479][ T3827] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[   48.588090][   T29] audit: type=1326 audit(2000000005.650:1024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3808 comm="syz.4.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9240b1ec29 code=0x7ffc0000
[   48.596169][ T3827] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[   48.627970][   T29] audit: type=1326 audit(2000000005.650:1025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3808 comm="syz.4.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f9240b20abc code=0x7ffc0000
[   48.657382][ T3832] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   48.665688][ T3832] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   48.707088][ T3829] lo speed is unknown, defaulting to 1000
[   48.716680][ T3836] loop3: detected capacity change from 0 to 1024
[   48.724139][ T3836] EXT4-fs: Ignoring removed orlov option
[   48.737969][ T3829] lo speed is unknown, defaulting to 1000
[   48.771585][ T3836] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.854000][ T3842] lo speed is unknown, defaulting to 1000
[   48.860173][ T3842] lo speed is unknown, defaulting to 1000
[   48.879359][ T3844] loop1: detected capacity change from 0 to 764
[   48.905074][ T3844] iso9660: Unknown parameter 'U����f"����f�6h�� O:�~��F�����&�<Q8�X�� ��.�'
[   48.940311][ T3844] loop1: detected capacity change from 0 to 164
[   48.979279][ T3844] bio_check_eod: 18 callbacks suppressed
[   48.979294][ T3844] syz.1.89: attempt to access beyond end of device
[   48.979294][ T3844] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   49.009065][ T3844] syz.1.89: attempt to access beyond end of device
[   49.009065][ T3844] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[   49.122476][ T3852] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[   49.129052][ T3852] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   49.136829][ T3852] vhci_hcd vhci_hcd.0: Device attached
[   49.154090][ T3849] lo speed is unknown, defaulting to 1000
[   49.162906][ T3849] lo speed is unknown, defaulting to 1000
[   49.229086][ T3852] loop2: detected capacity change from 0 to 512
[   49.239589][ T3859] siw: device registration error -23
[   49.290594][ T3852] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   49.330427][ T3405] vhci_hcd: vhci_device speed not set
[   49.343431][ T3864] loop1: detected capacity change from 0 to 764
[   49.360551][ T3864] iso9660: Unknown parameter 'U����f"����f�6h�� O:�~��F�����&�<Q8�X�� ��.�'
[   49.385201][ T3852] EXT4-fs (loop2): mount failed
[   49.400444][ T3405] usb 5-1: new full-speed USB device number 2 using vhci_hcd
[   49.447864][ T3853] vhci_hcd: connection reset by peer
[   49.461469][ T3425] vhci_hcd: stop threads
[   49.465871][ T3425] vhci_hcd: release socket
[   49.470451][ T3425] vhci_hcd: disconnect device
[   49.477257][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.539821][ T3872] loop1: detected capacity change from 0 to 164
[   49.576431][ T3872] syz.1.93: attempt to access beyond end of device
[   49.576431][ T3872] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   49.624422][ T3872] syz.1.93: attempt to access beyond end of device
[   49.624422][ T3872] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[   49.691282][ T3878] siw: device registration error -23
[   49.933245][ T3884] siw: device registration error -23
[   50.643066][ T3898] siw: device registration error -23
[   50.717023][ T3900] lo speed is unknown, defaulting to 1000
[   50.734356][ T3900] lo speed is unknown, defaulting to 1000
[   50.890680][ T3906] lo speed is unknown, defaulting to 1000
[   50.962223][ T3906] lo speed is unknown, defaulting to 1000
[   51.015920][ T3913] lo speed is unknown, defaulting to 1000
[   51.044520][ T3913] lo speed is unknown, defaulting to 1000
[   51.061484][ T3916] siw: device registration error -23
[   51.325903][ T3921] lo speed is unknown, defaulting to 1000
[   51.331575][ T3930] loop1: detected capacity change from 0 to 1024
[   51.356461][ T3927] lo speed is unknown, defaulting to 1000
[   51.362602][ T3921] lo speed is unknown, defaulting to 1000
[   51.368983][ T3930] EXT4-fs: Ignoring removed orlov option
[   51.389547][ T3927] lo speed is unknown, defaulting to 1000
[   51.401262][ T3930] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.481352][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.515048][ T3939] loop1: detected capacity change from 0 to 512
[   51.547459][ T3939] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities
[   51.739255][ T3945] lo speed is unknown, defaulting to 1000
[   51.784784][ T3945] lo speed is unknown, defaulting to 1000
[   51.804906][ T3952] siw: device registration error -23
[   51.805147][ T3948] lo speed is unknown, defaulting to 1000
[   51.867611][ T3948] lo speed is unknown, defaulting to 1000
[   52.034983][ T3964] siw: device registration error -23
[   52.319251][ T3975] lo speed is unknown, defaulting to 1000
[   52.407179][ T3975] lo speed is unknown, defaulting to 1000
[   52.416566][ T3979] FAULT_INJECTION: forcing a failure.
[   52.416566][ T3979] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   52.429690][ T3979] CPU: 0 UID: 0 PID: 3979 Comm: syz.4.121 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.429721][ T3979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   52.429734][ T3979] Call Trace:
[   52.429739][ T3979]  <TASK>
[   52.429745][ T3979]  __dump_stack+0x1d/0x30
[   52.429767][ T3979]  dump_stack_lvl+0xe8/0x140
[   52.429786][ T3979]  dump_stack+0x15/0x1b
[   52.429805][ T3979]  should_fail_ex+0x265/0x280
[   52.429910][ T3979]  should_fail+0xb/0x20
[   52.429930][ T3979]  should_fail_usercopy+0x1a/0x20
[   52.430002][ T3979]  _copy_to_user+0x20/0xa0
[   52.430038][ T3979]  simple_read_from_buffer+0xb5/0x130
[   52.430062][ T3979]  proc_fail_nth_read+0x10e/0x150
[   52.430089][ T3979]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   52.430142][ T3979]  vfs_read+0x1a5/0x770
[   52.430162][ T3979]  ? __fput+0x555/0x650
[   52.430190][ T3979]  ? __rcu_read_unlock+0x4f/0x70
[   52.430216][ T3979]  ? __fget_files+0x184/0x1c0
[   52.430249][ T3979]  ksys_read+0xda/0x1a0
[   52.430415][ T3979]  __x64_sys_read+0x40/0x50
[   52.430443][ T3979]  x64_sys_call+0x27bc/0x2ff0
[   52.430469][ T3979]  do_syscall_64+0xd2/0x200
[   52.430500][ T3979]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   52.430591][ T3979]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   52.430629][ T3979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.430650][ T3979] RIP: 0033:0x7f9240b1d63c
[   52.430732][ T3979] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   52.430753][ T3979] RSP: 002b:00007f923f57f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   52.430770][ T3979] RAX: ffffffffffffffda RBX: 00007f9240d65fa0 RCX: 00007f9240b1d63c
[   52.430782][ T3979] RDX: 000000000000000f RSI: 00007f923f57f0a0 RDI: 0000000000000007
[   52.430793][ T3979] RBP: 00007f923f57f090 R08: 0000000000000000 R09: 0000000000000000
[   52.430807][ T3979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.430901][ T3979] R13: 00007f9240d66038 R14: 00007f9240d65fa0 R15: 00007ffe070ebf78
[   52.430924][ T3979]  </TASK>
[   52.753589][ T3986] loop1: detected capacity change from 0 to 1024
[   52.771242][ T3986] EXT4-fs: Ignoring removed oldalloc option
[   52.807629][ T3986] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   52.834706][ T3986] ext4 filesystem being mounted at /24/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   52.842244][ T3994] FAULT_INJECTION: forcing a failure.
[   52.842244][ T3994] name failslab, interval 1, probability 0, space 0, times 1
[   52.857972][ T3994] CPU: 1 UID: 0 PID: 3994 Comm: syz.4.125 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.858013][ T3994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   52.858029][ T3994] Call Trace:
[   52.858036][ T3994]  <TASK>
[   52.858045][ T3994]  __dump_stack+0x1d/0x30
[   52.858070][ T3994]  dump_stack_lvl+0xe8/0x140
[   52.858169][ T3994]  dump_stack+0x15/0x1b
[   52.858184][ T3994]  should_fail_ex+0x265/0x280
[   52.858221][ T3994]  ? kernfs_get_tree+0x56/0x490
[   52.858243][ T3994]  should_failslab+0x8c/0xb0
[   52.858267][ T3994]  __kmalloc_cache_noprof+0x4c/0x320
[   52.858305][ T3994]  kernfs_get_tree+0x56/0x490
[   52.858330][ T3994]  cgroup_do_get_tree+0x86/0x330
[   52.858359][ T3994]  ? selinux_capable+0x31/0x40
[   52.858416][ T3994]  cgroup_get_tree+0xd7/0x280
[   52.858440][ T3994]  vfs_get_tree+0x57/0x1d0
[   52.858472][ T3994]  vfs_cmd_create+0x8a/0x140
[   52.858504][ T3994]  vfs_fsconfig_locked+0x6f/0x210
[   52.858536][ T3994]  __se_sys_fsconfig+0x648/0x770
[   52.858563][ T3994]  __x64_sys_fsconfig+0x67/0x80
[   52.858587][ T3994]  x64_sys_call+0x1f83/0x2ff0
[   52.858661][ T3994]  do_syscall_64+0xd2/0x200
[   52.858697][ T3994]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   52.858720][ T3994]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   52.858797][ T3994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.858823][ T3994] RIP: 0033:0x7f9240b1ec29
[   52.858841][ T3994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.858859][ T3994] RSP: 002b:00007f923f55e038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[   52.858876][ T3994] RAX: ffffffffffffffda RBX: 00007f9240d66090 RCX: 00007f9240b1ec29
[   52.858921][ T3994] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006
[   52.858935][ T3994] RBP: 00007f923f55e090 R08: 0000000000000000 R09: 0000000000000000
[   52.858950][ T3994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.859039][ T3994] R13: 00007f9240d66128 R14: 00007f9240d66090 R15: 00007ffe070ebf78
[   52.859062][ T3994]  </TASK>
[   52.973169][ T3997] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #15: comm syz.1.124: lblock 0 mapped to illegal pblock 0 (length 6)
[   53.111933][ T4001] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[   53.118496][ T4001] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   53.126172][ T4001] vhci_hcd vhci_hcd.0: Device attached
[   53.142506][ T4007] netlink: 8 bytes leftover after parsing attributes in process `syz.2.127'.
[   53.151450][ T4007] netlink: 8 bytes leftover after parsing attributes in process `syz.2.127'.
[   53.162587][ T4007] netlink: 176 bytes leftover after parsing attributes in process `syz.2.127'.
[   53.171698][ T4007] netlink: 16 bytes leftover after parsing attributes in process `syz.2.127'.
[   53.195187][ T4001] loop3: detected capacity change from 0 to 512
[   53.211952][ T4001] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   53.227274][ T4001] EXT4-fs (loop3): mount failed
[   53.238421][ T4004] vhci_hcd: connection closed
[   53.238615][   T31] vhci_hcd: stop threads
[   53.247697][   T31] vhci_hcd: release socket
[   53.252178][   T31] vhci_hcd: disconnect device
[   53.569669][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[   53.612332][ T4018] lo speed is unknown, defaulting to 1000
[   53.618371][ T4018] lo speed is unknown, defaulting to 1000
[   53.639714][ T4021] netlink: 12 bytes leftover after parsing attributes in process `syz.4.131'.
[   53.648686][ T4021] netlink: 'syz.4.131': attribute type 12 has an invalid length.
[   53.671404][ T4021] netlink: 12 bytes leftover after parsing attributes in process `syz.4.131'.
[   53.671528][   T31] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   53.680297][ T4021] netlink: 'syz.4.131': attribute type 12 has an invalid length.
[   53.696996][ T4021] Zero length message leads to an empty skb
[   53.703266][   T31] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   53.712337][   T31] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   53.722239][   T31] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   53.755473][ T4026] loop1: detected capacity change from 0 to 512
[   53.775144][   T29] kauditd_printk_skb: 419 callbacks suppressed
[   53.775159][   T29] audit: type=1400 audit(2000000004.260:1443): avc:  denied  { read write } for  pid=4020 comm="syz.4.131" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   53.781208][ T4026] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   53.781409][   T29] audit: type=1400 audit(2000000004.260:1444): avc:  denied  { open } for  pid=4020 comm="syz.4.131" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   53.817597][ T4026] EXT4-fs (loop1): 1 truncate cleaned up
[   53.840421][   T29] audit: type=1400 audit(2000000004.260:1445): avc:  denied  { ioctl } for  pid=4020 comm="syz.4.131" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   53.847977][ T4026] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.928615][ T4029] lo speed is unknown, defaulting to 1000
[   53.929235][   T29] audit: type=1400 audit(2000000004.410:1446): avc:  denied  { remove_name } for  pid=4025 comm="syz.1.132" name="file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   53.934829][ T4029] lo speed is unknown, defaulting to 1000
[   53.957240][   T29] audit: type=1400 audit(2000000004.410:1447): avc:  denied  { unlink } for  pid=4025 comm="syz.1.132" name="file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   53.991271][   T29] audit: type=1400 audit(2000000004.470:1448): avc:  denied  { cpu } for  pid=4028 comm="syz.3.133" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   54.021851][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.055496][ T4029] loop3: detected capacity change from 0 to 512
[   54.060745][ T4033] lo speed is unknown, defaulting to 1000
[   54.078307][ T4033] lo speed is unknown, defaulting to 1000
[   54.119516][ T4029] EXT4-fs error (device loop3): ext4_xattr_inode_iget:442: comm syz.3.133: error while reading EA inode 32 err=-116
[   54.132901][ T4035] lo speed is unknown, defaulting to 1000
[   54.137258][ T4029] EXT4-fs (loop3): Remounting filesystem read-only
[   54.139493][ T4035] lo speed is unknown, defaulting to 1000
[   54.145229][ T4029] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   54.164144][ T4033] loop1: detected capacity change from 0 to 512
[   54.185280][ T4029] EXT4-fs (loop3): 1 orphan inode deleted
[   54.193019][ T4029] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.206430][ T4029] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.236051][ T4033] EXT4-fs error (device loop1): ext4_xattr_inode_iget:442: comm syz.1.134: error while reading EA inode 32 err=-116
[   54.238724][ T4048] netlink: 28 bytes leftover after parsing attributes in process `syz.0.137'.
[   54.258643][ T4033] EXT4-fs (loop1): Remounting filesystem read-only
[   54.265195][   T29] audit: type=1400 audit(2000000004.720:1449): avc:  denied  { getopt } for  pid=4043 comm="syz.0.137" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   54.285056][ T4033] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   54.295655][ T4033] EXT4-fs (loop1): 1 orphan inode deleted
[   54.301982][ T4033] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.313625][   T29] audit: type=1400 audit(2000000004.790:1450): avc:  denied  { read } for  pid=4049 comm="syz.2.138" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[   54.336944][   T29] audit: type=1400 audit(2000000004.790:1451): avc:  denied  { open } for  pid=4049 comm="syz.2.138" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[   54.339534][ T4029] netlink: 'syz.3.133': attribute type 4 has an invalid length.
[   54.373676][   T23] lo speed is unknown, defaulting to 1000
[   54.379445][   T23] syz0: Port: 1 Link DOWN
[   54.392313][ T4033] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.401153][ T4044] lo speed is unknown, defaulting to 1000
[   54.411419][ T4044] lo speed is unknown, defaulting to 1000
[   54.437833][   T29] audit: type=1400 audit(2000000004.920:1452): avc:  denied  { write } for  pid=4054 comm="syz.2.139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   54.459319][ T4033] FAULT_INJECTION: forcing a failure.
[   54.459319][ T4033] name failslab, interval 1, probability 0, space 0, times 0
[   54.472130][ T4033] CPU: 0 UID: 0 PID: 4033 Comm: syz.1.134 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   54.472161][ T4033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   54.472176][ T4033] Call Trace:
[   54.472184][ T4033]  <TASK>
[   54.472192][ T4033]  __dump_stack+0x1d/0x30
[   54.472213][ T4033]  dump_stack_lvl+0xe8/0x140
[   54.472232][ T4033]  dump_stack+0x15/0x1b
[   54.472317][ T4033]  should_fail_ex+0x265/0x280
[   54.472342][ T4033]  should_failslab+0x8c/0xb0
[   54.472374][ T4033]  kmem_cache_alloc_node_noprof+0x57/0x320
[   54.472406][ T4033]  ? __alloc_skb+0x101/0x320
[   54.472447][ T4033]  __alloc_skb+0x101/0x320
[   54.472476][ T4033]  netlink_alloc_large_skb+0xba/0xf0
[   54.472501][ T4033]  netlink_sendmsg+0x3cf/0x6b0
[   54.472617][ T4033]  ? __pfx_netlink_sendmsg+0x10/0x10
[   54.472651][ T4033]  __sock_sendmsg+0x142/0x180
[   54.472693][ T4033]  sock_write_iter+0x165/0x1b0
[   54.472842][ T4033]  do_iter_readv_writev+0x499/0x540
[   54.472871][ T4033]  vfs_writev+0x2df/0x8b0
[   54.472975][ T4033]  do_writev+0xe7/0x210
[   54.473012][ T4033]  __x64_sys_writev+0x45/0x50
[   54.473043][ T4033]  x64_sys_call+0x1e9a/0x2ff0
[   54.473073][ T4033]  do_syscall_64+0xd2/0x200
[   54.473108][ T4033]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   54.473132][ T4033]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   54.473201][ T4033]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.473221][ T4033] RIP: 0033:0x7f4d09bdec29
[   54.473237][ T4033] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.473294][ T4033] RSP: 002b:00007f4d08647038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   54.473319][ T4033] RAX: ffffffffffffffda RBX: 00007f4d09e25fa0 RCX: 00007f4d09bdec29
[   54.473334][ T4033] RDX: 0000000000000001 RSI: 00002000000003c0 RDI: 0000000000000004
[   54.473349][ T4033] RBP: 00007f4d08647090 R08: 0000000000000000 R09: 0000000000000000
[   54.473364][ T4033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.473379][ T4033] R13: 00007f4d09e26038 R14: 00007f4d09e25fa0 R15: 00007ffe82c31358
[   54.473397][ T4033]  </TASK>
[   54.485054][ T3405] usb 5-1: enqueue for inactive port 0
[   54.707079][ T4058] loop0: detected capacity change from 0 to 512
[   54.713895][ T4055] lo speed is unknown, defaulting to 1000
[   54.723483][ T4058] ext4: Unknown parameter 'euid<00000000000000000000'
[   54.737495][ T4060] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   54.755297][ T4063] FAULT_INJECTION: forcing a failure.
[   54.755297][ T4063] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   54.768436][ T4063] CPU: 0 UID: 0 PID: 4063 Comm: syz.4.141 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   54.768465][ T4063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   54.768478][ T4063] Call Trace:
[   54.768546][ T4063]  <TASK>
[   54.768555][ T4063]  __dump_stack+0x1d/0x30
[   54.768579][ T4063]  dump_stack_lvl+0xe8/0x140
[   54.768602][ T4063]  dump_stack+0x15/0x1b
[   54.768622][ T4063]  should_fail_ex+0x265/0x280
[   54.768651][ T4063]  should_fail+0xb/0x20
[   54.768718][ T4063]  should_fail_usercopy+0x1a/0x20
[   54.768743][ T4063]  _copy_from_user+0x1c/0xb0
[   54.768831][ T4063]  ___sys_sendmsg+0xc1/0x1d0
[   54.768948][ T4063]  __x64_sys_sendmsg+0xd4/0x160
[   54.769026][ T4063]  x64_sys_call+0x191e/0x2ff0
[   54.769053][ T4063]  do_syscall_64+0xd2/0x200
[   54.769140][ T4063]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   54.769170][ T4063]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   54.769205][ T4063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.769308][ T4063] RIP: 0033:0x7f9240b1ec29
[   54.769323][ T4063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.769369][ T4063] RSP: 002b:00007f923f57f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   54.769391][ T4063] RAX: ffffffffffffffda RBX: 00007f9240d65fa0 RCX: 00007f9240b1ec29
[   54.769403][ T4063] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[   54.769414][ T4063] RBP: 00007f923f57f090 R08: 0000000000000000 R09: 0000000000000000
[   54.769443][ T4063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.769455][ T4063] R13: 00007f9240d66038 R14: 00007f9240d65fa0 R15: 00007ffe070ebf78
[   54.769478][ T4063]  </TASK>
[   54.975830][ T4065] netlink: 8 bytes leftover after parsing attributes in process `syz.4.142'.
[   54.984700][ T4065] netlink: 8 bytes leftover after parsing attributes in process `syz.4.142'.
[   55.027882][ T4067] netlink: 176 bytes leftover after parsing attributes in process `syz.4.142'.
[   55.049819][ T4055] lo speed is unknown, defaulting to 1000
[   55.112957][ T4068] lo speed is unknown, defaulting to 1000
[   55.115485][ T3405] usb 5-1: enqueue for inactive port 0
[   55.158719][ T4068] lo speed is unknown, defaulting to 1000
[   55.161451][ T4076] FAULT_INJECTION: forcing a failure.
[   55.161451][ T4076] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   55.177758][ T4076] CPU: 1 UID: 0 PID: 4076 Comm: syz.4.145 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   55.177796][ T4076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   55.177812][ T4076] Call Trace:
[   55.177819][ T4076]  <TASK>
[   55.177828][ T4076]  __dump_stack+0x1d/0x30
[   55.177853][ T4076]  dump_stack_lvl+0xe8/0x140
[   55.177953][ T4076]  dump_stack+0x15/0x1b
[   55.177969][ T4076]  should_fail_ex+0x265/0x280
[   55.177997][ T4076]  should_fail+0xb/0x20
[   55.178046][ T4076]  should_fail_usercopy+0x1a/0x20
[   55.178074][ T4076]  _copy_from_user+0x1c/0xb0
[   55.178167][ T4076]  __sys_bpf+0x178/0x7b0
[   55.178203][ T4076]  __x64_sys_bpf+0x41/0x50
[   55.178226][ T4076]  x64_sys_call+0x2aea/0x2ff0
[   55.178259][ T4076]  do_syscall_64+0xd2/0x200
[   55.178293][ T4076]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   55.178323][ T4076]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   55.178417][ T4076]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.178443][ T4076] RIP: 0033:0x7f9240b1ec29
[   55.178485][ T4076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.178507][ T4076] RSP: 002b:00007f923f57f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   55.178530][ T4076] RAX: ffffffffffffffda RBX: 00007f9240d65fa0 RCX: 00007f9240b1ec29
[   55.178545][ T4076] RDX: 0000000000000094 RSI: 00002000000003c0 RDI: 0000000000000005
[   55.178559][ T4076] RBP: 00007f923f57f090 R08: 0000000000000000 R09: 0000000000000000
[   55.178574][ T4076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.178588][ T4076] R13: 00007f9240d66038 R14: 00007f9240d65fa0 R15: 00007ffe070ebf78
[   55.178630][ T4076]  </TASK>
[   55.353222][ T3405] vhci_hcd: vhci_device speed not set
[   55.485970][ T4080] lo speed is unknown, defaulting to 1000
[   55.528192][ T4083] lo speed is unknown, defaulting to 1000
[   55.535377][ T4083] lo speed is unknown, defaulting to 1000
[   55.547490][ T4080] lo speed is unknown, defaulting to 1000
[   55.709178][ T4091] loop2: detected capacity change from 0 to 512
[   55.746567][ T4093] loop1: detected capacity change from 0 to 512
[   55.775284][ T4091] EXT4-fs (loop2): too many log groups per flexible block group
[   55.783156][ T4091] EXT4-fs (loop2): failed to initialize mballoc (-12)
[   55.806486][ T4095] lo speed is unknown, defaulting to 1000
[   55.812590][ T4095] lo speed is unknown, defaulting to 1000
[   55.850861][ T4091] EXT4-fs (loop2): mount failed
[   55.861414][ T4093] FAULT_INJECTION: forcing a failure.
[   55.861414][ T4093] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   55.874581][ T4093] CPU: 1 UID: 0 PID: 4093 Comm: syz.1.159 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   55.874608][ T4093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   55.874619][ T4093] Call Trace:
[   55.874626][ T4093]  <TASK>
[   55.874633][ T4093]  __dump_stack+0x1d/0x30
[   55.874750][ T4093]  dump_stack_lvl+0xe8/0x140
[   55.874768][ T4093]  dump_stack+0x15/0x1b
[   55.874782][ T4093]  should_fail_ex+0x265/0x280
[   55.874806][ T4093]  should_fail+0xb/0x20
[   55.874828][ T4093]  should_fail_usercopy+0x1a/0x20
[   55.874952][ T4093]  _copy_from_user+0x1c/0xb0
[   55.875072][ T4093]  ___sys_sendmsg+0xc1/0x1d0
[   55.875141][ T4093]  __x64_sys_sendmsg+0xd4/0x160
[   55.875185][ T4093]  x64_sys_call+0x191e/0x2ff0
[   55.875207][ T4093]  do_syscall_64+0xd2/0x200
[   55.875242][ T4093]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   55.875311][ T4093]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   55.875343][ T4093]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.875366][ T4093] RIP: 0033:0x7f4d09bdec29
[   55.875382][ T4093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.875474][ T4093] RSP: 002b:00007f4d08647038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   55.875494][ T4093] RAX: ffffffffffffffda RBX: 00007f4d09e25fa0 RCX: 00007f4d09bdec29
[   55.875523][ T4093] RDX: 0000000000008004 RSI: 0000200000000180 RDI: 0000000000000007
[   55.875538][ T4093] RBP: 00007f4d08647090 R08: 0000000000000000 R09: 0000000000000000
[   55.875553][ T4093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.875568][ T4093] R13: 00007f4d09e26038 R14: 00007f4d09e25fa0 R15: 00007ffe82c31358
[   55.875589][ T4093]  </TASK>
[   56.103840][ T4091] loop2: detected capacity change from 0 to 512
[   56.167298][ T4091] EXT4-fs: Ignoring removed nobh option
[   56.185415][ T4109] loop1: detected capacity change from 0 to 764
[   56.200984][ T4091] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #3: comm syz.2.149: corrupted inode contents
[   56.215619][ T4109] iso9660: Unknown parameter 'U����f"����f�6h�� O:�~��F�����&�<Q8�X�� ��.�'
[   56.236455][ T4091] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #3: comm syz.2.149: mark_inode_dirty error
[   56.257277][ T4091] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #3: comm syz.2.149: corrupted inode contents
[   56.257385][ T4091] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #3: comm syz.2.149: mark_inode_dirty error
[   56.257811][ T4091] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.149: Failed to acquire dquot type 0
[   56.258247][ T4091] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.149: corrupted inode contents
[   56.258411][ T4091] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #16: comm syz.2.149: mark_inode_dirty error
[   56.258554][ T4091] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.149: corrupted inode contents
[   56.259154][ T4091] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.149: mark_inode_dirty error
[   56.259423][ T4091] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.149: corrupted inode contents
[   56.274883][ T4091] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[   56.275107][ T4091] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.149: corrupted inode contents
[   56.305347][ T4091] EXT4-fs error (device loop2): ext4_truncate:4666: inode #16: comm syz.2.149: mark_inode_dirty error
[   56.306094][ T4091] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[   56.306467][ T4091] EXT4-fs (loop2): 1 truncate cleaned up
[   56.307098][ T4091] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.307256][ T4091] ext4 filesystem being mounted at /31/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.314470][ T4117] loop3: detected capacity change from 0 to 512
[   56.314891][ T4117] EXT4-fs: Ignoring removed bh option
[   56.320981][ T4091] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   56.321002][ T4091] batman_adv: batadv0: Removing interface: batadv_slave_0
[   56.321680][ T4091] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   56.321697][ T4091] batman_adv: batadv0: Removing interface: batadv_slave_1
[   56.346997][ T4117] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.429842][ T4129] 9pnet_fd: Insufficient options for proto=fd
[   56.446934][ T4117] ext4 filesystem being mounted at /32/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   56.457681][ T4126] loop1: detected capacity change from 0 to 164
[   56.582447][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.595817][ T4132] lo speed is unknown, defaulting to 1000
[   56.602126][ T4132] lo speed is unknown, defaulting to 1000
[   56.609923][ T4126] syz.1.152: attempt to access beyond end of device
[   56.609923][ T4126] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   56.658487][ T4138] loop3: detected capacity change from 0 to 764
[   56.664936][ T4126] syz.1.152: attempt to access beyond end of device
[   56.664936][ T4126] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[   56.681859][ T4138] iso9660: Unknown parameter 'U����f"����f�6h�� O:�~��F�����&�<Q8�X�� ��.�'
[   56.692686][ T4138] FAULT_INJECTION: forcing a failure.
[   56.692686][ T4138] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   56.705865][ T4138] CPU: 1 UID: 0 PID: 4138 Comm: syz.3.161 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   56.705969][ T4138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   56.705984][ T4138] Call Trace:
[   56.705993][ T4138]  <TASK>
[   56.706003][ T4138]  __dump_stack+0x1d/0x30
[   56.706026][ T4138]  dump_stack_lvl+0xe8/0x140
[   56.706044][ T4138]  dump_stack+0x15/0x1b
[   56.706114][ T4138]  should_fail_ex+0x265/0x280
[   56.706143][ T4138]  should_fail+0xb/0x20
[   56.706166][ T4138]  should_fail_usercopy+0x1a/0x20
[   56.706241][ T4138]  _copy_from_user+0x1c/0xb0
[   56.706309][ T4138]  do_semtimedop+0x14e/0x220
[   56.706362][ T4138]  __x64_sys_semop+0x41/0x50
[   56.706420][ T4138]  x64_sys_call+0x2974/0x2ff0
[   56.706444][ T4138]  do_syscall_64+0xd2/0x200
[   56.706481][ T4138]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   56.706586][ T4138]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   56.706679][ T4138]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.706708][ T4138] RIP: 0033:0x7fe8fd50ec29
[   56.706784][ T4138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.706803][ T4138] RSP: 002b:00007fe8fbf6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000041
[   56.706822][ T4138] RAX: ffffffffffffffda RBX: 00007fe8fd755fa0 RCX: 00007fe8fd50ec29
[   56.706876][ T4138] RDX: 0000000000000002 RSI: 00002000000000c0 RDI: 0000000000000001
[   56.706891][ T4138] RBP: 00007fe8fbf6f090 R08: 0000000000000000 R09: 0000000000000000
[   56.706907][ T4138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   56.706922][ T4138] R13: 00007fe8fd756038 R14: 00007fe8fd755fa0 R15: 00007fffd78b18f8
[   56.706948][ T4138]  </TASK>
[   56.898204][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.908264][ T4138] loop3: detected capacity change from 0 to 164
[   56.916422][ T4138] syz.3.161: attempt to access beyond end of device
[   56.916422][ T4138] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   56.932871][ T4138] syz.3.161: attempt to access beyond end of device
[   56.932871][ T4138] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[   56.952347][ T4134] lo speed is unknown, defaulting to 1000
[   56.958565][ T4134] lo speed is unknown, defaulting to 1000
[   57.006280][ T4145] loop2: detected capacity change from 0 to 764
[   57.021482][ T4145] iso9660: Unknown parameter 'U����f"����f�6h�� O:�~��F�����&�<Q8�X�� ��.�'
[   57.067912][ T4143] lo speed is unknown, defaulting to 1000
[   57.091090][ T4143] lo speed is unknown, defaulting to 1000
[   57.150463][ T4159] loop2: detected capacity change from 0 to 164
[   57.181399][ T4159] syz.2.163: attempt to access beyond end of device
[   57.181399][ T4159] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   57.201813][ T4159] syz.2.163: attempt to access beyond end of device
[   57.201813][ T4159] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[   57.267107][ T4168] loop1: detected capacity change from 0 to 256
[   57.314195][ T4164] lo speed is unknown, defaulting to 1000
[   57.323562][ T4166] loop4: detected capacity change from 0 to 4096
[   57.324448][ T4164] lo speed is unknown, defaulting to 1000
[   57.349547][ T4166] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.365327][ T4170] lo speed is unknown, defaulting to 1000
[   57.394883][ T4170] lo speed is unknown, defaulting to 1000
[   57.430232][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.492108][ T4164] loop0: detected capacity change from 0 to 512
[   57.501443][ T4211] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   57.522419][ T4164] EXT4-fs error (device loop0): ext4_xattr_inode_iget:442: comm syz.0.170: error while reading EA inode 32 err=-116
[   57.540789][ T4164] EXT4-fs (loop0): Remounting filesystem read-only
[   57.547547][ T4164] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   57.555601][ T4211] bridge_slave_0: left allmulticast mode
[   57.563434][ T4211] bridge_slave_0: left promiscuous mode
[   57.569234][ T4211] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.577865][ T4164] EXT4-fs (loop0): 1 orphan inode deleted
[   57.584309][ T4164] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.585372][ T4211] bridge_slave_1: left allmulticast mode
[   57.602108][ T4211] bridge_slave_1: left promiscuous mode
[   57.603647][ T4164] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.607843][ T4211] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.632678][ T4211] bond0: (slave bond_slave_0): Releasing backup interface
[   57.652756][ T4164] netlink: 'syz.0.170': attribute type 4 has an invalid length.
[   57.660845][ T4211] bond0: (slave bond_slave_1): Releasing backup interface
[   57.675523][ T4211] team0: Port device team_slave_0 removed
[   57.691554][ T4211] team0: Port device team_slave_1 removed
[   57.701810][ T4211] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   57.709320][ T4211] batman_adv: batadv0: Removing interface: batadv_slave_0
[   57.718429][ T4211] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   57.725863][ T4211] batman_adv: batadv0: Removing interface: batadv_slave_1
[   57.812651][ T4223] lo speed is unknown, defaulting to 1000
[   57.818762][ T4223] lo speed is unknown, defaulting to 1000
[   57.849545][ T4227] loop0: detected capacity change from 0 to 128
[   57.930619][ T4233] loop4: detected capacity change from 0 to 512
[   57.943044][ T4234] netlink: 'syz.1.184': attribute type 3 has an invalid length.
[   57.964092][ T4233] EXT4-fs error (device loop4): ext4_xattr_inode_iget:442: comm syz.4.180: error while reading EA inode 32 err=-116
[   57.976708][ T4233] EXT4-fs (loop4): Remounting filesystem read-only
[   57.980021][ T4230] lo speed is unknown, defaulting to 1000
[   57.983386][ T4233] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   58.001815][ T4233] EXT4-fs (loop4): 1 orphan inode deleted
[   58.011324][ T4230] lo speed is unknown, defaulting to 1000
[   58.038983][ T4233] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   58.067852][ T4233] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.165142][ T4252] __nla_validate_parse: 8 callbacks suppressed
[   58.165179][ T4252] netlink: 8 bytes leftover after parsing attributes in process `syz.1.187'.
[   58.180422][ T4252] netlink: 8 bytes leftover after parsing attributes in process `syz.1.187'.
[   58.202009][ T4246] lo speed is unknown, defaulting to 1000
[   58.216555][ T4246] lo speed is unknown, defaulting to 1000
[   58.223779][ T4256] netlink: 176 bytes leftover after parsing attributes in process `syz.1.187'.
[   58.233260][ T4255] FAULT_INJECTION: forcing a failure.
[   58.233260][ T4255] name failslab, interval 1, probability 0, space 0, times 0
[   58.245977][ T4255] CPU: 0 UID: 0 PID: 4255 Comm: syz.2.188 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   58.246006][ T4255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   58.246020][ T4255] Call Trace:
[   58.246035][ T4255]  <TASK>
[   58.246044][ T4255]  __dump_stack+0x1d/0x30
[   58.246069][ T4255]  dump_stack_lvl+0xe8/0x140
[   58.246091][ T4255]  dump_stack+0x15/0x1b
[   58.246109][ T4255]  should_fail_ex+0x265/0x280
[   58.246146][ T4255]  should_failslab+0x8c/0xb0
[   58.246172][ T4255]  kmem_cache_alloc_node_noprof+0x57/0x320
[   58.246200][ T4255]  ? __alloc_skb+0x101/0x320
[   58.246225][ T4255]  __alloc_skb+0x101/0x320
[   58.246335][ T4255]  netlink_alloc_large_skb+0xba/0xf0
[   58.246359][ T4255]  netlink_sendmsg+0x3cf/0x6b0
[   58.246388][ T4255]  ? __pfx_netlink_sendmsg+0x10/0x10
[   58.246416][ T4255]  __sock_sendmsg+0x142/0x180
[   58.246516][ T4255]  ____sys_sendmsg+0x31e/0x4e0
[   58.246547][ T4255]  ___sys_sendmsg+0x17b/0x1d0
[   58.246652][ T4255]  __x64_sys_sendmsg+0xd4/0x160
[   58.246685][ T4255]  x64_sys_call+0x191e/0x2ff0
[   58.246707][ T4255]  do_syscall_64+0xd2/0x200
[   58.246741][ T4255]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   58.246842][ T4255]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   58.246873][ T4255]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.246895][ T4255] RIP: 0033:0x7fe1c1bfec29
[   58.246910][ T4255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.246954][ T4255] RSP: 002b:00007fe1c0667038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   58.246980][ T4255] RAX: ffffffffffffffda RBX: 00007fe1c1e45fa0 RCX: 00007fe1c1bfec29
[   58.246992][ T4255] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[   58.247004][ T4255] RBP: 00007fe1c0667090 R08: 0000000000000000 R09: 0000000000000000
[   58.247016][ T4255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.247028][ T4255] R13: 00007fe1c1e46038 R14: 00007fe1c1e45fa0 R15: 00007ffc4e1f5178
[   58.247088][ T4255]  </TASK>
[   58.462000][ T4256] netlink: 16 bytes leftover after parsing attributes in process `syz.1.187'.
[   58.594873][ T4261] lo speed is unknown, defaulting to 1000
[   58.617519][ T4261] lo speed is unknown, defaulting to 1000
[   58.674632][ T4273] loop1: detected capacity change from 0 to 512
[   58.708036][ T4273] EXT4-fs: Ignoring removed bh option
[   58.745766][ T4281] hub 1-0:1.0: USB hub found
[   58.754032][ T4281] hub 1-0:1.0: 8 ports detected
[   58.766728][ T4273] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.786434][ T4280] lo speed is unknown, defaulting to 1000
[   58.791221][ T4273] ext4 filesystem being mounted at /43/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   58.792685][ T4280] lo speed is unknown, defaulting to 1000
[   58.809254][ T4281] netlink: 'syz.4.197': attribute type 3 has an invalid length.
[   58.864864][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.961429][ T4289] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=4289 comm=syz.4.199
[   58.964285][ T4268] loop2: detected capacity change from 0 to 512
[   58.998797][ T4268] EXT4-fs error (device loop2): ext4_xattr_inode_iget:442: comm syz.2.193: error while reading EA inode 32 err=-116
[   59.038902][ T4268] EXT4-fs (loop2): Remounting filesystem read-only
[   59.045606][ T4268] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   59.129679][ T4268] EXT4-fs (loop2): 1 orphan inode deleted
[   59.152750][ T4268] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   59.179204][ T4268] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.207742][ T4285] loop3: detected capacity change from 0 to 512
[   59.227282][ T4268] netlink: 'syz.2.193': attribute type 4 has an invalid length.
[   59.256015][ T3405] lo speed is unknown, defaulting to 1000
[   59.261831][ T3405] syz2: Port: 1 Link DOWN
[   59.265512][ T4285] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.194: Invalid inode bitmap blk 4 in block_group 0
[   59.294753][ T4285] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   59.323555][ T4297] capability: warning: `syz.2.200' uses deprecated v2 capabilities in a way that may be insecure
[   59.360486][ T4272] EXT4-fs error (device loop3): ext4_lookup:1787: inode #14: comm syz.3.194: invalid fast symlink length 39
[   59.389632][   T29] kauditd_printk_skb: 46 callbacks suppressed
[   59.389647][   T29] audit: type=1400 audit(2000000001.810:1497): avc:  denied  { create } for  pid=4300 comm="syz.2.202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   59.432588][   T29] audit: type=1400 audit(2000000001.840:1498): avc:  denied  { connect } for  pid=4300 comm="syz.2.202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   59.453317][ T4299] loop1: detected capacity change from 0 to 8192
[   59.460973][ T4299] vfat: Unknown parameter '�'
[   59.467005][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.495671][ T4306] loop3: detected capacity change from 0 to 128
[   59.507506][   T29] audit: type=1400 audit(2000000001.910:1499): avc:  denied  { remount } for  pid=4298 comm="syz.1.201" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   59.556971][ T4308] loop0: detected capacity change from 0 to 512
[   59.636015][ T4308] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   59.657918][ T4308] EXT4-fs (loop0): orphan cleanup on readonly fs
[   59.664022][ T4310] lo speed is unknown, defaulting to 1000
[   59.673952][ T4310] lo speed is unknown, defaulting to 1000
[   59.681817][ T4315] 9pnet_fd: Insufficient options for proto=fd
[   59.688458][ T4308] Quota error (device loop0): find_block_dqentry: Quota for id 0 referenced but not present
[   59.698609][ T4308] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0
[   59.708042][ T4308] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm +}[@: Failed to acquire dquot type 1
[   59.721605][ T4308] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 40: padding at end of block bitmap is not set
[   59.745708][ T4308] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   59.771322][   T29] audit: type=1400 audit(2000000000.230:1500): avc:  denied  { write } for  pid=4346 comm="syz.4.208" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   59.791730][   T29] audit: type=1400 audit(2000000000.230:1501): avc:  denied  { ioctl } for  pid=4346 comm="syz.4.208" path="socket:[7592]" dev="sockfs" ino=7592 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   59.827263][   T29] audit: type=1400 audit(2000000000.260:1502): avc:  denied  { checkpoint_restore } for  pid=4346 comm="syz.4.208" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   59.827470][ T4308] EXT4-fs (loop0): 1 truncate cleaned up
[   59.899552][ T4350] 9pnet_fd: Insufficient options for proto=fd
[   59.916511][ T4308] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   59.945911][ T4354] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.966117][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.973235][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.006567][ T4308] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[   60.017635][ T4354] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   60.043644][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.085434][ T4363] loop0: detected capacity change from 0 to 512
[   60.085832][ T4363] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   60.124980][ T4365] syzkaller1: entered promiscuous mode
[   60.124998][ T4365] syzkaller1: entered allmulticast mode
[   60.226954][ T4370] loop0: detected capacity change from 0 to 512
[   60.244211][ T4370] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   60.323227][ T4370] EXT4-fs (loop0): 1 truncate cleaned up
[   60.330904][ T4370] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   60.340412][   T29] audit: type=1400 audit(2000000000.730:1503): avc:  denied  { setopt } for  pid=4369 comm="syz.1.215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   60.380583][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.391404][   T29] audit: type=1400 audit(2000000000.040:1504): avc:  denied  { ioctl } for  pid=4368 comm="syz.0.214" path="socket:[7664]" dev="sockfs" ino=7664 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   60.536691][ T4383] lo speed is unknown, defaulting to 1000
[   60.543259][ T4383] lo speed is unknown, defaulting to 1000
[   60.595815][ T4389] loop2: detected capacity change from 0 to 1024
[   60.602806][ T4389] EXT4-fs: Ignoring removed orlov option
[   60.613779][ T4391] 9pnet_fd: Insufficient options for proto=fd
[   60.642040][ T4394] netlink: 8 bytes leftover after parsing attributes in process `syz.0.224'.
[   60.650921][ T4394] netlink: 8 bytes leftover after parsing attributes in process `syz.0.224'.
[   60.660255][ T4389] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   60.680314][ T4394] netlink: 176 bytes leftover after parsing attributes in process `syz.0.224'.
[   60.695027][ T4394] netlink: 16 bytes leftover after parsing attributes in process `syz.0.224'.
[   60.821786][ T4408] netlink: 16186 bytes leftover after parsing attributes in process `syz.4.227'.
[   60.842945][ T4412] loop1: detected capacity change from 0 to 512
[   60.870509][ T4412] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   60.900912][ T4412] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 not in group (block 3)!
[   60.911171][ T4412] EXT4-fs (loop1): group descriptors corrupted!
[   60.925253][ T4422] loop0: detected capacity change from 0 to 128
[   60.962259][ T4425] FAULT_INJECTION: forcing a failure.
[   60.962259][ T4425] name failslab, interval 1, probability 0, space 0, times 0
[   60.975136][ T4425] CPU: 1 UID: 0 PID: 4425 Comm: syz.3.233 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   60.975168][ T4425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   60.975183][ T4425] Call Trace:
[   60.975190][ T4425]  <TASK>
[   60.975197][ T4425]  __dump_stack+0x1d/0x30
[   60.975236][ T4425]  dump_stack_lvl+0xe8/0x140
[   60.975254][ T4425]  dump_stack+0x15/0x1b
[   60.975290][ T4425]  should_fail_ex+0x265/0x280
[   60.975322][ T4425]  should_failslab+0x8c/0xb0
[   60.975400][ T4425]  __kmalloc_cache_node_noprof+0x54/0x320
[   60.975437][ T4425]  ? __get_vm_area_node+0x106/0x1d0
[   60.975495][ T4425]  __get_vm_area_node+0x106/0x1d0
[   60.975588][ T4425]  __vmalloc_node_range_noprof+0x273/0xe00
[   60.975630][ T4425]  ? copy_process+0x399/0x2000
[   60.975668][ T4425]  ? __rcu_read_unlock+0x4f/0x70
[   60.975770][ T4425]  __vmalloc_node_noprof+0x89/0xc0
[   60.975803][ T4425]  ? copy_process+0x399/0x2000
[   60.975874][ T4425]  ? copy_process+0x399/0x2000
[   60.975959][ T4425]  dup_task_struct+0x449/0x6a0
[   60.976007][ T4425]  ? _parse_integer+0x27/0x40
[   60.976141][ T4425]  copy_process+0x399/0x2000
[   60.976173][ T4425]  ? kstrtouint+0x76/0xc0
[   60.976274][ T4425]  kernel_clone+0x16c/0x5c0
[   60.976369][ T4425]  __x64_sys_clone+0xe6/0x120
[   60.976410][ T4425]  x64_sys_call+0x119c/0x2ff0
[   60.976459][ T4425]  do_syscall_64+0xd2/0x200
[   60.976490][ T4425]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   60.976513][ T4425]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   60.976552][ T4425]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.976621][ T4425] RIP: 0033:0x7fe8fd50ec29
[   60.976640][ T4425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.976661][ T4425] RSP: 002b:00007fe8fbf6efe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   60.976706][ T4425] RAX: ffffffffffffffda RBX: 00007fe8fd755fa0 RCX: 00007fe8fd50ec29
[   60.976721][ T4425] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000630c1000
[   60.976773][ T4425] RBP: 00007fe8fbf6f090 R08: 0000000000000000 R09: 0000000000000000
[   60.976787][ T4425] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[   60.976802][ T4425] R13: 00007fe8fd756038 R14: 00007fe8fd755fa0 R15: 00007fffd78b18f8
[   60.976826][ T4425]  </TASK>
[   60.976836][ T4425] syz.3.233: vmalloc error: size 16384, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[   61.217086][ T4425] CPU: 1 UID: 0 PID: 4425 Comm: syz.3.233 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   61.217119][ T4425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   61.217134][ T4425] Call Trace:
[   61.217142][ T4425]  <TASK>
[   61.217150][ T4425]  __dump_stack+0x1d/0x30
[   61.217175][ T4425]  dump_stack_lvl+0xe8/0x140
[   61.217208][ T4425]  dump_stack+0x15/0x1b
[   61.217229][ T4425]  warn_alloc+0x12b/0x1a0
[   61.217267][ T4425]  __vmalloc_node_range_noprof+0x297/0xe00
[   61.217348][ T4425]  ? __rcu_read_unlock+0x4f/0x70
[   61.217374][ T4425]  __vmalloc_node_noprof+0x89/0xc0
[   61.217407][ T4425]  ? copy_process+0x399/0x2000
[   61.217488][ T4425]  ? copy_process+0x399/0x2000
[   61.217515][ T4425]  dup_task_struct+0x449/0x6a0
[   61.217547][ T4425]  ? _parse_integer+0x27/0x40
[   61.217575][ T4425]  copy_process+0x399/0x2000
[   61.217605][ T4425]  ? kstrtouint+0x76/0xc0
[   61.217642][ T4425]  kernel_clone+0x16c/0x5c0
[   61.217695][ T4425]  __x64_sys_clone+0xe6/0x120
[   61.217734][ T4425]  x64_sys_call+0x119c/0x2ff0
[   61.217759][ T4425]  do_syscall_64+0xd2/0x200
[   61.217878][ T4425]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   61.217967][ T4425]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   61.217999][ T4425]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.218026][ T4425] RIP: 0033:0x7fe8fd50ec29
[   61.218087][ T4425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.218108][ T4425] RSP: 002b:00007fe8fbf6efe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   61.218130][ T4425] RAX: ffffffffffffffda RBX: 00007fe8fd755fa0 RCX: 00007fe8fd50ec29
[   61.218146][ T4425] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000630c1000
[   61.218158][ T4425] RBP: 00007fe8fbf6f090 R08: 0000000000000000 R09: 0000000000000000
[   61.218169][ T4425] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[   61.218180][ T4425] R13: 00007fe8fd756038 R14: 00007fe8fd755fa0 R15: 00007fffd78b18f8
[   61.218257][ T4425]  </TASK>
[   61.218278][ T4425] Mem-Info:
[   61.419991][ T4425] active_anon:6928 inactive_anon:0 isolated_anon:0
[   61.419991][ T4425]  active_file:9367 inactive_file:2237 isolated_file:0
[   61.419991][ T4425]  unevictable:0 dirty:876 writeback:0
[   61.419991][ T4425]  slab_reclaimable:3208 slab_unreclaimable:14385
[   61.419991][ T4425]  mapped:29918 shmem:304 pagetables:1822
[   61.419991][ T4425]  sec_pagetables:0 bounce:0
[   61.419991][ T4425]  kernel_misc_reclaimable:0
[   61.419991][ T4425]  free:1892495 free_pcp:5387 free_cma:0
[   61.464791][ T4425] Node 0 active_anon:27712kB inactive_anon:0kB active_file:37468kB inactive_file:8948kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:119672kB dirty:3504kB writeback:0kB shmem:1216kB kernel_stack:4384kB pagetables:7288kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   61.492033][ T4425] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   61.520663][ T4425] lowmem_reserve[]: 0 2883 7862 7862
[   61.526019][ T4425] Node 0 DMA32 free:2949288kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2952820kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:0kB free_cma:0kB
[   61.556100][ T4425] lowmem_reserve[]: 0 0 4978 4978
[   61.561254][ T4425] Node 0 Normal free:4605332kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:27712kB inactive_anon:0kB active_file:37468kB inactive_file:8948kB unevictable:0kB writepending:3504kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:18016kB local_pcp:16368kB free_cma:0kB
[   61.593297][ T4425] lowmem_reserve[]: 0 0 0 0
[   61.597932][ T4425] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   61.610812][ T4425] Node 0 DMA32: 4*4kB (M) 3*8kB (M) 4*16kB (M) 2*32kB (M) 4*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949288kB
[   61.627076][ T4425] Node 0 Normal: 4*4kB (UM) 407*8kB (M) 335*16kB (UME) 293*32kB (UME) 291*64kB (UME) 321*128kB (UME) 261*256kB (UME) 236*512kB (UM) 188*1024kB (U) 115*2048kB (UME) 955*4096kB (UM) = 4605080kB
[   61.646374][ T4425] Node 0 hugepages_total=6 hugepages_free=6 hugepages_surp=2 hugepages_size=2048kB
[   61.655701][ T4425] 11932 total pagecache pages
[   61.660394][ T4425] 0 pages in swap cache
[   61.664550][ T4425] Free swap  = 124996kB
[   61.668701][ T4425] Total swap = 124996kB
[   61.672882][ T4425] 2097051 pages RAM
[   61.676718][ T4425] 0 pages HighMem/MovableOnly
[   61.681509][ T4425] 80446 pages reserved
[   61.692983][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.728909][ T4425] loop3: detected capacity change from 0 to 512
[   61.775641][ T4425] EXT4-fs error (device loop3): ext4_xattr_inode_iget:442: comm syz.3.233: error while reading EA inode 32 err=-116
[   61.791820][ T4440] lo speed is unknown, defaulting to 1000
[   61.798208][ T4440] lo speed is unknown, defaulting to 1000
[   61.804101][ T4425] EXT4-fs (loop3): Remounting filesystem read-only
[   61.810753][ T4425] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   61.820980][ T4425] EXT4-fs (loop3): 1 orphan inode deleted
[   61.827252][ T4425] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   61.828572][ T4449] loop2: detected capacity change from 0 to 512
[   61.851291][ T4425] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.873808][ T4425] netlink: 'syz.3.233': attribute type 4 has an invalid length.
[   61.884197][ T4449] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   61.915303][ T4449] ext4 filesystem being mounted at /48/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   61.947824][ T4457] FAULT_INJECTION: forcing a failure.
[   61.947824][ T4457] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   61.960960][ T4457] CPU: 0 UID: 0 PID: 4457 Comm: syz.3.242 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   61.961039][ T4457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   61.961052][ T4457] Call Trace:
[   61.961060][ T4457]  <TASK>
[   61.961068][ T4457]  __dump_stack+0x1d/0x30
[   61.961088][ T4457]  dump_stack_lvl+0xe8/0x140
[   61.961105][ T4457]  dump_stack+0x15/0x1b
[   61.961124][ T4457]  should_fail_ex+0x265/0x280
[   61.961202][ T4457]  should_fail+0xb/0x20
[   61.961220][ T4457]  should_fail_usercopy+0x1a/0x20
[   61.961248][ T4457]  strncpy_from_user+0x25/0x230
[   61.961281][ T4457]  ? kmem_cache_alloc_noprof+0x186/0x310
[   61.961392][ T4457]  ? getname_flags+0x80/0x3b0
[   61.961478][ T4457]  getname_flags+0xae/0x3b0
[   61.961514][ T4457]  do_sys_openat2+0x60/0x110
[   61.961549][ T4457]  __x64_sys_openat+0xf2/0x120
[   61.961735][ T4457]  x64_sys_call+0x2e9c/0x2ff0
[   61.961755][ T4457]  do_syscall_64+0xd2/0x200
[   61.961794][ T4457]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   61.961889][ T4457]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   61.961998][ T4457]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.962018][ T4457] RIP: 0033:0x7fe8fd50ec29
[   61.962033][ T4457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.962055][ T4457] RSP: 002b:00007fe8fbf6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   61.962076][ T4457] RAX: ffffffffffffffda RBX: 00007fe8fd755fa0 RCX: 00007fe8fd50ec29
[   61.962087][ T4457] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: ffffffffffffff9c
[   61.962098][ T4457] RBP: 00007fe8fbf6f090 R08: 0000000000000000 R09: 0000000000000000
[   61.962109][ T4457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.962197][ T4457] R13: 00007fe8fd756038 R14: 00007fe8fd755fa0 R15: 00007fffd78b18f8
[   61.962220][ T4457]  </TASK>
[   61.964129][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.976143][ T4458] FAULT_INJECTION: forcing a failure.
[   61.976143][ T4458] name failslab, interval 1, probability 0, space 0, times 0
[   62.170665][ T4458] CPU: 0 UID: 0 PID: 4458 Comm: syz.0.241 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   62.170708][ T4458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   62.170719][ T4458] Call Trace:
[   62.170725][ T4458]  <TASK>
[   62.170731][ T4458]  __dump_stack+0x1d/0x30
[   62.170759][ T4458]  dump_stack_lvl+0xe8/0x140
[   62.170775][ T4458]  dump_stack+0x15/0x1b
[   62.170788][ T4458]  should_fail_ex+0x265/0x280
[   62.170809][ T4458]  should_failslab+0x8c/0xb0
[   62.170829][ T4458]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   62.170919][ T4458]  ? kernfs_node_dentry+0x1c5/0x350
[   62.170941][ T4458]  ? __pfx_kernfs_test_super+0x10/0x10
[   62.170960][ T4458]  kstrdup+0x3e/0xd0
[   62.170981][ T4458]  kernfs_node_dentry+0x1c5/0x350
[   62.171061][ T4458]  cgroup_do_get_tree+0x1ee/0x330
[   62.171087][ T4458]  cgroup_get_tree+0xd7/0x280
[   62.171116][ T4458]  vfs_get_tree+0x57/0x1d0
[   62.171142][ T4458]  vfs_cmd_create+0x8a/0x140
[   62.171194][ T4458]  vfs_fsconfig_locked+0x6f/0x210
[   62.171220][ T4458]  __se_sys_fsconfig+0x648/0x770
[   62.171252][ T4458]  __x64_sys_fsconfig+0x67/0x80
[   62.171277][ T4458]  x64_sys_call+0x1f83/0x2ff0
[   62.171375][ T4458]  do_syscall_64+0xd2/0x200
[   62.171404][ T4458]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   62.171432][ T4458]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   62.171458][ T4458]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.171552][ T4458] RIP: 0033:0x7f80b083ec29
[   62.171564][ T4458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.171578][ T4458] RSP: 002b:00007f80af286038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[   62.171625][ T4458] RAX: ffffffffffffffda RBX: 00007f80b0a86090 RCX: 00007f80b083ec29
[   62.171636][ T4458] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006
[   62.171667][ T4458] RBP: 00007f80af286090 R08: 0000000000000000 R09: 0000000000000000
[   62.171678][ T4458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   62.171688][ T4458] R13: 00007f80b0a86128 R14: 00007f80b0a86090 R15: 00007fff44d16fb8
[   62.171705][ T4458]  </TASK>
[   62.215047][ T4462] lo speed is unknown, defaulting to 1000
[   62.400041][ T4462] lo speed is unknown, defaulting to 1000
[   62.499476][ T4470] lo speed is unknown, defaulting to 1000
[   62.505745][ T4470] lo speed is unknown, defaulting to 1000
[   62.608385][ T4470] loop2: detected capacity change from 0 to 512
[   62.623876][ T4470] EXT4-fs error (device loop2): ext4_xattr_inode_iget:442: comm syz.2.245: error while reading EA inode 32 err=-116
[   62.640660][ T4479] loop4: detected capacity change from 0 to 512
[   62.663276][ T4470] EXT4-fs (loop2): Remounting filesystem read-only
[   62.669911][ T4470] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   62.681407][ T4470] EXT4-fs (loop2): 1 orphan inode deleted
[   62.690792][ T4470] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   62.706413][ T4481] lo speed is unknown, defaulting to 1000
[   62.706658][ T4470] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.712697][ T4481] lo speed is unknown, defaulting to 1000
[   62.738069][ T4470] netlink: 'syz.2.245': attribute type 4 has an invalid length.
[   62.783976][ T4488] loop1: detected capacity change from 0 to 512
[   62.794641][ T4488] EXT4-fs error (device loop1): ext4_xattr_inode_iget:442: comm syz.1.248: error while reading EA inode 32 err=-116
[   62.807900][ T4488] EXT4-fs (loop1): Remounting filesystem read-only
[   62.814494][ T4488] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   62.825711][ T4488] EXT4-fs (loop1): 1 orphan inode deleted
[   62.832013][ T4488] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   62.844697][ T4488] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.893145][ T4494] lo speed is unknown, defaulting to 1000
[   62.899459][ T4494] lo speed is unknown, defaulting to 1000
[   62.919409][ T4497] lo speed is unknown, defaulting to 1000
[   62.921686][ T4481] netlink: 'syz.1.248': attribute type 4 has an invalid length.
[   62.945681][ T4497] lo speed is unknown, defaulting to 1000
[   63.022997][ T4497] loop0: detected capacity change from 0 to 512
[   63.032107][ T4497] EXT4-fs error (device loop0): ext4_xattr_inode_iget:442: comm syz.0.252: error while reading EA inode 32 err=-116
[   63.044603][ T4497] EXT4-fs (loop0): Remounting filesystem read-only
[   63.051215][ T4497] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   63.061493][ T4497] EXT4-fs (loop0): 1 orphan inode deleted
[   63.067643][ T4497] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   63.080643][ T4497] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.099356][ T4497] netlink: 'syz.0.252': attribute type 4 has an invalid length.
[   65.470749][ T4510] SELinux:  Context  is not valid (left unmapped).
[   65.484867][ T4506] lo speed is unknown, defaulting to 1000
[   65.492670][ T4506] lo speed is unknown, defaulting to 1000
[   65.534775][ T4513] lo speed is unknown, defaulting to 1000
[   65.550524][ T4513] lo speed is unknown, defaulting to 1000
[   65.574734][ T4517] __nla_validate_parse: 8 callbacks suppressed
[   65.574750][ T4517] netlink: 8 bytes leftover after parsing attributes in process `syz.2.255'.
[   65.597626][ T4519] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[   65.617717][ T4506] loop1: detected capacity change from 0 to 512
[   65.647665][ T4524] FAULT_INJECTION: forcing a failure.
[   65.647665][ T4524] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   65.660792][ T4524] CPU: 0 UID: 0 PID: 4524 Comm: syz.3.259 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   65.660839][ T4524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   65.660909][ T4524] Call Trace:
[   65.660917][ T4524]  <TASK>
[   65.660927][ T4524]  __dump_stack+0x1d/0x30
[   65.660954][ T4524]  dump_stack_lvl+0xe8/0x140
[   65.660978][ T4524]  dump_stack+0x15/0x1b
[   65.660996][ T4524]  should_fail_ex+0x265/0x280
[   65.661020][ T4524]  should_fail+0xb/0x20
[   65.661074][ T4524]  should_fail_usercopy+0x1a/0x20
[   65.661106][ T4524]  _copy_from_user+0x1c/0xb0
[   65.661145][ T4524]  __copy_msghdr+0x244/0x300
[   65.661178][ T4524]  ___sys_sendmsg+0x109/0x1d0
[   65.661246][ T4524]  __x64_sys_sendmsg+0xd4/0x160
[   65.661285][ T4524]  x64_sys_call+0x191e/0x2ff0
[   65.661310][ T4524]  do_syscall_64+0xd2/0x200
[   65.661358][ T4506] EXT4-fs error (device loop1): ext4_xattr_inode_iget:442: comm syz.1.254: error while reading EA inode 32 err=-116
[   65.661425][ T4524]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   65.661456][ T4524]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   65.661495][ T4524]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.661531][ T4524] RIP: 0033:0x7fe8fd50ec29
[   65.661553][ T4524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.661578][ T4524] RSP: 002b:00007fe8fbf6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   65.661602][ T4524] RAX: ffffffffffffffda RBX: 00007fe8fd755fa0 RCX: 00007fe8fd50ec29
[   65.661649][ T4524] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000003
[   65.661666][ T4524] RBP: 00007fe8fbf6f090 R08: 0000000000000000 R09: 0000000000000000
[   65.661683][ T4524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   65.661700][ T4524] R13: 00007fe8fd756038 R14: 00007fe8fd755fa0 R15: 00007fffd78b18f8
[   65.661726][ T4524]  </TASK>
[   65.828030][   T29] kauditd_printk_skb: 24 callbacks suppressed
[   65.828047][   T29] audit: type=1400 audit(2000000005.010:1529): avc:  denied  { getopt } for  pid=4505 comm="syz.0.253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   65.887517][ T4506] EXT4-fs (loop1): Remounting filesystem read-only
[   65.894134][ T4506] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   65.907751][ T4506] EXT4-fs (loop1): 1 orphan inode deleted
[   65.915162][ T4506] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   65.927658][   T29] audit: type=1326 audit(2000000005.100:1530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4531 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8fd50ec29 code=0x7ffc0000
[   65.928606][ T4506] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.951135][   T29] audit: type=1326 audit(2000000005.100:1531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4531 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8fd50ec29 code=0x7ffc0000
[   65.983306][   T29] audit: type=1326 audit(2000000005.100:1532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4531 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8fd50ec29 code=0x7ffc0000
[   66.006725][   T29] audit: type=1326 audit(2000000005.100:1533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4531 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8fd50ec29 code=0x7ffc0000
[   66.030119][   T29] audit: type=1326 audit(2000000005.100:1534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4531 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8fd50ec29 code=0x7ffc0000
[   66.030498][ T4530] FAULT_INJECTION: forcing a failure.
[   66.030498][ T4530] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   66.053497][   T29] audit: type=1326 audit(2000000005.100:1535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4531 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8fd50ec29 code=0x7ffc0000
[   66.066514][ T4530] CPU: 0 UID: 0 PID: 4530 Comm: syz.4.261 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   66.066618][ T4530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   66.066637][ T4530] Call Trace:
[   66.066645][ T4530]  <TASK>
[   66.066698][ T4530]  __dump_stack+0x1d/0x30
[   66.066750][ T4530]  dump_stack_lvl+0xe8/0x140
[   66.066778][ T4530]  dump_stack+0x15/0x1b
[   66.066840][ T4530]  should_fail_ex+0x265/0x280
[   66.066875][ T4530]  should_fail+0xb/0x20
[   66.066906][ T4530]  should_fail_usercopy+0x1a/0x20
[   66.066995][ T4530]  copy_fpstate_to_sigframe+0x628/0x7d0
[   66.067043][ T4530]  ? copy_fpstate_to_sigframe+0xe6/0x7d0
[   66.067145][ T4530]  ? x86_task_fpu+0x36/0x60
[   66.067185][ T4530]  get_sigframe+0x34d/0x490
[   66.067209][ T4530]  ? get_signal+0xdc8/0xf70
[   66.067239][ T4530]  x64_setup_rt_frame+0xa8/0x580
[   66.067319][ T4530]  arch_do_signal_or_restart+0x27c/0x480
[   66.067435][ T4530]  exit_to_user_mode_loop+0x7a/0x100
[   66.067466][ T4530]  do_syscall_64+0x1d6/0x200
[   66.067513][ T4530]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   66.067577][ T4530]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   66.067620][ T4530]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.067649][ T4530] RIP: 0033:0x7f9240b1ec27
[   66.067671][ T4530] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[   66.067740][ T4530] RSP: 002b:00007f923f57f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   66.067767][ T4530] RAX: 0000000000000001 RBX: 00007f9240d65fa0 RCX: 00007f9240b1ec29
[   66.067783][ T4530] RDX: 0000000000000008 RSI: 0000200000000040 RDI: 0000000000000003
[   66.067800][ T4530] RBP: 00007f923f57f090 R08: 0000000000000000 R09: 0000000000000000
[   66.067817][ T4530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.067860][ T4530] R13: 00007f9240d66038 R14: 00007f9240d65fa0 R15: 00007ffe070ebf78
[   66.067886][ T4530]  </TASK>
[   66.140424][ T4535] FAULT_INJECTION: forcing a failure.
[   66.140424][ T4535] name failslab, interval 1, probability 0, space 0, times 0
[   66.142834][   T29] audit: type=1326 audit(2000000005.100:1536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4531 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8fd50ec29 code=0x7ffc0000
[   66.148401][ T4535] CPU: 0 UID: 0 PID: 4535 Comm: syz.4.262 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   66.148437][ T4535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   66.148454][ T4535] Call Trace:
[   66.148462][ T4535]  <TASK>
[   66.148473][ T4535]  __dump_stack+0x1d/0x30
[   66.148521][ T4535]  dump_stack_lvl+0xe8/0x140
[   66.148548][ T4535]  dump_stack+0x15/0x1b
[   66.148569][ T4535]  should_fail_ex+0x265/0x280
[   66.148635][ T4535]  should_failslab+0x8c/0xb0
[   66.148670][ T4535]  kmem_cache_alloc_node_noprof+0x57/0x320
[   66.148711][ T4535]  ? __alloc_skb+0x101/0x320
[   66.148741][ T4535]  __alloc_skb+0x101/0x320
[   66.148772][ T4535]  netlink_alloc_large_skb+0xba/0xf0
[   66.148818][ T4535]  netlink_sendmsg+0x3cf/0x6b0
[   66.148861][ T4535]  ? __pfx_netlink_sendmsg+0x10/0x10
[   66.148898][ T4535]  __sock_sendmsg+0x142/0x180
[   66.148972][ T4535]  ____sys_sendmsg+0x31e/0x4e0
[   66.149011][ T4535]  ___sys_sendmsg+0x17b/0x1d0
[   66.149140][ T4535]  __x64_sys_sendmsg+0xd4/0x160
[   66.149238][ T4535]  x64_sys_call+0x191e/0x2ff0
[   66.149266][ T4535]  do_syscall_64+0xd2/0x200
[   66.149309][ T4535]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   66.149347][ T4535]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   66.149388][ T4535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.149480][ T4535] RIP: 0033:0x7f9240b1ec29
[   66.149549][ T4535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.149571][ T4535] RSP: 002b:00007f923f57f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   66.149596][ T4535] RAX: ffffffffffffffda RBX: 00007f9240d65fa0 RCX: 00007f9240b1ec29
[   66.149613][ T4535] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[   66.149630][ T4535] RBP: 00007f923f57f090 R08: 0000000000000000 R09: 0000000000000000
[   66.149662][ T4535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.149679][ T4535] R13: 00007f9240d66038 R14: 00007f9240d65fa0 R15: 00007ffe070ebf78
[   66.149704][ T4535]  </TASK>
[   66.270764][ T4532] loop3: detected capacity change from 0 to 512
[   66.278411][   T29] audit: type=1326 audit(2000000005.100:1537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4531 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7fe8fd50ec29 code=0x7ffc0000
[   66.391574][ T4532] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.396568][   T29] audit: type=1326 audit(2000000005.100:1538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4531 comm="syz.3.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8fd50ec29 code=0x7ffc0000
[   66.410489][ T4532] ext4 filesystem being mounted at /50/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   66.555644][ T4506] netlink: 'syz.1.254': attribute type 4 has an invalid length.
[   66.899585][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.888251][   T29] kauditd_printk_skb: 64 callbacks suppressed
[   90.888270][   T29] audit: type=1400 audit(2000000030.070:1603): avc:  denied  { listen } for  pid=4544 comm="syz.2.265" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   90.929339][ T4545] lo speed is unknown, defaulting to 1000
[   90.943517][   T29] audit: type=1400 audit(2000000030.130:1604): avc:  denied  { execmem } for  pid=4550 comm="syz.4.267" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   90.953683][ T4545] lo speed is unknown, defaulting to 1000
[   90.962731][   T29] audit: type=1400 audit(2000000030.130:1605): avc:  denied  { setopt } for  pid=4550 comm="syz.4.267" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   90.988737][   T29] audit: type=1400 audit(2000000030.130:1606): avc:  denied  { bind } for  pid=4550 comm="syz.4.267" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   91.008854][   T29] audit: type=1400 audit(2000000030.130:1607): avc:  denied  { node_bind } for  pid=4550 comm="syz.4.267" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[   91.051492][   T29] audit: type=1400 audit(2000000030.220:1608): avc:  denied  { write } for  pid=4544 comm="syz.2.265" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   91.071013][   T29] audit: type=1400 audit(2000000030.220:1609): avc:  denied  { create } for  pid=4544 comm="syz.2.265" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   91.071116][   T29] audit: type=1400 audit(2000000030.220:1610): avc:  denied  { write } for  pid=4544 comm="syz.2.265" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   91.071142][   T29] audit: type=1400 audit(2000000030.220:1611): avc:  denied  { nlmsg_write } for  pid=4544 comm="syz.2.265" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   91.162657][ T4561] lo speed is unknown, defaulting to 1000
[   91.190777][ T4561] lo speed is unknown, defaulting to 1000
[   91.210779][ T4571] loop2: detected capacity change from 0 to 512
[   91.218536][   T29] audit: type=1400 audit(2000000030.390:1612): avc:  denied  { create } for  pid=4544 comm="syz.2.265" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[   91.220458][ T4560] lo speed is unknown, defaulting to 1000
[   91.252807][ T4573] loop0: detected capacity change from 0 to 512
[   91.259949][ T4571] EXT4-fs error (device loop2): ext4_xattr_inode_iget:442: comm syz.2.265: error while reading EA inode 32 err=-116
[   91.269294][ T4560] lo speed is unknown, defaulting to 1000
[   91.285203][ T4579] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.298353][    C0] hrtimer: interrupt took 36535 ns
[   91.329933][ T4573] EXT4-fs error (device loop0): ext4_xattr_inode_iget:442: comm syz.0.268: error while reading EA inode 32 err=-116
[   91.333797][ T4584] loop4: detected capacity change from 0 to 1024
[   91.343356][ T4573] EXT4-fs (loop0): Remounting filesystem read-only
[   91.355375][ T4573] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   91.366772][ T4573] EXT4-fs (loop0): 1 orphan inode deleted
[   91.370432][ T4571] EXT4-fs (loop2): Remounting filesystem read-only
[   91.373228][ T4573] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.379047][ T4571] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   91.379081][ T4571] EXT4-fs (loop2): 1 orphan inode deleted
[   91.380150][ T4584] EXT4-fs: Ignoring removed orlov option
[   91.402334][ T4571] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.409011][ T4573] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.442833][ T4584] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.448003][ T4571] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.474453][ T4579] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.555349][ T4599] pim6reg: entered allmulticast mode
[   91.604980][ T4579] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.625262][ T4546] netlink: 'syz.2.265': attribute type 4 has an invalid length.
[   91.729023][ T4584] ==================================================================
[   91.737171][ T4584] BUG: KCSAN: data-race in vfs_fsync_range / writeback_single_inode
[   91.745197][ T4584] 
[   91.747545][ T4584] write to 0xffff88811a0f1300 of 4 bytes by task 4603 on cpu 1:
[   91.755200][ T4584]  writeback_single_inode+0x14a/0x3e0
[   91.760627][ T4584]  sync_inode_metadata+0x5b/0x90
[   91.765604][ T4584]  generic_buffers_fsync_noflush+0xd9/0x120
[   91.771526][ T4584]  ext4_sync_file+0x1ab/0x690
[   91.776227][ T4584]  vfs_fsync_range+0x10a/0x130
[   91.781011][ T4584]  ext4_buffered_write_iter+0x34f/0x3c0
[   91.786591][ T4584]  ext4_file_write_iter+0x383/0xf00
[   91.791827][ T4584]  iter_file_splice_write+0x666/0xa60
[   91.797221][ T4584]  direct_splice_actor+0x156/0x2a0
[   91.802359][ T4584]  splice_direct_to_actor+0x312/0x680
[   91.807740][ T4584]  do_splice_direct+0xda/0x150
[   91.812510][ T4584]  do_sendfile+0x380/0x650
[   91.816944][ T4584]  __x64_sys_sendfile64+0x105/0x150
[   91.822156][ T4584]  x64_sys_call+0x2bb0/0x2ff0
[   91.826880][ T4584]  do_syscall_64+0xd2/0x200
[   91.831411][ T4584]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.837310][ T4584] 
[   91.839633][ T4584] read to 0xffff88811a0f1300 of 4 bytes by task 4584 on cpu 0:
[   91.847173][ T4584]  vfs_fsync_range+0x9b/0x130
[   91.851863][ T4584]  ext4_buffered_write_iter+0x34f/0x3c0
[   91.857435][ T4584]  ext4_file_write_iter+0x383/0xf00
[   91.862770][ T4584]  iter_file_splice_write+0x666/0xa60
[   91.868161][ T4584]  direct_splice_actor+0x156/0x2a0
[   91.873286][ T4584]  splice_direct_to_actor+0x312/0x680
[   91.878667][ T4584]  do_splice_direct+0xda/0x150
[   91.883443][ T4584]  do_sendfile+0x380/0x650
[   91.887892][ T4584]  __x64_sys_sendfile64+0x105/0x150
[   91.893120][ T4584]  x64_sys_call+0x2bb0/0x2ff0
[   91.897815][ T4584]  do_syscall_64+0xd2/0x200
[   91.902338][ T4584]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.908234][ T4584] 
[   91.910554][ T4584] value changed: 0x00000038 -> 0x00000002
[   91.916266][ T4584] 
[   91.918586][ T4584] Reported by Kernel Concurrency Sanitizer on:
[   91.924737][ T4584] CPU: 0 UID: 0 PID: 4584 Comm: syz.4.274 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   91.934370][ T4584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   91.944428][ T4584] ==================================================================
[   91.975249][ T4579] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.987813][ T4609] 9pnet: Could not find request transport: f
[   92.080051][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.092040][ T4190] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.100674][ T4190] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.109070][ T4190] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.117879][ T4190] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0