last executing test programs:

1.709061456s ago: executing program 0 (id=2178):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x2c, 0x11, 0x0, 0x1, @limit={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x101}]}}}]}, @NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}, {0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xd8}}, 0x0)

1.647522387s ago: executing program 0 (id=2181):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x2c, 0x11, 0x0, 0x1, @limit={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x101}]}}}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}, {0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xec}}, 0x0)

1.595232468s ago: executing program 0 (id=2182):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='ns\x00')
fchdir(r0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
getdents64(0xffffffffffffffff, 0x0, 0x0)
unlinkat(r0, &(0x7f0000000480)='./file1\x00', 0x0)

1.365314213s ago: executing program 2 (id=2189):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x80f80)
readv(r1, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/133, 0x85}], 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000800)=@can_newroute={0x154, 0x18, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@CGW_CS_CRC8={0x11e, 0x6, {0xfe, 0xff, 0x3, 0x0, 0xff, "71ec6d721744cd5200080000f8cfcad402006511ec028c7028564a9ce83afe1cc93e15e556c2baed7f897fe841c155a2b2a4b9f3052995cdf66a9c7922ff0300005b6c67281f1519cd7c32c2bf7563b9452575505da99ea128d37616896be8764a2c78edbad5bde7a5e405bdc893770338925f824bd24689c0d11a5560fc3aaa9ad0d7766d8ea8d3bf1006e3df494e2f373148ecb4adafdd39874e9808b118301f1e76054a64c6d243523f5de7b347f3b740e105d090b3bcd4cbed5f1cfe93cff41a9630802f96defe9e8ea850529827c5e301953a8abaafa1f121e590f74e28233f4129d458ec5d42c3ef0619022c00", 0x3, "5c8d586b2a88d818b56d2a5e15c8a95d29e5b2ea"}}, @CGW_CS_XOR={0x8, 0x5, {0x2, 0x9, 0xf5, 0x2}}, @CGW_MOD_SET={0x15, 0x4, {{{0x3, 0x1, 0x0, 0x1}, 0x0, 0x5, 0x0, 0x0, '\t\x00'}, 0x1}}]}, 0x154}}, 0x40000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r3}, 0x18)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x12, 0x1, 0x8, 0x2}, 0x50)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000780)={r4, &(0x7f0000000380), 0x0}, 0x20)

1.298737224s ago: executing program 2 (id=2190):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000070000000300"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x18)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000080))
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x143842, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000540)=ANY=[@ANYBLOB="bf16000000000000b70700000001000048700000000000e6270000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142da7646c4fe02996b60cf81ebcd50fa9ea4308123f602000000000000de89e661168c1886d0d4d94f204e345c652fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762011052eac2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dc8aff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a6f387a1340a1c8889464f90cc4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd014a337ac5d58bcb5e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e4b9ec7a410ec42315255be1ed66d9051f22614d1f62734d679039a97d2b74f9e8e993ccd314000f747f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798ab20000000bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d2000000000000000819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480e5aee9c9e5f2e5a56a6d920335c8e8726fd8329d9a728995b1531bd20360d33d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c55969a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba84279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047050d7296cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5603a9d801300000000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e43eae50a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed03a6fe7860b3e13c3173a60a1823cb7dde8212a8531bd9060000006a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c73596f860221156437f4d6b76ecc4b35bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b05ebf1445ea110f499f840a5c965443d535556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a0000000000000001ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba0790ee0d112f99e59ba82e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee52303da186b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c44500f8ffff970d5254727e804fbd99ccefb7c09269dd2c5ca93125e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8f09c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c1b04e2fa55a756487517a7445cbd9e3f5175e41c00000000000000000000000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce9934b157d7875a70eaf103cb3138e2361c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305977eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f87204311327c18380fedf3d309d8549f99bf6c5cb060fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39289f675f3925e80ab73517c97139d01719cdbab3f1ce1060f3e6806e774a5f079c01003e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd75b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae794286b6c3e1f5a76b85ed6e1f0000c608b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a650be5114c31582d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea87550fb1ba334c83e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc882d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436762dd07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba4664f35547cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1951393352bc756f3fcaad2c1c399a3e43eaaeca70db90f2fa395964434476719334482eb5424c81814079a24fe3681ad9ac361f71ac279a688f10a12105edebc5e3b8dad4c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fbdd351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd61dfb3de7f503d58ac8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2dff78ce9308c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f200000000000000000089de7f8485d9507164a187220b36ddc7fa645d4bd0c1414c30a416f80ba17d21d53961471b2d2d459e4bb23230d676ca49633b25e26a322024beb7c3427da59f7daa70a5d44a0eb895f29245df6401295d3da9399507126a3be932f47fe61ef1bfe83086651af7e23c2a8fa702b9aaa65aa3edaaa6b3f5a0c7cdfd008c898d73bb97168ca390ef539800000000000077a5ad1e683aeff92bb0b66b33ed878df1e344b99450086c819bf174578705c049d2fb25a91ba04643cde1a3c391d8646e5249dbf28b13b1c4d5127f685ee0c0576bf74e17cd3b4df4eb7095e504e361689572b0f93ff1dc6f52e8728a03e5a4df80a32c6055df8f4f4152c0d74d793b20ac2cfa907b5af80716118f82027d3e4cb096fe86de545008b85cb9b637bca30d765b0c3ad489db32955454dcfe000000002830e5e125322d2f5829040a91405bf2fe5bf14833fd7b1e72c775f267bc4511183096eff3188a288c408b10285e7ec75f826e9b08a82cde1f4470545eebc71440623752e87ecc689b7fec2f667e22705b4660b2ef936cce446244bb48f8c7d062ea4a955facf6c2957cfb3c3ee9229efab5b72a5c5266eb493c7c3b08a91971692d9673cb9df620a8240d4f94b9fafd8e2bf0f9cedd1e08f4f10fd8f25f3169ed878624adccb5572cb918e0e3ba7e4ac0967aa65241903509778e63bebf00107524f858d7d48ef9e2c112c75d732344dc0a9bc506172d5a45e3bcb203862307c24c20fe1ffe6b5a43dbc1b20156161b5f59ab9955f2a6fbc64f547a671ded4896d8c4bac78f23e15c8e6cb72599d27607e5a1ad434cdee73d026e5dd14d9824202052181dda714fff7dc43444bc948541f641ac8215a5dae7fa8a50897b916a856aedcdf16be8736b33823ab7b2f1c77554bf2c36e412a4ad05582a0160fad5dfe84db2d7d3bb802f47dd2ebb7945e09f542d464dfbd2c70a90ab36ebd331a6549fa16f2e83a06c512c83eec56b5b94040d31da56e021a48c8651ebf3e1f8931a6d18150f1d76d07e7d8ecacbed15e9c2a50e610f1d0b523083b182cde6cf655ddd45409400c23fb89eba0db0ab4eee055a60a6ac7fea75703e8e4d737bfabae0fc3c1406b6b454ba694673a69b1782eb0052c2a4e251c8f96c7bcab1845dc347ded7fb207fd19f2bea2e496d63613af735b8e8376658ce4b43a09b53846f0a0218661d917e39bcd79063128f4c5c570b6214db8ed5e1255d48725ad8dc0d3c5aafafb47095dc1f3572650e4b3d0540cec5340638d325897dc3ecc721634875abc32f6ea1c28bf579013269343786a7e8389df8bf34fee174310f070f0abfb9b5e035aa32be5721b5c8475faba7cce82fc9af55e73d8398a45dd151b0a1490700c02135e81d4153c992e171cec6720269625daec40c909f2bb92f9dae7e7caf86be26f080daeb973bd5912562e4211ef924f284dd583537e15b342ef7a7c3cf4c976742c086915d8d92be7e9f9464fb12fa3908c957ae1b2e4443be891828c9cf41036fcd4d871080e4d035c6dcab88a13704f0538c48d7b24f35282adaa33f588ecd4ce7eb861023e10c5adfd80df856524d14c6485198bb7045921f8ca677a7e50123d8ad717d259f31e4f4808f"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89}, 0x48)
ioctl$TUNSETSTEERINGEBPF(r4, 0x800454e0, &(0x7f0000000000)=r5)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r3, &(0x7f0000000280)=ANY=[@ANYBLOB="1e03d3ffbc5cb60128876360864666702c1ffe80000000000000", @ANYRESDEC], 0xffdd)

1.298284634s ago: executing program 4 (id=2191):
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0xff00, &(0x7f0000000080)={&(0x7f00000009c0)=@newlink={0x44, 0x10, 0x401, 0x0, 0xfffffffe, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0x3, r2}]}, 0x44}}, 0x40000c0)

1.269090215s ago: executing program 4 (id=2193):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000040)=@o_path={0x0, r1, 0x4000, r1}, 0x18)

1.242251145s ago: executing program 4 (id=2194):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000880)=ANY=[@ANYRES8=r0, @ANYRES64=r0, @ANYRESHEX=r1, @ANYRES16=r0, @ANYBLOB="650c16f7cbbc1c365a7bbce8b07cf62bb0f6b4a10b5790740080040e85298a0c1af7d49d6e75c22a496313e6032ba65104ba2d51e83c238c6ad3127f8b6d44b2ff32bc706afbe85529c15800a95fd1536b3849d062d05e2cce6a8bd2fa3462fee11b0b45cf0250addd3114ec74dd713441414e17de55e509b2c879"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x24, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x800810, &(0x7f0000000180), 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f0000000800)='kvm_mmio\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=ANY=[@ANYBLOB="14000000180001000000000000100000020000003181b0c851f95e20f15a2bf6620fc17d13cd7fe95ec58325184b80e66561bd60425516e64188bcb5e790ec97a2c80c40c20d1f0fa8c5dd63520f722b0391865edded5e5d4a417ccaf10bbbf8"], 0x14}}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x810, 0xffffffffffffffff, 0xee679000)
ustat(0x1, &(0x7f0000000480))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
renameat2(0xffffffffffffffff, &(0x7f00000010c0)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffffff, 0x0, 0x3)
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000791048000000000061040000"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
r7 = openat$binfmt_format(0xffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0)
r8 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcc2)
close(r8)
r9 = syz_open_dev$sg(&(0x7f0000000000), 0x5, 0x220280)
ioctl$FS_IOC_GETFSSYSFSPATH(r9, 0x80811501, &(0x7f00000002c0)={0x80})
write$binfmt_format(r7, &(0x7f0000000100)='-1\x00', 0x2)
close_range(r7, 0xffffffffffffffff, 0x0)
close(r6)

1.225128675s ago: executing program 2 (id=2195):
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)

1.174346396s ago: executing program 2 (id=2196):
r0 = socket$igmp6(0xa, 0x3, 0x3a)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$nci(r1, 0x0, 0xfffffeea)
keyctl$join(0x1, &(0x7f0000000280)={'syz', 0x1})
r2 = request_key(&(0x7f0000000040)='keyring\x00', &(0x7f0000000100)={'syz', 0x1}, 0x0, 0xfffffffffffffffe)
keyctl$restrict_keyring(0x3, r2, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
socket$netlink(0x10, 0x3, 0x9)
unshare(0x22020400)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
syz_read_part_table(0x5f8, &(0x7f0000000bc0)="$eJzs0zGIU3ccB/Bf0jNXBRE7uTVchliXEzJer2BDfBwBcwSLDiK62SGLTh1iAoaKg2eHiOByDpbCGSq0TiKCIOLFQcgkinZREYciuFjFpuTu3XItB4UctPD5wHuP/+//+70vfx4v+F/Lxu/D4TATEcPJDdqGrdE9t778zVJl/1x+fl/9YEQmjkTE9+//+GG0k1kbTN86la6fpevSrYnG+aXk7EJ3+64b+Q8PsrEa0I5YuV72Lx8d5znZHLtP7bmTaQ923qzGlU9jeWZb4/CJXvGLbO/h+9H2n+nn3rJuLD+u/Ouz93ac6ZxMvsxFPEqaz5NX2bdvkgOXFqdzF1r14uu9ad+xcQWu0/h4KHft6t1y58XW0v1qrdb9+cnFQrNyu3N60C88fnfueNr3dKO/CwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/4zdp/bc+Twz2HmzGleWv1qe2dY4fKJXLLd6D+d//frH/E9TkVnpm96k/Ouz93ac6ZxMFr6b/fZR0nyevMq+fZMcuLQ4nbvQqhdf7037jv3DbG4M+Y2Ph3LXrt4td15sLd2v1mrdLXGx0Kzc7pwe9AuP3507Hp/9Uq5GPJ0cxWXHkAgAAAAAAAAAAAAAAAAAAAB/V9k/l5/fVz8YkYkjETGzOPdkVB9Ormx/stY3lT6frdajdGuicX4pObvQ3b7rRv7Dg9/Sejsb0Y6Il/3LRzdOnticA/Gv/BUAAP//FI2HuA==")
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000280))
getresuid(&(0x7f0000000300), &(0x7f0000000340), &(0x7f0000000440))
r4 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f0000ffffffff"], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0)
keyctl$invalidate(0x15, 0x0)
setsockopt$MRT6_FLUSH(r0, 0x29, 0xd1, &(0x7f0000000140)=0x3, 0x4)

1.149766657s ago: executing program 1 (id=2197):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x94)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x6e27, @multicast1}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300)
setsockopt$inet_int(r0, 0x0, 0x19, &(0x7f0000000180)=0x1f5, 0x4)
setsockopt$inet_int(r0, 0x0, 0xc, &(0x7f0000000080)=0x40, 0x4)
recvmmsg(r0, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)

1.149437487s ago: executing program 3 (id=2198):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}}, @NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x2c, 0x11, 0x0, 0x1, @limit={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x101}]}}}]}, @NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}, {0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xec}}, 0x0)

1.094922708s ago: executing program 3 (id=2199):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_AGEING_TIME={0x8, 0x8, 0xffffa888}]}}}]}, 0x3c}}, 0x0) (fail_nth: 5)

1.094464498s ago: executing program 4 (id=2200):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2b, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=@base={0x14, 0x4, 0x4, 0x6, 0x100}, 0x50)
bpf$MAP_UPDATE_ELEM(0x4, &(0x7f0000000180)={r2, &(0x7f0000000000), 0x0}, 0x20)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001040)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
r4 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff7fffd, 0x2, @perf_config_ext={0xa, 0x40}, 0x107069, 0x0, 0x2, 0x6, 0x0, 0x1001}, 0x0, 0xffffffffffffffff, r4, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff1100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001011404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x57)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r5, 0x702, 0xe, 0x700, &(0x7f0000000540)="e460334470b8d480eb00c15286dd", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x18)
get_robust_list(0xffffffffffffffff, 0x0, 0x0)
creat(0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000a40), 0x1, 0x55e, &(0x7f0000000a80)="$eJzs3c1rHOUfAPDvbJK+/35NoRQVkUAPVmo3TeJLBQ/1KFos6L0uyTSUbLoluylNLNge7MWLFEHEgnjXu8fiP+BfUdBCkRL04CUym9k0L7vJNt2ajfP5wITn2Znd5/nuzPfJMzuzbACFNZL9KUW8GBFfJRFHIyLJ1w1GvnJkZbulxzcnsyWJ5eWP/0ia22X11mu1nnc4r7wQEb98EXG6tLnd+sLiTKVaTefy+mhj9tpofWHxzJXZynQ6nV4dn5g49+bE+Dtvv9WzWF+7+Ne3H91//9yXJ5e++enhsbtJnI8j+bq1cTyDW2srIzGSvydDcX7DhmM9aKyfJLvdAXZkIM/zocjGgKMxkGc98N/3eUQsAwWVyH8oqNY8oHVu36Pz4D3j0XsrJ0Cb4x9c+WwkDjTPjQ4tJevOjLLz3eEetJ+18fPv9+5mS2z4HOJAD14foJNbtyPi7ODg5vEvyce/nTvbxTYb2yja/x/YTfez+c/r7eY/pdX5T7SZ/xxuk7s7sX3+lx72oJmOsvnfu23nv6sXrYYH8tr/mnO+oeTylWqajW3/j4hTMbQ/q291Pefc0oPlTuvWzv+yJWu/NRfM+/FwcP/650xVGpVniXmtR7cjXmo7/01W93/SZv9n78fFLts4kd57pdO67eN/vpZ/iHi17f5/ckUr2fr65GjzeBhtHRWb/XnnxK+d2t/t+LP9f2jr+IeTtddr60/fxvcH/k47rVsXf3R//O9LPmmW9+WP3ag0GnNjEfuSDzc/Pv7kua16a/ss/lMntx7/2h3/ByPi0y7jv3P8x5e7in+X9v/UU+3/py88+OCz7zq1393490azdCp/pJvxr9sOPst7BwAAAAAAAP2mFBFHIimVV8ulUrm8cn/H8ThUqtbqjdOXa/NXp6L5XdnhGCq1rnQfXXM/xFh+P2yrPr6hPhERxyLi64GDzXp5slad2u3gAQAAAAAAAAAAAAAAAAAAoE8c7vD9/8xvA7vdO+C585PfUFzb5n8vfukJ6Ev+/0NxyX8oLvkPxSX/objkPxSX/Ifikv9QXPIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeurihQvZsrz0+OZkVp+6vjA/U7t+Ziqtz5Rn5yfLk7W5a+XpWm26mpYna7PbvV61Vrs2Nh7zN0Ybab0xWl9YvDRbm7/auHRltjKdXkqH/pWoAAAAAAAAAAAAAAAAAAAAYG+pLyzOVKrVdE5BYUeFwf7oxp4vZNnYB91Y1x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6A//BAAA//8iuzYD")
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x389b0d52417bb201)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000230900010073797a300000000084000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000002f4000128014000180090001006c6173740000000004000280140001800c000100636f756e7465720004000280280001800b00010074756e6e656c0000040002800800034000000106"], 0xcc}, 0x1, 0x0, 0x0, 0x80}, 0x20050800)

1.019553119s ago: executing program 1 (id=2201):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
setsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='task\x00')
lseek(r1, 0x3, 0x1)
getdents64(r1, &(0x7f0000002540)=""/4096, 0x1000)
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000050000000000000000001811", @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e8500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[], 0x15)
r5 = dup(r4)
write$P9_RLERRORu(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @ib_path={0x0}}, 0x20)
write$binfmt_elf64(r5, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
r6 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r7=>0x0})
mount(&(0x7f0000000040)=@sg0, 0x0, &(0x7f0000000140)='msdos\x00', 0x10000, &(0x7f0000000180)='geneve0\x00')
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4400000010000100"/20, @ANYRES32=r7, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028008000200ac1414bb080004"], 0x44}, 0x1, 0x2}, 0x0) (fail_nth: 5)
select(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0xea60})

727.604115ms ago: executing program 3 (id=2202):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, &(0x7f0000000040)=ANY=[@ANYBLOB="2c0c010600000000fe881000000000000000000000000001fe8000000000000000000000000000bbfc00000000000000000000000000000020010000000000000000000000f47c786ab5d35e970000000000000000000001fc010000000000000000000000000001"], 0x68)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)=ANY=[@ANYRES16=r2], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='mm_page_free\x00', r4, 0x0, 0x4}, 0x18)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc}, 0x94)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001140)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000240)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x1300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

687.380906ms ago: executing program 0 (id=2203):
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
r1 = dup(0xffffffffffffffff)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f00000003c0), 0x80000, 0x0)
ioctl$RTC_UIE_ON(r3, 0x7003)
remap_file_pages(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x8, 0x38, 0x100)
ioctl$RTC_WKALM_SET(r3, 0x4028700f, &(0x7f0000000000)={0x1, 0x0, {0x14, 0x3b, 0x11, 0x10, 0x4, 0xe80, 0x5, 0x40}})
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000380)={[{@errors_remount}, {@discard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@jqfmt_vfsv1}, {@abort}, {@data_err_ignore}]}, 0x1, 0x476, &(0x7f0000000540)="$eJzs3M9vFFUcAPDvzLZFfrYi/gBRq8TY+KOlBZWDF40mHjCa6AFv1rYQQqGG1kQIkWoMXkwMiZ7Vo4l/gTcvRj2ZeMW7ISHKBfRUM7MzZXfp9gdddgv7+STTfW/mzc777szbeTNvtgF0rcHsTxKxLSIuRUR/NVtfYLD6cv3quYl/r56bSGJh4e2/k7zctavnJsqi5Xpbi8xQGpF+lhQbqTd75uyJ8enpqdNFfmTu5Acjs2fOPnf85PixqWNTp8YOHTp4YPTFF8aeb0mcWVzX9nw8s3f36+9efGPiyMX3f/0hq++2YnltHA02Nbyu2mAW+D8LucWZafXlyTVHsLFtr0knPR2sCGtSiYieou1eiv6oxI2d1x+vfdrRygG3VXZuWubENr8A3MWS6HQNgM4oT/TZ9W85tanrsSFcebl6AZTFfb2Yqkt6ykv16G24vm2lwYg4Mv/fN9kUy9+HAABoiS8mvj4czy7V/0vjgZpyO4oxlIGIuDcidkbEfRGxKyLuj8jLPhgRD628ybQ20zg0dHP/J718y8GtQtb/e6kY26rv/y1Wc6BS5Lbn8fcmR49PT+0vPpOh6N2U5UeX2cZPr/7xZbNltf2/bMq2X/YFi3pc7mm4QTc5Pjeed0pb4MonEXt6loo/WRwJSCJid0TsWdtb7ygTx5/+fm+zQivHv4wWjDMtfBfxVHX/z0dD/KVk+fHJkXtiemr/SHlU3Oy33y+81Wz764q/BbL9v6X++G8sMpDUjtfOrn0bF/78vOk1za0e/33JO/m6fcW8j8bn5k6PRvQlh/N83fyxG+uW+bJ8Fv/QvqXb/85inSz+hyMiO4gfiYhHI+Kxou6PR8QTEbFvmfh/eaX5svr4N2/rxP6fbPj+25wvWTz+G/b/2hOVEz//uPTWv31vdfv/YJ4aKubk338rWG0F1/nxAQAAwB0hzZ+BT9LhxXSaDg9Xn+HfFVvS6ZnZuWeOznx4arL6rPxA9Kblna7+mvuho8l88Y7V/Fhxr7hcfqC4b/xVZXOeH56YmZ7scOzQ7bY2af+Zvyqdrh1w2y01jjbW14GKAG3X2P7T+uz5N9tZGaCtmj5Hs6W99QDab4Xn6NJ21QNoP/+vBbrXUu3/fEPeWADcnZz/oXtp/9C9tH/oXto/dKWVfiRfWedv/yXuuESyusKRdr6qGyPRGxEtecO+DRFOkej0NxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBr/B8AAP//ubjqLQ==")
close_range(r2, 0xffffffffffffffff, 0x0)
gettid()

522.789699ms ago: executing program 1 (id=2204):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a0000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000040)=@o_path={0x0, r1, 0x4000, r1}, 0x18)

508.78743ms ago: executing program 2 (id=2205):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000070000000300"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x18)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000080))
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x143842, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000540)=ANY=[@ANYBLOB="bf16000000000000b70700000001000048700000000000e6270000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142da7646c4fe02996b60cf81ebcd50fa9ea4308123f602000000000000de89e661168c1886d0d4d94f204e345c652fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762011052eac2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dc8aff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a6f387a1340a1c8889464f90cc4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd014a337ac5d58bcb5e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e4b9ec7a410ec42315255be1ed66d9051f22614d1f62734d679039a97d2b74f9e8e993ccd314000f747f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798ab20000000bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d2000000000000000819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480e5aee9c9e5f2e5a56a6d920335c8e8726fd8329d9a728995b1531bd20360d33d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c55969a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba84279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047050d7296cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5603a9d801300000000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e43eae50a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed03a6fe7860b3e13c3173a60a1823cb7dde8212a8531bd9060000006a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c73596f860221156437f4d6b76ecc4b35bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b05ebf1445ea110f499f840a5c965443d535556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a0000000000000001ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba0790ee0d112f99e59ba82e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee52303da186b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c44500f8ffff970d5254727e804fbd99ccefb7c09269dd2c5ca93125e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8f09c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c1b04e2fa55a756487517a7445cbd9e3f5175e41c00000000000000000000000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce9934b157d7875a70eaf103cb3138e2361c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305977eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f87204311327c18380fedf3d309d8549f99bf6c5cb060fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39289f675f3925e80ab73517c97139d01719cdbab3f1ce1060f3e6806e774a5f079c01003e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd75b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae794286b6c3e1f5a76b85ed6e1f0000c608b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a650be5114c31582d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea87550fb1ba334c83e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc882d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436762dd07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba4664f35547cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1951393352bc756f3fcaad2c1c399a3e43eaaeca70db90f2fa395964434476719334482eb5424c81814079a24fe3681ad9ac361f71ac279a688f10a12105edebc5e3b8dad4c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fbdd351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd61dfb3de7f503d58ac8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2dff78ce9308c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f200000000000000000089de7f8485d9507164a187220b36ddc7fa645d4bd0c1414c30a416f80ba17d21d53961471b2d2d459e4bb23230d676ca49633b25e26a322024beb7c3427da59f7daa70a5d44a0eb895f29245df6401295d3da9399507126a3be932f47fe61ef1bfe83086651af7e23c2a8fa702b9aaa65aa3edaaa6b3f5a0c7cdfd008c898d73bb97168ca390ef539800000000000077a5ad1e683aeff92bb0b66b33ed878df1e344b99450086c819bf174578705c049d2fb25a91ba04643cde1a3c391d8646e5249dbf28b13b1c4d5127f685ee0c0576bf74e17cd3b4df4eb7095e504e361689572b0f93ff1dc6f52e8728a03e5a4df80a32c6055df8f4f4152c0d74d793b20ac2cfa907b5af80716118f82027d3e4cb096fe86de545008b85cb9b637bca30d765b0c3ad489db32955454dcfe000000002830e5e125322d2f5829040a91405bf2fe5bf14833fd7b1e72c775f267bc4511183096eff3188a288c408b10285e7ec75f826e9b08a82cde1f4470545eebc71440623752e87ecc689b7fec2f667e22705b4660b2ef936cce446244bb48f8c7d062ea4a955facf6c2957cfb3c3ee9229efab5b72a5c5266eb493c7c3b08a91971692d9673cb9df620a8240d4f94b9fafd8e2bf0f9cedd1e08f4f10fd8f25f3169ed878624adccb5572cb918e0e3ba7e4ac0967aa65241903509778e63bebf00107524f858d7d48ef9e2c112c75d732344dc0a9bc506172d5a45e3bcb203862307c24c20fe1ffe6b5a43dbc1b20156161b5f59ab9955f2a6fbc64f547a671ded4896d8c4bac78f23e15c8e6cb72599d27607e5a1ad434cdee73d026e5dd14d9824202052181dda714fff7dc43444bc948541f641ac8215a5dae7fa8a50897b916a856aedcdf16be8736b33823ab7b2f1c77554bf2c36e412a4ad05582a0160fad5dfe84db2d7d3bb802f47dd2ebb7945e09f542d464dfbd2c70a90ab36ebd331a6549fa16f2e83a06c512c83eec56b5b94040d31da56e021a48c8651ebf3e1f8931a6d18150f1d76d07e7d8ecacbed15e9c2a50e610f1d0b523083b182cde6cf655ddd45409400c23fb89eba0db0ab4eee055a60a6ac7fea75703e8e4d737bfabae0fc3c1406b6b454ba694673a69b1782eb0052c2a4e251c8f96c7bcab1845dc347ded7fb207fd19f2bea2e496d63613af735b8e8376658ce4b43a09b53846f0a0218661d917e39bcd79063128f4c5c570b6214db8ed5e1255d48725ad8dc0d3c5aafafb47095dc1f3572650e4b3d0540cec5340638d325897dc3ecc721634875abc32f6ea1c28bf579013269343786a7e8389df8bf34fee174310f070f0abfb9b5e035aa32be5721b5c8475faba7cce82fc9af55e73d8398a45dd151b0a1490700c02135e81d4153c992e171cec6720269625daec40c909f2bb92f9dae7e7caf86be26f080daeb973bd5912562e4211ef924f284dd583537e15b342ef7a7c3cf4c976742c086915d8d92be7e9f9464fb12fa3908c957ae1b2e4443be891828c9cf41036fcd4d871080e4d035c6dcab88a13704f0538c48d7b24f35282adaa33f588ecd4ce7eb861023e10c5adfd80df856524d14c6485198bb7045921f8ca677a7e50123d8ad717d259f31e4f4808f"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89}, 0x48)
ioctl$TUNSETSTEERINGEBPF(r4, 0x800454e0, &(0x7f0000000000)=r5)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r3, &(0x7f0000000280)=ANY=[@ANYBLOB="1e03d3ffbc5cb60128876360864666702c1ffe80000000000000", @ANYRESDEC], 0xffdd)

484.91448ms ago: executing program 3 (id=2206):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', r1, 0x0, 0x4ab}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r2 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
finit_module(r2, 0x0, 0x1)

468.23467ms ago: executing program 0 (id=2207):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
acct(&(0x7f0000000200)='./file0\x00')
syz_open_dev$evdev(0x0, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYRES16=r0, @ANYRES16=r2, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200003147453e07020000f8ffffffb703000000000000b70400000000000085000000c300000095", @ANYBLOB="bf725919db4d4bd9b28c1e2eb7eed7ebfe88af960b9adb07ed0490b6e479ab18b5ab22376cd6ee9055249fa9e925fad59d6ce5591be8a1a76efb35feb11a0ff89637a8348e7cb40f65699b9be06cb8728cf21684f97a25f7b07e"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x3, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bridge0\x00'})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='br_fdb_add\x00', r3}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00'}, 0x10)
sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000f8dbdf2503"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

467.902361ms ago: executing program 1 (id=2208):
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)

373.262472ms ago: executing program 1 (id=2209):
r0 = socket$igmp6(0xa, 0x3, 0x3a)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$nci(r1, 0x0, 0xfffffeea)
keyctl$join(0x1, &(0x7f0000000280)={'syz', 0x1})
r2 = request_key(&(0x7f0000000040)='keyring\x00', &(0x7f0000000100)={'syz', 0x1}, 0x0, 0xfffffffffffffffe)
keyctl$restrict_keyring(0x3, r2, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
socket$netlink(0x10, 0x3, 0x9)
unshare(0x22020400)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
syz_read_part_table(0x5f8, &(0x7f0000000bc0)="$eJzs0zGIU3ccB/Bf0jNXBRE7uTVchliXEzJer2BDfBwBcwSLDiK62SGLTh1iAoaKg2eHiOByDpbCGSq0TiKCIOLFQcgkinZREYciuFjFpuTu3XItB4UctPD5wHuP/+//+70vfx4v+F/Lxu/D4TATEcPJDdqGrdE9t778zVJl/1x+fl/9YEQmjkTE9+//+GG0k1kbTN86la6fpevSrYnG+aXk7EJ3+64b+Q8PsrEa0I5YuV72Lx8d5znZHLtP7bmTaQ923qzGlU9jeWZb4/CJXvGLbO/h+9H2n+nn3rJuLD+u/Ouz93ac6ZxMvsxFPEqaz5NX2bdvkgOXFqdzF1r14uu9ad+xcQWu0/h4KHft6t1y58XW0v1qrdb9+cnFQrNyu3N60C88fnfueNr3dKO/CwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/4zdp/bc+Twz2HmzGleWv1qe2dY4fKJXLLd6D+d//frH/E9TkVnpm96k/Ouz93ac6ZxMFr6b/fZR0nyevMq+fZMcuLQ4nbvQqhdf7037jv3DbG4M+Y2Ph3LXrt4td15sLd2v1mrdLXGx0Kzc7pwe9AuP3507Hp/9Uq5GPJ0cxWXHkAgAAAAAAAAAAAAAAAAAAAB/V9k/l5/fVz8YkYkjETGzOPdkVB9Ormx/stY3lT6frdajdGuicX4pObvQ3b7rRv7Dg9/Sejsb0Y6Il/3LRzdOnticA/Gv/BUAAP//FI2HuA==")
r6 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000280))
getresuid(&(0x7f0000000300), &(0x7f0000000340), &(0x7f0000000440))
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000e00))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008000000"], 0x48)
stat(&(0x7f0000000700)='./file0/file1\x00', &(0x7f0000001c80))
r7 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f0000ffffffff"], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0)
r8 = add_key(&(0x7f0000001340)='keyring\x00', &(0x7f0000001380)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$invalidate(0x15, r8)
keyctl$read(0xb, r8, 0x0, 0x0)
setsockopt$MRT6_FLUSH(r0, 0x29, 0xd1, &(0x7f0000000140)=0x3, 0x4)
getsockopt$MRT6(r0, 0x29, 0xd0, 0xffffffffffffffff, &(0x7f00000000c0))

211.366665ms ago: executing program 3 (id=2210):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}}, @NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x2c, 0x11, 0x0, 0x1, @limit={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x101}]}}}]}, @NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}, {0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xec}}, 0x0)

192.913146ms ago: executing program 4 (id=2211):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='\x00'/13, @ANYRESOCT], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0xff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="44000000090601060000000000000000000000000900020073797a310000000005000100070000001c0007800c00018008000140ffffffff0c000280080001"], 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f00000003c0)=ANY=[@ANYRES32=0x0, @ANYRESOCT=r2, @ANYRES32=<r4=>0xffffffffffffffff, @ANYRES16, @ANYRESOCT=r2], 0x5, 0x37d, &(0x7f0000000f80)="$eJzs3c9rI2UYwPEnaZpOumyTgygK0ge96GVoqxcvapBdEAsu3Y24Kwiz26mGjkmZCZWI2HryKt78BwSXPS54WFD/gV68rRcvnuxFEHQRcWR+JZlk0iRjl6a73w+0eZL3fWbet5MpzxuYyfG7X360u+OZO1ZHioZKQUTkgUhNipIoRA9lyXAoL1744/6zV6/feKu+uXlpS/Vy/dpLG6q6svr9x59W4m73luSo9v6xGL8ePXn09PG/1z5setr0tNXuqKU32790rJuOrdtNb9dUveLYlmdrs+XZbtTejtp3nPbeXlet1vbF5T3X9jy1Wl3dtbvaaWvH7ar1gdVsqWmaenE5a7iPMCNHTuP21pZVz7nDWznzcNr+9n3/hGbXrVsLImZlpKVx+6GOCwAAzKWh+v/rpEaoSbFXUBbitUA5jNPLgKD+T+Kw/g8WC/36/85zP3YuvHN3Ja7/75Wz6v+Xf47yU/V/sPdTr/+/HXo+WhGdewezdP5f9T/mw2r6jPytv2KPBfV/cDb0VvSfv3dnLQyo/wEAAAAAAAAAAAAAAAAAAAAAOA8e+H7V9/1q8pj89C8hiJ8nz0660BjnzrjjvxTfUaD3fsAj6er1G2KEF+6VVkScL/Yb+43oMW5POq5JVf4J3w+x6IYTh2GjBmryg3Ow31iMExbC33URFUdsWZeq1FL5YXz5zc1L6xqJ8sP9H+w3CqXlIH9HmmH+hlTliez8jcz8srzw/EC+KVX56Za0xZHt+P9Ykv/Zuuobb28O5VfCfllee7iHBAAAAACAU2eqGvHyuZZe/0brd9NUzWoP1vIyuD4f/Xygt75ey1yfl6rPlM527gAAAAAAPC688ie7luPYrtcdG1Rk4BV5pSQjfZbirQ2ll2TCloOgNEWfVHA/DBZP6rMwMMNpt1yOv0Fj2mG4XlemHnMS/LkkktWU3MI11WRk/1WnDJL5T9HZmPUQuF5x9rnbrrcajEdzTWcgSD42GtdHruTd8rgguXNuxr5SR+epr775K98uCvFdewebXr1rTJhpGBSGXjmc8Kb93fcnjmexf/4UB86l7/J8yQwAAACAOZEU/RUveeX1sx0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACPobw3RTNm6HzWcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADmxX8BAAD//8vn8xI=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
creat(&(0x7f0000000100)='./bus\x00', 0x0)
open(&(0x7f0000000780)='./bus\x00', 0x145c7e, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000700)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x7f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'vlan0\x00'})
socketpair(0x28, 0x1, 0x0, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b0000000000000000000000000004", @ANYRES32, @ANYRES16=r4, @ANYRESHEX], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xf, &(0x7f0000000580)=ANY=[@ANYRESOCT=r2, @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=ANY=[@ANYBLOB="24010000", @ANYRES16=r9, @ANYBLOB="a183000000000000000005000000080003", @ANYBLOB], 0x124}, 0x1, 0x0, 0x0, 0xc804}, 0x40000d4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r10 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r10}, 0x0, &(0x7f0000000040)}, 0x20)
r11 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000180)={'erspan0\x00', &(0x7f0000000ac0)={'gretap0\x00', <r12=>0x0, 0x20, 0x7800, 0x4, 0x7, {{0x31, 0x4, 0x1, 0x22, 0xc4, 0x67, 0x0, 0x6, 0x58, 0x0, @broadcast, @local, {[@timestamp={0x44, 0x8, 0xbc, 0x0, 0x8, [0x7]}, @timestamp_addr={0x44, 0x54, 0x5e, 0x1, 0x5, [{@loopback, 0x2}, {@loopback, 0x8}, {@empty, 0x8}, {@loopback, 0x4}, {@local, 0x7}, {@empty, 0xff}, {@multicast1, 0x1}, {@multicast2, 0x1000}, {@remote, 0xfa50}, {@loopback, 0x6}]}, @cipso={0x86, 0x13, 0x3, [{0x1, 0x2}, {0x1, 0x2}, {0x2, 0x4, '}q'}, {0x5, 0x5, "dfe162"}]}, @timestamp_prespec={0x44, 0x2c, 0xe2, 0x3, 0x6, [{@loopback, 0x7}, {@rand_addr=0x64010100, 0x5}, {@multicast2, 0x9}, {@multicast1}, {@remote, 0x1}]}, @ssrr={0x89, 0x13, 0x77, [@broadcast, @loopback, @remote, @dev={0xac, 0x14, 0x14, 0x28}]}]}}}}})
bind$packet(r11, &(0x7f00000001c0)={0x11, 0xf6, r12, 0x1, 0xd3, 0x6, @remote}, 0x14)
syz_open_dev$tty20(0xc, 0x4, 0x1)

118.202447ms ago: executing program 2 (id=2212):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="440000001000030425bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="48090000000000001c0012800e004100697036677265749e02afd9015e66db800400120008000a00aa6b75d78b57e594573e856614cebd5232e52030aecdfa8fc2b4c794b74d16b53193e7860d263b06b03bdc6266110c5cdad86e3fb4656c0734ad55a024cc4764cdb3b36bf33cc962cbe09b34c59f1592c0f83ba070897f6744c98e64f020f7bd38245d8a8c9a69034dcdb3a539b5fd4f8f07a854b97afb31cc0708c23fa2afddbe4eeca07f", @ANYRES32=r1, @ANYBLOB], 0x44}}, 0x8000)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
r7 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x80800, 0x0)
fcntl$notify(r7, 0x402, 0x20)
getdents64(r6, &(0x7f0000000080)=""/34, 0x22)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="85000000070000006a0a00ff000000000c00000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="000000000000000005000000000000009500000000000000b1f8306e05d1e4aab009c16b5c05077115d0749619ca39f89974785ae0619b77c6585f678ac92a3b6b4148f56b43c3dd75d75f97c8f92f60a2def458df05e2fbfb3e849b2b3cffd4f29446ae60dd76654b2639b2bc14350706214a6ab7a712d4317fbc3ca01d0d3ed6110b3775903141a5091a4d3db8eb335414fbdb288aba73aaf6d18000a3a2a069cf7f9402e1425bb6bc370576aa1faea0fe222671ecf99038fce8dba53dcb11f87cca"], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYRES32=r8, @ANYBLOB="110000000600000000000000", @ANYRES32, @ANYRES64=0x0], 0x20)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000e00)={&(0x7f00000000c0)=@newlink={0x48, 0x10, 0xc3b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8204}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_GTP_LOCAL={0x8, 0x7, @multicast1}, @IFLA_GTP_CREATE_SOCKETS={0x5, 0x5, 0x1}, @IFLA_GTP_PDP_HASHSIZE={0x8, 0x3, 0x7}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040004)

116.325827ms ago: executing program 0 (id=2213):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000880)=ANY=[@ANYRES8=r0, @ANYRES64=r0, @ANYRESHEX=r1, @ANYRES16=r0, @ANYBLOB="650c16f7cbbc1c365a7bbce8b07cf62bb0f6b4a10b5790740080040e85298a0c1af7d49d6e75c22a496313e6032ba65104ba2d51e83c238c6ad3127f8b6d44b2ff32bc706afbe85529c15800a95fd1536b3849d062d05e2cce6a8bd2fa3462fee11b0b45cf0250addd3114ec74dd713441414e17de55e509b2c879"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x24, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x800810, &(0x7f0000000180), 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f0000000800)='kvm_mmio\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=ANY=[@ANYBLOB="14000000180001000000000000100000020000003181b0c851f95e20f15a2bf6620fc17d13cd7fe95ec58325184b80e66561bd60425516e64188bcb5e790ec97a2c80c40c20d1f0fa8c5dd63520f722b0391865edded5e5d4a417ccaf10bbbf8"], 0x14}}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x810, 0xffffffffffffffff, 0xee679000)
ustat(0x1, &(0x7f0000000480))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
ustat(0x1380, &(0x7f0000000440))
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
renameat2(0xffffffffffffffff, &(0x7f00000010c0)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffffff, 0x0, 0x3)
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000791048000000000061040000"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
r6 = openat$binfmt_format(0xffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0)
r7 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcc2)
close(r7)
r8 = syz_open_dev$sg(&(0x7f0000000000), 0x5, 0x220280)
ioctl$FS_IOC_GETFSSYSFSPATH(r8, 0x80811501, &(0x7f00000002c0)={0x80})
write$binfmt_format(r6, &(0x7f0000000100)='-1\x00', 0x2)
close_range(r6, 0xffffffffffffffff, 0x0)
close(r5)

96.799388ms ago: executing program 3 (id=2214):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="440000001000030425bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="48090000000000001c0012800e004100697036677265749e02afd9015e66db800400120008000a00aa6b75d78b57e594573e856614cebd5232e52030aecdfa8fc2b4c794b74d16b53193e7860d263b06b03bdc6266110c5cdad86e3fb4656c0734ad55a024cc4764cdb3b36bf33cc962cbe09b34c59f1592c0f83ba070897f6744c98e64f020f7bd38245d8a8c9a69034dcdb3a539b5fd4f8f07a854b97afb31cc0708c23fa2afddbe4eeca07f", @ANYRES32=r1, @ANYBLOB], 0x44}}, 0x8000)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{}, &(0x7f0000000540), &(0x7f0000000580)='%pS    \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x80800, 0x0)

24.188629ms ago: executing program 4 (id=2215):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
sendmmsg$unix(r0, &(0x7f0000002d80)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@abs={0x1, 0x30, 0x4e31}, 0x6e, 0x0}}], 0x2, 0x40008004) (fail_nth: 7)

0s ago: executing program 1 (id=2216):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
setsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='task\x00')
lseek(r1, 0x3, 0x1)
getdents64(r1, &(0x7f0000002540)=""/4096, 0x1000)
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfece)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0xf, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="ca17bbf00e541d04734bdd314682353d2c7d493aa024b0bf86c6047e15ee8d160ee51d0ab210edc2c4a9d595a4f251d4dbdba8824be05105b554956a0faaceab411c8754d3f15e34c264b462b4e95417c3f31b64749bb2d4a72a079424b11ae6a1ed589fac5b5016ca3d9d91274748aedf6d2128097fdabaa85cd720d9fdc8339c9a9ecda54ebb82faa752e5b52aef70ebcbdbd1ae5d7fe025fb6562950d17cf4fce300d2ec658704b67866043", @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e8500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x74, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
bpf$PROG_LOAD(0x5, 0x0, 0xffffffffffffffa1)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[], 0x15)
r5 = dup(r4)
write$P9_RLERRORu(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x6)
write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f0000000380)=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x1}}, 0x20)
write$binfmt_elf64(r5, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
r6 = socket$netlink(0x10, 0x3, 0x15)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r7=>0x0})
mount(&(0x7f0000000040)=@sg0, 0x0, &(0x7f0000000140)='msdos\x00', 0x10000, &(0x7f0000000180)='geneve0\x00')
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4400000010000100"/20, @ANYRES32=r7, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028008000200ac1414bb080004"], 0x44}, 0x1, 0x2}, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
r9 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="020900000700000000000000000000000500", @ANYRES64], 0x38}}, 0x20000004)
select(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0xea60})

kernel console output (not intermixed with test programs):

tempt to access beyond end of device
[  130.778071][ T8404] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  130.794506][ T8404] wޣ�: attempt to access beyond end of device
[  130.794506][ T8404] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  131.278748][ T8432] loop1: detected capacity change from 0 to 2048
[  131.325204][ T8441] loop4: detected capacity change from 0 to 512
[  131.346509][ T8441] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.366635][ T8446] loop1: detected capacity change from 0 to 128
[  131.369518][ T8439] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1548'.
[  131.382935][ T8441] ext4 filesystem being mounted at /330/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  131.387484][ T8446] netlink: 264 bytes leftover after parsing attributes in process `syz.1.1550'.
[  131.424372][ T8441] netlink: 'syz.4.1549': attribute type 4 has an invalid length.
[  131.438660][   T29] audit: type=1400 audit(1758512458.900:4196): avc:  denied  { create } for  pid=8440 comm="syz.4.1549" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=fifo_file permissive=1
[  131.462682][ T8441] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #2: comm syz.4.1549: corrupted inode contents
[  131.488315][ T8450] FAULT_INJECTION: forcing a failure.
[  131.488315][ T8450] name failslab, interval 1, probability 0, space 0, times 0
[  131.501305][ T8450] CPU: 1 UID: 0 PID: 8450 Comm: wޣ� Not tainted syzkaller #0 PREEMPT(voluntary) 
[  131.501337][ T8450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  131.501351][ T8450] Call Trace:
[  131.501358][ T8450]  <TASK>
[  131.501366][ T8450]  __dump_stack+0x1d/0x30
[  131.501389][ T8450]  dump_stack_lvl+0xe8/0x140
[  131.501474][ T8450]  dump_stack+0x15/0x1b
[  131.501569][ T8450]  should_fail_ex+0x265/0x280
[  131.501653][ T8450]  ? mall_change+0x18a/0x480
[  131.501674][ T8450]  should_failslab+0x8c/0xb0
[  131.501697][ T8450]  __kmalloc_cache_noprof+0x4c/0x320
[  131.501801][ T8450]  mall_change+0x18a/0x480
[  131.501828][ T8450]  ? __pfx_mall_change+0x10/0x10
[  131.501861][ T8450]  tc_new_tfilter+0xde1/0x10a0
[  131.501888][ T8450]  ? __rcu_read_unlock+0x4f/0x70
[  131.501916][ T8450]  ? ns_capable+0x7d/0xb0
[  131.501935][ T8450]  ? __pfx_tc_new_tfilter+0x10/0x10
[  131.501963][ T8450]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  131.502007][ T8450]  netlink_rcv_skb+0x123/0x220
[  131.502160][ T8450]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  131.502200][ T8450]  rtnetlink_rcv+0x1c/0x30
[  131.502257][ T8450]  netlink_unicast+0x5bd/0x690
[  131.502279][ T8450]  netlink_sendmsg+0x58b/0x6b0
[  131.502306][ T8450]  ? __pfx_netlink_sendmsg+0x10/0x10
[  131.502391][ T8450]  __sock_sendmsg+0x142/0x180
[  131.502419][ T8450]  ____sys_sendmsg+0x31e/0x4e0
[  131.502444][ T8450]  ___sys_sendmsg+0x17b/0x1d0
[  131.502494][ T8450]  __x64_sys_sendmsg+0xd4/0x160
[  131.502521][ T8450]  x64_sys_call+0x191e/0x2ff0
[  131.502541][ T8450]  do_syscall_64+0xd2/0x200
[  131.502574][ T8450]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  131.502713][ T8450]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  131.502740][ T8450]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.502760][ T8450] RIP: 0033:0x7f110e3fec29
[  131.502777][ T8450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.502864][ T8450] RSP: 002b:00007f110ce67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  131.502904][ T8450] RAX: ffffffffffffffda RBX: 00007f110e645fa0 RCX: 00007f110e3fec29
[  131.502919][ T8450] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000006
[  131.502934][ T8450] RBP: 00007f110ce67090 R08: 0000000000000000 R09: 0000000000000000
[  131.502948][ T8450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.502963][ T8450] R13: 00007f110e646038 R14: 00007f110e645fa0 R15: 00007ffc9eaf7d18
[  131.502980][ T8450]  </TASK>
[  131.542696][ T8441] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #2: comm syz.4.1549: mark_inode_dirty error
[  131.605019][ T8455] netlink: 176 bytes leftover after parsing attributes in process `syz.3.1553'.
[  131.606907][ T8441] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #2: comm syz.4.1549: corrupted inode contents
[  131.747882][ T8460] netlink: 'syz.3.1563': attribute type 1 has an invalid length.
[  131.755006][   T29] audit: type=1326 audit(1758512459.200:4197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8457 comm="syz.3.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbde68eec29 code=0x7ffc0000
[  131.772913][ T8441] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.1549: mark_inode_dirty error
[  131.777252][   T29] audit: type=1326 audit(1758512459.200:4198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8457 comm="syz.3.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7fbde68eec29 code=0x7ffc0000
[  131.866513][   T29] audit: type=1326 audit(1758512459.210:4199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8457 comm="syz.3.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbde68eec29 code=0x7ffc0000
[  131.890756][   T29] audit: type=1326 audit(1758512459.210:4200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8457 comm="syz.3.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7fbde68eec29 code=0x7ffc0000
[  131.915032][   T29] audit: type=1326 audit(1758512459.210:4201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8457 comm="syz.3.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbde68eec29 code=0x7ffc0000
[  131.938897][   T29] audit: type=1326 audit(1758512459.210:4202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8457 comm="syz.3.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbde68eec29 code=0x7ffc0000
[  131.963666][   T29] audit: type=1326 audit(1758512459.210:4203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8457 comm="syz.3.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbde68eec29 code=0x7ffc0000
[  132.021047][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.062541][ T8466] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1554'.
[  132.114674][ T8472] lo speed is unknown, defaulting to 1000
[  132.131364][ T8472] lo speed is unknown, defaulting to 1000
[  132.242858][ T8479] lo speed is unknown, defaulting to 1000
[  132.250862][ T8479] lo speed is unknown, defaulting to 1000
[  132.319600][ T8485] only policy match revision 0 supported
[  132.319616][ T8485] unable to load match
[  132.921446][ T8504] lo speed is unknown, defaulting to 1000
[  132.940053][ T8504] lo speed is unknown, defaulting to 1000
[  132.954394][ T8510] FAULT_INJECTION: forcing a failure.
[  132.954394][ T8510] name failslab, interval 1, probability 0, space 0, times 0
[  132.967749][ T8510] CPU: 0 UID: 0 PID: 8510 Comm: syz.4.1574 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  132.967790][ T8510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  132.967803][ T8510] Call Trace:
[  132.967810][ T8510]  <TASK>
[  132.967818][ T8510]  __dump_stack+0x1d/0x30
[  132.967839][ T8510]  dump_stack_lvl+0xe8/0x140
[  132.967901][ T8510]  dump_stack+0x15/0x1b
[  132.967920][ T8510]  should_fail_ex+0x265/0x280
[  132.968009][ T8510]  should_failslab+0x8c/0xb0
[  132.968034][ T8510]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  132.968068][ T8510]  ? security_context_to_sid_core+0x69/0x3b0
[  132.968150][ T8510]  kmemdup_nul+0x36/0xc0
[  132.968176][ T8510]  security_context_to_sid_core+0x69/0x3b0
[  132.968206][ T8510]  security_context_to_sid_force+0x30/0x40
[  132.968231][ T8510]  selinux_inode_setxattr+0x4e8/0x6e0
[  132.968280][ T8510]  security_inode_setxattr+0x13a/0x1b0
[  132.968310][ T8510]  __vfs_setxattr_locked+0x83/0x1d0
[  132.968372][ T8510]  vfs_setxattr+0x132/0x270
[  132.968399][ T8510]  filename_setxattr+0x1ad/0x400
[  132.968429][ T8510]  path_setxattrat+0x2c9/0x310
[  132.968523][ T8510]  __x64_sys_lsetxattr+0x71/0x90
[  132.968564][ T8510]  x64_sys_call+0x2877/0x2ff0
[  132.968650][ T8510]  do_syscall_64+0xd2/0x200
[  132.968683][ T8510]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  132.968706][ T8510]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  132.968805][ T8510]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.968830][ T8510] RIP: 0033:0x7f3d3d1fec29
[  132.968848][ T8510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.968864][ T8510] RSP: 002b:00007f3d3bc67038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  132.968885][ T8510] RAX: ffffffffffffffda RBX: 00007f3d3d445fa0 RCX: 00007f3d3d1fec29
[  132.968900][ T8510] RDX: 0000200000000280 RSI: 0000200000000240 RDI: 00002000000001c0
[  132.968914][ T8510] RBP: 00007f3d3bc67090 R08: 0000000000000000 R09: 0000000000000000
[  132.968938][ T8510] R10: 0000000000001001 R11: 0000000000000246 R12: 0000000000000001
[  132.968952][ T8510] R13: 00007f3d3d446038 R14: 00007f3d3d445fa0 R15: 00007ffc8b8f2228
[  132.968972][ T8510]  </TASK>
[  133.320129][ T8515] loop4: detected capacity change from 0 to 1764
[  133.590776][ T8535] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  133.727296][ T8535] lo speed is unknown, defaulting to 1000
[  133.803348][ T8539] loop0: detected capacity change from 0 to 4096
[  133.866492][ T8544] loop4: detected capacity change from 0 to 4096
[  133.873586][ T8544] EXT4-fs: Ignoring removed nomblk_io_submit option
[  133.891677][ T8539] EXT4-fs: Ignoring removed nomblk_io_submit option
[  134.025552][ T8544] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.087736][ T8539] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.118191][ T8535] lo speed is unknown, defaulting to 1000
[  134.301934][ T8551] loop3: detected capacity change from 0 to 1024
[  134.433365][ T8551] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.678513][ T8543] siw: device registration error -23
[  134.755602][ T8567] FAULT_INJECTION: forcing a failure.
[  134.755602][ T8567] name failslab, interval 1, probability 0, space 0, times 0
[  134.769168][ T8567] CPU: 0 UID: 0 PID: 8567 Comm: syz.1.1591 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  134.769200][ T8567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  134.769212][ T8567] Call Trace:
[  134.769243][ T8567]  <TASK>
[  134.769251][ T8567]  __dump_stack+0x1d/0x30
[  134.769337][ T8567]  dump_stack_lvl+0xe8/0x140
[  134.769360][ T8567]  dump_stack+0x15/0x1b
[  134.769380][ T8567]  should_fail_ex+0x265/0x280
[  134.769427][ T8567]  should_failslab+0x8c/0xb0
[  134.769449][ T8567]  kmem_cache_alloc_node_noprof+0x57/0x320
[  134.769554][ T8567]  ? __alloc_skb+0x101/0x320
[  134.769578][ T8567]  __alloc_skb+0x101/0x320
[  134.769604][ T8567]  netlink_alloc_large_skb+0xba/0xf0
[  134.769710][ T8567]  netlink_sendmsg+0x3cf/0x6b0
[  134.769748][ T8567]  ? __pfx_netlink_sendmsg+0x10/0x10
[  134.769774][ T8567]  __sock_sendmsg+0x142/0x180
[  134.769864][ T8567]  ____sys_sendmsg+0x31e/0x4e0
[  134.769965][ T8567]  ___sys_sendmsg+0x17b/0x1d0
[  134.770018][ T8567]  __x64_sys_sendmsg+0xd4/0x160
[  134.770048][ T8567]  x64_sys_call+0x191e/0x2ff0
[  134.770096][ T8567]  do_syscall_64+0xd2/0x200
[  134.770126][ T8567]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  134.770203][ T8567]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  134.770251][ T8567]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.770302][ T8567] RIP: 0033:0x7f110e3fec29
[  134.770321][ T8567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  134.770342][ T8567] RSP: 002b:00007f110ce67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  134.770425][ T8567] RAX: ffffffffffffffda RBX: 00007f110e645fa0 RCX: 00007f110e3fec29
[  134.770437][ T8567] RDX: 0000000002000800 RSI: 0000200000000000 RDI: 0000000000000004
[  134.770450][ T8567] RBP: 00007f110ce67090 R08: 0000000000000000 R09: 0000000000000000
[  134.770465][ T8567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  134.770479][ T8567] R13: 00007f110e646038 R14: 00007f110e645fa0 R15: 00007ffc9eaf7d18
[  134.770500][ T8567]  </TASK>
[  134.985708][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.091176][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.123664][ T8574] netlink: 'syz.4.1590': attribute type 1 has an invalid length.
[  135.221401][   T29] kauditd_printk_skb: 163 callbacks suppressed
[  135.221443][   T29] audit: type=1326 audit(1758512462.690:4367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8583 comm="syz.4.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  135.262533][ T8585] __nla_validate_parse: 3 callbacks suppressed
[  135.262552][ T8585] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1596'.
[  135.284990][ T8587] netlink: 176 bytes leftover after parsing attributes in process `syz.4.1598'.
[  135.296331][   T29] audit: type=1326 audit(1758512462.720:4368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8583 comm="syz.4.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  135.324697][   T29] audit: type=1326 audit(1758512462.720:4369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8583 comm="syz.4.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  135.348651][   T29] audit: type=1326 audit(1758512462.720:4370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8583 comm="syz.4.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  135.353744][ T8580] netlink: 24 bytes leftover after parsing attributes in process `+}[@'.
[  135.373123][   T29] audit: type=1326 audit(1758512462.720:4371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8583 comm="syz.4.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  135.405921][   T29] audit: type=1326 audit(1758512462.720:4372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8583 comm="syz.4.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=310 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  135.430039][   T29] audit: type=1326 audit(1758512462.720:4373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8583 comm="syz.4.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  135.454328][   T29] audit: type=1326 audit(1758512462.720:4374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8583 comm="syz.4.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  135.531159][ T8591] lo speed is unknown, defaulting to 1000
[  135.537456][ T8591] lo speed is unknown, defaulting to 1000
[  135.547603][   T29] audit: type=1326 audit(1758512462.860:4375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8590 comm="syz.4.1599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  135.572131][   T29] audit: type=1326 audit(1758512462.860:4376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8590 comm="syz.4.1599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  135.716739][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.756315][ T8595] netlink: 24 bytes leftover after parsing attributes in process `+}[@'.
[  136.135166][ T8611] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1601'.
[  136.194812][ T8612] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1601'.
[  137.146902][ T8644] loop2: detected capacity change from 0 to 128
[  137.214131][ T8644] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  137.222357][ T8644] FAT-fs (loop2): Filesystem has been set read-only
[  137.241342][ T8644] bio_check_eod: 1468 callbacks suppressed
[  137.241422][ T8644] wޣ�: attempt to access beyond end of device
[  137.241422][ T8644] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  137.261279][ T8650] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1617'.
[  137.266667][ T8644] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  137.278535][ T8644] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  137.382770][ T8644] wޣ�: attempt to access beyond end of device
[  137.382770][ T8644] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  137.396312][ T8649] loop0: detected capacity change from 0 to 4096
[  137.405087][ T8649] EXT4-fs: Ignoring removed nomblk_io_submit option
[  137.419455][ T8644] wޣ�: attempt to access beyond end of device
[  137.419455][ T8644] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  137.523619][ T8649] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.644433][ T8644] wޣ�: attempt to access beyond end of device
[  137.644433][ T8644] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  137.858736][ T8644] wޣ�: attempt to access beyond end of device
[  137.858736][ T8644] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  137.872423][ T8644] wޣ�: attempt to access beyond end of device
[  137.872423][ T8644] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  137.887900][ T8644] wޣ�: attempt to access beyond end of device
[  137.887900][ T8644] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  137.901348][ T8644] wޣ�: attempt to access beyond end of device
[  137.901348][ T8644] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  137.915337][ T8644] wޣ�: attempt to access beyond end of device
[  137.915337][ T8644] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  137.928665][ T8644] wޣ�: attempt to access beyond end of device
[  137.928665][ T8644] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  137.945517][ T8660] loop1: detected capacity change from 0 to 2048
[  138.304317][ T8675] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1626'.
[  138.370087][ T8675] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1626'.
[  138.434077][ T8684] loop1: detected capacity change from 0 to 164
[  138.499284][ T8689] netlink: 'syz.4.1630': attribute type 1 has an invalid length.
[  138.563343][ T8694] loop4: detected capacity change from 0 to 128
[  138.588051][ T8694] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  138.596121][ T8694] FAT-fs (loop4): Filesystem has been set read-only
[  138.617246][ T8694] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  138.625355][ T8694] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  138.761982][ T8695] lo speed is unknown, defaulting to 1000
[  138.768466][ T8695] lo speed is unknown, defaulting to 1000
[  138.847687][ T8697] netlink: 24 bytes leftover after parsing attributes in process `+}[@'.
[  139.346618][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.845179][ T8722] loop2: detected capacity change from 0 to 128
[  139.886841][ T8722] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  139.895418][ T8722] FAT-fs (loop2): Filesystem has been set read-only
[  139.920756][ T8722] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  139.928727][ T8722] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  140.007382][ T8724] lo speed is unknown, defaulting to 1000
[  140.016497][ T8724] lo speed is unknown, defaulting to 1000
[  140.273313][   T29] kauditd_printk_skb: 171 callbacks suppressed
[  140.273403][   T29] audit: type=1326 audit(1758512467.740:4548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8723 comm="syz.1.1642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f110e3fec29 code=0x7ffc0000
[  140.334449][   T29] audit: type=1326 audit(1758512467.770:4549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8723 comm="syz.1.1642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f110e3fec29 code=0x7ffc0000
[  140.487915][ T8730] __nla_validate_parse: 3 callbacks suppressed
[  140.487939][ T8730] netlink: 24 bytes leftover after parsing attributes in process `+}[@'.
[  140.595614][ T8737] loop4: detected capacity change from 0 to 128
[  140.619287][ T8739] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  140.626810][ T8739] IPv6: NLM_F_CREATE should be set when creating new route
[  140.634270][ T8739] IPv6: NLM_F_CREATE should be set when creating new route
[  140.641679][ T8739] IPv6: NLM_F_CREATE should be set when creating new route
[  140.662424][ T8737] netlink: 264 bytes leftover after parsing attributes in process `syz.4.1647'.
[  140.713120][ T8740] netlink: 'syz.1.1648': attribute type 1 has an invalid length.
[  140.782282][ T8742] netlink: 'syz.0.1650': attribute type 1 has an invalid length.
[  140.800767][   T29] audit: type=1326 audit(1758512468.260:4550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8743 comm="syz.4.1649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  140.818234][ T8744] kernel read not supported for file /policy (pid: 8744 comm: syz.4.1649)
[  140.825418][   T29] audit: type=1326 audit(1758512468.260:4551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8743 comm="syz.4.1649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  140.858868][   T29] audit: type=1326 audit(1758512468.260:4552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8743 comm="syz.4.1649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  140.883221][   T29] audit: type=1326 audit(1758512468.260:4553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8743 comm="syz.4.1649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  140.907613][   T29] audit: type=1326 audit(1758512468.260:4554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8743 comm="syz.4.1649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  140.932594][   T29] audit: type=1326 audit(1758512468.260:4555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8743 comm="syz.4.1649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  140.958045][   T29] audit: type=1326 audit(1758512468.260:4556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8743 comm="syz.4.1649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  140.982327][   T29] audit: type=1326 audit(1758512468.260:4557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8743 comm="syz.4.1649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  141.126576][ T8740] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6erspan0
[  141.149704][ T8740] ip6erspan0: entered promiscuous mode
[  141.644407][ T8759] lo speed is unknown, defaulting to 1000
[  141.673971][ T8759] lo speed is unknown, defaulting to 1000
[  141.956989][ T8777] loop2: detected capacity change from 0 to 128
[  141.984366][ T3392] lo speed is unknown, defaulting to 1000
[  141.995365][ T8780] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1661'.
[  142.012786][ T8777] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  142.021373][ T8777] FAT-fs (loop2): Filesystem has been set read-only
[  142.030807][ T8777] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  142.039213][ T8777] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  142.250745][ T8777] bio_check_eod: 26459 callbacks suppressed
[  142.250762][ T8777] wޣ�: attempt to access beyond end of device
[  142.250762][ T8777] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  142.272379][ T8777] wޣ�: attempt to access beyond end of device
[  142.272379][ T8777] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  142.287127][ T8777] wޣ�: attempt to access beyond end of device
[  142.287127][ T8777] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  142.305971][ T8777] wޣ�: attempt to access beyond end of device
[  142.305971][ T8777] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  142.320265][ T8777] wޣ�: attempt to access beyond end of device
[  142.320265][ T8777] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  142.334260][ T8777] wޣ�: attempt to access beyond end of device
[  142.334260][ T8777] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  142.349294][ T8777] wޣ�: attempt to access beyond end of device
[  142.349294][ T8777] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  142.363422][ T8777] wޣ�: attempt to access beyond end of device
[  142.363422][ T8777] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  142.377102][ T8777] wޣ�: attempt to access beyond end of device
[  142.377102][ T8777] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  142.391669][ T8777] wޣ�: attempt to access beyond end of device
[  142.391669][ T8777] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  142.677007][ T8798] loop1: detected capacity change from 0 to 2048
[  143.479537][ T8843] loop3: detected capacity change from 0 to 128
[  143.569303][ T8843] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  143.577909][ T8843] FAT-fs (loop3): Filesystem has been set read-only
[  143.622681][ T8843] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  143.630976][ T8843] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  143.780073][ T8846] loop0: detected capacity change from 0 to 2048
[  144.056141][ T8864] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1694'.
[  144.067151][ T8864] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1694'.
[  144.268771][ T8872] loop1: detected capacity change from 0 to 2048
[  144.485374][ T8882] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1702'.
[  144.531982][ T8882] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1702'.
[  144.585053][ T8890] geneve2: entered promiscuous mode
[  144.590292][ T8890] geneve2: entered allmulticast mode
[  145.284162][   T29] kauditd_printk_skb: 138 callbacks suppressed
[  145.284180][   T29] audit: type=1326 audit(1758512472.750:4696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8919 comm="syz.3.1710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbde68eec29 code=0x7ffc0000
[  145.347438][ T8925] lo speed is unknown, defaulting to 1000
[  145.355706][   T29] audit: type=1326 audit(1758512472.790:4697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8924 comm="syz.4.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  145.379820][   T29] audit: type=1326 audit(1758512472.790:4698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8924 comm="syz.4.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  145.403774][   T29] audit: type=1326 audit(1758512472.790:4699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8924 comm="syz.4.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  145.404292][ T8925] lo speed is unknown, defaulting to 1000
[  145.428299][   T29] audit: type=1326 audit(1758512472.790:4700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8924 comm="syz.4.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  145.458956][   T29] audit: type=1326 audit(1758512472.790:4701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8924 comm="syz.4.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  145.482759][   T29] audit: type=1326 audit(1758512472.790:4702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8924 comm="syz.4.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  145.507331][   T29] audit: type=1326 audit(1758512472.790:4703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8924 comm="syz.4.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  145.531723][   T29] audit: type=1326 audit(1758512472.790:4704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8924 comm="syz.4.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  145.556622][   T29] audit: type=1326 audit(1758512472.790:4705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8924 comm="syz.4.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  145.703902][ T8920] netlink: 'syz.3.1710': attribute type 1 has an invalid length.
[  145.900590][ T8950] loop2: detected capacity change from 0 to 128
[  145.938310][ T8950] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  145.947000][ T8950] FAT-fs (loop2): Filesystem has been set read-only
[  146.000125][ T8950] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  146.008317][ T8950] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  146.125790][ T8966] usb usb8: usbfs: interface 0 claimed by hub while 'syz.4.1722' sets config #0
[  146.302919][ T8975] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8975 comm=syz.0.1726
[  146.329327][ T8970] loop3: detected capacity change from 0 to 2048
[  146.374714][ T8970] siw: device registration error -23
[  146.494104][ T8983] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  146.512680][ T8983] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[  146.599639][ T8991] lo speed is unknown, defaulting to 1000
[  146.656014][ T8991] lo speed is unknown, defaulting to 1000
[  146.675122][ T8993] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1734'.
[  146.887081][ T9005] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1738'.
[  146.962613][ T9010] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1738'.
[  147.100408][ T9014] net_ratelimit: 615 callbacks suppressed
[  147.100428][ T9014] netlink: zone id is out of range
[  147.115355][ T9014] netlink: zone id is out of range
[  147.134133][ T9014] netlink: zone id is out of range
[  147.139676][ T9014] netlink: zone id is out of range
[  147.166182][ T9019] kernel read not supported for file /policy (pid: 9019 comm: syz.1.1743)
[  147.190509][ T9014] netlink: zone id is out of range
[  147.211404][ T9014] netlink: zone id is out of range
[  147.219467][ T9014] netlink: zone id is out of range
[  147.230151][ T9014] netlink: zone id is out of range
[  147.237483][ T9014] netlink: zone id is out of range
[  147.245133][ T9014] netlink: zone id is out of range
[  147.760075][ T9034] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1748'.
[  147.858812][ T9042] loop3: detected capacity change from 0 to 512
[  147.878405][ T9040] netlink: 24 bytes leftover after parsing attributes in process `+}[@'.
[  147.906731][ T9038] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.914185][ T9038] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.927602][ T9042] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  147.965655][ T9042] EXT4-fs (loop3): 1 truncate cleaned up
[  147.982054][ T9038] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  147.990162][ T9042] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.008393][ T9038] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  148.022903][ T9051] IPv6: NLM_F_CREATE should be specified when creating new route
[  148.076182][   T37] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  148.091363][   T37] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  148.101079][   T51] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  148.127694][   T51] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  148.185234][ T9059] FAULT_INJECTION: forcing a failure.
[  148.185234][ T9059] name failslab, interval 1, probability 0, space 0, times 0
[  148.198556][ T9059] CPU: 0 UID: 0 PID: 9059 Comm: syz.2.1758 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  148.198654][ T9059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  148.198668][ T9059] Call Trace:
[  148.198676][ T9059]  <TASK>
[  148.198684][ T9059]  __dump_stack+0x1d/0x30
[  148.198732][ T9059]  dump_stack_lvl+0xe8/0x140
[  148.198834][ T9059]  dump_stack+0x15/0x1b
[  148.198852][ T9059]  should_fail_ex+0x265/0x280
[  148.198878][ T9059]  ? fw_change+0x430/0x770
[  148.198911][ T9059]  should_failslab+0x8c/0xb0
[  148.198939][ T9059]  __kmalloc_cache_noprof+0x4c/0x320
[  148.199045][ T9059]  fw_change+0x430/0x770
[  148.199071][ T9059]  ? __pfx_fw_change+0x10/0x10
[  148.199096][ T9059]  tc_new_tfilter+0xde1/0x10a0
[  148.199127][ T9059]  ? __rcu_read_unlock+0x4f/0x70
[  148.199162][ T9059]  ? ns_capable+0x7d/0xb0
[  148.199259][ T9059]  ? __pfx_tc_new_tfilter+0x10/0x10
[  148.199283][ T9059]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  148.199317][ T9059]  ? avc_has_perm_noaudit+0x1b1/0x200
[  148.199416][ T9059]  netlink_rcv_skb+0x123/0x220
[  148.199441][ T9059]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  148.199533][ T9059]  rtnetlink_rcv+0x1c/0x30
[  148.199562][ T9059]  netlink_unicast+0x5bd/0x690
[  148.199589][ T9059]  netlink_sendmsg+0x58b/0x6b0
[  148.199620][ T9059]  ? __pfx_netlink_sendmsg+0x10/0x10
[  148.199667][ T9059]  __sock_sendmsg+0x142/0x180
[  148.199701][ T9059]  ____sys_sendmsg+0x31e/0x4e0
[  148.199731][ T9059]  ___sys_sendmsg+0x17b/0x1d0
[  148.199771][ T9059]  __x64_sys_sendmsg+0xd4/0x160
[  148.199829][ T9059]  x64_sys_call+0x191e/0x2ff0
[  148.199909][ T9059]  do_syscall_64+0xd2/0x200
[  148.200021][ T9059]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  148.200046][ T9059]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  148.200075][ T9059]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.200099][ T9059] RIP: 0033:0x7f3609c0ec29
[  148.200118][ T9059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.200273][ T9059] RSP: 002b:00007f3608677038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  148.200362][ T9059] RAX: ffffffffffffffda RBX: 00007f3609e55fa0 RCX: 00007f3609c0ec29
[  148.200375][ T9059] RDX: 0000000004000800 RSI: 0000200000006040 RDI: 0000000000000004
[  148.200392][ T9059] RBP: 00007f3608677090 R08: 0000000000000000 R09: 0000000000000000
[  148.200479][ T9059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.200495][ T9059] R13: 00007f3609e56038 R14: 00007f3609e55fa0 R15: 00007ffdc17d0148
[  148.200515][ T9059]  </TASK>
[  148.486029][ T9061] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1759'.
[  148.500766][ T9061] loop4: detected capacity change from 0 to 512
[  148.530060][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.619233][ T9078] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1762'.
[  148.629117][ T9074] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1761'.
[  148.644445][ T9074] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1761'.
[  148.667891][ T9077] netlink: 24 bytes leftover after parsing attributes in process `+}[@'.
[  149.424874][ T9115] loop3: detected capacity change from 0 to 164
[  149.431988][ T9115] iso9660: Unknown parameter ''
[  149.456866][ T9115] siw: device registration error -23
[  149.588012][ T9127] FAULT_INJECTION: forcing a failure.
[  149.588012][ T9127] name failslab, interval 1, probability 0, space 0, times 0
[  149.591635][ T9118] loop0: detected capacity change from 0 to 2048
[  149.601511][ T9127] CPU: 0 UID: 0 PID: 9127 Comm: syz.3.1782 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  149.601539][ T9127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  149.601552][ T9127] Call Trace:
[  149.601559][ T9127]  <TASK>
[  149.601567][ T9127]  __dump_stack+0x1d/0x30
[  149.601666][ T9127]  dump_stack_lvl+0xe8/0x140
[  149.601686][ T9127]  dump_stack+0x15/0x1b
[  149.601702][ T9127]  should_fail_ex+0x265/0x280
[  149.601727][ T9127]  should_failslab+0x8c/0xb0
[  149.601753][ T9127]  kmem_cache_alloc_noprof+0x50/0x310
[  149.601780][ T9127]  ? alloc_empty_file+0x76/0x200
[  149.601811][ T9127]  alloc_empty_file+0x76/0x200
[  149.601895][ T9127]  alloc_file_pseudo+0xc6/0x160
[  149.601955][ T9127]  aio_setup_ring+0x133/0x760
[  149.601984][ T9127]  ioctx_alloc+0x2c4/0x4e0
[  149.602027][ T9127]  ? fput+0x8f/0xc0
[  149.602056][ T9127]  __se_sys_io_setup+0x6b/0x1b0
[  149.602079][ T9127]  __x64_sys_io_setup+0x31/0x40
[  149.602102][ T9127]  x64_sys_call+0x2eff/0x2ff0
[  149.602196][ T9127]  do_syscall_64+0xd2/0x200
[  149.602227][ T9127]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  149.602321][ T9127]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  149.602350][ T9127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.602372][ T9127] RIP: 0033:0x7fbde68eec29
[  149.602388][ T9127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.602466][ T9127] RSP: 002b:00007fbde534f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  149.602520][ T9127] RAX: ffffffffffffffda RBX: 00007fbde6b35fa0 RCX: 00007fbde68eec29
[  149.602533][ T9127] RDX: 0000000000000000 RSI: 0000200000000680 RDI: 0000000000002004
[  149.602546][ T9127] RBP: 00007fbde534f090 R08: 0000000000000000 R09: 0000000000000000
[  149.602559][ T9127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  149.602571][ T9127] R13: 00007fbde6b36038 R14: 00007fbde6b35fa0 R15: 00007fff60ac5598
[  149.602589][ T9127]  </TASK>
[  149.980410][ T9157] loop2: detected capacity change from 0 to 512
[  150.019395][ T9165] FAULT_INJECTION: forcing a failure.
[  150.019395][ T9165] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  150.033954][ T9165] CPU: 1 UID: 0 PID: 9165 Comm: syz.0.1793 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  150.034028][ T9165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  150.034080][ T9165] Call Trace:
[  150.034099][ T9165]  <TASK>
[  150.034106][ T9165]  __dump_stack+0x1d/0x30
[  150.034127][ T9165]  dump_stack_lvl+0xe8/0x140
[  150.034145][ T9165]  dump_stack+0x15/0x1b
[  150.034161][ T9165]  should_fail_ex+0x265/0x280
[  150.034185][ T9165]  should_fail_alloc_page+0xf2/0x100
[  150.034280][ T9165]  __alloc_frozen_pages_noprof+0xff/0x360
[  150.034374][ T9165]  alloc_pages_mpol+0xb3/0x250
[  150.034454][ T9165]  vma_alloc_folio_noprof+0x1aa/0x300
[  150.034492][ T9165]  handle_mm_fault+0xec2/0x2c20
[  150.034550][ T9165]  ? __rcu_read_unlock+0x4f/0x70
[  150.034577][ T9165]  do_user_addr_fault+0x3fe/0x1090
[  150.034609][ T9165]  exc_page_fault+0x62/0xa0
[  150.034778][ T9165]  asm_exc_page_fault+0x26/0x30
[  150.034802][ T9165] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  150.034825][ T9165] Code: f6 01 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  150.034863][ T9165] RSP: 0018:ffffc9000f493b90 EFLAGS: 00050206
[  150.034891][ T9165] RAX: ffff888101c1dd20 RBX: ffffc9000f493d10 RCX: 0000000000000414
[  150.034903][ T9165] RDX: 0000000000000000 RSI: ffff88812aa04000 RDI: 00002000000000c0
[  150.034918][ T9165] RBP: 0000000000000000 R08: 0000000000000a21 R09: 0000000000000000
[  150.034931][ T9165] R10: 000188812aa04000 R11: 000188812aa04413 R12: ffffc9000f493cf8
[  150.034944][ T9165] R13: 0000000000000414 R14: 0000000000000414 R15: 0000000000000414
[  150.034963][ T9165]  _copy_to_iter+0x2df/0xe70
[  150.035041][ T9165]  ? seq_list_next+0x32/0x50
[  150.035060][ T9165]  seq_read_iter+0x76a/0x940
[  150.035095][ T9165]  seq_read+0x270/0x2b0
[  150.035195][ T9165]  ? __pfx_seq_read+0x10/0x10
[  150.035221][ T9165]  proc_reg_read+0x128/0x1c0
[  150.035252][ T9165]  ? __pfx_proc_reg_read+0x10/0x10
[  150.035289][ T9165]  vfs_read+0x1a5/0x770
[  150.035311][ T9165]  ? __rcu_read_unlock+0x4f/0x70
[  150.035365][ T9165]  ? __fget_files+0x184/0x1c0
[  150.035395][ T9165]  ksys_read+0xda/0x1a0
[  150.035421][ T9165]  __x64_sys_read+0x40/0x50
[  150.035483][ T9165]  x64_sys_call+0x27bc/0x2ff0
[  150.035509][ T9165]  do_syscall_64+0xd2/0x200
[  150.035537][ T9165]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  150.035723][ T9165]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  150.035759][ T9165]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.035783][ T9165] RIP: 0033:0x7f506964ec29
[  150.035865][ T9165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.035908][ T9165] RSP: 002b:00007f50680b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  150.035928][ T9165] RAX: ffffffffffffffda RBX: 00007f5069895fa0 RCX: 00007f506964ec29
[  150.035943][ T9165] RDX: 0000000000000ffc RSI: 00002000000000c0 RDI: 0000000000000003
[  150.035959][ T9165] RBP: 00007f50680b7090 R08: 0000000000000000 R09: 0000000000000000
[  150.035974][ T9165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  150.035986][ T9165] R13: 00007f5069896038 R14: 00007f5069895fa0 R15: 00007ffdee076d48
[  150.036004][ T9165]  </TASK>
[  150.371992][   T29] kauditd_printk_skb: 166 callbacks suppressed
[  150.372007][   T29] audit: type=1326 audit(1758512477.840:4870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9166 comm="syz.2.1794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3609c0ec29 code=0x7ffc0000
[  150.402208][   T29] audit: type=1326 audit(1758512477.840:4871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9166 comm="syz.2.1794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3609c0ec29 code=0x7ffc0000
[  150.764513][ T9202] loop1: detected capacity change from 0 to 2048
[  150.772369][   T29] audit: type=1326 audit(1758512477.910:4872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9166 comm="syz.2.1794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3609c0ec29 code=0x7ffc0000
[  150.796769][   T29] audit: type=1326 audit(1758512477.910:4873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9166 comm="syz.2.1794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3609c0ec29 code=0x7ffc0000
[  150.821118][   T29] audit: type=1326 audit(1758512477.910:4874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9166 comm="syz.2.1794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3609c0ec29 code=0x7ffc0000
[  150.845602][   T29] audit: type=1326 audit(1758512477.910:4875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9166 comm="syz.2.1794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3609c0ec29 code=0x7ffc0000
[  150.869504][   T29] audit: type=1326 audit(1758512477.910:4876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9166 comm="syz.2.1794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3609c0ec29 code=0x7ffc0000
[  150.893808][   T29] audit: type=1326 audit(1758512477.910:4877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9166 comm="syz.2.1794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3609c0ec29 code=0x7ffc0000
[  150.895558][ T9209] loop3: detected capacity change from 0 to 128
[  150.918230][   T29] audit: type=1326 audit(1758512477.910:4878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9166 comm="syz.2.1794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7f3609c0ec29 code=0x7ffc0000
[  150.948469][   T29] audit: type=1326 audit(1758512477.910:4879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9166 comm="syz.2.1794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3609c0ec29 code=0x7ffc0000
[  151.114224][ T9231] team0: entered promiscuous mode
[  151.119552][ T9231] team_slave_0: entered promiscuous mode
[  151.125410][ T9231] team_slave_1: entered promiscuous mode
[  151.181382][ T9231] debugfs: 'hsr1' already exists in 'hsr'
[  151.187180][ T9231] Cannot create hsr debugfs directory
[  151.210824][ T9231] hsr1: Slave B (gretap0) is not up; please bring it up to get a fully working HSR network
[  151.388600][ T9256] loop0: detected capacity change from 0 to 2048
[  151.499317][ T9254] netlink: 'syz.4.1818': attribute type 1 has an invalid length.
[  151.508186][ T9264] loop1: detected capacity change from 0 to 128
[  151.658970][ T9276] netlink: 'syz.4.1826': attribute type 21 has an invalid length.
[  151.703630][ T9276] loop4: detected capacity change from 0 to 1024
[  151.821319][ T9276] EXT4-fs: Ignoring removed bh option
[  151.832719][ T9276] EXT4-fs: inline encryption not supported
[  151.868234][ T9276] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  151.906760][ T9276] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.1826: lblock 2 mapped to illegal pblock 2 (length 1)
[  151.928202][ T9298] loop2: detected capacity change from 0 to 128
[  151.938724][ T9298] __nla_validate_parse: 16 callbacks suppressed
[  151.938740][ T9298] netlink: 264 bytes leftover after parsing attributes in process `syz.2.1833'.
[  151.958228][ T9276] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.1826: lblock 0 mapped to illegal pblock 48 (length 1)
[  151.967155][ T9299] loop3: detected capacity change from 0 to 2048
[  151.980616][ T9276] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.1826: Failed to acquire dquot type 0
[  151.993387][ T9295] tipc: Started in network mode
[  151.993548][ T9276] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  151.998583][ T9295] tipc: Node identity 862df0356eb7, cluster identity 4711
[  152.010518][ T9276] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.1826: mark_inode_dirty error
[  152.015827][ T9295] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  152.042608][ T9276] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  152.055647][ T9276] EXT4-fs (loop4): 1 orphan inode deleted
[  152.062315][ T9276] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  152.075119][   T51] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  152.093634][ T9307] program syz.1.1837 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  152.098695][   T51] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:3: Failed to release dquot type 0
[  152.111423][ T9307] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  152.117481][ T9299] siw: device registration error -23
[  152.143394][ T9276] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.156199][ T9295] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1832'.
[  152.167321][ T9276] EXT4-fs error (device loop4): __ext4_get_inode_loc:4861: comm syz.4.1826: Invalid inode table block 1 in block_group 0
[  152.181830][ T9276] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  152.199473][ T9295] tipc: Resetting bearer <eth:syzkaller0>
[  152.217840][ T9291] tipc: Disabling bearer <eth:syzkaller0>
[  152.218751][ T9310] loop2: detected capacity change from 0 to 512
[  152.224215][ T9276] EXT4-fs error (device loop4): ext4_quota_off:7221: inode #3: comm syz.4.1826: mark_inode_dirty error
[  152.248173][ T9312] netlink: 24 bytes leftover after parsing attributes in process `+}[@'.
[  152.470887][ T9310] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  152.499934][ T9324] syzkaller0: entered promiscuous mode
[  152.505688][ T9324] syzkaller0: entered allmulticast mode
[  152.581467][ T9334] loop1: detected capacity change from 0 to 4096
[  152.588817][ T9334] EXT4-fs: Ignoring removed nomblk_io_submit option
[  152.638542][ T9310] ext4 filesystem being mounted at /368/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  152.683173][ T9334] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.192334][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.215785][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.170827][ T3475] page_pool_release_retry() stalled pool shutdown: id 144, 1 inflight 60 sec
[  201.170454][   T29] kauditd_printk_skb: 103 callbacks suppressed
[  201.170474][   T29] audit: type=1326 audit(1758512528.630:4980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.4.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  201.201272][   T29] audit: type=1326 audit(1758512528.630:4981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.4.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  201.222599][ T9353] bridge0: entered promiscuous mode
[  201.231662][   T29] audit: type=1326 audit(1758512528.700:4982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.4.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  201.253223][ T9350] kernel read not supported for file /policy (pid: 9350 comm: syz.4.1848)
[  201.258273][ T9353] macsec1: entered promiscuous mode
[  201.274076][   T29] audit: type=1326 audit(1758512528.710:4983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.4.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  201.286969][ T9353] bridge0: port 3(macsec1) entered blocking state
[  201.299264][   T29] audit: type=1326 audit(1758512528.710:4984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.4.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  201.305814][ T9353] bridge0: port 3(macsec1) entered disabled state
[  201.316142][ T9353] macsec1: entered allmulticast mode
[  201.330473][   T29] audit: type=1326 audit(1758512528.720:4985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.4.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=313 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  201.337213][ T9353] bridge0: entered allmulticast mode
[  201.373903][   T29] audit: type=1326 audit(1758512528.730:4986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.4.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  201.421100][ T9353] macsec1: left allmulticast mode
[  201.426536][ T9353] bridge0: left allmulticast mode
[  201.444610][   T29] audit: type=1400 audit(1758512528.870:4987): avc:  denied  { mounton } for  pid=9347 comm="syz.2.1846" path="/proc/917/task" dev="proc" ino=21336 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  201.445743][ T9353] bridge0: left promiscuous mode
[  201.468668][   T29] audit: type=1400 audit(1758512528.880:4988): avc:  denied  { shutdown } for  pid=9347 comm="syz.2.1846" lport=46975 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  201.523270][   T29] audit: type=1326 audit(1758512528.970:4989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9361 comm="syz.4.1851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  201.574325][ T9346] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1847'.
[  201.738102][ T9387] loop0: detected capacity change from 0 to 1024
[  201.803848][ T9388] loop1: detected capacity change from 0 to 2048
[  201.842306][ T9387] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.918537][ T9402] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1865'.
[  201.962515][ T9401] loop1: detected capacity change from 0 to 2048
[  201.969583][ T9396] kernel read not supported for file /policy (pid: 9396 comm: syz.2.1863)
[  202.003463][ T9380] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.1859: Allocating blocks 465-513 which overlap fs metadata
[  202.027829][ T9380] EXT4-fs (loop0): pa ffff88810727a700: logic 256, phys. 369, len 9
[  202.036612][ T9380] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[  202.048674][ T9380] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  202.070926][ T9380] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1859'.
[  202.118973][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.146831][ T9413] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1868'.
[  202.172072][ T9420] netlink: 24 bytes leftover after parsing attributes in process `+}[@'.
[  202.289418][ T9439] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1877'.
[  202.324397][ T9433] loop2: detected capacity change from 0 to 2048
[  202.367818][ T9447] loop3: detected capacity change from 0 to 128
[  202.399117][ T9433] siw: device registration error -23
[  202.437019][ T9447] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  202.496726][ T9455] loop4: detected capacity change from 0 to 1024
[  202.546399][ T9447] ext4 filesystem being mounted at /364/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  202.582028][ T9455] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  202.635746][ T3309] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  202.669381][ T9462] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1884'.
[  202.703292][ T9450] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.1881: Allocating blocks 465-513 which overlap fs metadata
[  202.767696][ T9455] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1881'.
[  202.780056][ T9450] EXT4-fs (loop4): pa ffff88810727a700: logic 256, phys. 369, len 9
[  202.788696][ T9450] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[  202.840246][ T9450] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  202.985896][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.043157][ T9477] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1890'.
[  203.168745][ T9479] netlink: 'syz.2.1891': attribute type 1 has an invalid length.
[  203.183479][ T9482] only policy match revision 0 supported
[  203.183494][ T9482] unable to load match
[  203.335824][ T9497] loop4: detected capacity change from 0 to 512
[  203.373047][ T9497] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  203.399424][ T9497] ext4 filesystem being mounted at /397/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  203.423667][ T9503] netlink: 'syz.0.1896': attribute type 1 has an invalid length.
[  203.483192][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.545827][ T9516] netlink: 24 bytes leftover after parsing attributes in process `+}[@'.
[  203.652687][ T9530] netlink: 'syz.4.1904': attribute type 1 has an invalid length.
[  203.951104][ T9535] loop1: detected capacity change from 0 to 1024
[  204.016999][ T9545] loop4: detected capacity change from 0 to 128
[  204.109149][ T9535] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  204.257422][ T9535] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.1905: Allocating blocks 465-513 which overlap fs metadata
[  204.278864][ T9553] syzkaller1: entered promiscuous mode
[  204.284555][ T9553] syzkaller1: entered allmulticast mode
[  204.294031][ T9535] EXT4-fs (loop1): pa ffff88810056e150: logic 256, phys. 369, len 9
[  204.298476][ T9553] FAULT_INJECTION: forcing a failure.
[  204.298476][ T9553] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  204.302494][ T9535] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[  204.316011][ T9553] CPU: 0 UID: 0 PID: 9553 Comm: syz.4.1911 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  204.316039][ T9553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  204.316051][ T9553] Call Trace:
[  204.316067][ T9553]  <TASK>
[  204.316076][ T9553]  __dump_stack+0x1d/0x30
[  204.316098][ T9553]  dump_stack_lvl+0xe8/0x140
[  204.316119][ T9553]  dump_stack+0x15/0x1b
[  204.316156][ T9553]  should_fail_ex+0x265/0x280
[  204.316181][ T9553]  should_fail+0xb/0x20
[  204.316219][ T9553]  should_fail_usercopy+0x1a/0x20
[  204.316244][ T9553]  _copy_from_iter+0xd2/0xe80
[  204.316272][ T9553]  ? selinux_file_open+0x2df/0x330
[  204.316342][ T9553]  ? should_fail_ex+0xdb/0x280
[  204.316365][ T9553]  ? skb_set_owner_w+0x16a/0x1c0
[  204.316391][ T9553]  ? sock_alloc_send_pskb+0x456/0x4f0
[  204.316419][ T9553]  skb_copy_datagram_from_iter+0xb1/0x490
[  204.316556][ T9553]  ? skb_put+0xa9/0xf0
[  204.316577][ T9553]  tun_get_user+0xafa/0x2680
[  204.316603][ T9553]  ? ref_tracker_alloc+0x1f2/0x2f0
[  204.316672][ T9553]  ? selinux_file_permission+0x1e4/0x320
[  204.316695][ T9553]  tun_chr_write_iter+0x15e/0x210
[  204.316755][ T9553]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  204.316774][ T9553]  vfs_write+0x527/0x960
[  204.316802][ T9553]  ksys_write+0xda/0x1a0
[  204.316879][ T9553]  __x64_sys_write+0x40/0x50
[  204.316902][ T9553]  x64_sys_call+0x27fe/0x2ff0
[  204.316929][ T9553]  do_syscall_64+0xd2/0x200
[  204.316959][ T9553]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  204.316983][ T9553]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  204.317093][ T9553]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.317169][ T9553] RIP: 0033:0x7f3d3d1fec29
[  204.317263][ T9553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  204.317281][ T9553] RSP: 002b:00007f3d3bc67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  204.317302][ T9553] RAX: ffffffffffffffda RBX: 00007f3d3d445fa0 RCX: 00007f3d3d1fec29
[  204.317422][ T9553] RDX: 0000000000000fcd RSI: 0000200000000240 RDI: 0000000000000003
[  204.317438][ T9553] RBP: 00007f3d3bc67090 R08: 0000000000000000 R09: 0000000000000000
[  204.317478][ T9553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  204.317491][ T9553] R13: 00007f3d3d446038 R14: 00007f3d3d445fa0 R15: 00007ffc8b8f2228
[  204.317513][ T9553]  </TASK>
[  204.585405][ T9535] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  204.671975][ T9561] netlink: 'syz.3.1913': attribute type 1 has an invalid length.
[  204.701312][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.782438][ T9576] loop2: detected capacity change from 0 to 128
[  204.888804][ T9590] loop2: detected capacity change from 0 to 128
[  204.920664][ T9592] loop4: detected capacity change from 0 to 1024
[  204.985040][ T9590] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  205.046295][ T9600] loop0: detected capacity change from 0 to 1024
[  205.078953][ T9590] ext4 filesystem being mounted at /392/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  205.100275][ T9601] netlink: 'syz.3.1930': attribute type 1 has an invalid length.
[  205.152107][ T3308] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  205.185938][ T9600] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  205.293733][ T9594] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.1928: Allocating blocks 465-513 which overlap fs metadata
[  205.308965][ T9626] FAULT_INJECTION: forcing a failure.
[  205.308965][ T9626] name failslab, interval 1, probability 0, space 0, times 0
[  205.322701][ T9626] CPU: 0 UID: 0 PID: 9626 Comm: syz.2.1940 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  205.322735][ T9626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  205.322775][ T9626] Call Trace:
[  205.322783][ T9626]  <TASK>
[  205.322790][ T9626]  __dump_stack+0x1d/0x30
[  205.322812][ T9626]  dump_stack_lvl+0xe8/0x140
[  205.322835][ T9626]  dump_stack+0x15/0x1b
[  205.322856][ T9626]  should_fail_ex+0x265/0x280
[  205.322884][ T9626]  should_failslab+0x8c/0xb0
[  205.322936][ T9626]  kmem_cache_alloc_noprof+0x50/0x310
[  205.322965][ T9626]  ? skb_clone+0x151/0x1f0
[  205.322997][ T9626]  skb_clone+0x151/0x1f0
[  205.323205][ T9626]  nfnetlink_rcv+0x305/0x1690
[  205.323232][ T9626]  ? __account_obj_stock+0x211/0x350
[  205.323262][ T9626]  ? xas_load+0x413/0x430
[  205.323309][ T9626]  ? xas_load+0x413/0x430
[  205.323334][ T9626]  ? css_rstat_updated+0xb7/0x240
[  205.323381][ T9626]  ? __rcu_read_unlock+0x4f/0x70
[  205.323406][ T9626]  ? __account_obj_stock+0x2cc/0x350
[  205.323504][ T9626]  ? obj_cgroup_charge_account+0x122/0x1a0
[  205.323542][ T9626]  ? should_fail_ex+0x30/0x280
[  205.323651][ T9626]  ? __rcu_read_unlock+0x4f/0x70
[  205.323671][ T9626]  ? should_fail_ex+0xdb/0x280
[  205.323810][ T9626]  netlink_unicast+0x5bd/0x690
[  205.323839][ T9626]  netlink_sendmsg+0x58b/0x6b0
[  205.323869][ T9626]  ? __pfx_netlink_sendmsg+0x10/0x10
[  205.323899][ T9626]  __sock_sendmsg+0x142/0x180
[  205.323993][ T9626]  ____sys_sendmsg+0x31e/0x4e0
[  205.324026][ T9626]  ___sys_sendmsg+0x17b/0x1d0
[  205.324069][ T9626]  __x64_sys_sendmsg+0xd4/0x160
[  205.324266][ T9626]  x64_sys_call+0x191e/0x2ff0
[  205.324287][ T9626]  do_syscall_64+0xd2/0x200
[  205.324321][ T9626]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  205.324417][ T9626]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  205.324527][ T9626]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.324613][ T9626] RIP: 0033:0x7f3609c0ec29
[  205.324630][ T9626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.324727][ T9626] RSP: 002b:00007f3608677038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  205.324751][ T9626] RAX: ffffffffffffffda RBX: 00007f3609e55fa0 RCX: 00007f3609c0ec29
[  205.324767][ T9626] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000006
[  205.324857][ T9626] RBP: 00007f3608677090 R08: 0000000000000000 R09: 0000000000000000
[  205.324869][ T9626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  205.324882][ T9626] R13: 00007f3609e56038 R14: 00007f3609e55fa0 R15: 00007ffdc17d0148
[  205.324903][ T9626]  </TASK>
[  205.604419][ T9594] EXT4-fs (loop0): pa ffff88810056e1c0: logic 256, phys. 369, len 9
[  205.614417][ T9594] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[  205.628633][ T9629] loop1: detected capacity change from 0 to 1024
[  205.638942][ T9594] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  205.657673][ T9630] FAULT_INJECTION: forcing a failure.
[  205.657673][ T9630] name failslab, interval 1, probability 0, space 0, times 0
[  205.670731][ T9630] CPU: 0 UID: 0 PID: 9630 Comm: syz.4.1942 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  205.670760][ T9630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  205.670774][ T9630] Call Trace:
[  205.670781][ T9630]  <TASK>
[  205.670789][ T9630]  __dump_stack+0x1d/0x30
[  205.670867][ T9630]  dump_stack_lvl+0xe8/0x140
[  205.670885][ T9630]  dump_stack+0x15/0x1b
[  205.670900][ T9630]  should_fail_ex+0x265/0x280
[  205.670927][ T9630]  should_failslab+0x8c/0xb0
[  205.670954][ T9630]  kmem_cache_alloc_noprof+0x50/0x310
[  205.671045][ T9630]  ? security_file_alloc+0x32/0x100
[  205.671082][ T9630]  security_file_alloc+0x32/0x100
[  205.671124][ T9630]  init_file+0x5c/0x1d0
[  205.671191][ T9630]  alloc_empty_file+0x8b/0x200
[  205.671225][ T9630]  path_openat+0x68/0x2170
[  205.671247][ T9630]  ? try_charge_memcg+0x200/0x9e0
[  205.671271][ T9630]  ? css_rstat_updated+0xb7/0x240
[  205.671311][ T9630]  ? css_rstat_updated+0xb7/0x240
[  205.671342][ T9630]  ? mod_memcg_lruvec_state+0x1fc/0x2c0
[  205.671371][ T9630]  ? css_rstat_updated+0xb7/0x240
[  205.671484][ T9630]  do_filp_open+0x109/0x230
[  205.671563][ T9630]  do_sys_openat2+0xa6/0x110
[  205.671593][ T9630]  __x64_sys_openat+0xf2/0x120
[  205.671625][ T9630]  x64_sys_call+0x2e9c/0x2ff0
[  205.671705][ T9630]  do_syscall_64+0xd2/0x200
[  205.671741][ T9630]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  205.671765][ T9630]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  205.671830][ T9630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.671853][ T9630] RIP: 0033:0x7f3d3d1fd590
[  205.671872][ T9630] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  205.671889][ T9630] RSP: 002b:00007f3d3bc64ef0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  205.671987][ T9630] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f3d3d1fd590
[  205.672002][ T9630] RDX: 0000000000000002 RSI: 00007f3d3d281b1c RDI: 00000000ffffff9c
[  205.672016][ T9630] RBP: 00007f3d3d281b1c R08: 0000000000000000 R09: 0000000000000000
[  205.672029][ T9630] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  205.672042][ T9630] R13: 0000000000000071 R14: 00002000000001c0 R15: 00007ffc8b8f2228
[  205.672062][ T9630]  </TASK>
[  205.933540][ T9635] loop1: detected capacity change from 0 to 128
[  205.954436][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.971502][ T9635] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  205.988452][ T9635] ext4 filesystem being mounted at /395/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  206.015925][ T3310] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  206.122752][ T9644] netlink: 'syz.2.1947': attribute type 1 has an invalid length.
[  206.136789][ T9653] loop1: detected capacity change from 0 to 2048
[  206.367242][ T1036] page_pool_release_retry() stalled pool shutdown: id 157, 1 inflight 60 sec
[  206.436933][ T9675] loop0: detected capacity change from 0 to 4096
[  206.443848][ T9675] EXT4-fs: Ignoring removed nomblk_io_submit option
[  207.233653][ T9679] __nla_validate_parse: 11 callbacks suppressed
[  207.233674][ T9679] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1957'.
[  207.289257][ T9677] loop2: detected capacity change from 0 to 4096
[  207.296447][ T9677] EXT4-fs: Ignoring removed nomblk_io_submit option
[  207.313428][ T9677] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.366241][ T9675] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.403517][ T9689] loop4: detected capacity change from 0 to 128
[  207.411312][ T1036] page_pool_release_retry() stalled pool shutdown: id 158, 1 inflight 60 sec
[  207.423096][ T9687] loop9: detected capacity change from 0 to 7
[  207.423433][ T9689] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  207.482182][ T9687] Buffer I/O error on dev loop9, logical block 0, async page read
[  207.543658][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.555800][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.571743][ T9689] ext4 filesystem being mounted at /412/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  207.589521][ T9687] Buffer I/O error on dev loop9, logical block 0, async page read
[  207.597712][ T9687]  loop9: unable to read partition table
[  207.607708][ T9687] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  207.607708][ T9687] 
) failed (rc=-5)
[  207.632483][ T9427] Buffer I/O error on dev loop9, logical block 0, async page read
[  207.636990][ T9695] netlink: 24 bytes leftover after parsing attributes in process `+}[@'.
[  207.663160][ T9427] Buffer I/O error on dev loop9, logical block 0, async page read
[  207.695610][ T9427] Buffer I/O error on dev loop9, logical block 0, async page read
[  207.709247][ T3305] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  207.721795][ T9427] Buffer I/O error on dev loop9, logical block 0, async page read
[  207.737152][ T9707] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1961'.
[  207.740822][ T9427] Buffer I/O error on dev loop9, logical block 0, async page read
[  207.872464][ T9713] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1966'.
[  207.886681][ T9726] netlink: 'syz.0.1964': attribute type 1 has an invalid length.
[  207.894096][   T29] kauditd_printk_skb: 440 callbacks suppressed
[  207.894114][   T29] audit: type=1326 audit(1758512535.350:5430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9708 comm="syz.0.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f506964ec29 code=0x7ffc0000
[  207.926114][   T29] audit: type=1326 audit(1758512535.350:5431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9708 comm="syz.0.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f506964ec29 code=0x7ffc0000
[  207.951540][   T29] audit: type=1326 audit(1758512535.350:5432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9708 comm="syz.0.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f506964ec29 code=0x7ffc0000
[  207.976276][   T29] audit: type=1326 audit(1758512535.350:5433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9708 comm="syz.0.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f506964ec29 code=0x7ffc0000
[  208.001974][   T29] audit: type=1326 audit(1758512535.350:5434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9708 comm="syz.0.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f506964ec29 code=0x7ffc0000
[  208.026652][   T29] audit: type=1326 audit(1758512535.350:5435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9708 comm="syz.0.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f506964ec29 code=0x7ffc0000
[  208.052354][   T29] audit: type=1326 audit(1758512535.350:5436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9708 comm="syz.0.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f506964ec29 code=0x7ffc0000
[  208.078139][   T29] audit: type=1326 audit(1758512535.350:5437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9708 comm="syz.0.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f506964ec29 code=0x7ffc0000
[  208.078990][ T9735] loop2: detected capacity change from 0 to 128
[  208.102687][   T29] audit: type=1326 audit(1758512535.350:5438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9708 comm="syz.0.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f506964ec29 code=0x7ffc0000
[  208.134262][   T29] audit: type=1326 audit(1758512535.350:5439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9708 comm="syz.0.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f506964ec29 code=0x7ffc0000
[  208.148167][ T9735] netlink: 264 bytes leftover after parsing attributes in process `syz.2.1967'.
[  208.449588][ T9746] 1�X��D: left promiscuous mode
[  208.454777][ T9746] 1�X��D: entered allmulticast mode
[  208.554553][ T9738] loop1: detected capacity change from 0 to 1024
[  208.660550][ T9738] EXT4-fs: Ignoring removed nobh option
[  208.773890][ T9738] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  208.811245][ T9738] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #11: comm syz.1.1968: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  208.845362][ T9755] netlink: 24 bytes leftover after parsing attributes in process `+}[@'.
[  208.922602][ T9759] loop3: detected capacity change from 0 to 4096
[  208.930146][ T9759] EXT4-fs: Ignoring removed nomblk_io_submit option
[  208.938389][ T9738] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1968: couldn't read orphan inode 11 (err -117)
[  208.955277][ T9738] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.035403][ T9759] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.063276][ T9761] loop4: detected capacity change from 0 to 1024
[  209.154719][ T9738] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.1968: Invalid block bitmap block 0 in block_group 0
[  209.229785][ T9738] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.1968: Failed to acquire dquot type 0
[  209.245467][ T9738] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1968'.
[  209.269062][ T9761] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  209.304914][ T9761] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.1972: Allocating blocks 465-513 which overlap fs metadata
[  209.320190][ T9738] EXT4-fs error (device loop1): __ext4_get_inode_loc:4861: comm syz.1.1968: Invalid inode table block 21474836481 in block_group 0
[  209.334775][ T9761] EXT4-fs (loop4): pa ffff88810727a770: logic 256, phys. 369, len 9
[  209.343375][ T9761] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[  209.355094][ T9761] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  209.382253][  T122] EXT4-fs error (device loop1): __ext4_get_inode_loc:4861: comm kworker/u8:4: Invalid inode table block 21474836481 in block_group 0
[  209.406011][ T9771] loop0: detected capacity change from 0 to 128
[  209.419771][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.431995][ T9771] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  209.446432][ T9771] ext4 filesystem being mounted at /378/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  209.503490][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.527239][ T3304] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  209.553157][ T9778] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1977'.
[  209.595736][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.638515][ T9780] netlink: 'syz.3.1980': attribute type 1 has an invalid length.
[  209.659402][ T9784] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1983'.
[  209.776821][ T9793] loop4: detected capacity change from 0 to 2048
[  209.857199][ T9808] loop1: detected capacity change from 0 to 128
[  209.875634][ T9806] kernel read not supported for file /policy (pid: 9806 comm: syz.3.1991)
[  209.888668][ T9793] siw: device registration error -23
[  209.895083][ T9808] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  209.921701][ T9808] ext4 filesystem being mounted at /404/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  209.964295][ T9815] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1994'.
[  209.989947][ T3310] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  210.019370][ T9818] loop3: detected capacity change from 0 to 512
[  210.030349][ T9818] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.1996: bad orphan inode 11
[  210.055060][ T9818] ext4_test_bit(bit=10, block=4) = 1
[  210.060456][ T9818] is_bad_inode(inode)=0
[  210.064789][ T9818] NEXT_ORPHAN(inode)=2080374784
[  210.069850][ T9818] max_ino=32
[  210.073369][ T9818] i_nlink=0
[  210.078854][ T9818] EXT4-fs (loop3): 1 truncate cleaned up
[  210.085531][ T9818] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  210.106285][ T9824] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  210.113515][ T9824] syzkaller0: entered promiscuous mode
[  210.119212][ T9824] syzkaller0: entered allmulticast mode
[  210.129399][ T9824] tipc: Resetting bearer <eth:syzkaller0>
[  210.145827][ T9823] tipc: Resetting bearer <eth:syzkaller0>
[  210.152902][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.163319][ T9823] tipc: Disabling bearer <eth:syzkaller0>
[  210.422011][ T9835] FAULT_INJECTION: forcing a failure.
[  210.422011][ T9835] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  210.436035][ T9835] CPU: 1 UID: 0 PID: 9835 Comm: syz.3.2000 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  210.436068][ T9835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  210.436163][ T9835] Call Trace:
[  210.436170][ T9835]  <TASK>
[  210.436179][ T9835]  __dump_stack+0x1d/0x30
[  210.436204][ T9835]  dump_stack_lvl+0xe8/0x140
[  210.436267][ T9835]  dump_stack+0x15/0x1b
[  210.436286][ T9835]  should_fail_ex+0x265/0x280
[  210.436383][ T9835]  should_fail+0xb/0x20
[  210.436403][ T9835]  should_fail_usercopy+0x1a/0x20
[  210.436426][ T9835]  _copy_from_iter+0xd2/0xe80
[  210.436452][ T9835]  ? _copy_from_iter+0x170/0xe80
[  210.436486][ T9835]  copy_page_from_iter+0x178/0x2a0
[  210.436666][ T9835]  skb_copy_datagram_from_iter+0x232/0x490
[  210.436779][ T9835]  tun_get_user+0xafa/0x2680
[  210.436807][ T9835]  ? ref_tracker_alloc+0x1f2/0x2f0
[  210.436834][ T9835]  ? selinux_file_permission+0x1e4/0x320
[  210.436871][ T9835]  tun_chr_write_iter+0x15e/0x210
[  210.436889][ T9835]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  210.436906][ T9835]  vfs_write+0x527/0x960
[  210.436931][ T9835]  ksys_write+0xda/0x1a0
[  210.437051][ T9835]  __x64_sys_write+0x40/0x50
[  210.437080][ T9835]  x64_sys_call+0x27fe/0x2ff0
[  210.437104][ T9835]  do_syscall_64+0xd2/0x200
[  210.437161][ T9835]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  210.437190][ T9835]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  210.437217][ T9835]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.437306][ T9835] RIP: 0033:0x7fbde68eec29
[  210.437321][ T9835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.437338][ T9835] RSP: 002b:00007fbde534f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  210.437393][ T9835] RAX: ffffffffffffffda RBX: 00007fbde6b35fa0 RCX: 00007fbde68eec29
[  210.437408][ T9835] RDX: 000000000000fd6c RSI: 0000200000000280 RDI: 0000000000000004
[  210.437434][ T9835] RBP: 00007fbde534f090 R08: 0000000000000000 R09: 0000000000000000
[  210.437445][ T9835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  210.437457][ T9835] R13: 00007fbde6b36038 R14: 00007fbde6b35fa0 R15: 00007fff60ac5598
[  210.437478][ T9835]  </TASK>
[  210.778476][ T9842] kernel read not supported for file /policy (pid: 9842 comm: syz.2.2004)
[  210.823981][ T9844] loop1: detected capacity change from 0 to 2048
[  210.839748][ T9849] loop2: detected capacity change from 0 to 128
[  210.953056][ T9853] bond_slave_0: entered promiscuous mode
[  210.959325][ T9853] bond_slave_1: entered promiscuous mode
[  210.965475][ T9853] dummy0: entered promiscuous mode
[  211.021187][ T9853] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  211.037778][ T9869] loop2: detected capacity change from 0 to 2048
[  211.053853][ T9872] netlink: 'syz.4.2012': attribute type 1 has an invalid length.
[  211.070154][ T9853] bond_slave_0: left promiscuous mode
[  211.075796][ T9853] bond_slave_1: left promiscuous mode
[  211.081842][ T9853] dummy0: left promiscuous mode
[  211.109122][ T9864] siw: device registration error -23
[  211.195277][ T9882] netlink: 'syz.2.2016': attribute type 1 has an invalid length.
[  211.303105][ T9890] loop4: detected capacity change from 0 to 128
[  211.629850][ T9913] netlink: 'syz.3.2024': attribute type 1 has an invalid length.
[  212.086512][ T9943] loop3: detected capacity change from 0 to 128
[  212.133728][ T9948] loop1: detected capacity change from 0 to 512
[  212.147942][ T9948] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  212.174241][ T9948] EXT4-fs (loop1): 1 truncate cleaned up
[  212.201554][ T9948] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  212.250498][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.253794][ T9953] __nla_validate_parse: 7 callbacks suppressed
[  212.253810][ T9953] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2038'.
[  212.333463][ T9962] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2040'.
[  212.352693][ T9959] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2042'.
[  212.472425][ T9965] netlink: 'syz.4.2044': attribute type 1 has an invalid length.
[  212.551966][ T9977] loop3: detected capacity change from 0 to 128
[  212.593653][ T9977] netlink: 264 bytes leftover after parsing attributes in process `syz.3.2048'.
[  212.611939][ T9981] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2050'.
[  212.814176][ T9987] loop1: detected capacity change from 0 to 4096
[  212.821499][ T9987] EXT4-fs: Ignoring removed nomblk_io_submit option
[  212.929430][ T9987] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  212.982941][ T9991] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2052'.
[  213.141485][ T3417] page_pool_release_retry() stalled pool shutdown: id 161, 1 inflight 61 sec
[  213.362708][T10010] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2058'.
[  213.456153][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.474117][   T29] kauditd_printk_skb: 343 callbacks suppressed
[  213.474132][   T29] audit: type=1326 audit(1758512540.940:5781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10008 comm="syz.4.2060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  213.505858][   T29] audit: type=1326 audit(1758512540.940:5782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10008 comm="syz.4.2060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  213.530974][   T29] audit: type=1326 audit(1758512540.940:5783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10008 comm="syz.4.2060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  213.556237][   T29] audit: type=1326 audit(1758512540.940:5784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10008 comm="syz.4.2060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  213.580890][   T29] audit: type=1326 audit(1758512540.940:5785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10008 comm="syz.4.2060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  213.605799][   T29] audit: type=1326 audit(1758512540.940:5786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10008 comm="syz.4.2060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  213.630452][   T29] audit: type=1326 audit(1758512540.940:5787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10008 comm="syz.4.2060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  213.655431][   T29] audit: type=1326 audit(1758512540.940:5788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10008 comm="syz.4.2060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  213.673421][T10011] netlink: 'syz.4.2060': attribute type 1 has an invalid length.
[  213.680667][   T29] audit: type=1326 audit(1758512540.940:5789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10008 comm="syz.4.2060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  213.715646][   T29] audit: type=1326 audit(1758512540.940:5790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10008 comm="syz.4.2060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d3d1fec29 code=0x7ffc0000
[  213.771107][T10019] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2063'.
[  213.862424][T10017] loop3: detected capacity change from 0 to 1024
[  213.931652][T10038] loop1: detected capacity change from 0 to 128
[  213.944648][T10017] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  213.999347][T10038] netlink: 264 bytes leftover after parsing attributes in process `syz.1.2068'.
[  214.035282][T10045] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2071'.
[  214.134703][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.222803][T10053] netlink: 'syz.0.2076': attribute type 1 has an invalid length.
[  214.293759][T10060] syzkaller0: entered promiscuous mode
[  214.299544][T10060] syzkaller0: entered allmulticast mode
[  214.306553][T10068] FAULT_INJECTION: forcing a failure.
[  214.306553][T10068] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  214.320740][T10068] CPU: 0 UID: 0 PID: 10068 Comm: syz.0.2080 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  214.320772][T10068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  214.320830][T10068] Call Trace:
[  214.320837][T10068]  <TASK>
[  214.320846][T10068]  __dump_stack+0x1d/0x30
[  214.320870][T10068]  dump_stack_lvl+0xe8/0x140
[  214.320891][T10068]  dump_stack+0x15/0x1b
[  214.320909][T10068]  should_fail_ex+0x265/0x280
[  214.320936][T10068]  should_fail+0xb/0x20
[  214.321016][T10068]  should_fail_usercopy+0x1a/0x20
[  214.321054][T10068]  _copy_from_user+0x1c/0xb0
[  214.321145][T10068]  memdup_user+0x5e/0xd0
[  214.321174][T10068]  __snd_timer_user_ioctl+0x278/0x2470
[  214.321199][T10068]  ? do_vfs_ioctl+0x866/0xe10
[  214.321228][T10068]  ? selinux_file_ioctl+0x308/0x3a0
[  214.321323][T10068]  ? __pfx_snd_timer_user_ioctl+0x10/0x10
[  214.321346][T10068]  snd_timer_user_ioctl+0x45/0x90
[  214.321435][T10068]  __se_sys_ioctl+0xce/0x140
[  214.321456][T10068]  __x64_sys_ioctl+0x43/0x50
[  214.321477][T10068]  x64_sys_call+0x1816/0x2ff0
[  214.321501][T10068]  do_syscall_64+0xd2/0x200
[  214.321536][T10068]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  214.321612][T10068]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  214.321644][T10068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.321669][T10068] RIP: 0033:0x7f506964ec29
[  214.321687][T10068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.321785][T10068] RSP: 002b:00007f50680b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  214.321808][T10068] RAX: ffffffffffffffda RBX: 00007f5069895fa0 RCX: 00007f506964ec29
[  214.321822][T10068] RDX: 0000000000000000 RSI: 00000000c0f85403 RDI: 0000000000000003
[  214.321836][T10068] RBP: 00007f50680b7090 R08: 0000000000000000 R09: 0000000000000000
[  214.321849][T10068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  214.321981][T10068] R13: 00007f5069896038 R14: 00007f5069895fa0 R15: 00007ffdee076d48
[  214.322002][T10068]  </TASK>
[  214.565210][T10076] netlink: 'syz.1.2081': attribute type 1 has an invalid length.
[  214.579536][T10079] loop0: detected capacity change from 0 to 128
[  214.711865][T10092] loop4: detected capacity change from 0 to 2048
[  214.755871][T10092] siw: device registration error -23
[  214.771636][T10103] FAULT_INJECTION: forcing a failure.
[  214.771636][T10103] name failslab, interval 1, probability 0, space 0, times 0
[  214.785208][T10103] CPU: 1 UID: 0 PID: 10103 Comm: syz.0.2092 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  214.785241][T10103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  214.785294][T10103] Call Trace:
[  214.785302][T10103]  <TASK>
[  214.785311][T10103]  __dump_stack+0x1d/0x30
[  214.785337][T10103]  dump_stack_lvl+0xe8/0x140
[  214.785420][T10103]  dump_stack+0x15/0x1b
[  214.785437][T10103]  should_fail_ex+0x265/0x280
[  214.785492][T10103]  ? cgroup_pidlist_start+0x46e/0x820
[  214.785528][T10103]  should_failslab+0x8c/0xb0
[  214.785551][T10103]  __kmalloc_cache_noprof+0x4c/0x320
[  214.785579][T10103]  cgroup_pidlist_start+0x46e/0x820
[  214.785637][T10103]  cgroup_seqfile_start+0x58/0x70
[  214.785667][T10103]  kernfs_seq_start+0xb1/0x170
[  214.785766][T10103]  seq_read_iter+0x279/0x940
[  214.785862][T10103]  kernfs_fop_read_iter+0xc1/0x330
[  214.785898][T10103]  ? iov_iter_bvec+0xa4/0xd0
[  214.785952][T10103]  copy_splice_read+0x43f/0x660
[  214.785974][T10103]  ? __pfx_copy_splice_read+0x10/0x10
[  214.786034][T10103]  splice_direct_to_actor+0x26c/0x680
[  214.786060][T10103]  ? __pfx_direct_splice_actor+0x10/0x10
[  214.786083][T10103]  do_splice_direct+0xda/0x150
[  214.786174][T10103]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  214.786198][T10103]  do_sendfile+0x380/0x650
[  214.786262][T10103]  __x64_sys_sendfile64+0x105/0x150
[  214.786301][T10103]  x64_sys_call+0x2bb0/0x2ff0
[  214.786327][T10103]  do_syscall_64+0xd2/0x200
[  214.786406][T10103]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  214.786432][T10103]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  214.786589][T10103]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.786609][T10103] RIP: 0033:0x7f506964ec29
[  214.786628][T10103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.786650][T10103] RSP: 002b:00007f50680b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  214.786699][T10103] RAX: ffffffffffffffda RBX: 00007f5069895fa0 RCX: 00007f506964ec29
[  214.786714][T10103] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005
[  214.786727][T10103] RBP: 00007f50680b7090 R08: 0000000000000000 R09: 0000000000000000
[  214.786739][T10103] R10: 000000000000003a R11: 0000000000000246 R12: 0000000000000001
[  214.786750][T10103] R13: 00007f5069896038 R14: 00007f5069895fa0 R15: 00007ffdee076d48
[  214.786827][T10103]  </TASK>
[  215.043263][T10108] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  215.053880][T10107] netlink: 'syz.3.2091': attribute type 1 has an invalid length.
[  215.085491][T10111] loop0: detected capacity change from 0 to 128
[  215.102471][T10111] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  215.123397][T10111] ext4 filesystem being mounted at /403/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  215.178955][T10116] netlink: 'syz.1.2096': attribute type 1 has an invalid length.
[  215.295489][ T3304] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  215.367448][T10133] loop3: detected capacity change from 0 to 128
[  215.426466][T10140] loop0: detected capacity change from 0 to 128
[  215.445543][T10140] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  215.460440][T10140] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  215.604330][T10153] FAULT_INJECTION: forcing a failure.
[  215.604330][T10153] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  215.618527][T10153] CPU: 1 UID: 0 PID: 10153 Comm: syz.3.2106 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  215.618559][T10153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  215.618573][T10153] Call Trace:
[  215.618582][T10153]  <TASK>
[  215.618592][T10153]  __dump_stack+0x1d/0x30
[  215.618613][T10153]  dump_stack_lvl+0xe8/0x140
[  215.618631][T10153]  dump_stack+0x15/0x1b
[  215.618759][T10153]  should_fail_ex+0x265/0x280
[  215.618783][T10153]  should_fail+0xb/0x20
[  215.618806][T10153]  should_fail_usercopy+0x1a/0x20
[  215.618916][T10153]  strncpy_from_user+0x25/0x230
[  215.618994][T10153]  ? kmem_cache_alloc_noprof+0x186/0x310
[  215.619021][T10153]  ? getname_flags+0x80/0x3b0
[  215.619211][T10153]  getname_flags+0xae/0x3b0
[  215.619240][T10153]  do_sys_openat2+0x60/0x110
[  215.619279][T10153]  __x64_sys_openat+0xf2/0x120
[  215.619318][T10153]  x64_sys_call+0x2e9c/0x2ff0
[  215.619380][T10153]  do_syscall_64+0xd2/0x200
[  215.619409][T10153]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  215.619488][T10153]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  215.619514][T10153]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.619538][T10153] RIP: 0033:0x7fbde68eec29
[  215.619558][T10153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.619648][T10153] RSP: 002b:00007fbde530d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  215.619668][T10153] RAX: ffffffffffffffda RBX: 00007fbde6b36180 RCX: 00007fbde68eec29
[  215.619681][T10153] RDX: 00000000000aad82 RSI: 0000200000000200 RDI: ffffffffffffff9c
[  215.619748][T10153] RBP: 00007fbde530d090 R08: 0000000000000000 R09: 0000000000000000
[  215.619760][T10153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  215.619772][T10153] R13: 00007fbde6b36218 R14: 00007fbde6b36180 R15: 00007fff60ac5598
[  215.619793][T10153]  </TASK>
[  215.816703][T10153] lo speed is unknown, defaulting to 1000
[  215.822868][T10153] lo speed is unknown, defaulting to 1000
[  215.829673][T10153] lo speed is unknown, defaulting to 1000
[  215.837103][T10153] infiniband 3yz0: RDMA CMA: cma_listen_on_dev, error -98
[  215.867526][T10153] lo speed is unknown, defaulting to 1000
[  215.874400][T10153] lo speed is unknown, defaulting to 1000
[  215.880929][T10153] lo speed is unknown, defaulting to 1000
[  215.887383][T10153] lo speed is unknown, defaulting to 1000
[  215.893849][T10153] lo speed is unknown, defaulting to 1000
[  215.894569][T10156] loop4: detected capacity change from 0 to 128
[  215.954325][T10148] netlink: 'syz.1.2108': attribute type 1 has an invalid length.
[  215.965352][T10156] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  216.103546][T10156] ext4 filesystem being mounted at /438/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  216.143963][ T3305] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  216.257394][T10169] loop1: detected capacity change from 0 to 4096
[  216.264479][T10169] EXT4-fs: Ignoring removed nomblk_io_submit option
[  216.389322][T10173] loop3: detected capacity change from 0 to 128
[  216.403456][T10169] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  216.425483][T10172] loop8: detected capacity change from 0 to 16384
[  216.833841][T10188] loop3: detected capacity change from 0 to 1024
[  216.976056][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.012576][T10196] netlink: 'syz.4.2122': attribute type 1 has an invalid length.
[  217.049615][T10188] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  217.294812][T10201] loop4: detected capacity change from 0 to 128
[  217.332605][T10201] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  217.407843][T10201] ext4 filesystem being mounted at /442/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  217.501251][T10204] loop1: detected capacity change from 0 to 2048
[  217.509000][ T3305] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  217.679629][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.741650][T10216] loop2: detected capacity change from 0 to 128
[  217.832707][T10213] loop1: detected capacity change from 0 to 8192
[  217.890387][T10216] __nla_validate_parse: 17 callbacks suppressed
[  217.890409][T10216] netlink: 264 bytes leftover after parsing attributes in process `syz.2.2130'.
[  218.166959][T10225] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2132'.
[  218.354129][T10228] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2133'.
[  218.537131][T10238] FAULT_INJECTION: forcing a failure.
[  218.537131][T10238] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  218.550822][T10238] CPU: 0 UID: 0 PID: 10238 Comm: syz.1.2137 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  218.550918][T10238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  218.550929][T10238] Call Trace:
[  218.550936][T10238]  <TASK>
[  218.550944][T10238]  __dump_stack+0x1d/0x30
[  218.550964][T10238]  dump_stack_lvl+0xe8/0x140
[  218.550984][T10238]  dump_stack+0x15/0x1b
[  218.551009][T10238]  should_fail_ex+0x265/0x280
[  218.551090][T10238]  should_fail+0xb/0x20
[  218.551123][T10238]  should_fail_usercopy+0x1a/0x20
[  218.551146][T10238]  _copy_from_user+0x1c/0xb0
[  218.551179][T10238]  memdup_user+0x5e/0xd0
[  218.551212][T10238]  strndup_user+0x68/0xb0
[  218.551242][T10238]  __se_sys_mount+0x4d/0x2e0
[  218.551293][T10238]  ? fput+0x8f/0xc0
[  218.551321][T10238]  ? ksys_write+0x192/0x1a0
[  218.551341][T10238]  __x64_sys_mount+0x67/0x80
[  218.551411][T10238]  x64_sys_call+0x2b4d/0x2ff0
[  218.551432][T10238]  do_syscall_64+0xd2/0x200
[  218.551515][T10238]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  218.551539][T10238]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  218.551626][T10238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.551651][T10238] RIP: 0033:0x7f110e3fec29
[  218.551748][T10238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.551768][T10238] RSP: 002b:00007f110ce46038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  218.551813][T10238] RAX: ffffffffffffffda RBX: 00007f110e646090 RCX: 00007f110e3fec29
[  218.551826][T10238] RDX: 0000200000000040 RSI: 0000200000000080 RDI: 0000000000000000
[  218.551882][T10238] RBP: 00007f110ce46090 R08: 0000200000000400 R09: 0000000000000000
[  218.551896][T10238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.551911][T10238] R13: 00007f110e646128 R14: 00007f110e646090 R15: 00007ffc9eaf7d18
[  218.551930][T10238]  </TASK>
[  218.774593][   T29] kauditd_printk_skb: 312 callbacks suppressed
[  218.774612][   T29] audit: type=1400 audit(1758512546.220:6103): avc:  denied  { create } for  pid=10236 comm="syz.1.2137" name="9p" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  218.928868][T10240] loop4: detected capacity change from 0 to 4096
[  218.936306][T10240] EXT4-fs: Ignoring removed nomblk_io_submit option
[  219.072565][   T29] audit: type=1400 audit(1758512546.530:6104): avc:  denied  { unlink } for  pid=3310 comm="syz-executor" name="9p" dev="tmpfs" ino=2314 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  219.139256][T10240] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  219.304574][T10246] loop2: detected capacity change from 0 to 164
[  219.321978][T10248] only policy match revision 0 supported
[  219.321993][T10248] unable to load match
[  219.333450][   T29] audit: type=1326 audit(1758512546.770:6105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10247 comm="syz.3.2140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbde68eec29 code=0x7ffc0000
[  219.358213][   T29] audit: type=1326 audit(1758512546.770:6106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10247 comm="syz.3.2140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7fbde68eec29 code=0x7ffc0000
[  219.383266][   T29] audit: type=1326 audit(1758512546.770:6107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10247 comm="syz.3.2140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbde68eec29 code=0x7ffc0000
[  219.408708][   T29] audit: type=1326 audit(1758512546.770:6108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10247 comm="syz.3.2140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbde68eec29 code=0x7ffc0000
[  219.432953][   T29] audit: type=1326 audit(1758512546.770:6109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10247 comm="syz.3.2140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbde68eec29 code=0x7ffc0000
[  219.457760][   T29] audit: type=1326 audit(1758512546.770:6110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10247 comm="syz.3.2140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbde68eec29 code=0x7ffc0000
[  219.482271][   T29] audit: type=1326 audit(1758512546.770:6111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10247 comm="syz.3.2140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbde68eec29 code=0x7ffc0000
[  219.507372][   T29] audit: type=1326 audit(1758512546.770:6112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10247 comm="syz.3.2140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbde68eec29 code=0x7ffc0000
[  219.514044][T10246] FAULT_INJECTION: forcing a failure.
[  219.514044][T10246] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  219.546511][T10246] CPU: 1 UID: 0 PID: 10246 Comm: syz.2.2139 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  219.546619][T10246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  219.546631][T10246] Call Trace:
[  219.546684][T10246]  <TASK>
[  219.546694][T10246]  __dump_stack+0x1d/0x30
[  219.546780][T10246]  dump_stack_lvl+0xe8/0x140
[  219.546803][T10246]  dump_stack+0x15/0x1b
[  219.546823][T10246]  should_fail_ex+0x265/0x280
[  219.546852][T10246]  should_fail_alloc_page+0xf2/0x100
[  219.546914][T10246]  __alloc_frozen_pages_noprof+0xff/0x360
[  219.546951][T10246]  alloc_pages_mpol+0xb3/0x250
[  219.547045][T10246]  vma_alloc_folio_noprof+0x1aa/0x300
[  219.547137][T10246]  handle_mm_fault+0xec2/0x2c20
[  219.547164][T10246]  ? __rcu_read_unlock+0x4f/0x70
[  219.547237][T10246]  do_user_addr_fault+0x3fe/0x1090
[  219.547314][T10246]  exc_page_fault+0x62/0xa0
[  219.547426][T10246]  asm_exc_page_fault+0x26/0x30
[  219.547448][T10246] RIP: 0010:filldir+0x1f6/0x420
[  219.547560][T10246] Code: c1 ff 48 89 ef 4c 89 fe e8 47 99 c1 ff 4c 39 fd 0f 82 af 01 00 00 4c 39 e5 0f 87 a6 01 00 00 0f 01 cb 0f ae e8 48 8b 44 24 40 <49> 89 47 08 48 8b 44 24 10 48 8b 4c 24 38 48 89 08 48 8b 6c 24 18
[  219.547578][T10246] RSP: 0018:ffffc9000f7a7cd0 EFLAGS: 00050287
[  219.547594][T10246] RAX: 0000000000000088 RBX: 0000000000000002 RCX: ffff888125978000
[  219.547607][T10246] RDX: 0000000000000000 RSI: 0000200000001fc0 RDI: 0000200000001fd8
[  219.547619][T10246] RBP: 0000200000001fd8 R08: 0001c9000f7a7ea7 R09: 0000000000000000
[  219.547632][T10246] R10: 0000000000000001 R11: ffffffff81966090 R12: 00007ffffffff000
[  219.547644][T10246] R13: 0000000000000004 R14: ffffffff864d18f2 R15: 0000200000001fc0
[  219.547660][T10246]  ? __pfx_filldir+0x10/0x10
[  219.547716][T10246]  ? __pfx_filldir+0x10/0x10
[  219.547739][T10246]  isofs_readdir+0x4b3/0xb40
[  219.547766][T10246]  iterate_dir+0x111/0x330
[  219.547782][T10246]  ? mutex_lock+0xd/0x30
[  219.547810][T10246]  __se_sys_getdents+0x88/0x1b0
[  219.547838][T10246]  ? __pfx_filldir+0x10/0x10
[  219.547861][T10246]  __x64_sys_getdents+0x43/0x50
[  219.547884][T10246]  x64_sys_call+0xee7/0x2ff0
[  219.547929][T10246]  do_syscall_64+0xd2/0x200
[  219.547969][T10246]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  219.547991][T10246]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  219.548069][T10246]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.548093][T10246] RIP: 0033:0x7f3609c0ec29
[  219.548107][T10246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.548126][T10246] RSP: 002b:00007f3608677038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[  219.548143][T10246] RAX: ffffffffffffffda RBX: 00007f3609e55fa0 RCX: 00007f3609c0ec29
[  219.548155][T10246] RDX: 0000000020002078 RSI: 0000200000001fc0 RDI: 0000000000000005
[  219.548168][T10246] RBP: 00007f3608677090 R08: 0000000000000000 R09: 0000000000000000
[  219.548198][T10246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  219.548209][T10246] R13: 00007f3609e56038 R14: 00007f3609e55fa0 R15: 00007ffdc17d0148
[  219.548227][T10246]  </TASK>
[  219.885793][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.908459][T10250] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2141'.
[  219.918485][T10252] loop4: detected capacity change from 0 to 128
[  219.957756][T10256] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2144'.
[  220.004271][T10252] netlink: 264 bytes leftover after parsing attributes in process `syz.4.2142'.
[  220.143846][T10266] loop1: detected capacity change from 0 to 164
[  220.173597][T10268] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2149'.
[  220.499834][T10277] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2149'.
[  220.889245][T10312] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2159'.
[  221.020920][T10316] loop2: detected capacity change from 0 to 1024
[  221.083061][T10316] EXT4-fs: Ignoring removed nomblk_io_submit option
[  221.246089][T10316] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  221.264959][T10316] System zones: 0-1, 3-36
[  221.383292][T10316] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.527885][T10337] loop0: detected capacity change from 0 to 4096
[  221.535584][T10337] EXT4-fs: Ignoring removed nomblk_io_submit option
[  221.728183][T10337] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.890967][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.987579][T10356] FAULT_INJECTION: forcing a failure.
[  221.987579][T10356] name failslab, interval 1, probability 0, space 0, times 0
[  222.000975][T10356] CPU: 0 UID: 0 PID: 10356 Comm: syz.4.2166 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  222.001003][T10356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  222.001011][T10356] Call Trace:
[  222.001016][T10356]  <TASK>
[  222.001096][T10356]  __dump_stack+0x1d/0x30
[  222.001112][T10356]  dump_stack_lvl+0xe8/0x140
[  222.001127][T10356]  dump_stack+0x15/0x1b
[  222.001138][T10356]  should_fail_ex+0x265/0x280
[  222.001163][T10356]  should_failslab+0x8c/0xb0
[  222.001180][T10356]  kmem_cache_alloc_node_noprof+0x57/0x320
[  222.001255][T10356]  ? __alloc_skb+0x101/0x320
[  222.001270][T10356]  __alloc_skb+0x101/0x320
[  222.001339][T10356]  netlink_ack+0xfd/0x500
[  222.001354][T10356]  ? avc_has_perm_noaudit+0x1b1/0x200
[  222.001372][T10356]  netlink_rcv_skb+0x192/0x220
[  222.001387][T10356]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  222.001498][T10356]  rtnetlink_rcv+0x1c/0x30
[  222.001516][T10356]  netlink_unicast+0x5bd/0x690
[  222.001532][T10356]  netlink_sendmsg+0x58b/0x6b0
[  222.001614][T10356]  ? __pfx_netlink_sendmsg+0x10/0x10
[  222.001630][T10356]  __sock_sendmsg+0x142/0x180
[  222.001650][T10356]  ____sys_sendmsg+0x345/0x4e0
[  222.001675][T10356]  ___sys_sendmsg+0x17b/0x1d0
[  222.001748][T10356]  __sys_sendmmsg+0x178/0x300
[  222.001832][T10356]  __x64_sys_sendmmsg+0x57/0x70
[  222.001858][T10356]  x64_sys_call+0x1c4a/0x2ff0
[  222.001894][T10356]  do_syscall_64+0xd2/0x200
[  222.001926][T10356]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  222.001996][T10356]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  222.002028][T10356]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.002051][T10356] RIP: 0033:0x7f3d3d1fec29
[  222.002141][T10356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.002184][T10356] RSP: 002b:00007f3d3bc67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  222.002207][T10356] RAX: ffffffffffffffda RBX: 00007f3d3d445fa0 RCX: 00007f3d3d1fec29
[  222.002221][T10356] RDX: 04000000000001f2 RSI: 0000200000000000 RDI: 0000000000000006
[  222.002236][T10356] RBP: 00007f3d3bc67090 R08: 0000000000000000 R09: 0000000000000000
[  222.002250][T10356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  222.002264][T10356] R13: 00007f3d3d446038 R14: 00007f3d3d445fa0 R15: 00007ffc8b8f2228
[  222.002284][T10356]  </TASK>
[  222.002602][T10350] loop2: detected capacity change from 0 to 2048
[  222.030848][T10357] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  222.242792][T10358] siw: device registration error -23
[  222.312489][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.345411][T10362] netlink: 'syz.1.2169': attribute type 1 has an invalid length.
[  222.390504][T10371] FAULT_INJECTION: forcing a failure.
[  222.390504][T10371] name failslab, interval 1, probability 0, space 0, times 0
[  222.403886][T10371] CPU: 0 UID: 0 PID: 10371 Comm: syz.0.2170 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  222.403920][T10371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  222.403935][T10371] Call Trace:
[  222.403986][T10371]  <TASK>
[  222.403993][T10371]  __dump_stack+0x1d/0x30
[  222.404014][T10371]  dump_stack_lvl+0xe8/0x140
[  222.404033][T10371]  dump_stack+0x15/0x1b
[  222.404053][T10371]  should_fail_ex+0x265/0x280
[  222.404129][T10371]  should_failslab+0x8c/0xb0
[  222.404215][T10371]  kmem_cache_alloc_node_noprof+0x57/0x320
[  222.404243][T10371]  ? __alloc_skb+0x101/0x320
[  222.404327][T10371]  __alloc_skb+0x101/0x320
[  222.404349][T10371]  ? ip_generic_getfrag+0x135/0x1b0
[  222.404387][T10371]  __ip_append_data+0x1935/0x2440
[  222.404429][T10371]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  222.404593][T10371]  ip_append_data+0xd6/0x130
[  222.404630][T10371]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  222.404667][T10371]  udp_sendmsg+0x36e/0x13c0
[  222.404715][T10371]  ? mntput+0x4b/0x80
[  222.404801][T10371]  ? __rcu_read_unlock+0x4f/0x70
[  222.404823][T10371]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  222.404893][T10371]  ? avc_has_perm+0xf7/0x180
[  222.404922][T10371]  ? __pfx_udp_sendmsg+0x10/0x10
[  222.404962][T10371]  inet_sendmsg+0xac/0xd0
[  222.404986][T10371]  __sock_sendmsg+0x102/0x180
[  222.405022][T10371]  __sys_sendto+0x268/0x330
[  222.405070][T10371]  __x64_sys_sendto+0x76/0x90
[  222.405096][T10371]  x64_sys_call+0x2d05/0x2ff0
[  222.405185][T10371]  do_syscall_64+0xd2/0x200
[  222.405274][T10371]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  222.405296][T10371]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  222.405347][T10371]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.405434][T10371] RIP: 0033:0x7f506964ec29
[  222.405453][T10371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.405471][T10371] RSP: 002b:00007f50680b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  222.405490][T10371] RAX: ffffffffffffffda RBX: 00007f5069895fa0 RCX: 00007f506964ec29
[  222.405502][T10371] RDX: 0000000000006200 RSI: 0000200000000c80 RDI: 0000000000000003
[  222.405557][T10371] RBP: 00007f50680b7090 R08: 0000000000000000 R09: 0000000000000000
[  222.405572][T10371] R10: 0000000012000000 R11: 0000000000000246 R12: 0000000000000001
[  222.405586][T10371] R13: 00007f5069896038 R14: 00007f5069895fa0 R15: 00007ffdee076d48
[  222.405621][T10371]  </TASK>
[  222.406270][T10372] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2173'.
[  222.723657][T10381] bridge0: port 3(vlan0) entered blocking state
[  222.730760][T10381] bridge0: port 3(vlan0) entered disabled state
[  222.737904][T10381] vlan0: entered allmulticast mode
[  222.743624][T10381] bridge0: entered allmulticast mode
[  222.749588][T10389] loop2: detected capacity change from 0 to 128
[  222.757205][T10381] vlan0: left allmulticast mode
[  222.762670][T10381] bridge0: left allmulticast mode
[  222.784150][T10389] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  222.817728][T10389] ext4 filesystem being mounted at /429/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  222.865424][ T3308] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  222.920837][T10399] loop2: detected capacity change from 0 to 2048
[  222.953983][T10399] siw: device registration error -23
[  222.993463][T10409] loop2: detected capacity change from 0 to 128
[  223.004853][T10409] __nla_validate_parse: 2 callbacks suppressed
[  223.004869][T10409] netlink: 264 bytes leftover after parsing attributes in process `syz.2.2186'.
[  223.023554][T10405] net_ratelimit: 1 callbacks suppressed
[  223.023596][T10405] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  223.163436][T10421] only policy match revision 0 supported
[  223.163450][T10421] unable to load match
[  223.194750][T10425] loop4: detected capacity change from 0 to 128
[  223.224352][T10425] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  223.269000][T10425] ext4 filesystem being mounted at /457/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  223.282894][T10431] loop2: detected capacity change from 0 to 2048
[  223.306549][ T3305] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  223.321723][T10440] FAULT_INJECTION: forcing a failure.
[  223.321723][T10440] name failslab, interval 1, probability 0, space 0, times 0
[  223.336207][T10440] CPU: 0 UID: 0 PID: 10440 Comm: syz.3.2199 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  223.336237][T10440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  223.336250][T10440] Call Trace:
[  223.336269][T10440]  <TASK>
[  223.336277][T10440]  __dump_stack+0x1d/0x30
[  223.336331][T10440]  dump_stack_lvl+0xe8/0x140
[  223.336352][T10440]  dump_stack+0x15/0x1b
[  223.336369][T10440]  should_fail_ex+0x265/0x280
[  223.336473][T10440]  should_failslab+0x8c/0xb0
[  223.336501][T10440]  kmem_cache_alloc_noprof+0x50/0x310
[  223.336531][T10440]  ? skb_clone+0x151/0x1f0
[  223.336617][T10440]  skb_clone+0x151/0x1f0
[  223.336694][T10440]  __netlink_deliver_tap+0x2c9/0x500
[  223.336721][T10440]  netlink_unicast+0x66b/0x690
[  223.336743][T10440]  netlink_sendmsg+0x58b/0x6b0
[  223.336775][T10440]  ? __pfx_netlink_sendmsg+0x10/0x10
[  223.336802][T10440]  __sock_sendmsg+0x142/0x180
[  223.336831][T10440]  ____sys_sendmsg+0x31e/0x4e0
[  223.336932][T10440]  ___sys_sendmsg+0x17b/0x1d0
[  223.336973][T10440]  __x64_sys_sendmsg+0xd4/0x160
[  223.337069][T10440]  x64_sys_call+0x191e/0x2ff0
[  223.337095][T10440]  do_syscall_64+0xd2/0x200
[  223.337127][T10440]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  223.337237][T10440]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  223.337270][T10440]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.337291][T10440] RIP: 0033:0x7fbde68eec29
[  223.337375][T10440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.337402][T10440] RSP: 002b:00007fbde534f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  223.337423][T10440] RAX: ffffffffffffffda RBX: 00007fbde6b35fa0 RCX: 00007fbde68eec29
[  223.337437][T10440] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  223.337449][T10440] RBP: 00007fbde534f090 R08: 0000000000000000 R09: 0000000000000000
[  223.337462][T10440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.337475][T10440] R13: 00007fbde6b36038 R14: 00007fbde6b35fa0 R15: 00007fff60ac5598
[  223.337495][T10440]  </TASK>
[  223.338626][T10440] netlink: 'syz.3.2199': attribute type 8 has an invalid length.
[  223.454437][T10445] FAULT_INJECTION: forcing a failure.
[  223.454437][T10445] name failslab, interval 1, probability 0, space 0, times 0
[  223.575688][T10445] CPU: 1 UID: 0 PID: 10445 Comm: syz.1.2201 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  223.575718][T10445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  223.575730][T10445] Call Trace:
[  223.575736][T10445]  <TASK>
[  223.575744][T10445]  __dump_stack+0x1d/0x30
[  223.575863][T10445]  dump_stack_lvl+0xe8/0x140
[  223.575884][T10445]  dump_stack+0x15/0x1b
[  223.575902][T10445]  should_fail_ex+0x265/0x280
[  223.575926][T10445]  should_failslab+0x8c/0xb0
[  223.576024][T10445]  kmem_cache_alloc_noprof+0x50/0x310
[  223.576072][T10445]  ? skb_clone+0x151/0x1f0
[  223.576144][T10445]  skb_clone+0x151/0x1f0
[  223.576180][T10445]  __netlink_deliver_tap+0x2c9/0x500
[  223.576225][T10445]  netlink_unicast+0x66b/0x690
[  223.576262][T10445]  netlink_sendmsg+0x58b/0x6b0
[  223.576331][T10445]  ? __pfx_netlink_sendmsg+0x10/0x10
[  223.576356][T10445]  __sock_sendmsg+0x142/0x180
[  223.576438][T10445]  ____sys_sendmsg+0x31e/0x4e0
[  223.576454][T10431] siw: device registration error -23
[  223.576469][T10445]  ___sys_sendmsg+0x17b/0x1d0
[  223.576507][T10445]  __x64_sys_sendmsg+0xd4/0x160
[  223.576619][T10445]  x64_sys_call+0x191e/0x2ff0
[  223.576719][T10445]  do_syscall_64+0xd2/0x200
[  223.576749][T10445]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  223.576774][T10445]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  223.576831][T10445]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.577031][T10445] RIP: 0033:0x7f110e3fec29
[  223.577043][T10445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.577058][T10445] RSP: 002b:00007f110ce67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  223.577078][T10445] RAX: ffffffffffffffda RBX: 00007f110e645fa0 RCX: 00007f110e3fec29
[  223.577102][T10445] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000b
[  223.577123][T10445] RBP: 00007f110ce67090 R08: 0000000000000000 R09: 0000000000000000
[  223.577134][T10445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.577146][T10445] R13: 00007f110e646038 R14: 00007f110e645fa0 R15: 00007ffc9eaf7d18
[  223.577172][T10445]  </TASK>
[  223.633257][T10443] loop4: detected capacity change from 0 to 1024
[  223.755917][T10451] loop0: detected capacity change from 0 to 512
[  223.759240][T10451] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  223.825380][T10451] EXT4-fs (loop0): group descriptors corrupted!
[  223.843066][T10445] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  223.872139][T10451] rtc_cmos 00:00: Alarms can be up to one day in the future
[  223.881862][T10443] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.943890][   T29] kauditd_printk_skb: 259 callbacks suppressed
[  223.943907][   T29] audit: type=1326 audit(1758512551.410:6372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10459 comm="syz.3.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbde68eec29 code=0x7ffc0000
[  223.991626][   T29] audit: type=1326 audit(1758512551.440:6373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10459 comm="syz.3.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbde68eec29 code=0x7ffc0000
[  224.016228][   T29] audit: type=1326 audit(1758512551.460:6374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10459 comm="syz.3.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbde68eec29 code=0x7ffc0000
[  224.041785][   T29] audit: type=1326 audit(1758512551.460:6375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10459 comm="syz.3.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbde68eec29 code=0x7ffc0000
[  224.053512][T10456] syzkaller0: entered promiscuous mode
[  224.073066][T10456] syzkaller0: entered allmulticast mode
[  224.079636][T10462] kernel read not supported for file /policy (pid: 10462 comm: syz.3.2206)
[  224.083469][   T29] audit: type=1326 audit(1758512551.540:6376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10459 comm="syz.3.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=313 compat=0 ip=0x7fbde68eec29 code=0x7ffc0000
[  224.113488][   T29] audit: type=1400 audit(1758512551.540:6377): avc:  denied  { module_load } for  pid=10459 comm="syz.3.2206" path="/selinux/policy" dev="selinuxfs" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=system permissive=1
[  224.142728][   T29] audit: type=1326 audit(1758512551.550:6378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10459 comm="syz.3.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbde68eec29 code=0x7ffc0000
[  224.149442][T10461] netlink: 256 bytes leftover after parsing attributes in process `syz.0.2207'.
[  224.167700][   T29] audit: type=1326 audit(1758512551.550:6379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10459 comm="syz.3.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbde68eec29 code=0x7ffc0000
[  224.220089][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.241942][T10469] loop1: detected capacity change from 0 to 2048
[  224.260535][T10478] loop4: detected capacity change from 0 to 128
[  224.272968][T10478] netlink: 264 bytes leftover after parsing attributes in process `syz.4.2211'.
[  224.305902][T10482] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2212'.
[  224.315511][T10481] loop0: detected capacity change from 0 to 128
[  224.328442][   T29] audit: type=1400 audit(1758512551.790:6380): avc:  denied  { mount } for  pid=10467 comm="syz.1.2209" name="/" dev="ramfs" ino=24998 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  224.351534][   T29] audit: type=1400 audit(1758512551.790:6381): avc:  denied  { getopt } for  pid=10467 comm="syz.1.2209" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  224.354775][T10481] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  224.394648][T10481] ext4 filesystem being mounted at /428/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  224.420397][ T2995] ==================================================================
[  224.423094][T10485] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2214'.
[  224.428780][ T2995] BUG: KCSAN: data-race in d_delete / lookup_fast
[  224.444732][ T2995] 
[  224.447209][ T2995] read-write to 0xffff888119ce1300 of 4 bytes by task 9996 on cpu 1:
[  224.455550][ T2995]  d_delete+0x15a/0x180
[  224.460173][ T2995]  d_delete_notify+0x32/0x100
[  224.465070][ T2995]  vfs_unlink+0x30b/0x420
[  224.469434][ T2995]  do_unlinkat+0x24e/0x480
[  224.473948][ T2995]  __x64_sys_unlink+0x2e/0x40
[  224.478810][ T2995]  x64_sys_call+0x2dc0/0x2ff0
[  224.483496][ T2995]  do_syscall_64+0xd2/0x200
[  224.488625][ T2995]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.494794][ T2995] 
[  224.497310][ T2995] read to 0xffff888119ce1300 of 4 bytes by task 2995 on cpu 0:
[  224.505295][ T2995]  lookup_fast+0xf0/0x320
[  224.509734][ T2995]  walk_component+0x3f/0x220
[  224.514438][ T2995]  path_lookupat+0xfe/0x2a0
[  224.518950][ T2995]  filename_lookup+0x147/0x340
[  224.523894][ T2995]  do_readlinkat+0x7d/0x320
[  224.528835][ T2995]  __x64_sys_readlink+0x47/0x60
[  224.534044][ T2995]  x64_sys_call+0x28da/0x2ff0
[  224.538867][ T2995]  do_syscall_64+0xd2/0x200
[  224.543488][ T2995]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.549476][ T2995] 
[  224.551979][ T2995] value changed: 0x00300180 -> 0x00004080
[  224.557954][ T2995] 
[  224.560360][ T2995] Reported by Kernel Concurrency Sanitizer on:
[  224.566506][ T2995] CPU: 0 UID: 0 PID: 2995 Comm: udevd Not tainted syzkaller #0 PREEMPT(voluntary) 
[  224.576241][ T2995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  224.586674][ T2995] ==================================================================
[  224.596059][ T3417] rtc_cmos 00:00: Alarms can be up to one day in the future
[  224.604085][ T3417] rtc_cmos 00:00: Alarms can be up to one day in the future
[  224.611451][T10489] FAULT_INJECTION: forcing a failure.
[  224.611451][T10489] name failslab, interval 1, probability 0, space 0, times 0
[  224.612292][ T3417] rtc_cmos 00:00: Alarms can be up to one day in the future
[  224.624776][T10489] CPU: 1 UID: 0 PID: 10489 Comm: syz.4.2215 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  224.624805][T10489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  224.624817][T10489] Call Trace:
[  224.624825][T10489]  <TASK>
[  224.624833][T10489]  __dump_stack+0x1d/0x30
[  224.624914][T10489]  dump_stack_lvl+0xe8/0x140
[  224.624991][T10489]  dump_stack+0x15/0x1b
[  224.625008][T10489]  should_fail_ex+0x265/0x280
[  224.625032][T10489]  should_failslab+0x8c/0xb0
[  224.625130][T10489]  kmem_cache_alloc_node_noprof+0x57/0x320
[  224.625159][T10489]  ? __alloc_skb+0x101/0x320
[  224.625180][T10489]  ? selinux_socket_sock_rcv_skb+0x219/0x620
[  224.625271][T10489]  __alloc_skb+0x101/0x320
[  224.625293][T10489]  alloc_skb_with_frags+0x7d/0x470
[  224.625317][T10489]  ? avc_has_perm+0xf7/0x180
[  224.625344][T10489]  sock_alloc_send_pskb+0x43a/0x4f0
[  224.625416][T10489]  unix_dgram_sendmsg+0x380/0xfe0
[  224.625445][T10489]  ? selinux_socket_sendmsg+0x175/0x1b0
[  224.625478][T10489]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  224.625505][T10489]  __sock_sendmsg+0x142/0x180
[  224.625581][T10489]  ____sys_sendmsg+0x345/0x4e0
[  224.625610][T10489]  ___sys_sendmsg+0x17b/0x1d0
[  224.625682][T10489]  __sys_sendmmsg+0x178/0x300
[  224.625716][T10489]  __x64_sys_sendmmsg+0x57/0x70
[  224.625742][T10489]  x64_sys_call+0x1c4a/0x2ff0
[  224.625790][T10489]  do_syscall_64+0xd2/0x200
[  224.625820][T10489]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  224.625845][T10489]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  224.625890][T10489]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.625919][T10489] RIP: 0033:0x7f3d3d1fec29
[  224.625936][T10489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.625955][T10489] RSP: 002b:00007f3d3bc67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  224.625976][T10489] RAX: ffffffffffffffda RBX: 00007f3d3d445fa0 RCX: 00007f3d3d1fec29
[  224.626027][T10489] RDX: 0000000000000002 RSI: 0000200000002d80 RDI: 0000000000000004
[  224.626040][T10489] RBP: 00007f3d3bc67090 R08: 0000000000000000 R09: 0000000000000000
[  224.626128][T10489] R10: 0000000040008004 R11: 0000000000000246 R12: 0000000000000001
[  224.626141][T10489] R13: 00007f3d3d446038 R14: 00007f3d3d445fa0 R15: 00007ffc8b8f2228
[  224.626159][T10489]  </TASK>
[  224.868184][ T3417] rtc_cmos 00:00: Alarms can be up to one day in the future
[  224.876632][ T3417] rtc rtc0: __rtc_set_alarm: err=-22
[  225.143377][ T3304] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.