last executing test programs:

22.074130226s ago: executing program 4 (id=4212):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x20000023893)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8}]}, 0x20}}, 0x0)
syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2082)
syz_open_procfs(0x0, &(0x7f0000000040)='net/vlan/vlan0\x00')
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x4, 0xc0000000, 0x0, {0x0, 0x0, 0x0, 0x0, {0x3, 0x3}, {0xa, 0xe}, {0x0, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_TUPDATE={0x8, 0x4, 0xa2}, @TCA_FQ_PIE_TARGET={0x8, 0x3, 0x4}]}}]}, 0x44}}, 0x20004055)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
socket$netlink(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r3, 0x8982, &(0x7f0000002800)={0x1, 'vlan0\x00'})

21.182915344s ago: executing program 4 (id=4220):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000480)="f5f2da0c498acb51669eb70aa52b390955e445aa5a4fc59cf98717ce6e756ada86e27752abe95de8fb57fb5795e2f2292e2bb0afb6c876c45a8542333413cd5213b29572e383b89953d293439e43e9d5484385a86e8a2b5d0ab414ade40efe569f3f0ce8a10e91211cd19eadf04cf8644f7eb73292c4f469e289206f3f5257b8f1c34613e626febbabef501e0d18bac982b17723413c0818f7609c54feec3b2fbcd671273958c8e2fdc5e2e0dbeb1406221883854228ad8bc875138b62cf8f7439a41f58900951b838f920f2675194e311e12199b614851ebc2676fca9e18a1ac3361735bdf8536a07e97b7cd65ce654b5f4ba5a128e3058f38120a34d3f04da8b79e8b2b4df800a29cf0577a8998fbf932595", 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="50020000", @ANYRES16=r2, @ANYBLOB="0100000000000000000001000000080001000000000004000480080002000100000010000c7d0c000b8008000a00b4ed000004000880c8000c8024000900f36aad4208000a156878badf10076800d5441e0f080009002bd49f3b0c00008008000a00697100002c000b8008000a"], 0x250}}, 0x4c000)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00001f0000), 0x1002002, 0x0)
r4 = dup(r3)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x40542, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000180)=0x19)

21.104633212s ago: executing program 4 (id=4222):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="2c934bf69160ecfc107064f4956051ba803eacb5696d653b39850410023b14c64ca11ffbaed005d790db63b7e06713819aa43b8f65e6e10029a2509e2d9783999d4f411c0253cb6dbddecda19913f679d47ecc473e594bed3efd5d4d4a2ec8a74a9731a91a9bbe6afee4583cdaeba49c203520ef713c3aee1e84b023aa5198189af55eb619a4d561ca40684e4df3badf022bfbc7322418224340d472e267e0c58010b8297a67d385591ba29d6d2d0af8aa5f0d3d9f34aba8cdb374b439766d8e96600270eca1ce5361f014f50d5ad57d2e2b69630220486e18d309519067301303cb"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
pipe(&(0x7f0000000000)={<r2=>0xffffffffffffffff})
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'bridge0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@bridge_delneigh={0x30, 0x1c, 0x1, 0x80000000, 0x0, {0x7, 0x0, 0x0, r4, 0x80, 0xb2}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x22}}, @NDA_VLAN={0x6, 0x5, 0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x40800)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
splice(r2, 0x0, r6, 0x0, 0x4ffe6, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r7}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000000), 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_SET(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000940)=ANY=[@ANYBLOB="a8020000", @ANYRES16=r9, @ANYBLOB="010028bd7000fbdbdf2505000000040001800c0002800800020004000000d40001801c00028008000200ff030000080003002d610000080003003de500001c00028008000200b9d70000080002000900000008000300090000000d0001"], 0x2a8}, 0x1, 0x0, 0x0, 0x48c05}, 0x2404c140)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x600003, 0x0)
r11 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r11, &(0x7f0000000740)=[{{&(0x7f00000002c0)={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000640)=[{0x0}, {&(0x7f0000000540)="506f578d627e1169d0a06cce63c735bb71e2ae98c0832af7994a293861", 0x1d}, {0x0, 0x13}], 0x3, &(0x7f0000000680)=[@ip_tos_int={{0x14, 0x0, 0x1, 0xc0d}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x80}}], 0x30}}], 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r8, 0x8933, &(0x7f0000000240)={'team0\x00', <r12=>0x0})
setsockopt$packet_add_memb(r11, 0x107, 0x1, &(0x7f00000003c0)={r12, 0x1, 0x6, @multicast}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x18)

20.274528554s ago: executing program 4 (id=4244):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
syz_mount_image$ext4(&(0x7f0000000140)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000500)={[{@barrier_val={'barrier', 0x3d, 0x8}}, {@min_batch_time={'min_batch_time', 0x3d, 0x5}}]}, 0xfd, 0x477, &(0x7f0000000880)="$eJzs3M9vVEUcAPDv2/7gt62IP0CUKhobjS0tqBw8gNHEgyYmesBjbQsiCzW0GiFEVw94NCTejUcT/wJPejHqycSr3g0JMVxAvTzzdt9rd5fddSlbF9zPJ1k68+YtM9+dN7szb7oNYGBNZP8kEdsj4teIGKtlG0+YqP24fvXC/J9XL8wnkaav/5FUz7t29cJ8cWrxvG1FptJ4vN7yufOn5srlxbN5fnrl9LvTy+fOP33y9NyJxROLZ2YPHz50cOa5Z2ef6UmcWZuu7flwae/ul9+89Or8sUtv/fh1UsTfEMf73f+nmzuWTrQ4NlQkHu++ljvCjrp0MtzHhnBT3o6IrLtGquN/LIZirfPG4qVP+to4YEOlaZpual9cSYH/sST63QKgP/LP+SSiMp+tgevX84PgytHaAiiL+3r+qJUMRyk/Z6RpfdtL2WrrWOWvL7JHNN1PAQDYCN8erf0s5n5r849Sw138I/ne0HhE3B0ROyPinojYFRH3RsR9EXF/RDxQ95xW+z7NmjdJbpz/lC6vK7AuZfO/5/O9rcb5XzH7i/GhPLejGv9IcvxkefFARNwVEZMxsinLz3So47sXf/msXdlE3fwve2T1F3PBvB2Xh5tu0C3MrczdSsz1rnwcsWe4VfzJ6k5A1o+7I2LPvvXVcfLJr/a2K/v3+DvowT5T+mXEE7X+r0RT/IWk8/7k9OYoLx6YLq6KG/3088XX2tV/S/H3QNb/W1te/6vxjyf1+7XLN1/Hxd8+bbum6fL6H61/Tnb9jyZvVNNFwQdzKytnZyJGk1fy40fy4431Vc+bXTs/i39yf+vxvzPWXokHIyK7iB+KiIcjYl/e9kci4tGI2N8h/h9eeOyd9ce/sbL4F26q/9smir3tG4qGTn3/TbWk6KzxDvEn0aL/D1VTk/mRbt7/Orb07K1czQAAAHDnKUXE9khKU6vpUmlqqvb78rtia6m8tLzy1PGl984s1L4jMB4jpeJO19jq/dCozOTL+uL+6GxT/mB+3/jzoS3V/NT8Unmh38HDgNvWZvxnfh/qd+uADef7WjC41jv+0zT9qMdNAf5jPv9hcBn/MLhajP8tTfkOfyMAuJO1+vy3sIfBYP4Pg8v4h8Fl/MPgMv5hIOXfhB/u5gv+G5bI3n/6V3s3iWhoYZr2qRmjt8erUU1EqW+1xzqfPtmnV+zv/I9t3h4d12Wi3+9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfFPAAAA//89VeJz")
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r1}, 0x18)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)=ANY=[@ANYBLOB="140100002800010004000000f8dbdf2503"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r3, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="180000000d1402002abd7000fbdbdfa0cffcd4a865f95f4a"], 0x18}}, 0x8000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b020000f8ffffffb7030000000000004a90e3000000bd96a85173672f7014c555bb29aa0000000000b800"/88], 0x0, 0x3, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYRES16=r2, @ANYRESHEX, @ANYBLOB])
openat$dir(0xffffffffffffff9c, &(0x7f0000000400)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x84800, 0x0)
creat(&(0x7f0000000200)='./file0\x00', 0x100)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x15, 0x7, &(0x7f0000000600)=ANY=[@ANYRES16=r0, @ANYRES32=r4, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r5}, 0x10)
r6 = gettid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={r6, 0xffffffffffffffff, 0x0, 0x31, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x40980, 0x0)
ioctl$IMADDTIMER(0xffffffffffffffff, 0x80044940, &(0x7f0000000600)=0x14)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x18)
ioctl$IMADDTIMER(0xffffffffffffffff, 0x80044940, &(0x7f0000000080)=0x14)
r9 = socket$netlink(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0xfffffcf7, r10, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000849}, 0x0)
close(0xffffffffffffffff)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000200)=0xe)
ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000040)=0x32)

19.942287526s ago: executing program 4 (id=4249):
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") (async)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="160000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2, 0x0, 0xba0a}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000220000a3c000000120a09080000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a"], 0x64}, 0x1, 0x0, 0x0, 0x5}, 0x0) (async)
r3 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r3, 0x2007ffc)
sendfile(r3, r3, 0x0, 0x800000009)

19.004160509s ago: executing program 4 (id=4253):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x74, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x15}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00'}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380), 0x84d03, 0x0)

18.964251323s ago: executing program 32 (id=4253):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x74, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x15}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00'}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380), 0x84d03, 0x0)

3.76431332s ago: executing program 1 (id=4458):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x0, 0x0})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0}, 0x94)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000), 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, &(0x7f0000000a80)=0x1, 0x4)
r3 = socket$inet6(0xa, 0x3, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000980)={{{@in6=@initdev={0xfe, 0x88, '\x00', 0x40, 0x0}, @in6=@local, 0x4e22, 0x0, 0x0, 0x3, 0x2}, {0x0, 0x200000004, 0x40000000007, 0x20000a0de, 0x100000000, 0x4, 0x200000003, 0x9}, {0x5}, 0x1, 0x0, 0x1, 0x0, 0x6, 0x3}, {{@in=@multicast1, 0x0, 0x6c}, 0x0, @in=@dev={0xac, 0x14, 0x14, 0x19}, 0x3502, 0x3, 0x8, 0xa1, 0x9075, 0x800}}, 0xe8)
msgctl$MSG_STAT(0xffffffffffffffff, 0xb, 0x0)
r4 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x14004, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0xdc}}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@jqfmt_vfsv1}, {@stripe={'stripe', 0x3d, 0x5}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
getdents64(r5, &(0x7f0000000040)=""/225, 0xe1)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x4}}}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r6 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
clock_gettime(0x0, &(0x7f0000000380)={<r7=>0x0, <r8=>0x0})
utimensat(r4, &(0x7f00000002c0)='./file1\x00', &(0x7f00000003c0)={{r7, r8/1000+60000}}, 0x100)
r9 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r9, 0x0)
write$selinux_load(r6, &(0x7f0000000400)=ANY=[@ANYRESOCT=r6, @ANYRES64=r0], 0xffa8)

2.271777257s ago: executing program 0 (id=4471):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000080000000", @ANYRES32=r0], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001f80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000340)=""/249, 0xf9}], 0x1}, 0x0)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0)

1.541144628s ago: executing program 5 (id=4479):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3272a6bc}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='sched_switch\x00', r1}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
fcntl$lock(r2, 0x26, &(0x7f0000000080)={0x1, 0x0, 0x2007, 0x1fd})
fcntl$lock(r2, 0x7, &(0x7f0000000280)={0x1, 0x0, 0x2c, 0x9})

1.435081189s ago: executing program 2 (id=4480):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000020000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r1, &(0x7f0000000540)="cdabb84fb4d68dd2742bf0f0ca46013810153f2a78d2a0837abf1abed04e4543f8fe55bb2c55bc604652b504b2937e4239c8853301ece3359e146131309e651e89417021593e180d29ce89a40924c9b494636792e9b17a8fd13b35a0fa3452b9ac8895d2d49fc328f1e3a22272e12234ed17f92b824d17e6912054bc1307f4a50581b601951a76e178ae2400f31776e86b53c3396c6d7912ef7013d3af673d0f1c42b5aa352c1fea18f161a894c7cb89e577169c5afce7398d0009ed789fe2912807e24a354ae586e8decd07981ba58c825eefc7c6d34ff6713e7707355d990a19ac94f1f00e8b14cd34c5004f278a3b4569202e800859eda638a8b05d1835297020d399aef05bb8df84dd29afef5cec1ef2f6b7a7fef44e3e7256b5a67cb95dcca13550baf57ec5cd93eb9fc8daf1ecfbc0ea94acad58361139eb2c6f0443dc17a8f84653ae2855e2efe778c029795934d32d4eb88d866cd3472313dd1fcf09cab8d37169206ef44c", &(0x7f0000000280)=@udp=r3}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
syz_emit_ethernet(0x4a, &(0x7f0000000300)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x1, @loopback={0x300}, @local, {[], {{0xfffc, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
prctl$PR_GET_DUMPABLE(0x3)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x8, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r4, 0x408c5333, &(0x7f0000000280)={0x0, 0x80000000, 0x0, 'queue0\x00', 0xffffff00})
setitimer(0x1, &(0x7f0000000000)={{0x77359400}, {0x77359400}}, &(0x7f0000000040))

1.434541989s ago: executing program 0 (id=4481):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x80}, 0x18)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
stat(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000280))

1.383594744s ago: executing program 2 (id=4482):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x404, &(0x7f0000000280)={[{@init_itable_val={'init_itable', 0x3d, 0x3}}, {@jqfmt_vfsold}, {@nomblk_io_submit}, {@user_xattr}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x400}}, {@quota}]}, 0x3, 0x443, &(0x7f0000000880)="$eJzs3M1vG0UbAPBn10natH3fGFQ++gEECqLiI2nSUnrgAgKJA0hIcCjHkKRVqNugJki0iiAgVI6oEnfEEYm/gBNcEHBC4gp3VKlCvbRwMlrb6ziOnSapky3491M2mtkda+bZ3bFnduIE0LdGs19JxL6I+C0iRurZ1QVGs59SRCxN/3VjaTqJavXNP5NauZs3lqbzovnr9uaZgYj00yQOdah34dLlc1OVyuzFRn588fx74wuXLj87d37q7OzZ2QuTp06dOD7x/MnJ53oSZxbXzYMfzh8+8OrbV1+fPn31nZ++SfL42+LokdH1Dj5Rrfa4umL9ryWdDBTYEDalVO+mMVjr/yNRipWLNxKvfFJo44BtVa1Wq/d3P7xcBf7Dkii6BUAx8g/6bP6bbzs09LgrXH+xPgHK4r7V2OpHBiJtlBlsm9/20mhEnF7++8tsi+15DgEAsMp32fjnmU7jvzRanwv9v7GGUo6IeyLi3og4GRH7I+K+iFrZByLiwU3W375Iktc/1NyTXttycBuQjf9eiIhba8Z/zfWscql2NupjwHIMJmfmKrPHGufkaAzuyvIT69Tx/cu/ft7tWOv4L9uy+vOxYF16bWDX6tfMTC1O3UnMra5/HHFwoFP8SXMlIDsPByLi4BbrmHvq68Pdjt0+/nX0YJ2p+lXEk/Xrvxxt8eeS1vXJ4TXrk+O7ozJ7bDy/K9b6+Zcrb3Sr/47i74Hs+u/peP834y8nreu1C5uv48rvn3Wd02z1/h9K3koilpv7PphaXLw4ETGUvFZvdOv+yVhdbnKlfBb/0SOd4k9r73H5mTgUEdlN/FBEPBwRjzTa/mhEPBYRR9aJ/8eXHn936/Fvryz+mU1d/5XEULTv6Zwonfvh21WVljcTf3b9T9RSRxt7NvL+t5F2be1uBgAAgH+fNCL2RZKONdNpOjZW/xv+/bEnrcwvLD59Zv79CzP17wiUYzDNn3SNtDwPnWhM6/P8ZFv+eOO58Rel4Vp+bHq+MlN08NDn9nbp/5k/SkW3Dtheu4tuAFAk39eE/qX/Q//S/6F/dej/w0W0A9h5nT7/PyqgHcDOa+v/lv2gj5j/Q//S/6F/6f/QlxaG4/Zfkpfo08Tedf6TQqR3QwsltitR9DsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAb/wTAAD//52u43M=")
r0 = syz_open_procfs(0x0, &(0x7f0000000440)='net/if_inet6\x00')
fchown(0xffffffffffffffff, 0x0, 0x0)
read$qrtrtun(r0, &(0x7f0000000000)=""/246, 0xf6)
pread64(r0, &(0x7f00000003c0)=""/51, 0x33, 0x3c)
r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x2, &(0x7f0000000200)=0x10, 0x4)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0}}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0x7}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000080)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0xfffa, 0x2}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x800}, @TCA_FLOWER_KEY_IP_PROTO={0x5, 0x9, 0x84}]}}]}, 0x44}}, 0x24004000)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)
write$binfmt_script(r1, &(0x7f0000000380)={'#! ', './file0', [], 0xa, "fe"}, 0xc)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe935"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

1.376661814s ago: executing program 0 (id=4484):
mount$9p_rdma(&(0x7f00000013c0), &(0x7f0000001400)='.\x00', &(0x7f0000001440), 0x800, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=rdma,port=0x0800000000004e20,timeout=0'])
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close(r3)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
writev(r2, &(0x7f0000000140)=[{&(0x7f0000000100)="89e7ee2c78dad9bfb473fec96558", 0xe}], 0x1)
setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000000)=0x7a2b, 0x4)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r6)
sendmsg$NL80211_CMD_GET_WIPHY(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)={0x28, r7, 0x301, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x1, 0x14}, @void, @val={0xc, 0x99, {0x5, 0x4}}}}}, 0x28}}, 0x44)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x0, 0xfffffffe, 0x4}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850)
sendmsg$nl_route_sched(r5, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newtfilter={0x30, 0x2c, 0xd27, 0x70bd28, 0xfffff000, {0x0, 0x0, 0x0, r9, {0xf000, 0xffff}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_fw={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x200c8080)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x6c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r12, {0x3}, {}, {0x2, 0xfff1}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x3c, 0x2, [@TCA_GRED_PARMS={0x38, 0x1, {0x80000001, 0x3, 0x8, 0xb, 0x101, 0xffffcbef, 0x183, 0x5, 0x7, 0x1, 0x14, 0xb, 0x1a, 0x3, 0xd0b, 0x38f4}}]}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40098}, 0x4000000)
r13 = syz_genetlink_get_family_id$devlink(&(0x7f0000000200), r1)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x34, r13, 0x2, 0x0, 0x25dfdbfc, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

1.21445658s ago: executing program 3 (id=4486):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r2}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x2004000, &(0x7f0000000740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x80}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r5}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x12, 0x8, 0x4, 0x7cb4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x50)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xc0c8, &(0x7f0000000240)=ANY=[], 0x3c, 0x2e2, &(0x7f0000000b40)="$eJzs3M9rE1sUwPGTNE3TlDZZPB68J9KLbnQztHEvBGlBDCi1EX+AMG0mGjImIRMqEbFx5dZ/w9BldwWtf0A37ly5ETfdCG4CWkeSmdikTtskNU1Kvh8o92TuPTNzeyfhJDCze/f1k2za0tJ6SfwhJX6RiuyJROtRK5/4nCbovA45TUUuT337eF6JSDyRWFhSajG+fCWmlJqZffv0+caF7dLUnc2ZrQnZiT7c/Rr7vPPvzn+7P5cfZyyVsVQuX1K6Wsl/KukrpqFSGSurKXXLNHTLUJmcZRSd/nzJPawUCmWl51LT4ULRsCyl58oqa5RVKa9KxbLSH+mZnNI0TU2HZXTUZhtNodu8ZHVpSY/3eNDVHvPw120f2VssNt887+32nmS1f+cEAACGlWf9X2uv/31u62+t/10VqdTr/9v37t/ooP7fCh5S/+ePrf8b/WkzT/3fq9Cfm5LVsd7rf5wRxUmR6obsv6NfPtiYawTU/wAAAAAAAAAAAAAAAAAAAAAAnAU1247YtvhF7Ihf6rHzN+HeMNJ8PejzRH/U3PVttrYdqK866z8iWm7cC4mYr9aSa0mndfrjacmIKYbMSUR+NK4HlxMvXk8s+FRDVN6Z627++lpyrD1/XiIS9c6fd/JVe/64hFvzYxKRf7zzY575Qbl0sSVfk4h8WJW8mJJqXNf7+S/mlbp2M3Egf1JSHnfMAQAAAABwFmnqN8/v75p2WL+T38nvA3Oe388D8n9gsHMHAAAAAGBUWOVnWd00jeKxwRs349jBX9yBHe/5pMF4F7PoLvD1bc8nDZrPZO4+3f15Zn0YZjE0QfCIMYH6Rd+yJXzofmbG3FXp+OgT7lOZ61v27ANjrm6e+z64f8upfxQBAAAA6LP9on/QZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOg6jceJDXqOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLD4FQAA///GbRru")
syz_open_procfs(0x0, 0x0)
ioctl$BTRFS_IOC_LOGICAL_INO(0xffffffffffffffff, 0xc0389424, &(0x7f0000000140)={0x8, 0x48, '\x00', 0x0, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, 0x0, 0x20000090)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x22)
rmdir(&(0x7f0000000080)='./cgroup/../file0\x00')
r7 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r7, 0x6, 0x0, 0x0, 0x0)
r8 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000980)={[{0x2d, 'pids'}]}, 0x1f)
socket$nl_xfrm(0x10, 0x3, 0x6)

1.212063861s ago: executing program 0 (id=4487):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x0, 0x4)
getdents(r0, &(0x7f0000000080)=""/31, 0x1f)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r1}, &(0x7f0000000200), &(0x7f0000000280)=r2}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = dup(r3)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000000206030000000000fffff0000000000016000300686173683a6e65742c706f72742c6e6574000000050004000000000005000500020000000900020073797a3200000000050001000700000014000780080013400000000008001240"], 0x64}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000000306010200000000000000000200ef0a0500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x40841}, 0x4)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)=<r6=>0x0)
timer_settime(r6, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000002000000)

1.165628025s ago: executing program 1 (id=4488):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r2}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x2004000, &(0x7f0000000740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno', @ANYRESHEX=r4])

1.030879409s ago: executing program 1 (id=4489):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), r0)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="1bb302000000ffffffff010000000800"], 0x38}, 0x1, 0x0, 0x0, 0x8040}, 0x0)

992.008442ms ago: executing program 1 (id=4490):
mount$9p_rdma(&(0x7f00000013c0), &(0x7f0000001400)='.\x00', &(0x7f0000001440), 0x800, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=rdma,port=0x0800000000004e20,timeout=0'])
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
close(r3)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, 0x0)
writev(r2, &(0x7f0000000140)=[{&(0x7f0000000100)="89e7ee2c78dad9bfb473fec96558", 0xe}], 0x1)
setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000000)=0x7a2b, 0x4)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r6)
sendmsg$NL80211_CMD_GET_WIPHY(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)={0x28, r7, 0x301, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x1, 0x14}, @void, @val={0xc, 0x99, {0x5, 0x4}}}}}, 0x28}}, 0x44)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x0, 0xfffffffe, 0x4}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850)
sendmsg$nl_route_sched(r5, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newtfilter={0x30, 0x2c, 0xd27, 0x70bd28, 0xfffff000, {0x0, 0x0, 0x0, r9, {0xf000, 0xffff}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_fw={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x200c8080)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x6c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r12, {0x3}, {}, {0x2, 0xfff1}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x3c, 0x2, [@TCA_GRED_PARMS={0x38, 0x1, {0x80000001, 0x3, 0x8, 0xb, 0x101, 0xffffcbef, 0x183, 0x5, 0x7, 0x1, 0x14, 0xb, 0x1a, 0x3, 0xd0b, 0x38f4}}]}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40098}, 0x4000000)
r13 = syz_genetlink_get_family_id$devlink(&(0x7f0000000200), r1)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x34, r13, 0x2, 0x0, 0x25dfdbfc, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

990.161843ms ago: executing program 2 (id=4491):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x6048800)
r3 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', <r5=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f00000001c0)={0x0, 0x300, &(0x7f0000000500)={&(0x7f0000000840)={0x58, r3, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [{{0x8, 0x1, r5}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffbfff9}}}]}}]}, 0x58}, 0x1, 0x1000000, 0x0, 0x24004000}, 0x24040840)

920.788129ms ago: executing program 3 (id=4492):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4006, &(0x7f0000000040)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@usrjquota}, {@resuid}, {@lazytime}, {@noblock_validity}, {@usrquota}]}, 0x1, 0x443, &(0x7f0000001040)="$eJzs28tvG8UfAPDvrpP019cvpiqPPoBAQVQ8kiYtpQcuIJA4gIQEh3IMSVqVug1qgkSrCgJC5YgqcUcckfgLOMEFASckrsAZVapQLi2cjNbebRzXdpNg1yH+fKRNZnbHmfl6duzZnWwAA2ss+5FE7IqIXyNitJ5dXWCs/uvm8uWZv5YvzyRRrb7xZ1Ird2P58kxRtHjdziIzFJF+ksSBFvUuXLx0drpSmbuQ5ycWz707sXDx0jNnzk2fnjs9d37qxIljRyefOz71bFfizOK6sf+D+YP7Xnnr6mszJ6++/ePXSRF/UxxdMtbp4OPVaper66/dDelkqI8NYV1K9WEaw7XxPxqlWOm80Xj54742DuiparVava/94aUqsIUl0e8WAP1RfNFn17/FdpemHpvC9RfqF0BZ3DfzrX5kKNK8zHDT9W03jUXEyaW/v8i2aL4Psb1HlQIAA+3bbP7zdKv5XxqN94X+n6+hlCPinojYExHHI2JvRNwbUSt7f0Q8sM76mxdJbp9/ptc2FNgaZfO/5/O1rdXzv2L2F+VSnttdi384OXWmMnckf08Ox/C2LD/ZoY7vXvrls3bHGud/2ZbVX8wF83ZcG9q2+jWz04vT/ybmRtc/itg/1Cr+5NZKQBIR+yJi/wbrOPPkVwfbHWsT/8ia/nAX1pmqX0Y8Ue//pWiKv5B0Xp+c+F9U5o5MFGfF7X76+crr7eq/c//3Vtb/O1qe/0X8v5eTxvXahfXXceW3T9teU270/B9J3ly17/3pxcULkxEjyau1fLlx/1RTuamV8ln8hw+1Hv97YuWdOBAR2Un8YEQ8FBEP521/JCIejYhDHeL/4cXH3tl4/L2VxT/bsf+jqf9XEiPRvKd1onT2+29WVVpeT/xZ/x+rpQ7ne9by+beWdm3sbAYAAID/njQidkWSjt9Kp+n4eP1/+PfGjrQyv7D41Kn5987P1p8RKMdwWtzpGm24HzqZX9YX+amm/NH8vvHnpe21/PjMfGW238HDgNvZZvxn/ij1u3VAz3leCwaX8Q+Dy/iHwWX8w+BqMf49egYDotX3/4d9aAdw9zWN/47LfiYGsLW4/ofBZfzD4DL+YSAtbI87PyS/NRJpRGyCZmyVRKSbohkSPUr0+5MJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgO/4JAAD//5025W8=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x800, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f00000001c0)={@id={0x2, 0x0, @a}})
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103)

800.392552ms ago: executing program 1 (id=4493):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r0}, &(0x7f00000008c0), &(0x7f0000000880)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r2}, 0x10)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (fail_nth: 2)

796.248372ms ago: executing program 3 (id=4494):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000020000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r1, &(0x7f0000000540)="cdabb84fb4d68dd2742bf0f0ca46013810153f2a78d2a0837abf1abed04e4543f8fe55bb2c55bc604652b504b2937e4239c8853301ece3359e146131309e651e89417021593e180d29ce89a40924c9b494636792e9b17a8fd13b35a0fa3452b9ac8895d2d49fc328f1e3a22272e12234ed17f92b824d17e6912054bc1307f4a50581b601951a76e178ae2400f31776e86b53c3396c6d7912ef7013d3af673d0f1c42b5aa352c1fea18f161a894c7cb89e577169c5afce7398d0009ed789fe2912807e24a354ae586e8decd07981ba58c825eefc7c6d34ff6713e7707355d990a19ac94f1f00e8b14cd34c5004f278a3b4569202e800859eda638a8b05d1835297020d399aef05bb8df84dd29afef5cec1ef2f6b7a7fef44e3e7256b5a67cb95dcca13550baf57ec5cd93eb9fc8daf1ecfbc0ea94acad58361139eb2c6f0443dc17a8f84653ae2855e2efe778c029795934d32d4eb88d866cd3472313dd1fcf09cab8d37169206ef44c", &(0x7f0000000280)=@udp=r3}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
syz_emit_ethernet(0x4a, &(0x7f0000000300)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x1, @loopback={0x300}, @local, {[], {{0xfffc, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

602.247521ms ago: executing program 1 (id=4495):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000800)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
r0 = add_key$keyring(&(0x7f0000000100), 0x0, 0x0, 0x0, 0xfffffffffffffff9)
r1 = add_key$keyring(&(0x7f0000000380), &(0x7f0000000340)={'syz', 0x3}, 0x0, 0x0, r0)
keyctl$KEYCTL_MOVE(0x1e, r1, 0x0, r1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
accept4(0xffffffffffffffff, 0x0, &(0x7f00000002c0), 0x0)
keyctl$link(0x8, r1, r1)
syz_io_uring_setup(0x5c6, &(0x7f0000000140)={0x0, 0x1001, 0x0, 0x4}, &(0x7f00000001c0)=<r2=>0x0, &(0x7f0000000580))
keyctl$invalidate(0x15, 0x0)
keyctl$read(0xb, 0x0, &(0x7f0000000040)=""/117, 0x75)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, 0x0, 0x0, 0x4)
pause()

601.587501ms ago: executing program 5 (id=4496):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x9}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x8, 0xf9, 0x7ffc1ffb}]})
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x5412, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3272a6bc}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfd, 0x0, 0x7ffc0002}]})
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x1100c40, &(0x7f00000002c0), 0x5, 0x520, &(0x7f0000001400)="$eJzs3cFvI1cZAPBvZjeb7DZtUqhUQECXUljQau3E20ZVT+UCQlUlRMWJQxoSbxTFiaPYKU1Yqcn/gEQlDghOnJFAcKjUE0cEN7j1Ug5IBVagBomD0YzHWe/G3pjdrK3av5808ryZyXzvjTXv2V9svwAm1tWIOIyISxHxZkTMFduTYolX20t23Md3bq8e37m9mkSr9cY/knx/ti26/ibzRHHOmYj47rcifpCcjtvYP9hcqdWqu0W53NzaKTf2D25sbK2sV9er25XK0uLSwss3X6oM1I6ZAY55butXH31z47Xvvfe7L3z4p8Ov/yir1myxr7sd56nd9KmTOJmLEfHa4wg2AheK9lwadUV4KGlEfCoins/v/7m4kD+bg+lxWwMAnwCt1ly05rrLAMC4S/McWJKWilzAbKRpqdTO4T0TV9JavdG8fqu+t73WzpXNx1R6a6NWXShyhfMxlWTlxXey9bvlStxbvhkRT0fEj6cv5+XS6uB5BgDgfD1x3/j/7+n2+A8AjLmeH57pfn++PLy6AADDMciHZwGA8WL8B4DJc3f8vzLSegAAw+P9PwBMHuM/AEyaDzrj/4VR1wQAGIrvvP56trSOi9+/Xntrf2+z/taNtWpjs7S1t1pare/ulNbr9fVatbRa3zrrfLV6fWfxxdh7u9ysNprlxv7B8lZ9b7u5nP+u93J1aiitAgAe5Onn3v9LEhGHr1zOl+iay8FYDeMtHXUFgJGR84fJ5Ve4YXJ5jw+T69fFN37Pmsuz70eE332IoK13HuKPgPN27bPy/zCp5P9hcsn/w+SS/4fJ1Wol/eb8T08OAQDGyj05/stnvlzwLwEYQ0P9/z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACMidl8me8qp2mpFPFkRMzHVHJro1ZdiIinIuLP01PTWXlxpDUGAB5d+rekmP/r2twLs/fvvZT8Zzp/jIgf/vSNn7y90mzuLmbb/3myvflusb0yivoDAGfpjNOdcbzj4zu3VzvLMOvz0Tfak4tmcY+Lpb3nYlzMHv44k086fOVfSbtcyF6vXDiH+IdHEfGZXu1P8tzIfDHz6f3xs9hPDjV+ek/8NN/XfsyuxadPnXm6b8yz5nqFSfF+1v+82uv+S+Nq/jjTc/LjmbyHenSd/u/4VP/Xud9n8r6mV/93ddAYL/7+2333HUV87mKv+MlJ/KRP/BcGjP/B57/4fL99rZ9HXIve8btjlZtbO+XG/sGN7MJX16vblcrS4tLCyzdfqpTzHHW5k6nu1h4h/v7K9af6tv+Xvy06ytPxZ85o/1ce2OrWSQf8i/+++f0v9Yt/FPG1L/d+/p95QPxsTPxqsd6/p29bufKbvtN3Z/HX2tf/6P99/q+fEbfjw78erA14KAAwBI39g82VWq26e64rU3HOJ+xaSR5Tna2MYCWGGCt7mfyo53m2SJmtdO6f7mP+8LP3ns22jfyqnsvK6PokYDju3vSjrgkAAAAAAAAAAAAAANDPY/86UTrqFgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADDO/hcAAP//tHXFYA==")
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000080)={0x0, 0x328800, 0x800, 0x0, 0x2}, 0x20)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000080)={'gre0\x00', &(0x7f0000000280)={'tunl0\x00', <r3=>0x0, 0x8, 0x0, 0x0, 0x7, {{0x1e, 0x4, 0x3, 0x28, 0x78, 0x68, 0x0, 0x7f, 0x4, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x11}, {[@ssrr={0x89, 0x1b, 0x8e, [@dev={0xac, 0x14, 0x14, 0x41}, @rand_addr=0x64010102, @private=0xa010102, @broadcast, @multicast2, @loopback]}, @rr={0x7, 0xb, 0x65, [@broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @generic={0x89, 0x9, "d5d656a99206a3"}, @ssrr={0x89, 0xb, 0xb3, [@private=0xa010100, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @timestamp_addr={0x44, 0x1c, 0xc9, 0x1, 0x5, [{@rand_addr=0x64010100, 0x8}, {@multicast1, 0x9422}, {@loopback, 0x7}]}, @ssrr={0x89, 0xb, 0x53, [@dev={0xac, 0x14, 0x14, 0x36}, @empty]}]}}}}})
r4 = syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x180862)
r5 = openat$tcp_mem(0xffffffffffffff9c, 0x0, 0x1, 0x0)
dup(r5)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, 0x0)
sync_file_range(r4, 0x8, 0x8, 0x2)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000100)={@local, @local, r3}, 0xc)

555.810615ms ago: executing program 3 (id=4497):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=<r2=>r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r0, <r3=>0xffffffffffffffff}, &(0x7f00000008c0), &(0x7f0000000880)=r1}, 0x20)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x9, [@const={0x7, 0x0, 0x0, 0xa, 0x3}]}, {0x0, [0x2e, 0x0, 0x5f, 0x0, 0x61, 0x2e, 0x2e]}}, &(0x7f00000002c0)=""/183, 0x2d, 0xb7, 0x1, 0xc, 0x373d185372bdb677}, 0x28)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x1d, 0xc, &(0x7f0000000380)=ANY=[@ANYRESHEX=r4, @ANYRES8=0x0, @ANYRES64=r1, @ANYRESOCT=r3, @ANYRES16=r3, @ANYRES8=r2, @ANYRESDEC=r1, @ANYRES8=r0, @ANYRESOCT=r1, @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1c, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_GET_WOWLAN(r6, &(0x7f0000000540)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x1c, 0x0, 0x10, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r7}, @void}}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008000}, 0x4000000)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r5}, 0x10)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r9, 0x0, 0x482, &(0x7f0000000040)={0x11, @loopback, 0x3, 0x0, 'lblc\x00', 0x0, 0x0, 0x37}, 0x2c)
syz_io_uring_setup(0x789a, &(0x7f0000000000)={0x0, 0xc3da, 0x8, 0x3, 0x1fc, 0x0, r8}, &(0x7f00000000c0), &(0x7f0000000100))

507.40052ms ago: executing program 3 (id=4498):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001a80)="d8000000180081064e81f782db4cb904021d0800fd007c05e8fe50a10a000600014002020c600e41b0000900ac000a0501000000160012000a00ff120048035c3b61c1d67f6f94007134cf6efb8007a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667daffffffffff1f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5b7276505de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000001008af26c8b7b55", 0xd2}], 0x1}, 0x894)

487.139632ms ago: executing program 3 (id=4499):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3272a6bc}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='sched_switch\x00', r1}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
fcntl$lock(r2, 0x26, &(0x7f0000000080)={0x1, 0x0, 0x2007, 0x1fd})
fcntl$lock(r2, 0x7, &(0x7f0000000280)={0x1, 0x0, 0x2c, 0x9})

407.08568ms ago: executing program 5 (id=4500):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
pipe2$9p(&(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}}) (fail_nth: 3)

152.830935ms ago: executing program 0 (id=4501):
socket$kcm(0xa, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000fc850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0x400}, 0x18)
socket$netlink(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xad, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, &(0x7f0000000240), &(0x7f00000003c0)=r6}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r5, r2, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x16, &(0x7f00000004c0)={@multicast, @empty, @void, {@llc={0x4, {@snap={0xaa, 0x54, '$', "201300", 0x806}}}}}, 0x0)

152.286665ms ago: executing program 5 (id=4502):
socket$packet(0x11, 0x2, 0x300)
rename(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00')
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f0000000c40)=[{0x0}, {&(0x7f0000000580)="23a9", 0x2}, {&(0x7f0000002000)="987ca23ffe5a584d638d61dbed949609873fcb91ee42fbc72366e5fa1e02eaa93d2d78efa9864f75d9eb0acf04e15973f15e2c9200a5b654f012b0343294175bbab9571a7fb83e22445cec2db70ae9ff6fdc60eba2e2d7129cdf557757db0cc58af6a92161ff8e65871e375d68a66df10f1ea01f92bc685216119005dbfac7891924917b82d5f53dd853db7c7757db65949b69ab1fb26d72027ac4d5018c2d3f29b11efb8018bbe219b2fc3b1a51e98ebd860da3dc6a73ad7251630664cd012f0879c9851cd2c70a7ee8dcb57addaf0d9a9dfa2ac35ef744a830922395f9b278b5588789faad7792ccb8bc91a74c58c80007ad4893aff56e96a342d8bdce2388e83793b5a9bdafc66d58ef87d8295916c22a8cbf7b04dc02c25553e40960723f144996480967189a929b2ad6eff46608bf3ebed7bad4e1537783b279d7fdb054a5b8b1f606c8c102a860776ff2083dace799f96796737dca7b83d72b5c459c3cf8a9391733daec078344fd3aca6dfa243f69d5e2f648e448139d3ae1ce6a619829fc5cd51ff325569d41c789bae84d4d5a93c564aecaaf1da89f99211e5e4cd2fe50ab092e8afe58941a9f20e21423a0785cfd4ba11ea1ee2b7e9f22ed6e971e18dbada2ba16cc1fd6f338a1f144aed2ee0b8171217a65bddbc1051672826dec860158cde8f6143ae2185731ab1e1f2da12f8691c3b22f285bce447f3b3586e054ea2ddb8f0df00230ccdf44e3d32aaf7d14fb8e27077895480f79c06f6c7cf443b1c023051844bc924b8b3b04016fe20eebec3b31b8198e6367bcb13f0f99eeabcb1cbb2da6b71dad2fc51780e53388515afa3d73682c01f8293c4656824bd52889d8f7c2efc1e058dc5ec5c0f34e247cc43a275a2fa1106e693e1b3db4173851b7597e6945bdbd341e6d3ec227dd52f7558e5d7ad54816694e76f91ed1430707b2ad451cedecf37a95cc512b075ebcae5f3b4deb059d9a37ea92f7fceed9ae96217e5f4a2f84290d62db07c85a5fa73db9fa405f2268e33067f8149bb8cdc8f67f86034716b73e11b73e7c6e4de80188efad777f566817b5a6ee58bdd85d48dfbf2a07aa7e9549db57095ed024c44466628e0a4602ba625393d34411e5023329479a1861ee11f77d25c4f49d1e7a16923ddc8482fc5cecec256f2034b779243b9575e7e8a84be54720f864fd98d899f55914af6a22144dc0f00883e6a36e1bbfe410a4fa222e9a5ae8b0146faf990effb54853fc9ef28335acc168263233626d120d448f72c934ab983f2e0fa3bdd7760f8e14534b983441e798443c737c830ba94b94253cd8f077e0bd68025c7d2ba0011a44b89ab7687752c12996c8445765e8766f28d80d21df34245c65f61318186b0374a72e7797c64743aa7129f289a39a8e1a3384790624f8f1b3fce906285bbce435cdf63460ddaad85cdbbb20e65134f9db017daefd3255c7d16de179d5a5dc0acb254b6cc1c77b79f6cd6843dd2014044820122291568c35c488c0b7f03eaab9bb92c7acedb9833b37770a0b0018ea0bc47a96373f0544561a3f53e41b54c127389a17d1a6b38ca0339983792c842334a3bd5b25451aa034eb561153eb2fbb7237ab72b776a9d4a81f80eba4dcbfbfd94e6c405a85cfc1e7c5699515414e5a4d3efca8012d9b68497f3da99168a293cbbcba0a68466307fe18296ffccddd05e6bffd523ed01ab32713ea4d31a6b479f8dc337a7a1045d517811de4ecc11c9f0fd19ec9e87b8a1e5062107c2e64d071ea6db964ecacb5338506d24f7ceade32f709ef7c9ae2549bf1108440f00edb09010023b9eaaff5aafc03643a77ce458d82e5e19f18e6e7c44cc3c046900ff7243b55faa9747924a38242512d1080961b55636b89f653f84fa0d17d5688ae70c5ad00d24a05bda4f7ffaa855f0c94f0c5618b1ae3aeece5f39d14f39c9cc4db7ec9d1b63061adfebdeb71585ec8df8e132d7ba577be78d9ede446d059447c33cad3d426bd6a359c6ec8463efb02361a9c445c4bc92c47aa3ee21c7ce3ba50d6c34236e7488d494e94cc4618164387c2b74335dfcf5729366c8be5bb988abcb1eda9e0e12bec98b8cac797c3835b315cfdccf47b26fdb0bc063e3db450475ad329e39e4368fd9414ca4c6005ce54a5735e853db852982d934e78c27a4ed287932ac71d46c86d12c31203f36c026b910ff54dba9ada216101b6d392cba991dcb7bbfdaabdeec0f81b0c21b2bad35ea87bfb99e28372413bc1684ef46b44b6b31a253589e8e4901b4be9029dba837ee46a54fb7bf707aae3687c54db65a5455ec8e9a16308c9e1e041acc50af66d7242a0e64aee1c23f1282877b4b8d99b3be8f4935b4e8ec70815050eb26c0688498326ec86659bd2ab23b8d8a5405149fb1b202660bef38208318c0159217061ff0f12fefbdd4eb9ee41d6eec866ca9142c8aaf75a0091041472c96a58e1f60e84ba772424555399a2956c61e9488367601bf1364c3935d5accc72a3cca7d3c99195b52168e046459599fd5d498a099737f6393f1b40472198fc349266a231761caf8c79e9c46f849887c5ea26ee419ea9200a08d1813515ea66371838f077b76aad7bc68c9b73a66a4a166b6f322ee8382f1a656853476f1ef76e476f2043e72e95e6122f250583c6e4b63cf987ddab9159ed6c551e35e1b6a08d647fb815dc748aeb4ace820221afc9a48e6f8550877c6a66dc3b4598919d15ccaaba05e6e91cd2034af7c6d7841b0164a5df2fc28f36b948d4ed58b0a18f4f1ab7822b9f5dddebe182b17ba2a16fed2529164dbe0d26da8ddbcfb20daf66ecfec15f20c49271d1dbd77200784f7ded5faeb1293b3b8bb7844bf84a13bdce3e0335a72843869e7bb735929702611d560b54c0498b8e1a6859f8585028d48fe32dc9a462a04d1ef9ad7d75fa0f9f4acf69bf77223abc32cd9c365acbef5b1c51518c82e9729dcf051ed7fd4ca732c6a76d7556ec41be123ed75f65d003713b7e1462cb7400828eac8da0a221a5e09db245e709e96f156fc2bfad2f75ed72958af6b9306689493ca14e3b27eff85742b85661f64b62a6b82b46e8f48b71c319cad6c6402959af30f86500bfbeb7d9cc5e7e1a9f254a9d9d36f839d3dfab679f66eb674399b34174a10e444fe4605a84f7cc6e93e7d0e5bba6d482e6ba448481b09aeb330dba314fc6c0d8caecd5ffd88e64b37a39bb007a6664372500c7816482fc121ab7b184beb1a30ab1941dbee08616a976f8713fa1bfa218f4851a0b93a958647630ab8a9d2c6655d5a609161565d1f5306ef3e215c9f0087d06fe2411143ac1a16e31be76aaf2c18cad6492f089b33bd50551d3b8c03b6a10322254ff384b391d2ab6d254c7603f3fac16990a38dc5eecd50c3779c8eba8e0ea423edcd144ac893a5f8bc5fc3ba9719ef986f95a741ca87204326946a920bc5c05e3be79d08f526d03cd5434f2d3846832dc0e303645f86f1291de4b5ece53072ed6d03ba5ed3be20d78328449275ed863714c55a3e4ee2044459b610e636285c517fa115c4c27a8c4456fa7f1a205e9dcf44e263e0a708495379bb6a3fc1d627e7315a4391eb96123d7d37eb05bfefd84e383c928db42dd47e83e078590636135ac0efb3e98d415564f2a82425393972689f9b9d26fb1353dd1652b083607e3566f0214273116f40165b3f1a16308f6557c1271c2ebeadca9bc75fbf5eb0c9f6a33d0f4bf5a63188bef4f70f6ce0213943faa0a8d0b83a8b8d13baebfb8906780a57c370180c18c222b30274560a3f08a8c0d4591bccec3f792586132967561f916d84be7f7061a0fd438881ea66c648fcb8b2bee277b932c150c2b9357a488d96d5b229202baf8f1a13d6ceb01eff8e7cb881622afd6aaf87c3af231789c4c4bf9fc430fd44b776981e6ea9c35535bdc07cf517352978a4f7d70b68fe52e77acf6bf24ec7f34ca34c52f01b663bbd43c4bd293bfd84303fec10ecbb7843ba96524496e316b75f51fbb894c4bd575c4bcbaa4db69d280a4fa11f5ff05280ed81ba73a93a4067d6c668d982603d222dde32efe67c7a16ad1f57bcb1728c663d078bafe0e83dda39b61686e1906a67f295e4bbae79d3553d5582daef188ea531d1e28e8036f043c2e3356fda203955f997e960a4e2d31efb56f38f4212fc366a1159ba04807332a00826e3c4b23be43daf3eaa08b86bdfc57eec79574f22ed98eb88f04d6650b51326681dc6d6bd303ba21e3a537817fd7c62f6b692815cceb3237c49dcdc2ace93635bd78769ba21696d34454715fb74650aad3c88f0a5992583f9b81a0e0c5c09a57a3b1628a144e6053ba26f569e4ee465b13118ed0096ae9ab0c867881faba517b304557f2155c9f1bb179ed531f8cba3abb1c97afae5b3adbb7cc0027917a44e96ab8e6a20a11eacc69cd799d158b12a302433c222035a050f8d3378580028da9c8fa7c7326c4e8b3fb8327e9c6bbea839f70f4aa6a07b5d56c46f980724ba92483b0f0451c817aa617e1bb7221397a00998105d80a79b50981ab317f4326f01a2229958437babc1e270d6333f110d4bdf76931362f5eae0dc3df60e6e9d688473d388b42f5416dce639a92e1e9b40a03a12f9c25fc3b845f9d1ba7b8420bfaf26093af88b8bd75be440a2e89906fe1c88e1fab0c110410acab8f3c6866d25524e25be63677bd2124cac76fc75c59edb064cf45ba2e9c27cdaeddb9f823dce0e89880fd8fc00151b53322a92757a5b3cdb62276d08f62a89817f489c19e97f53b21a5b9cd03093842aa083f53bf1bc9c15a2148ccd182bde08b8ebaf8d2dfc0d8d304f99fddf571eb228c930fc984004fb893b100aed0290cfc6ab4935fbbdaa50decbcc91f2ec46f7a48b0cb001746bb1a82b51953f49d22e1aa86c1ef8da00798bf85d8fbe85ce408e873d3ea151b6ce63a525ce80832761d359140d68d713d2b1170d8b658bcf9c8ab7d9539bf2eb5f62ec07696125f95b66609961e17e860014432328595b91b6aec49d9a7f77a33e681c372ef5ad2115f8c1162b391f14f05d9426a50ebf7fb4c3716f964bdc01db9564e150f0676b029a02d7b198ebf6e8dd13b18bee8bd0b73e65e38cfea0c4b52c195ca7bf238165200e455118eda70462dbe19e62535edec88544007ee42c903b0b0125f5b48d3c34ae904135a736d72bdab5d1b32d5780681f79ee6193ad3e961d5030ac6a17d729b0d8dca1aff31940f86c75d4debdb86eabdd41f19f695c2a59c6a255a097b3b7b6f42454401b0740125c02a3dc107f05a489b4d0230a34bd4e1a60d9c3855b73f6df4d678bee36662ad7821d0bb2efa441f57fbc01011ae1fbcdae06b2e2940c12befe1e3e3b165e773dcf710b9777771d92ad0981881e1061c3dab3b9f3ac79c6b8c0097129d5c7c06fb2cac78fa1ec3c00272884ee9b8360f71c9fef8bbdaac1d00cfed05fd55459843577dd4d94abb8216302392619d29f7375343485b271a9ea144cadc6ddf014a4d87f0b17d20818a75c5f256688ff239cf1df7d1e17c29f0ba135d132424eae628d08180139a3311455e000ad83cb877d9f943008455bf791b7bc701d353e6f095055b7cd5a01cc265327de8b6540adf152905e602cf10ab5b6c1555173b7c729f745d9cb3837ace2f5e0f055bd1bdcef742e81d4d95aa531a7b0dda04a84474be9b7e885be24a4f3778d7c7767717635c484addb898afd87f13d6661efd6ae9db09a4dba871f18c2b06279ffd341b00c7d195329a21fe33c9b8709fb04066df1825081fa7233a7056a21b03f8d7aed8", 0x1000}], 0x3, 0x0, 0x0, 0x24000040}}], 0x1, 0x0)
recvmmsg(r2, &(0x7f0000000d80)=[{{&(0x7f0000000a00)=@nfc, 0x80, &(0x7f0000000b80)=[{&(0x7f0000000980)=""/14, 0xe}, {&(0x7f0000000a80)=""/9, 0x9}, {&(0x7f0000000ac0)=""/187, 0xbb}, {&(0x7f0000000c80)=""/210, 0xd2}], 0x4, &(0x7f0000000dc0)=""/139, 0x8b}, 0x3ff}], 0x1, 0x12020, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r4, &(0x7f0000000700)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000006c0)={&(0x7f0000000800)={0x144, r5, 0x200, 0x70bd26, 0x25dfdbfb, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x3}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0xffffff01}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x6}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x4}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x3}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x10001}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x4}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x5}}]}, 0x144}, 0x1, 0x0, 0x0, 0x20000011}, 0x20008041)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x6, 0x20, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @jmp={0x5, 0x0, 0x1, 0x8, 0x0, 0x50, 0x1}, @map_fd={0x18, 0x6, 0x1, 0x0, r1}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x8, 0x21, &(0x7f00000001c0)=""/33, 0x41000, 0x76, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0x10, 0xd11, 0x8}, 0x10, 0x0, 0x0, 0x7, &(0x7f00000004c0)=[r1], &(0x7f0000000500)=[{0x2, 0x1, 0x4, 0x1}, {0x5, 0x1, 0x8, 0x1}, {0x5, 0x5, 0x2, 0x4}, {0x5, 0x3, 0x9, 0x2}, {0x2, 0x2, 0x4, 0x9}, {0x5, 0x3, 0x6, 0x9}, {0x1, 0x5, 0xb, 0x8}], 0x10, 0x3ff}, 0x94)
r6 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@RTM_NEWMDB={0x38, 0x54, 0x1e5, 0x0, 0x0, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {r8, 0x1, 0x0, 0x0, {@ip4=@broadcast, 0x800}}}]}, 0x38}}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10)
r10 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000080)={'veth0\x00', <r11=>0x0})
setsockopt$packet_add_memb(r10, 0x107, 0x1, &(0x7f00000004c0)={r11, 0x3, 0x6}, 0x10)
r12 = socket$nl_route(0x10, 0x3, 0x0)
bind$packet(r10, &(0x7f0000000040)={0x11, 0x1, r11, 0x1, 0x9}, 0x14)
r13 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_add_memb(r13, 0x107, 0x1, &(0x7f0000000100)={r11, 0x1, 0x6, @remote}, 0x10)
sendmsg$nl_route_sched(r12, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x1, 0xfffffffe, 0x2000001, {0x0, 0x0, 0x0, r11, {0x7, 0xa}, {0xd, 0xc}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20048054)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newtaction={0x90, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x7c, 0x1, [@m_tunnel_key={0x78, 0x1, 0x0, 0x0, {{0xf}, {0x48, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x9, 0x408, 0xfffffffffffffff5, 0x5, 0x1}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @private0={0xfc, 0x0, '\x00', 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @empty}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x90}}, 0x0)

136.712317ms ago: executing program 2 (id=4503):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f0000000940)=ANY=[], 0x310)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r3, 0xffffffffffffffff, 0x100000000000000)

132.795017ms ago: executing program 2 (id=4504):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x4a, &(0x7f0000000580)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd699e00000010060ffe800000000000000000000000000039fe8000000000000000000000000000aa4e224e24", @ANYRES32=0x41424344, @ANYRES16=r0, @ANYRESOCT=r0], 0x0)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x880, &(0x7f00000001c0)=ANY=[@ANYRESOCT=r0, @ANYRESHEX=0x0, @ANYBLOB=',uni_xlate=0,utf8=1,check=strict,nonumtail=0,rodir,errors=continue,shortname=lower,umaQk=00000000000000000000007,rodir,sys_immutable,\x00'], 0x5, 0x2dc, &(0x7f0000000bc0)="$eJzs3c1uG1UfBvBnEsf221fCXrBCSIwEC1ZV0ytwhFIJkRVVFsACIppKKI6QWikSH8Ltii0bFiy4AiQkLoQNd8AFILGjlSoNmvE4toubj6pu+fj9Nj45c54z/zMZJ5NFjj969fjoVpnb97/8Nf1+kY1RRnlQZJiNzNzLktE3AQD+yR5UVX6vplYdL+6tzhVJ+muuDQBYj/N+/7deOm391L52114aALAmN997/52dvb3dd8uynxvHX5/s13/Z16/T4zu380nGOcy1DPIoaR4UttI8LdTNG1VVTTrlw7Ish3njeHKyXyePP/y5nX/nt6TJb2eQYdN1+rTR5N/e290upxbyk7qOK+35R3X+egZ5+TS8lL++Ip/9bt58faH+qxnkl4/zaca51RQxzfeyt/vVdlm+VX37xxcf1OXV+WJyst9rxs1Vm8/5WwMAAAAAAAAAAAAAAAAAAAAAwL/Y1XbvnF6a/Xvqrnb/nc1H9RdbKWeGy/vzTPPFbKLF/YGqqppU+X62P8+1siyrduA838krnXRezKoBAAAAAAAAAAAAAAAAAADg7+XuZ58fHYzHh3eeSaPYmM7aSfLwZvK084wWel7L8phRstTTa1dyMB63Z8/4cLgwYafpaePZnI0pkjPLqBfxjC7LeY3/LVa42Pjhx8tO2D9/zNbqcz1V48rqazi7u44OitXXsJdZT7+9Sb7rJvMx3VywjO6TDlW5zO3XXVFhMrhIfLbW6Tz/bw5NzkileHJhm6fvy7aneHwV3eaqroxvtY089gaZ3xsXup/Tn8b/+rOisFsHAAAAAAAAAAAAAAAAAACs1fy/f1ccvH9mdKPqra0sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHiu5p//f4nGpA1fYHA3d+6+4CUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwH/BnAAAA//+lXFN6")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x24, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000480)={'nicvf0\x00', 0x10})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0xb2, 0x8, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x8200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x0, 0x4, 0x1ff, 0x0, 0x1c, 0x0, 0x1}, 0x0, 0x2, 0xffffffffffffffff, 0x1)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth0\x00', <r2=>0x0})
r3 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2000)
r4 = fcntl$dupfd(r3, 0x0, r3)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x0, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x18)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000040)='kfree\x00', r7}, 0x18)
syz_genetlink_get_family_id$ethtool(0x0, r4)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r6, 0x8933, &(0x7f0000000300)={'wg1\x00'})
syz_clone3(&(0x7f00000006c0)={0x102102180, 0x0, 0x0, 0x0, {0x40}, 0x0, 0x0, 0x0, &(0x7f0000000300)=[0x0], 0x1}, 0x58)
ioctl$SG_IO(r4, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x3, 0x0, @scatter={0x6, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000340)=""/49, 0x31}, {&(0x7f00000003c0)=""/7, 0x7}, {&(0x7f0000000ac0)=""/225, 0xe1}, {&(0x7f0000001dc0)=""/4094, 0xffe}, {&(0x7f0000000400)=""/62, 0x3e}, {&(0x7f00000008c0)=""/160, 0xa0}]}, &(0x7f0000000380)="259374", 0x0, 0x300, 0x2fcbf2146ca381b, 0xffffffffffffffff, 0x0})
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f00000004c0)={r2, 0x3, 0x6}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0))
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)

95.971861ms ago: executing program 5 (id=4505):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = syz_clone(0x1800080, 0x0, 0x60, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$pokeuser(0x6, r0, 0x358, 0xffff888237d0a000)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000240)='kfree\x00', r1}, 0x18)
r2 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0x8, 0x0, 0x9, 0x48000000, 0x4, 0x0, 0x0})

82.458682ms ago: executing program 0 (id=4506):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3272a6bc}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='sched_switch\x00', r1}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
fcntl$lock(r2, 0x26, &(0x7f0000000080)={0x1, 0x0, 0x2007, 0x1fd})
fcntl$lock(r2, 0x7, &(0x7f0000000280)={0x1, 0x0, 0x2c, 0x9})

765.02µs ago: executing program 2 (id=4507):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00'}, 0x18)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000280)={'veth0_macvtap\x00', &(0x7f0000000040)=@ethtool_sfeatures={0x3b, 0x1, [{0x200, 0x5}]}})
r0 = socket(0xa, 0x3, 0x87)
ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x890b, &(0x7f0000000000))

0s ago: executing program 5 (id=4508):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3272a6bc}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=@newlink={0x3c, 0x10, 0x601, 0xfffffffc, 0x80, {0x0, 0x0, 0x0, 0x0, 0x22030, 0x9}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x9}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0)

kernel console output (not intermixed with test programs):

ted files will use data=ordered instead of data journaling mode
[  292.721267][T16618] EXT4-fs (loop4): invalid inodes per group: 196640
[  292.721267][T16618] 
[  292.801668][T16620] random: crng reseeded on system resumption
[  293.219268][T16644] netlink: 'syz.1.3983': attribute type 6 has an invalid length.
[  293.952021][T16667] random: crng reseeded on system resumption
[  294.040908][T16674] loop4: detected capacity change from 0 to 128
[  294.047650][T16674] vfat: Unknown parameter ''
[  294.127666][T16676] loop2: detected capacity change from 0 to 1024
[  294.136487][T16676] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  294.148742][T16676] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.3997: Invalid block bitmap block 0 in block_group 0
[  294.164012][T16676] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.3997: Failed to acquire dquot type 0
[  294.178345][T16676] EXT4-fs error (device loop2): ext4_free_blocks:6706: comm syz.2.3997: Freeing blocks not in datazone - block = 0, count = 4096
[  294.200942][T16676] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.3997: Invalid inode bitmap blk 0 in block_group 0
[  294.216815][T12439] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:38: Failed to release dquot type 0
[  294.229900][T16676] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[  294.240962][T16676] EXT4-fs (loop2): 1 orphan inode deleted
[  294.248120][T16676] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.367592][T10603] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.545135][T16694] lo speed is unknown, defaulting to 1000
[  294.800581][T16700] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4004'.
[  294.923231][T16700] loop0: detected capacity change from 0 to 8192
[  294.996844][T16702] loop4: detected capacity change from 0 to 512
[  295.003727][T16702] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  295.013382][T16702] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.4005: bg 0: block 104: invalid block bitmap
[  295.026278][T16702] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  295.035493][T16702] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4005: invalid indirect mapped block 1 (level 1)
[  295.049438][T16702] EXT4-fs (loop4): 1 truncate cleaned up
[  295.055660][T16702] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  295.082279][T13544] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.237184][T16717] loop3: detected capacity change from 0 to 128
[  295.256906][T16717] vfat: Unknown parameter ''
[  295.280592][T16721] loop2: detected capacity change from 0 to 512
[  295.287835][T16721] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  295.297670][T16721] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.4012: bg 0: block 104: invalid block bitmap
[  295.310429][T16721] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  295.319961][T16721] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.4012: invalid indirect mapped block 1 (level 1)
[  295.463391][T16723] lo speed is unknown, defaulting to 1000
[  295.591327][T16721] EXT4-fs (loop2): 1 truncate cleaned up
[  295.598014][T16721] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  295.793349][T10603] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.857927][T16731] loop3: detected capacity change from 0 to 128
[  295.868414][T16731] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  295.879033][T16729] bridge_slave_0: left allmulticast mode
[  295.886134][T16729] bridge_slave_0: left promiscuous mode
[  295.891888][T16729] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.902209][T16729] bridge_slave_1: left allmulticast mode
[  295.907885][T16729] bridge_slave_1: left promiscuous mode
[  295.912623][T16731] ext4 filesystem being mounted at /522/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  295.913789][T16729] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.935660][T16729] bond0: (slave bond_slave_0): Releasing backup interface
[  295.947849][T16729] bond0: (slave bond_slave_1): Releasing backup interface
[  295.960862][T16729] team0: Port device team_slave_0 removed
[  295.972670][T16729] team0: Port device team_slave_1 removed
[  295.978528][   T29] kauditd_printk_skb: 524 callbacks suppressed
[  295.978548][   T29] audit: type=1400 audit(1760046033.956:82208): avc:  denied  { write } for  pid=16730 comm="syz.3.4015" path="/522/mnt/file1" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  296.007977][   T29] audit: type=1400 audit(1760046033.956:82209): avc:  denied  { create } for  pid=16730 comm="syz.3.4015" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  296.045556][T16736] loop0: detected capacity change from 0 to 1024
[  296.067301][T16736] EXT4-fs: Ignoring removed mblk_io_submit option
[  296.073993][T16736] EXT4-fs: Ignoring removed bh option
[  296.079744][T16736] ext3: Unknown parameter 'subj_type'
[  296.092752][T16729] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  296.100232][T16729] batman_adv: batadv0: Removing interface: batadv_slave_0
[  296.107569][   T29] audit: type=1400 audit(1760046034.066:82210): avc:  denied  { ioctl } for  pid=16744 comm="syz.1.4019" path="socket:[56587]" dev="sockfs" ino=56587 ioctlcmd=0x9432 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  296.110395][ T9298] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  296.149177][T16729] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  296.156618][T16729] batman_adv: batadv0: Removing interface: batadv_slave_1
[  296.165353][T16736] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  296.178538][T16729] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  296.196220][ T2965] lo speed is unknown, defaulting to 1000
[  296.211690][   T29] audit: type=1326 audit(1760046034.186:82211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16749 comm="syz.3.4020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4db9beec9 code=0x7ffc0000
[  296.235600][   T29] audit: type=1326 audit(1760046034.186:82212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16749 comm="syz.3.4020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4db9beec9 code=0x7ffc0000
[  296.259328][   T29] audit: type=1326 audit(1760046034.186:82213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16749 comm="syz.3.4020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fd4db9beec9 code=0x7ffc0000
[  296.283079][   T29] audit: type=1326 audit(1760046034.186:82214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16749 comm="syz.3.4020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4db9beec9 code=0x7ffc0000
[  296.306768][   T29] audit: type=1326 audit(1760046034.186:82215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16749 comm="syz.3.4020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4db9beec9 code=0x7ffc0000
[  296.330515][   T29] audit: type=1326 audit(1760046034.186:82216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16749 comm="syz.3.4020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fd4db9beec9 code=0x7ffc0000
[  296.354179][   T29] audit: type=1326 audit(1760046034.186:82217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16749 comm="syz.3.4020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4db9beec9 code=0x7ffc0000
[  296.354839][T16747] FAULT_INJECTION: forcing a failure.
[  296.354839][T16747] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  296.390923][T16747] CPU: 0 UID: 0 PID: 16747 Comm: syz.4.4021 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  296.390972][T16747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  296.390987][T16747] Call Trace:
[  296.390995][T16747]  <TASK>
[  296.391005][T16747]  __dump_stack+0x1d/0x30
[  296.391031][T16747]  dump_stack_lvl+0xe8/0x140
[  296.391054][T16747]  dump_stack+0x15/0x1b
[  296.391095][T16747]  should_fail_ex+0x265/0x280
[  296.391143][T16747]  should_fail+0xb/0x20
[  296.391181][T16747]  should_fail_usercopy+0x1a/0x20
[  296.391208][T16747]  _copy_from_iter+0xd2/0xe80
[  296.391295][T16747]  ? __build_skb_around+0x1ab/0x200
[  296.391328][T16747]  ? __alloc_skb+0x223/0x320
[  296.391363][T16747]  netlink_sendmsg+0x471/0x6b0
[  296.391405][T16747]  ? __pfx_netlink_sendmsg+0x10/0x10
[  296.391460][T16747]  __sock_sendmsg+0x145/0x180
[  296.391481][T16747]  ____sys_sendmsg+0x31e/0x4e0
[  296.391542][T16747]  ___sys_sendmsg+0x17b/0x1d0
[  296.391604][T16747]  __x64_sys_sendmsg+0xd4/0x160
[  296.391646][T16747]  x64_sys_call+0x191e/0x3000
[  296.391668][T16747]  do_syscall_64+0xd2/0x200
[  296.391754][T16747]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  296.391791][T16747]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  296.391819][T16747]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.391843][T16747] RIP: 0033:0x7f8c5353eec9
[  296.391861][T16747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  296.391881][T16747] RSP: 002b:00007f8c51f9f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  296.391956][T16747] RAX: ffffffffffffffda RBX: 00007f8c53795fa0 RCX: 00007f8c5353eec9
[  296.392031][T16747] RDX: 0000000000000000 RSI: 0000200000000d40 RDI: 0000000000000003
[  296.392048][T16747] RBP: 00007f8c51f9f090 R08: 0000000000000000 R09: 0000000000000000
[  296.392065][T16747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  296.392161][T16747] R13: 00007f8c53796038 R14: 00007f8c53795fa0 R15: 00007ffcfe78b5e8
[  296.392183][T16747]  </TASK>
[  298.761257][T16756] wg2: entered promiscuous mode
[  298.766178][T16756] wg2: entered allmulticast mode
[  299.600779][T16803] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4024'.
[  300.227704][T16805] loop0: detected capacity change from 0 to 128
[  300.251199][T16805] vfat: Unknown parameter ''
[  300.273798][T16809] ipvlan2: entered promiscuous mode
[  300.347000][T16813] FAULT_INJECTION: forcing a failure.
[  300.347000][T16813] name failslab, interval 1, probability 0, space 0, times 0
[  300.359793][T16813] CPU: 0 UID: 0 PID: 16813 Comm: syz.1.4032 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  300.359821][T16813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  300.359910][T16813] Call Trace:
[  300.359917][T16813]  <TASK>
[  300.359924][T16813]  __dump_stack+0x1d/0x30
[  300.359947][T16813]  dump_stack_lvl+0xe8/0x140
[  300.360005][T16813]  dump_stack+0x15/0x1b
[  300.360021][T16813]  should_fail_ex+0x265/0x280
[  300.360133][T16813]  should_failslab+0x8c/0xb0
[  300.360220][T16813]  __kmalloc_cache_node_noprof+0x54/0x4a0
[  300.360250][T16813]  ? __get_vm_area_node+0x106/0x1d0
[  300.360279][T16813]  __get_vm_area_node+0x106/0x1d0
[  300.360388][T16813]  __vmalloc_node_range_noprof+0x28c/0xed0
[  300.360421][T16813]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[  300.360515][T16813]  ? __rcu_read_unlock+0x4f/0x70
[  300.360549][T16813]  ? cred_has_capability+0x210/0x280
[  300.360627][T16813]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[  300.360670][T16813]  __vmalloc_noprof+0x83/0xc0
[  300.360716][T16813]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[  300.360786][T16813]  bpf_prog_alloc_no_stats+0x47/0x3b0
[  300.360817][T16813]  ? bpf_prog_alloc+0x2a/0x150
[  300.360865][T16813]  bpf_prog_alloc+0x3c/0x150
[  300.360962][T16813]  bpf_prog_load+0x506/0x1100
[  300.360993][T16813]  ? security_bpf+0x2b/0x90
[  300.361086][T16813]  __sys_bpf+0x469/0x7c0
[  300.361205][T16813]  __x64_sys_bpf+0x41/0x50
[  300.361235][T16813]  x64_sys_call+0x2aee/0x3000
[  300.361330][T16813]  do_syscall_64+0xd2/0x200
[  300.361359][T16813]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  300.361392][T16813]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  300.361419][T16813]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.361477][T16813] RIP: 0033:0x7f92707beec9
[  300.361547][T16813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  300.361568][T16813] RSP: 002b:00007f926f21f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  300.361588][T16813] RAX: ffffffffffffffda RBX: 00007f9270a15fa0 RCX: 00007f92707beec9
[  300.361601][T16813] RDX: 0000000000000094 RSI: 0000200000000480 RDI: 0000000000000005
[  300.361614][T16813] RBP: 00007f926f21f090 R08: 0000000000000000 R09: 0000000000000000
[  300.361626][T16813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  300.361638][T16813] R13: 00007f9270a16038 R14: 00007f9270a15fa0 R15: 00007ffc705c8af8
[  300.361671][T16813]  </TASK>
[  300.597907][T16813] syz.1.4032: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0
[  300.617016][T16813] CPU: 0 UID: 0 PID: 16813 Comm: syz.1.4032 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  300.617098][T16813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  300.617111][T16813] Call Trace:
[  300.617119][T16813]  <TASK>
[  300.617129][T16813]  __dump_stack+0x1d/0x30
[  300.617157][T16813]  dump_stack_lvl+0xe8/0x140
[  300.617184][T16813]  dump_stack+0x15/0x1b
[  300.617274][T16813]  warn_alloc+0x12b/0x1a0
[  300.617394][T16813]  __vmalloc_node_range_noprof+0x2b1/0xed0
[  300.617436][T16813]  ? __rcu_read_unlock+0x4f/0x70
[  300.617466][T16813]  ? cred_has_capability+0x210/0x280
[  300.617506][T16813]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[  300.617549][T16813]  __vmalloc_noprof+0x83/0xc0
[  300.617611][T16813]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[  300.617651][T16813]  bpf_prog_alloc_no_stats+0x47/0x3b0
[  300.617689][T16813]  ? bpf_prog_alloc+0x2a/0x150
[  300.617807][T16813]  bpf_prog_alloc+0x3c/0x150
[  300.617864][T16813]  bpf_prog_load+0x506/0x1100
[  300.617892][T16813]  ? security_bpf+0x2b/0x90
[  300.617923][T16813]  __sys_bpf+0x469/0x7c0
[  300.618010][T16813]  __x64_sys_bpf+0x41/0x50
[  300.618046][T16813]  x64_sys_call+0x2aee/0x3000
[  300.618107][T16813]  do_syscall_64+0xd2/0x200
[  300.618138][T16813]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  300.618238][T16813]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  300.618266][T16813]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.618371][T16813] RIP: 0033:0x7f92707beec9
[  300.618392][T16813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  300.618412][T16813] RSP: 002b:00007f926f21f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  300.618431][T16813] RAX: ffffffffffffffda RBX: 00007f9270a15fa0 RCX: 00007f92707beec9
[  300.618443][T16813] RDX: 0000000000000094 RSI: 0000200000000480 RDI: 0000000000000005
[  300.618506][T16813] RBP: 00007f926f21f090 R08: 0000000000000000 R09: 0000000000000000
[  300.618523][T16813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  300.618540][T16813] R13: 00007f9270a16038 R14: 00007f9270a15fa0 R15: 00007ffc705c8af8
[  300.618566][T16813]  </TASK>
[  300.618575][T16813] Mem-Info:
[  300.830624][T16815] FAULT_INJECTION: forcing a failure.
[  300.830624][T16815] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  300.832931][T16813] active_anon:15990 inactive_anon:9 isolated_anon:0
[  300.832931][T16813]  active_file:22196 inactive_file:2394 isolated_file:0
[  300.832931][T16813]  unevictable:0 dirty:269 writeback:0
[  300.832931][T16813]  slab_reclaimable:3551 slab_unreclaimable:18837
[  300.832931][T16813]  mapped:36107 shmem:12500 pagetables:962
[  300.832931][T16813]  sec_pagetables:0 bounce:0
[  300.832931][T16813]  kernel_misc_reclaimable:0
[  300.832931][T16813]  free:1828802 free_pcp:50347 free_cma:0
[  300.845959][T16815] CPU: 1 UID: 0 PID: 16815 Comm: syz.4.4033 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  300.845989][T16815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  300.846004][T16815] Call Trace:
[  300.846031][T16815]  <TASK>
[  300.846042][T16815]  __dump_stack+0x1d/0x30
[  300.846139][T16815]  dump_stack_lvl+0xe8/0x140
[  300.846169][T16815]  dump_stack+0x15/0x1b
[  300.846242][T16815]  should_fail_ex+0x265/0x280
[  300.846289][T16815]  should_fail+0xb/0x20
[  300.846343][T16815]  should_fail_usercopy+0x1a/0x20
[  300.846435][T16815]  _copy_from_user+0x1c/0xb0
[  300.846500][T16815]  __sys_bpf+0x183/0x7c0
[  300.846566][T16815]  __x64_sys_bpf+0x41/0x50
[  300.846605][T16815]  x64_sys_call+0x2aee/0x3000
[  300.846636][T16815]  do_syscall_64+0xd2/0x200
[  300.846711][T16815]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  300.846749][T16815]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  300.846779][T16815]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.846809][T16815] RIP: 0033:0x7f8c5353eec9
[  300.846831][T16815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  300.846929][T16815] RSP: 002b:00007f8c51f9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  300.846955][T16815] RAX: ffffffffffffffda RBX: 00007f8c53795fa0 RCX: 00007f8c5353eec9
[  300.847046][T16815] RDX: 0000000000000010 RSI: 0000200000000380 RDI: 000000000000000f
[  300.847064][T16815] RBP: 00007f8c51f9f090 R08: 0000000000000000 R09: 0000000000000000
[  300.847101][T16815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  300.847118][T16815] R13: 00007f8c53796038 R14: 00007f8c53795fa0 R15: 00007ffcfe78b5e8
[  300.847145][T16815]  </TASK>
[  301.060921][T16813] Node 0 active_anon:71964kB inactive_anon:36kB active_file:88784kB inactive_file:9576kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:148140kB dirty:1076kB writeback:0kB shmem:58004kB kernel_stack:4336kB pagetables:3964kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  301.088375][T16813] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  301.118103][T16813] lowmem_reserve[]: 0 2883 7862 7862
[  301.123534][T16813] Node 0 DMA32 free:2949160kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2952692kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:3532kB free_cma:0kB
[  301.155105][T16813] lowmem_reserve[]: 0 0 4978 4978
[  301.160260][T16813] Node 0 Normal free:4345552kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:78808kB inactive_anon:36kB active_file:88784kB inactive_file:9576kB unevictable:0kB writepending:1036kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:181760kB local_pcp:109784kB free_cma:0kB
[  301.193531][T16813] lowmem_reserve[]: 0 0 0 0
[  301.198130][T16813] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  301.211015][T16813] Node 0 DMA32: 4*4kB (M) 3*8kB (M) 6*16kB (M) 3*32kB (M) 3*64kB (M) 3*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949160kB
[  301.227226][T16813] Node 0 Normal: 332*4kB (UME) 1000*8kB (UME) 328*16kB (UME) 462*32kB (ME) 154*64kB (ME) 81*128kB (UME) 117*256kB (UME) 102*512kB (UME) 75*1024kB (UME) 58*2048kB (UME) 981*4096kB (UM) = 4345520kB
[  301.246852][T16813] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  301.256255][T16813] 43018 total pagecache pages
[  301.260937][T16813] 21 pages in swap cache
[  301.265220][T16813] Free swap  = 124972kB
[  301.269386][T16813] Total swap = 124996kB
[  301.273724][T16813] 2097051 pages RAM
[  301.277617][T16813] 0 pages HighMem/MovableOnly
[  301.282401][T16813] 80478 pages reserved
[  301.456762][T16825] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4035'.
[  301.491861][   T29] kauditd_printk_skb: 23 callbacks suppressed
[  301.491878][   T29] audit: type=1326 audit(1760046039.466:82241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16828 comm="syz.4.4039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c5353eec9 code=0x7ffc0000
[  301.521669][   T29] audit: type=1326 audit(1760046039.466:82242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16828 comm="syz.4.4039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c5353eec9 code=0x7ffc0000
[  301.555762][   T29] audit: type=1326 audit(1760046039.536:82243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16828 comm="syz.4.4039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8c5353eec9 code=0x7ffc0000
[  301.579481][   T29] audit: type=1326 audit(1760046039.536:82244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16828 comm="syz.4.4039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c5353eec9 code=0x7ffc0000
[  301.603134][   T29] audit: type=1326 audit(1760046039.536:82245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16828 comm="syz.4.4039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c5353eec9 code=0x7ffc0000
[  301.626800][   T29] audit: type=1326 audit(1760046039.536:82246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16828 comm="syz.4.4039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8c5353eec9 code=0x7ffc0000
[  301.650382][   T29] audit: type=1326 audit(1760046039.536:82247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16828 comm="syz.4.4039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c5353eec9 code=0x7ffc0000
[  301.674084][   T29] audit: type=1326 audit(1760046039.536:82248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16828 comm="syz.4.4039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=282 compat=0 ip=0x7f8c5353eec9 code=0x7ffc0000
[  301.697840][   T29] audit: type=1326 audit(1760046039.536:82249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16828 comm="syz.4.4039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c5353eec9 code=0x7ffc0000
[  301.731056][T16825] loop1: detected capacity change from 0 to 8192
[  301.745281][   T29] audit: type=1326 audit(1760046039.726:82250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16820 comm="syz.1.4035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92707beec9 code=0x7ffc0000
[  301.797359][T16838] netlink: 332 bytes leftover after parsing attributes in process `syz.2.4042'.
[  301.815607][T16838] netlink: 'syz.2.4042': attribute type 9 has an invalid length.
[  301.823495][T16838] netlink: 108 bytes leftover after parsing attributes in process `syz.2.4042'.
[  301.832704][T16838] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4042'.
[  301.991518][T16851] loop0: detected capacity change from 0 to 512
[  302.019039][T16851] EXT4-fs: Ignoring removed nomblk_io_submit option
[  302.040297][T16851] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  302.050227][T16851] EXT4-fs (loop0): invalid inodes per group: 196640
[  302.050227][T16851] 
[  302.283889][T16858] netlink: 'syz.3.4050': attribute type 6 has an invalid length.
[  302.369454][T16856] loop1: detected capacity change from 0 to 128
[  302.381415][T16856] vfat: Unknown parameter ''
[  302.423376][T16865] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4053'.
[  302.500082][T16875] 9pnet_virtio: no channels available for device 127.0.0.1
[  302.545550][T16877] netlink: 104 bytes leftover after parsing attributes in process `syz.3.4056'.
[  302.572479][T16877] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1338 sclass=netlink_route_socket pid=16877 comm=syz.3.4056
[  302.612730][T16881] netlink: 4276 bytes leftover after parsing attributes in process `syz.4.4058'.
[  302.622353][T16881] netlink: 4276 bytes leftover after parsing attributes in process `syz.4.4058'.
[  302.631549][T16881] netlink: 396 bytes leftover after parsing attributes in process `syz.4.4058'.
[  302.641737][T16881] 9pnet_fd: Insufficient options for proto=fd
[  302.648100][T16881] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  302.680929][T16884] loop1: detected capacity change from 0 to 512
[  302.696561][T16884] EXT4-fs: Ignoring removed nomblk_io_submit option
[  302.703984][T16884] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  302.713851][T16884] EXT4-fs (loop1): invalid inodes per group: 196640
[  302.713851][T16884] 
[  302.723950][T16886] netlink: 'syz.3.4060': attribute type 9 has an invalid length.
[  302.749493][T16890] 9pnet_fd: Insufficient options for proto=fd
[  302.828103][T16898] random: crng reseeded on system resumption
[  302.853587][T16901] 9pnet_virtio: no channels available for device 127.0.0.1
[  303.035992][T16910] 9pnet_virtio: no channels available for device 127.0.0.1
[  303.061913][T16912] loop2: detected capacity change from 0 to 512
[  303.071594][T16912] EXT4-fs: Ignoring removed nomblk_io_submit option
[  303.078823][T16912] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  303.088771][T16912] EXT4-fs (loop2): invalid inodes per group: 196640
[  303.088771][T16912] 
[  303.102654][T16914] loop1: detected capacity change from 0 to 512
[  303.112841][T16914] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  303.158161][T16918] FAULT_INJECTION: forcing a failure.
[  303.158161][T16918] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  303.171413][T16918] CPU: 1 UID: 0 PID: 16918 Comm: syz.1.4074 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  303.171447][T16918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  303.171475][T16918] Call Trace:
[  303.171481][T16918]  <TASK>
[  303.171488][T16918]  __dump_stack+0x1d/0x30
[  303.171524][T16918]  dump_stack_lvl+0xe8/0x140
[  303.171550][T16918]  dump_stack+0x15/0x1b
[  303.171578][T16918]  should_fail_ex+0x265/0x280
[  303.171660][T16918]  should_fail+0xb/0x20
[  303.171700][T16918]  should_fail_usercopy+0x1a/0x20
[  303.171722][T16918]  _copy_from_user+0x1c/0xb0
[  303.171900][T16918]  get_sg_io_hdr+0x82/0x360
[  303.171952][T16918]  ? perf_callchain_user+0xae0/0xb50
[  303.171991][T16918]  ? __rcu_read_unlock+0x4f/0x70
[  303.172019][T16918]  sg_new_write+0xc3/0x890
[  303.172106][T16918]  ? do_vfs_ioctl+0x866/0xe10
[  303.172131][T16918]  sg_ioctl+0xb81/0x1360
[  303.172163][T16918]  ? __pfx_sg_ioctl+0x10/0x10
[  303.172187][T16918]  __se_sys_ioctl+0xcb/0x140
[  303.172288][T16918]  __x64_sys_ioctl+0x43/0x50
[  303.172330][T16918]  x64_sys_call+0x1816/0x3000
[  303.172358][T16918]  do_syscall_64+0xd2/0x200
[  303.172467][T16918]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  303.172496][T16918]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  303.172591][T16918]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.172613][T16918] RIP: 0033:0x7f92707beec9
[  303.172628][T16918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.172647][T16918] RSP: 002b:00007f926f21f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  303.172672][T16918] RAX: ffffffffffffffda RBX: 00007f9270a15fa0 RCX: 00007f92707beec9
[  303.172690][T16918] RDX: 0000200000000040 RSI: 0000000000002285 RDI: 0000000000000003
[  303.172706][T16918] RBP: 00007f926f21f090 R08: 0000000000000000 R09: 0000000000000000
[  303.172730][T16918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  303.172747][T16918] R13: 00007f9270a16038 R14: 00007f9270a15fa0 R15: 00007ffc705c8af8
[  303.172772][T16918]  </TASK>
[  303.383403][T16923] netlink: 'syz.4.4076': attribute type 6 has an invalid length.
[  303.449695][T16932] netlink: 'syz.2.4080': attribute type 6 has an invalid length.
[  303.528086][T16938] random: crng reseeded on system resumption
[  303.537999][T16926] loop1: detected capacity change from 0 to 128
[  303.552573][T16926] vfat: Unknown parameter ''
[  303.586429][T16942] loop4: detected capacity change from 0 to 512
[  303.593340][T16942] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  303.749321][T16946] lo speed is unknown, defaulting to 1000
[  303.763402][T16952] random: crng reseeded on system resumption
[  303.822277][T16955] random: crng reseeded on system resumption
[  304.007404][T16959] loop1: detected capacity change from 0 to 8192
[  304.106571][T16962] loop3: detected capacity change from 0 to 512
[  304.131616][T16962] EXT4-fs: Ignoring removed nomblk_io_submit option
[  304.151940][T16962] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  304.161844][T16962] EXT4-fs (loop3): invalid inodes per group: 196640
[  304.161844][T16962] 
[  304.212048][T16965] random: crng reseeded on system resumption
[  304.244181][T16967] bridge: RTM_NEWNEIGH with unconfigured vlan 4 on bridge0
[  304.430227][T16982] bridge: RTM_NEWNEIGH with unconfigured vlan 4 on bridge0
[  304.529712][T16986] loop3: detected capacity change from 0 to 128
[  304.536527][T16986] vfat: Unknown parameter ''
[  304.697274][T16991] random: crng reseeded on system resumption
[  304.918931][T17011] __nla_validate_parse: 10 callbacks suppressed
[  304.918948][T17011] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4108'.
[  304.956572][T17013] bridge0: port 2(bridge_slave_1) entered disabled state
[  304.963795][T17013] bridge0: port 1(bridge_slave_0) entered disabled state
[  304.971189][T17013] bridge0: entered allmulticast mode
[  304.990646][T17013] bridge_slave_1: left allmulticast mode
[  304.996534][T17013] bridge_slave_1: left promiscuous mode
[  305.002489][T17013] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.010796][T17013] bridge_slave_0: left allmulticast mode
[  305.016508][T17013] bridge_slave_0: left promiscuous mode
[  305.022424][T17013] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.131931][T17022] loop3: detected capacity change from 0 to 4096
[  305.141542][T17022] EXT4-fs: Ignoring removed nomblk_io_submit option
[  305.161801][T17022] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  305.226784][T17022] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.236681][T17022] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.250971][T17022] bridge0: entered allmulticast mode
[  305.296659][T17032] netlink: 332 bytes leftover after parsing attributes in process `syz.0.4115'.
[  305.308401][T17032] netlink: 'syz.0.4115': attribute type 9 has an invalid length.
[  305.316218][T17032] netlink: 108 bytes leftover after parsing attributes in process `syz.0.4115'.
[  305.325402][T17032] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4115'.
[  305.380320][T17033] loop4: detected capacity change from 0 to 128
[  305.384567][ T9298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.387221][T17033] vfat: Unknown parameter ''
[  305.428341][T17035] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17035 comm=syz.0.4116
[  305.494990][T17039] bridge_slave_0: left allmulticast mode
[  305.500768][T17039] bridge_slave_0: left promiscuous mode
[  305.506644][T17039] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.516434][T17039] bridge_slave_1: left allmulticast mode
[  305.522272][T17039] bridge_slave_1: left promiscuous mode
[  305.528036][T17039] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.538354][T17039] .`: (slave bond_slave_0): Releasing backup interface
[  305.549214][T17039] .`: (slave bond_slave_1): Releasing backup interface
[  305.577662][T17039] team0: Port device team_slave_0 removed
[  305.587209][T17039] team0: Port device team_slave_1 removed
[  305.594093][T17039] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  305.601547][T17039] batman_adv: batadv0: Removing interface: batadv_slave_0
[  305.610590][T17039] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  305.618168][T17039] batman_adv: batadv0: Removing interface: batadv_slave_1
[  305.628881][T17039] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  306.031845][T17074] 9pnet_virtio: no channels available for device 127.0.0.1
[  306.052130][T17066] lo speed is unknown, defaulting to 1000
[  306.194754][T17075] lo speed is unknown, defaulting to 1000
[  306.852639][T17089] loop1: detected capacity change from 0 to 512
[  306.859223][T17089] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  306.949012][   T29] kauditd_printk_skb: 94 callbacks suppressed
[  306.949030][   T29] audit: type=1400 audit(1760046044.916:82345): avc:  denied  { execute } for  pid=17085 comm="syz.4.4135" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=57148 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  306.981749][   T29] audit: type=1400 audit(1760046044.916:82346): avc:  denied  { append } for  pid=17085 comm="syz.4.4135" name="001" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  307.044324][T17098] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  307.045197][   T29] audit: type=1400 audit(1760046044.976:82347): avc:  denied  { map } for  pid=17085 comm="syz.4.4135" path="socket:[57150]" dev="sockfs" ino=57150 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  307.156894][T17100] loop1: detected capacity change from 0 to 512
[  307.163758][T17100] EXT4-fs: Ignoring removed nomblk_io_submit option
[  307.178889][T17100] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  307.188814][T17100] EXT4-fs (loop1): invalid inodes per group: 196640
[  307.188814][T17100] 
[  307.285428][T17112] netlink: 332 bytes leftover after parsing attributes in process `syz.3.4146'.
[  307.308530][T17112] netlink: 'syz.3.4146': attribute type 9 has an invalid length.
[  307.316641][T17112] netlink: 108 bytes leftover after parsing attributes in process `syz.3.4146'.
[  307.325885][T17112] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4146'.
[  307.378777][T17119] FAULT_INJECTION: forcing a failure.
[  307.378777][T17119] name failslab, interval 1, probability 0, space 0, times 0
[  307.391537][T17119] CPU: 0 UID: 0 PID: 17119 Comm: syz.0.4147 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  307.391572][T17119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  307.391584][T17119] Call Trace:
[  307.391592][T17119]  <TASK>
[  307.391602][T17119]  __dump_stack+0x1d/0x30
[  307.391625][T17119]  dump_stack_lvl+0xe8/0x140
[  307.391725][T17119]  dump_stack+0x15/0x1b
[  307.391747][T17119]  should_fail_ex+0x265/0x280
[  307.391780][T17119]  should_failslab+0x8c/0xb0
[  307.391807][T17119]  __kmalloc_noprof+0xa5/0x570
[  307.391892][T17119]  ? do_sys_poll+0x19b/0xbd0
[  307.391930][T17119]  do_sys_poll+0x19b/0xbd0
[  307.391966][T17119]  ? selinux_file_open+0x2df/0x330
[  307.392096][T17119]  __se_sys_poll+0xdd/0x200
[  307.392120][T17119]  __x64_sys_poll+0x43/0x50
[  307.392164][T17119]  x64_sys_call+0x27d6/0x3000
[  307.392192][T17119]  do_syscall_64+0xd2/0x200
[  307.392239][T17119]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  307.392277][T17119]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  307.392297][T17119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.392333][T17119] RIP: 0033:0x7eff1648eec9
[  307.392352][T17119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.392370][T17119] RSP: 002b:00007eff14ef7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007
[  307.392388][T17119] RAX: ffffffffffffffda RBX: 00007eff166e5fa0 RCX: 00007eff1648eec9
[  307.392401][T17119] RDX: 0000000000000009 RSI: 20000000000000b5 RDI: 0000200000000000
[  307.392417][T17119] RBP: 00007eff14ef7090 R08: 0000000000000000 R09: 0000000000000000
[  307.392431][T17119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  307.392489][T17119] R13: 00007eff166e6038 R14: 00007eff166e5fa0 R15: 00007fff6a2ac498
[  307.392515][T17119]  </TASK>
[  307.663024][T17123] random: crng reseeded on system resumption
[  307.698488][T17127] loop4: detected capacity change from 0 to 512
[  307.723943][T17118] loop1: detected capacity change from 0 to 128
[  307.737800][T17118] vfat: Unknown parameter ''
[  307.774250][T17127] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  307.896815][T17127] EXT4-fs (loop4): 1 truncate cleaned up
[  307.908683][   T29] audit: type=1326 audit(1760046045.886:82348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17139 comm="syz.1.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92707beec9 code=0x7ffc0000
[  307.932631][   T29] audit: type=1326 audit(1760046045.916:82349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17139 comm="syz.1.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7f92707beec9 code=0x7ffc0000
[  307.956561][   T29] audit: type=1326 audit(1760046045.916:82350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17139 comm="syz.1.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92707beec9 code=0x7ffc0000
[  307.980710][   T29] audit: type=1326 audit(1760046045.916:82351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17139 comm="syz.1.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f92707beec9 code=0x7ffc0000
[  308.004448][   T29] audit: type=1326 audit(1760046045.916:82352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17139 comm="syz.1.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92707beec9 code=0x7ffc0000
[  308.028133][   T29] audit: type=1326 audit(1760046045.916:82353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17139 comm="syz.1.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f92707beec9 code=0x7ffc0000
[  308.028537][T17127] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  308.100948][   T29] audit: type=1326 audit(1760046046.056:82354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17139 comm="syz.1.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f92707bef03 code=0x7ffc0000
[  308.175119][T17127] EXT4-fs (loop4): shut down requested (2)
[  308.242881][T17127] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  308.327585][T13544] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  308.491996][T17154] lo speed is unknown, defaulting to 1000
[  308.920824][T17159] netlink: 432 bytes leftover after parsing attributes in process `syz.1.4163'.
[  309.053952][T17159] netlink: 136 bytes leftover after parsing attributes in process `syz.1.4163'.
[  309.152828][T17167] loop0: detected capacity change from 0 to 512
[  309.181602][T17167] EXT4-fs: Ignoring removed nomblk_io_submit option
[  309.209510][T17167] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  309.219418][T17167] EXT4-fs (loop0): invalid inodes per group: 196640
[  309.219418][T17167] 
[  309.285269][T17164] lo speed is unknown, defaulting to 1000
[  309.357649][T17162] loop3: detected capacity change from 0 to 128
[  309.394350][T17162] vfat: Unknown parameter ''
[  309.677095][T17191] random: crng reseeded on system resumption
[  309.845517][T17199] random: crng reseeded on system resumption
[  309.905490][T17203] 9pnet_fd: Insufficient options for proto=fd
[  309.939629][T17205] loop4: detected capacity change from 0 to 512
[  309.955826][T17205] EXT4-fs: Ignoring removed nomblk_io_submit option
[  309.967419][T17205] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  309.977432][T17205] EXT4-fs (loop4): invalid inodes per group: 196640
[  309.977432][T17205] 
[  310.003007][T17207] loop3: detected capacity change from 0 to 512
[  310.009878][T17207] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  310.048559][T17207] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.4180: bg 0: block 104: invalid block bitmap
[  310.061599][T17207] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  310.070588][T17207] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.4180: invalid indirect mapped block 1 (level 1)
[  310.084308][T17207] EXT4-fs (loop3): 1 truncate cleaned up
[  310.090413][T17207] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  310.116672][ T9298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.151698][T17216] netlink: 432 bytes leftover after parsing attributes in process `syz.4.4185'.
[  310.167229][T17216] netlink: 136 bytes leftover after parsing attributes in process `syz.4.4185'.
[  310.240820][T17228] bridge_slave_0: left allmulticast mode
[  310.246653][T17228] bridge_slave_0: left promiscuous mode
[  310.252389][T17228] bridge0: port 1(bridge_slave_0) entered disabled state
[  310.261016][T17228] bridge_slave_1: left allmulticast mode
[  310.266750][T17228] bridge_slave_1: left promiscuous mode
[  310.272494][T17228] bridge0: port 2(bridge_slave_1) entered disabled state
[  310.283817][T17228] bond0: (slave bond_slave_0): Releasing backup interface
[  310.294665][T17228] bond0: (slave bond_slave_1): Releasing backup interface
[  310.312524][T17228] team0: Port device team_slave_0 removed
[  310.322853][T17228] team0: Port device team_slave_1 removed
[  310.330121][T17228] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  310.337680][T17228] batman_adv: batadv0: Removing interface: batadv_slave_0
[  310.346424][T17228] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  310.353987][T17228] batman_adv: batadv0: Removing interface: batadv_slave_1
[  310.363858][T17228] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  310.488263][T17243] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4192'.
[  310.528459][T17243] loop3: detected capacity change from 0 to 8192
[  310.628383][T17258] loop4: detected capacity change from 0 to 512
[  310.673389][T17263] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4200'.
[  310.683033][T17264] netlink: 432 bytes leftover after parsing attributes in process `syz.2.4196'.
[  310.683044][T17262] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4200'.
[  310.701436][T17264] netlink: 136 bytes leftover after parsing attributes in process `syz.2.4196'.
[  310.727207][T17268] bridge: RTM_NEWNEIGH with unconfigured vlan 4 on bridge0
[  310.789465][T17269] netlink: 432 bytes leftover after parsing attributes in process `syz.4.4201'.
[  310.798793][T17269] netlink: 136 bytes leftover after parsing attributes in process `syz.4.4201'.
[  311.167513][T17273] IPv6: NLM_F_CREATE should be specified when creating new route
[  311.175431][T17273] FAULT_INJECTION: forcing a failure.
[  311.175431][T17273] name failslab, interval 1, probability 0, space 0, times 0
[  311.188150][T17273] CPU: 0 UID: 0 PID: 17273 Comm: syz.0.4203 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  311.188175][T17273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  311.188188][T17273] Call Trace:
[  311.188194][T17273]  <TASK>
[  311.188201][T17273]  __dump_stack+0x1d/0x30
[  311.188270][T17273]  dump_stack_lvl+0xe8/0x140
[  311.188305][T17273]  dump_stack+0x15/0x1b
[  311.188320][T17273]  should_fail_ex+0x265/0x280
[  311.188431][T17273]  ? fib6_new_table+0x97/0x210
[  311.188460][T17273]  should_failslab+0x8c/0xb0
[  311.188494][T17273]  __kmalloc_cache_noprof+0x4c/0x4a0
[  311.188523][T17273]  fib6_new_table+0x97/0x210
[  311.188566][T17273]  ip6_route_info_create+0xaf/0x390
[  311.188586][T17273]  inet6_rtm_newroute+0x35e/0x1020
[  311.188616][T17273]  ? __memcg_slab_free_hook+0x135/0x230
[  311.188725][T17273]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[  311.188754][T17273]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  311.188848][T17273]  netlink_rcv_skb+0x120/0x220
[  311.188873][T17273]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  311.188911][T17273]  rtnetlink_rcv+0x1c/0x30
[  311.188940][T17273]  netlink_unicast+0x5bd/0x690
[  311.188992][T17273]  netlink_sendmsg+0x58b/0x6b0
[  311.189034][T17273]  ? __pfx_netlink_sendmsg+0x10/0x10
[  311.189084][T17273]  __sock_sendmsg+0x145/0x180
[  311.189111][T17273]  ____sys_sendmsg+0x31e/0x4e0
[  311.189184][T17273]  ___sys_sendmsg+0x17b/0x1d0
[  311.189225][T17273]  __x64_sys_sendmsg+0xd4/0x160
[  311.189258][T17273]  x64_sys_call+0x191e/0x3000
[  311.189278][T17273]  do_syscall_64+0xd2/0x200
[  311.189316][T17273]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  311.189342][T17273]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  311.189362][T17273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.189428][T17273] RIP: 0033:0x7eff1648eec9
[  311.189441][T17273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.189469][T17273] RSP: 002b:00007eff14ef7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  311.189486][T17273] RAX: ffffffffffffffda RBX: 00007eff166e5fa0 RCX: 00007eff1648eec9
[  311.189498][T17273] RDX: 0000000020040844 RSI: 0000200000000340 RDI: 0000000000000006
[  311.189509][T17273] RBP: 00007eff14ef7090 R08: 0000000000000000 R09: 0000000000000000
[  311.189520][T17273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  311.189530][T17273] R13: 00007eff166e6038 R14: 00007eff166e5fa0 R15: 00007fff6a2ac498
[  311.189582][T17273]  </TASK>
[  311.509586][T17285] random: crng reseeded on system resumption
[  311.691714][T17294] loop4: detected capacity change from 0 to 512
[  311.698372][T17294] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  312.172327][T17297] lo speed is unknown, defaulting to 1000
[  312.202712][T17296] lo speed is unknown, defaulting to 1000
[  312.322043][T17305] random: crng reseeded on system resumption
[  312.334188][T17307] loop3: detected capacity change from 0 to 512
[  312.340963][T17307] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  312.371315][   T29] kauditd_printk_skb: 90 callbacks suppressed
[  312.371331][   T29] audit: type=1400 audit(1760046050.356:82445): avc:  denied  { write } for  pid=17308 comm="syz.3.4215" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  312.522240][T17309] Falling back ldisc for ttyS3.
[  312.547143][   T29] audit: type=1400 audit(1760046050.516:82446): avc:  denied  { append } for  pid=17308 comm="syz.3.4215" name="pfkey" dev="proc" ino=4026533273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  312.657497][T17324] bridge: RTM_NEWNEIGH with unconfigured vlan 4 on bridge0
[  312.698735][   T29] audit: type=1326 audit(1760046050.676:82447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17326 comm="syz.2.4223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47bfc8eec9 code=0x7ffc0000
[  312.733946][T17329] netlink: 432 bytes leftover after parsing attributes in process `syz.4.4222'.
[  312.764619][   T29] audit: type=1326 audit(1760046050.676:82448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17326 comm="syz.2.4223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f47bfc8eec9 code=0x7ffc0000
[  312.788294][   T29] audit: type=1326 audit(1760046050.676:82449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17326 comm="syz.2.4223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47bfc8eec9 code=0x7ffc0000
[  312.811975][   T29] audit: type=1326 audit(1760046050.676:82450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17326 comm="syz.2.4223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47bfc8eec9 code=0x7ffc0000
[  312.835607][   T29] audit: type=1326 audit(1760046050.676:82451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17326 comm="syz.2.4223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f47bfc8eec9 code=0x7ffc0000
[  312.859216][   T29] audit: type=1326 audit(1760046050.676:82452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17326 comm="syz.2.4223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47bfc8eec9 code=0x7ffc0000
[  312.883263][   T29] audit: type=1326 audit(1760046050.676:82453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17326 comm="syz.2.4223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47bfc8eec9 code=0x7ffc0000
[  312.906940][   T29] audit: type=1326 audit(1760046050.676:82454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17326 comm="syz.2.4223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=282 compat=0 ip=0x7f47bfc8eec9 code=0x7ffc0000
[  312.932998][T17331] random: crng reseeded on system resumption
[  313.047570][T17339] loop3: detected capacity change from 0 to 512
[  313.076053][T17343] loop1: detected capacity change from 0 to 512
[  313.083274][T17343] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  313.093870][T17343] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.4228: bg 0: block 104: invalid block bitmap
[  313.101625][T17339] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  313.122239][T17343] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  313.122274][T17339] EXT4-fs (loop3): mount failed
[  313.136231][T17343] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.4228: invalid indirect mapped block 1 (level 1)
[  313.149807][T17343] EXT4-fs (loop1): 1 truncate cleaned up
[  313.167532][T17343] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  313.205279][T10340] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  313.244351][T17353] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  313.370190][T17360] loop1: detected capacity change from 0 to 128
[  313.376798][T17360] vfat: Unknown parameter ''
[  313.509854][T17378] loop1: detected capacity change from 0 to 512
[  313.521607][T17378] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  313.548138][T17381] loop0: detected capacity change from 0 to 512
[  313.558239][T17383] loop4: detected capacity change from 0 to 512
[  313.570568][T17381] EXT4-fs: Ignoring removed nomblk_io_submit option
[  313.570887][T17378] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.4242: bg 0: block 104: invalid block bitmap
[  313.590498][T17383] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  313.598971][T17381] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  313.608916][T17381] EXT4-fs (loop0): invalid inodes per group: 196640
[  313.608916][T17381] 
[  313.620215][T17378] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  313.621457][T17383] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.4244: bg 0: block 104: invalid block bitmap
[  313.641590][T17378] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.4242: invalid indirect mapped block 1 (level 1)
[  313.651920][T17383] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  313.663652][T17383] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4244: invalid indirect mapped block 1 (level 1)
[  313.678509][T17383] EXT4-fs (loop4): 1 truncate cleaned up
[  313.687374][T17378] EXT4-fs (loop1): 1 truncate cleaned up
[  313.693414][T17383] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  313.714020][T17378] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  313.796184][T10340] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  313.812070][T17383] 9pnet_fd: Insufficient options for proto=fd
[  313.851368][T13544] EXT4-fs error (device loop4): ext4_empty_dir:3077: inode #11: comm syz-executor: invalid size
[  313.895607][T13544] EXT4-fs error (device loop4): ext4_empty_dir:3077: inode #11: comm syz-executor: invalid size
[  313.926132][T13544] EXT4-fs error (device loop4): ext4_empty_dir:3077: inode #11: comm syz-executor: invalid size
[  313.943585][T13544] EXT4-fs error (device loop4): ext4_empty_dir:3077: inode #11: comm syz-executor: invalid size
[  313.961506][T13544] EXT4-fs error (device loop4): ext4_empty_dir:3077: inode #11: comm syz-executor: invalid size
[  313.972654][T13544] EXT4-fs error (device loop4): ext4_empty_dir:3077: inode #11: comm syz-executor: invalid size
[  313.990730][T13544] EXT4-fs error (device loop4): ext4_empty_dir:3077: inode #11: comm syz-executor: invalid size
[  314.002236][T13544] EXT4-fs error (device loop4): ext4_empty_dir:3077: inode #11: comm syz-executor: invalid size
[  314.031346][T13544] EXT4-fs error (device loop4): ext4_empty_dir:3077: inode #11: comm syz-executor: invalid size
[  314.046512][T13544] EXT4-fs error (device loop4): ext4_empty_dir:3077: inode #11: comm syz-executor: invalid size
[  314.057097][T17400] lo speed is unknown, defaulting to 1000
[  314.098308][T17404] lo speed is unknown, defaulting to 1000
[  314.386887][T17415] lo speed is unknown, defaulting to 1000
[  314.729004][T17420] loop3: detected capacity change from 0 to 2048
[  314.745354][T13544] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.771739][T17420] EXT4-fs (loop3): failed to initialize system zone (-117)
[  314.779049][T17420] EXT4-fs (loop3): mount failed
[  315.081232][T17444] loop1: detected capacity change from 0 to 512
[  315.098249][T17444] EXT4-fs: Ignoring removed nomblk_io_submit option
[  315.173721][T17444] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  315.183744][T17444] EXT4-fs (loop1): invalid inodes per group: 196640
[  315.183744][T17444] 
[  315.304925][T17430] lo speed is unknown, defaulting to 1000
[  315.354924][T17451] loop0: detected capacity change from 0 to 512
[  315.377061][T17451] EXT4-fs: Ignoring removed nomblk_io_submit option
[  315.384925][T17451] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  315.394880][T17451] EXT4-fs (loop0): invalid inodes per group: 196640
[  315.394880][T17451] 
[  315.434134][T17430] chnl_net:caif_netlink_parms(): no params data found
[  315.533991][T17458] loop0: detected capacity change from 0 to 512
[  315.564625][T17463] loop2: detected capacity change from 0 to 1024
[  315.572020][T17458] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  315.583524][T17458] EXT4-fs (loop0): 1 truncate cleaned up
[  315.589664][T17458] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  315.603693][T17430] bridge0: port 1(bridge_slave_0) entered blocking state
[  315.604180][T17463] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  315.610775][T17430] bridge0: port 1(bridge_slave_0) entered disabled state
[  315.621063][T17430] bridge_slave_0: entered allmulticast mode
[  315.636674][T17430] bridge_slave_0: entered promiscuous mode
[  315.645198][T17430] bridge0: port 2(bridge_slave_1) entered blocking state
[  315.645586][T17458] EXT4-fs (loop0): shut down requested (2)
[  315.652386][T17430] bridge0: port 2(bridge_slave_1) entered disabled state
[  315.666365][T17430] bridge_slave_1: entered allmulticast mode
[  315.673144][T17430] bridge_slave_1: entered promiscuous mode
[  315.689065][T17458] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=12
[  315.700633][T10603] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  315.712123][T10470] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  315.723179][T17430] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  315.740474][T17430] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  315.768199][T17468] lo speed is unknown, defaulting to 1000
[  315.769234][T17430] team0: Port device team_slave_0 added
[  315.789997][T17430] team0: Port device team_slave_1 added
[  315.804193][T17474] 9pnet_fd: Insufficient options for proto=fd
[  315.846914][T17478] bond0: (slave bond_slave_0): Releasing backup interface
[  315.856790][T17478] bond0: (slave bond_slave_1): Releasing backup interface
[  315.868830][T17478] team0: Port device team_slave_0 removed
[  315.878064][T17478] team0: Port device team_slave_1 removed
[  315.885264][T17478] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  315.892698][T17478] batman_adv: batadv0: Removing interface: batadv_slave_0
[  315.901279][T17478] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  315.908755][T17478] batman_adv: batadv0: Removing interface: batadv_slave_1
[  315.935533][T17478] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  315.965302][T17483] ALSA: seq fatal error: cannot create timer (-22)
[  315.973838][T17430] batman_adv: batadv0: Adding interface: batadv_slave_0
[  315.980814][T17430] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  316.006915][T17430] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  316.041886][T17485] loop2: detected capacity change from 0 to 2048
[  316.053504][T17485] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  316.055777][T17430] batman_adv: batadv0: Adding interface: batadv_slave_1
[  316.071033][T17485] 9pnet_fd: Insufficient options for proto=fd
[  316.072690][T17430] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  316.104611][T17430] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  316.146236][T10603] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.158753][T17430] hsr_slave_0: entered promiscuous mode
[  316.165032][T17430] hsr_slave_1: entered promiscuous mode
[  316.171065][T17430] debugfs: 'hsr0' already exists in 'hsr'
[  316.176866][T17430] Cannot create hsr debugfs directory
[  316.182240][T17495] loop2: detected capacity change from 0 to 512
[  316.182560][T17495] EXT4-fs: Ignoring removed nomblk_io_submit option
[  316.195649][T17495] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  316.205557][T17495] EXT4-fs (loop2): invalid inodes per group: 196640
[  316.205557][T17495] 
[  316.313322][T17499] loop1: detected capacity change from 0 to 128
[  316.328937][T17501] random: crng reseeded on system resumption
[  316.332191][T17430] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  316.342047][T17499] vfat: Unknown parameter ''
[  316.358028][T17430] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  316.395029][T17430] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  316.404398][T17430] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  316.488294][T17512] random: crng reseeded on system resumption
[  316.507073][T17430] 8021q: adding VLAN 0 to HW filter on device bond0
[  316.654345][T17430] 8021q: adding VLAN 0 to HW filter on device team0
[  316.692318][T12439] bridge0: port 1(bridge_slave_0) entered blocking state
[  316.699491][T12439] bridge0: port 1(bridge_slave_0) entered forwarding state
[  316.708775][T12439] bridge0: port 2(bridge_slave_1) entered blocking state
[  316.715865][T12439] bridge0: port 2(bridge_slave_1) entered forwarding state
[  316.784792][T17430] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  316.795188][T17430] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  316.928269][T17430] 8021q: adding VLAN 0 to HW filter on device batadv0
[  317.060620][T17430] veth0_vlan: entered promiscuous mode
[  317.062303][T17534] loop2: detected capacity change from 0 to 128
[  317.079139][T17430] veth1_vlan: entered promiscuous mode
[  317.084180][T17534] vfat: Unknown parameter ''
[  317.113762][T17430] veth0_macvtap: entered promiscuous mode
[  317.129889][T17430] veth1_macvtap: entered promiscuous mode
[  317.155854][T17430] batman_adv: batadv0: Interface activated: batadv_slave_0
[  317.182923][T17430] batman_adv: batadv0: Interface activated: batadv_slave_1
[  317.199517][T12464] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  317.229889][T12464] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  317.239229][T12464] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  317.259761][T12464] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  317.321791][T17550] loop2: detected capacity change from 0 to 764
[  317.328768][T17550] iso9660: Unknown parameter 'GPL'
[  317.374689][T17552] lo speed is unknown, defaulting to 1000
[  317.602567][T17563] FAULT_INJECTION: forcing a failure.
[  317.602567][T17563] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  317.615753][T17563] CPU: 1 UID: 0 PID: 17563 Comm: syz.0.4287 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  317.615787][T17563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  317.615869][T17563] Call Trace:
[  317.615875][T17563]  <TASK>
[  317.615882][T17563]  __dump_stack+0x1d/0x30
[  317.615908][T17563]  dump_stack_lvl+0xe8/0x140
[  317.615932][T17563]  dump_stack+0x15/0x1b
[  317.615954][T17563]  should_fail_ex+0x265/0x280
[  317.616051][T17563]  should_fail+0xb/0x20
[  317.616132][T17563]  should_fail_usercopy+0x1a/0x20
[  317.616156][T17563]  strncpy_from_user+0x25/0x230
[  317.616190][T17563]  strncpy_from_user_nofault+0x68/0xf0
[  317.616231][T17563]  bpf_probe_read_compat_str+0xb4/0x130
[  317.616262][T17563]  bpf_prog_fd7be918018daafb+0x62/0x68
[  317.616285][T17563]  bpf_trace_run2+0x107/0x1c0
[  317.616327][T17563]  __bpf_trace_sys_enter+0x10/0x30
[  317.616362][T17563]  trace_sys_enter+0x86/0xf0
[  317.616448][T17563]  syscall_trace_enter+0x13e/0x1e0
[  317.616490][T17563]  do_syscall_64+0xac/0x200
[  317.616523][T17563]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  317.616617][T17563]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  317.616645][T17563]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.616704][T17564] loop3: detected capacity change from 0 to 512
[  317.616745][T17563] RIP: 0033:0x7eff1648eec9
[  317.616770][T17563] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.616796][T17563] RSP: 002b:00007eff14ef7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b5
[  317.616825][T17563] RAX: ffffffffffffffda RBX: 00007eff166e5fa0 RCX: 00007eff1648eec9
[  317.616844][T17563] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffff9c
[  317.616865][T17563] RBP: 00007eff14ef7090 R08: 0000000000000000 R09: 0000000000000000
[  317.616884][T17563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  317.616945][T17563] R13: 00007eff166e6038 R14: 00007eff166e5fa0 R15: 00007fff6a2ac498
[  317.616973][T17563]  </TASK>
[  317.683381][T17568] loop0: detected capacity change from 0 to 512
[  317.717221][T17564] EXT4-fs: Ignoring removed nomblk_io_submit option
[  317.743061][T17570] bridge_slave_0: left promiscuous mode
[  317.745327][T17564] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  317.764453][T17570] bridge0: port 1(bridge_slave_0) entered disabled state
[  317.772758][T17564] EXT4-fs (loop3): invalid inodes per group: 196640
[  317.772758][T17564] 
[  317.790803][T17568] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  317.871031][T17570] bridge_slave_1: left allmulticast mode
[  317.876790][T17570] bridge_slave_1: left promiscuous mode
[  317.881802][T17568] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.4290: bg 0: block 104: invalid block bitmap
[  317.882511][T17570] bridge0: port 2(bridge_slave_1) entered disabled state
[  317.894985][T17568] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  317.912450][T17568] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.4290: invalid indirect mapped block 1 (level 1)
[  317.925981][T17568] EXT4-fs (loop0): 1 truncate cleaned up
[  317.926016][T17570] bond0: (slave bond_slave_0): Releasing backup interface
[  317.932750][T17568] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  317.953956][T17570] bond0: (slave bond_slave_1): Releasing backup interface
[  317.966648][T17570] team0: Port device team_slave_0 removed
[  317.967641][T10470] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.989515][T17570] team0: Port device team_slave_1 removed
[  317.991749][   T29] kauditd_printk_skb: 145 callbacks suppressed
[  317.991766][   T29] audit: type=1326 audit(1760046055.966:82599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17574 comm="syz.0.4292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff1648eec9 code=0x7ffc0000
[  317.996660][T17570] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  318.002219][   T29] audit: type=1326 audit(1760046055.986:82600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17574 comm="syz.0.4292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff1648eec9 code=0x7ffc0000
[  318.025077][T17570] batman_adv: batadv0: Removing interface: batadv_slave_0
[  318.065267][   T29] audit: type=1326 audit(1760046056.006:82601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17574 comm="syz.0.4292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff1648eec9 code=0x7ffc0000
[  318.066687][T17570] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  318.088937][   T29] audit: type=1326 audit(1760046056.006:82602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17574 comm="syz.0.4292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff1648eec9 code=0x7ffc0000
[  318.088969][   T29] audit: type=1326 audit(1760046056.006:82603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17574 comm="syz.0.4292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff1648eec9 code=0x7ffc0000
[  318.088997][   T29] audit: type=1326 audit(1760046056.006:82604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17574 comm="syz.0.4292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff1648eec9 code=0x7ffc0000
[  318.096497][T17570] batman_adv: batadv0: Removing interface: batadv_slave_1
[  318.119971][   T29] audit: type=1326 audit(1760046056.006:82605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17574 comm="syz.0.4292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff1648eec9 code=0x7ffc0000
[  318.197881][   T29] audit: type=1326 audit(1760046056.006:82606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17574 comm="syz.0.4292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff1648eec9 code=0x7ffc0000
[  318.221555][   T29] audit: type=1326 audit(1760046056.006:82607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17574 comm="syz.0.4292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff1648eec9 code=0x7ffc0000
[  318.245242][   T29] audit: type=1326 audit(1760046056.006:82608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17574 comm="syz.0.4292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff1648eec9 code=0x7ffc0000
[  318.273433][T17570] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  318.306076][ T2965] syz!: Port: 1 Link DOWN
[  318.364751][T17589] loop5: detected capacity change from 0 to 512
[  318.442344][T17596] __nla_validate_parse: 2 callbacks suppressed
[  318.442361][T17596] netlink: 17279 bytes leftover after parsing attributes in process `syz.2.4300'.
[  318.457861][T17589] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  318.475103][T17598] 9pnet_fd: Insufficient options for proto=fd
[  318.495670][T17589] EXT4-fs (loop5): 1 truncate cleaned up
[  318.501867][T17589] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  318.515928][T17589] EXT4-fs (loop5): shut down requested (2)
[  318.524516][T17589] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  318.553013][T17430] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.607552][T17611] random: crng reseeded on system resumption
[  318.690948][T17618] loop5: detected capacity change from 0 to 512
[  318.711877][T17618] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  318.798317][T17623] loop0: detected capacity change from 0 to 1024
[  318.807030][T17626] 9pnet_fd: Insufficient options for proto=fd
[  318.807667][T17623] EXT4-fs: Ignoring removed nobh option
[  318.819522][T17623] EXT4-fs: Ignoring removed bh option
[  318.963416][T17635] loop9: detected capacity change from 0 to 7
[  318.969724][T17635] Buffer I/O error on dev loop9, logical block 0, async page read
[  318.970814][T17623] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  318.977696][T17635] Buffer I/O error on dev loop9, logical block 0, async page read
[  318.990808][T17623] ext4 filesystem being mounted at /506/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  318.997978][T17635]  loop9: unable to read partition table
[  319.014087][T17635] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  319.014087][T17635] 
) failed (rc=-5)
[  319.055049][T10470] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.061358][T17646] Buffer I/O error on dev loop9, logical block 0, async page read
[  319.071974][T17646] Buffer I/O error on dev loop9, logical block 0, async page read
[  319.079835][T17646]  loop9: unable to read partition table
[  319.085571][T17646] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  319.085571][T17646] 
) failed (rc=-5)
[  319.109769][T17650] loop5: detected capacity change from 0 to 512
[  319.116481][T17650] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  319.128090][T17635] lo speed is unknown, defaulting to 1000
[  319.255119][T17657] loop3: detected capacity change from 0 to 512
[  319.279355][T17657] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  319.352376][T17657] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.4322: bg 0: block 104: invalid block bitmap
[  319.372251][T17657] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  319.401238][T17657] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.4322: invalid indirect mapped block 1 (level 1)
[  319.434692][T17657] EXT4-fs (loop3): 1 truncate cleaned up
[  319.456822][T17657] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  319.535590][ T9298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.753545][T17679] FAULT_INJECTION: forcing a failure.
[  319.753545][T17679] name failslab, interval 1, probability 0, space 0, times 0
[  319.766244][T17679] CPU: 1 UID: 0 PID: 17679 Comm: syz.1.4329 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  319.766280][T17679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  319.766322][T17679] Call Trace:
[  319.766329][T17679]  <TASK>
[  319.766337][T17679]  __dump_stack+0x1d/0x30
[  319.766363][T17679]  dump_stack_lvl+0xe8/0x140
[  319.766389][T17679]  dump_stack+0x15/0x1b
[  319.766418][T17679]  should_fail_ex+0x265/0x280
[  319.766522][T17679]  should_failslab+0x8c/0xb0
[  319.766549][T17679]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  319.766671][T17679]  ? __alloc_skb+0x101/0x320
[  319.766734][T17679]  __alloc_skb+0x101/0x320
[  319.766760][T17679]  netlink_alloc_large_skb+0xbf/0xf0
[  319.766853][T17679]  netlink_sendmsg+0x3cf/0x6b0
[  319.766887][T17679]  ? __pfx_netlink_sendmsg+0x10/0x10
[  319.766916][T17679]  __sock_sendmsg+0x145/0x180
[  319.766969][T17679]  ____sys_sendmsg+0x31e/0x4e0
[  319.767033][T17679]  ___sys_sendmsg+0x17b/0x1d0
[  319.767084][T17679]  __x64_sys_sendmsg+0xd4/0x160
[  319.767118][T17679]  x64_sys_call+0x191e/0x3000
[  319.767203][T17679]  do_syscall_64+0xd2/0x200
[  319.767226][T17679]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  319.767262][T17679]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  319.767308][T17679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.767336][T17679] RIP: 0033:0x7f92707beec9
[  319.767356][T17679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  319.767380][T17679] RSP: 002b:00007f926f1fe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  319.767414][T17679] RAX: ffffffffffffffda RBX: 00007f9270a16090 RCX: 00007f92707beec9
[  319.767431][T17679] RDX: 000000000404c004 RSI: 0000200000006040 RDI: 0000000000000003
[  319.767487][T17679] RBP: 00007f926f1fe090 R08: 0000000000000000 R09: 0000000000000000
[  319.767504][T17679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  319.767617][T17679] R13: 00007f9270a16128 R14: 00007f9270a16090 R15: 00007ffc705c8af8
[  319.767643][T17679]  </TASK>
[  320.009407][T17679] lo speed is unknown, defaulting to 1000
[  320.715424][T17689] lo speed is unknown, defaulting to 1000
[  320.771385][T17676] Buffer I/O error on dev loop9, logical block 0, async page read
[  320.779248][T17676] Buffer I/O error on dev loop9, logical block 0, async page read
[  320.787238][T17676]  loop9: unable to read partition table
[  320.793007][T17676] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  320.793007][T17676] 
) failed (rc=-5)
[  321.089659][T17694] loop5: detected capacity change from 0 to 512
[  321.163261][T17694] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  321.185038][T17702] loop1: detected capacity change from 0 to 512
[  321.210639][T17682] lo speed is unknown, defaulting to 1000
[  321.251261][T17702] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  321.286758][T17708] loop0: detected capacity change from 0 to 128
[  321.293937][T17702] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.4338: bg 0: block 104: invalid block bitmap
[  321.329184][T17708] vfat: Unknown parameter ''
[  321.397954][T17702] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  321.443407][T17715] netlink: 332 bytes leftover after parsing attributes in process `syz.2.4342'.
[  321.459101][T17702] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.4338: invalid indirect mapped block 1 (level 1)
[  321.481367][T17715] netlink: 'syz.2.4342': attribute type 9 has an invalid length.
[  321.489199][T17715] netlink: 108 bytes leftover after parsing attributes in process `syz.2.4342'.
[  321.498280][T17715] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4342'.
[  321.507400][T17702] EXT4-fs (loop1): 1 truncate cleaned up
[  321.513797][T17702] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  321.568416][T10340] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.675202][T17730] FAULT_INJECTION: forcing a failure.
[  321.675202][T17730] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  321.688387][T17730] CPU: 1 UID: 0 PID: 17730 Comm: syz.5.4349 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  321.688470][T17730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  321.688486][T17730] Call Trace:
[  321.688495][T17730]  <TASK>
[  321.688504][T17730]  __dump_stack+0x1d/0x30
[  321.688532][T17730]  dump_stack_lvl+0xe8/0x140
[  321.688567][T17730]  dump_stack+0x15/0x1b
[  321.688595][T17730]  should_fail_ex+0x265/0x280
[  321.688637][T17730]  should_fail+0xb/0x20
[  321.688668][T17730]  should_fail_usercopy+0x1a/0x20
[  321.688688][T17730]  _copy_from_user+0x1c/0xb0
[  321.688753][T17730]  get_user_ifreq+0x53/0x110
[  321.688796][T17730]  sock_ioctl+0x54e/0x610
[  321.688904][T17730]  ? __pfx_sock_ioctl+0x10/0x10
[  321.688959][T17730]  __se_sys_ioctl+0xcb/0x140
[  321.689000][T17730]  __x64_sys_ioctl+0x43/0x50
[  321.689036][T17730]  x64_sys_call+0x1816/0x3000
[  321.689138][T17730]  do_syscall_64+0xd2/0x200
[  321.689191][T17730]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  321.689227][T17730]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  321.689275][T17730]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.689355][T17730] RIP: 0033:0x7fd932bfeec9
[  321.689375][T17730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  321.689419][T17730] RSP: 002b:00007fd931667038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  321.689439][T17730] RAX: ffffffffffffffda RBX: 00007fd932e55fa0 RCX: 00007fd932bfeec9
[  321.689452][T17730] RDX: 0000200000000280 RSI: 00000000000089f1 RDI: 0000000000000005
[  321.689465][T17730] RBP: 00007fd931667090 R08: 0000000000000000 R09: 0000000000000000
[  321.689478][T17730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  321.689490][T17730] R13: 00007fd932e56038 R14: 00007fd932e55fa0 R15: 00007fff68d0a758
[  321.689515][T17730]  </TASK>
[  322.158112][T17749] loop0: detected capacity change from 0 to 128
[  322.193233][T17749] vfat: Unknown parameter ''
[  322.787330][T17769] FAULT_INJECTION: forcing a failure.
[  322.787330][T17769] name failslab, interval 1, probability 0, space 0, times 0
[  322.800024][T17769] CPU: 0 UID: 0 PID: 17769 Comm: syz.0.4362 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  322.800129][T17769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  322.800142][T17769] Call Trace:
[  322.800149][T17769]  <TASK>
[  322.800210][T17769]  __dump_stack+0x1d/0x30
[  322.800237][T17769]  dump_stack_lvl+0xe8/0x140
[  322.800273][T17769]  dump_stack+0x15/0x1b
[  322.800289][T17769]  should_fail_ex+0x265/0x280
[  322.800325][T17769]  should_failslab+0x8c/0xb0
[  322.800406][T17769]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  322.800444][T17769]  ? __alloc_skb+0x101/0x320
[  322.800472][T17769]  __alloc_skb+0x101/0x320
[  322.800499][T17769]  ? audit_log_start+0x342/0x720
[  322.800541][T17769]  audit_log_start+0x3a0/0x720
[  322.800560][T17769]  ? kstrtouint+0x76/0xc0
[  322.800599][T17769]  audit_seccomp+0x48/0x100
[  322.800638][T17769]  ? __seccomp_filter+0x82d/0x1250
[  322.800699][T17769]  __seccomp_filter+0x83e/0x1250
[  322.800733][T17769]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  322.800805][T17769]  ? vfs_write+0x7e8/0x960
[  322.800834][T17769]  __secure_computing+0x82/0x150
[  322.800860][T17769]  syscall_trace_enter+0xcf/0x1e0
[  322.800917][T17769]  do_syscall_64+0xac/0x200
[  322.800946][T17769]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  322.801002][T17769]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  322.801023][T17769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.801045][T17769] RIP: 0033:0x7eff1648eec9
[  322.801060][T17769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.801081][T17769] RSP: 002b:00007eff14ef7038 EFLAGS: 00000246 ORIG_RAX: 000000000000004f
[  322.801108][T17769] RAX: ffffffffffffffda RBX: 00007eff166e5fa0 RCX: 00007eff1648eec9
[  322.801198][T17769] RDX: 0000000000000000 RSI: 00000000000000f7 RDI: 0000200000000340
[  322.801214][T17769] RBP: 00007eff14ef7090 R08: 0000000000000000 R09: 0000000000000000
[  322.801229][T17769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  322.801244][T17769] R13: 00007eff166e6038 R14: 00007eff166e5fa0 R15: 00007fff6a2ac498
[  322.801268][T17769]  </TASK>
[  322.865469][T17771] loop2: detected capacity change from 0 to 2364
[  323.018379][   T29] kauditd_printk_skb: 126 callbacks suppressed
[  323.018395][   T29] audit: type=1326 audit(1760046060.996:82733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17767 comm="syz.0.4362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7eff1648d8dc code=0x7ffc0000
[  323.065594][T17776] loop3: detected capacity change from 0 to 512
[  323.072262][T17771] iso9660: Unknown parameter 'sbector'
[  323.081589][T17776] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  323.091141][   T29] audit: type=1326 audit(1760046061.026:82734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17767 comm="syz.0.4362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7eff1648d97f code=0x7ffc0000
[  323.114651][   T29] audit: type=1326 audit(1760046061.026:82735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17767 comm="syz.0.4362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7eff1648db2a code=0x7ffc0000
[  323.138299][   T29] audit: type=1326 audit(1760046061.026:82736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17767 comm="syz.0.4362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff1648eec9 code=0x7ffc0000
[  323.162034][   T29] audit: type=1326 audit(1760046061.026:82737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17767 comm="syz.0.4362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff1648eec9 code=0x7ffc0000
[  323.196772][   T29] audit: type=1326 audit(1760046061.176:82738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17768 comm="syz.2.4363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47bfc8eec9 code=0x7ffc0000
[  323.220479][   T29] audit: type=1326 audit(1760046061.176:82739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17768 comm="syz.2.4363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f47bfc8eec9 code=0x7ffc0000
[  323.244215][   T29] audit: type=1326 audit(1760046061.176:82740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17768 comm="syz.2.4363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47bfc8eec9 code=0x7ffc0000
[  323.267811][   T29] audit: type=1326 audit(1760046061.176:82741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17768 comm="syz.2.4363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=18 compat=0 ip=0x7f47bfc8eec9 code=0x7ffc0000
[  323.413083][T17792] netlink: 332 bytes leftover after parsing attributes in process `syz.5.4371'.
[  323.427755][T17792] netlink: 'syz.5.4371': attribute type 9 has an invalid length.
[  323.435604][T17792] netlink: 108 bytes leftover after parsing attributes in process `syz.5.4371'.
[  323.444789][T17792] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4371'.
[  323.471729][T17796] loop3: detected capacity change from 0 to 512
[  323.478556][T17796] EXT4-fs: Ignoring removed nomblk_io_submit option
[  323.485568][T17797] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4369'.
[  323.501362][T17796] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  323.511327][T17796] EXT4-fs (loop3): invalid inodes per group: 196640
[  323.511327][T17796] 
[  323.530086][T17799] 9pnet_fd: Insufficient options for proto=fd
[  323.551078][   T29] audit: type=1326 audit(1760046061.526:82742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17768 comm="syz.2.4363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47bfc8eec9 code=0x7ffc0000
[  323.594981][T17797] loop1: detected capacity change from 0 to 8192
[  323.751883][T17806] netlink: 432 bytes leftover after parsing attributes in process `syz.2.4374'.
[  323.761944][T17806] netlink: 136 bytes leftover after parsing attributes in process `syz.2.4374'.
[  323.974048][T17812] loop5: detected capacity change from 0 to 128
[  323.980436][T17812] vfat: Unknown parameter ''
[  324.427367][T17832] lo speed is unknown, defaulting to 1000
[  324.656705][T17837] FAULT_INJECTION: forcing a failure.
[  324.656705][T17837] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  324.669907][T17837] CPU: 0 UID: 0 PID: 17837 Comm: syz.5.4387 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  324.669978][T17837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  324.670040][T17837] Call Trace:
[  324.670048][T17837]  <TASK>
[  324.670058][T17837]  __dump_stack+0x1d/0x30
[  324.670085][T17837]  dump_stack_lvl+0xe8/0x140
[  324.670105][T17837]  dump_stack+0x15/0x1b
[  324.670166][T17837]  should_fail_ex+0x265/0x280
[  324.670210][T17837]  should_fail+0xb/0x20
[  324.670250][T17837]  should_fail_usercopy+0x1a/0x20
[  324.670283][T17837]  _copy_from_user+0x1c/0xb0
[  324.670331][T17837]  copy_from_sockptr_offset+0x66/0xa0
[  324.670417][T17837]  do_ip6t_set_ctl+0x5d1/0x840
[  324.670447][T17837]  ? trace_reschedule_exit+0xd/0xc0
[  324.670466][T17837]  ? sysvec_reschedule_ipi+0x4f/0x70
[  324.670499][T17837]  ? trace_reschedule_exit+0xd/0xc0
[  324.670534][T17837]  nf_setsockopt+0x199/0x1b0
[  324.670644][T17837]  ipv6_setsockopt+0x11a/0x130
[  324.670748][T17837]  udpv6_setsockopt+0x99/0xb0
[  324.670850][T17837]  sock_common_setsockopt+0x69/0x80
[  324.670880][T17837]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  324.670905][T17837]  __sys_setsockopt+0x184/0x200
[  324.671016][T17837]  __x64_sys_setsockopt+0x64/0x80
[  324.671046][T17837]  x64_sys_call+0x20ec/0x3000
[  324.671075][T17837]  do_syscall_64+0xd2/0x200
[  324.671106][T17837]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  324.671275][T17837]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  324.671297][T17837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.671338][T17837] RIP: 0033:0x7fd932bfeec9
[  324.671432][T17837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  324.671454][T17837] RSP: 002b:00007fd931667038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  324.671477][T17837] RAX: ffffffffffffffda RBX: 00007fd932e55fa0 RCX: 00007fd932bfeec9
[  324.671490][T17837] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  324.671502][T17837] RBP: 00007fd931667090 R08: 0000000000000328 R09: 0000000000000000
[  324.671579][T17837] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000001
[  324.671596][T17837] R13: 00007fd932e56038 R14: 00007fd932e55fa0 R15: 00007fff68d0a758
[  324.671622][T17837]  </TASK>
[  324.935243][T17840] loop2: detected capacity change from 0 to 512
[  324.946095][T17840] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  325.020755][T17840] EXT4-fs (loop2): 1 truncate cleaned up
[  325.028411][T17840] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  325.056374][T17850] bridge: RTM_NEWNEIGH with unconfigured vlan 4 on bridge0
[  325.101237][T17840] EXT4-fs (loop2): shut down requested (2)
[  325.107648][T17850] netlink: 432 bytes leftover after parsing attributes in process `syz.5.4392'.
[  325.118742][T17854] bridge: RTM_NEWNEIGH with unconfigured vlan 4 on bridge0
[  325.121845][T17840] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  325.141448][T17850] netlink: 136 bytes leftover after parsing attributes in process `syz.5.4392'.
[  325.154190][T17854] netlink: 432 bytes leftover after parsing attributes in process `syz.3.4391'.
[  325.163633][T17854] netlink: 136 bytes leftover after parsing attributes in process `syz.3.4391'.
[  325.180683][T17856] $H�: renamed from bond0 (while UP)
[  325.188204][T17856] $H�: entered promiscuous mode
[  325.237839][T10603] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.256277][T17863] FAULT_INJECTION: forcing a failure.
[  325.256277][T17863] name failslab, interval 1, probability 0, space 0, times 0
[  325.269062][T17863] CPU: 1 UID: 0 PID: 17863 Comm: syz.2.4396 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  325.269146][T17863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  325.269164][T17863] Call Trace:
[  325.269172][T17863]  <TASK>
[  325.269182][T17863]  __dump_stack+0x1d/0x30
[  325.269210][T17863]  dump_stack_lvl+0xe8/0x140
[  325.269230][T17863]  dump_stack+0x15/0x1b
[  325.269294][T17863]  should_fail_ex+0x265/0x280
[  325.269383][T17863]  should_failslab+0x8c/0xb0
[  325.269475][T17863]  kmem_cache_alloc_noprof+0x50/0x480
[  325.269511][T17863]  ? audit_log_start+0x342/0x720
[  325.269539][T17863]  audit_log_start+0x342/0x720
[  325.269559][T17863]  ? kstrtouint+0x76/0xc0
[  325.269642][T17863]  audit_seccomp+0x48/0x100
[  325.269686][T17863]  ? __seccomp_filter+0x82d/0x1250
[  325.269722][T17863]  __seccomp_filter+0x83e/0x1250
[  325.269764][T17863]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  325.269803][T17863]  ? vfs_write+0x7e8/0x960
[  325.269898][T17863]  __secure_computing+0x82/0x150
[  325.269932][T17863]  syscall_trace_enter+0xcf/0x1e0
[  325.269969][T17863]  do_syscall_64+0xac/0x200
[  325.270111][T17863]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  325.270183][T17863]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  325.270213][T17863]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  325.270242][T17863] RIP: 0033:0x7f47bfc8eec9
[  325.270262][T17863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  325.270282][T17863] RSP: 002b:00007f47be6ef038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3
[  325.270307][T17863] RAX: ffffffffffffffda RBX: 00007f47bfee5fa0 RCX: 00007f47bfc8eec9
[  325.270399][T17863] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000080
[  325.270417][T17863] RBP: 00007f47be6ef090 R08: 0000000000000000 R09: 0000000000000000
[  325.270434][T17863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  325.270451][T17863] R13: 00007f47bfee6038 R14: 00007f47bfee5fa0 R15: 00007ffc4d9be948
[  325.270526][T17863]  </TASK>
[  325.803856][T17886] loop0: detected capacity change from 0 to 512
[  325.810996][T17886] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  325.821430][T17886] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.4406: iget: bad i_size value: 360287970189639680
[  325.835405][T17886] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.4406: couldn't read orphan inode 15 (err -117)
[  325.848414][T17886] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  325.882548][T17892] loop5: detected capacity change from 0 to 512
[  325.941846][T17892] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  325.954907][T17886] bond0 (unregistering): Released all slaves
[  325.956246][T17892] EXT4-fs (loop5): 1 truncate cleaned up
[  325.967944][T17889] random: crng reseeded on system resumption
[  325.998126][T17892] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  326.031462][T17892] EXT4-fs (loop5): shut down requested (2)
[  326.038186][T17892] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  326.038625][T10470] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  326.062705][T17430] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  326.112088][T17905] FAULT_INJECTION: forcing a failure.
[  326.112088][T17905] name failslab, interval 1, probability 0, space 0, times 0
[  326.124850][T17905] CPU: 0 UID: 0 PID: 17905 Comm: syz.0.4410 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  326.124882][T17905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  326.124899][T17905] Call Trace:
[  326.124908][T17905]  <TASK>
[  326.124918][T17905]  __dump_stack+0x1d/0x30
[  326.124946][T17905]  dump_stack_lvl+0xe8/0x140
[  326.125055][T17905]  dump_stack+0x15/0x1b
[  326.125072][T17905]  should_fail_ex+0x265/0x280
[  326.125109][T17905]  should_failslab+0x8c/0xb0
[  326.125138][T17905]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  326.125199][T17905]  ? __alloc_skb+0x101/0x320
[  326.125226][T17905]  __alloc_skb+0x101/0x320
[  326.125252][T17905]  tipc_nl_compat_dumpit+0xbb/0x420
[  326.125283][T17905]  tipc_nl_compat_recv+0x64e/0x800
[  326.125358][T17905]  ? __pfx_tipc_nl_sk_dump+0x10/0x10
[  326.125383][T17905]  ? __pfx_tipc_nl_compat_sk_dump+0x10/0x10
[  326.125415][T17905]  genl_family_rcv_msg_doit+0x140/0x1b0
[  326.125471][T17905]  genl_rcv_msg+0x422/0x460
[  326.125491][T17905]  ? __pfx_tipc_nl_compat_recv+0x10/0x10
[  326.125521][T17905]  netlink_rcv_skb+0x120/0x220
[  326.125549][T17905]  ? __pfx_genl_rcv_msg+0x10/0x10
[  326.125600][T17905]  genl_rcv+0x28/0x40
[  326.125641][T17905]  netlink_unicast+0x5bd/0x690
[  326.125670][T17905]  netlink_sendmsg+0x58b/0x6b0
[  326.125707][T17905]  ? __pfx_netlink_sendmsg+0x10/0x10
[  326.125805][T17905]  __sock_sendmsg+0x145/0x180
[  326.125826][T17905]  ____sys_sendmsg+0x31e/0x4e0
[  326.125861][T17905]  ___sys_sendmsg+0x17b/0x1d0
[  326.125912][T17905]  __x64_sys_sendmsg+0xd4/0x160
[  326.125948][T17905]  x64_sys_call+0x191e/0x3000
[  326.126003][T17905]  do_syscall_64+0xd2/0x200
[  326.126027][T17905]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  326.126070][T17905]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  326.126092][T17905]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.126186][T17905] RIP: 0033:0x7eff1648eec9
[  326.126230][T17905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.126324][T17905] RSP: 002b:00007eff14ef7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  326.126345][T17905] RAX: ffffffffffffffda RBX: 00007eff166e5fa0 RCX: 00007eff1648eec9
[  326.126358][T17905] RDX: 0000000024048800 RSI: 0000200000000340 RDI: 0000000000000005
[  326.126372][T17905] RBP: 00007eff14ef7090 R08: 0000000000000000 R09: 0000000000000000
[  326.126385][T17905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  326.126470][T17905] R13: 00007eff166e6038 R14: 00007eff166e5fa0 R15: 00007fff6a2ac498
[  326.126498][T17905]  </TASK>
[  326.592308][T17925] netlink: 332 bytes leftover after parsing attributes in process `syz.5.4417'.
[  326.601419][T17925] netlink: 'syz.5.4417': attribute type 9 has an invalid length.
[  326.609233][T17925] netlink: 108 bytes leftover after parsing attributes in process `syz.5.4417'.
[  326.618319][T17925] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4417'.
[  326.664143][T17929] loop2: detected capacity change from 0 to 512
[  326.684487][T17929] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  326.718514][T17935] loop5: detected capacity change from 0 to 512
[  326.749015][T17935] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  326.766664][T17938] FAULT_INJECTION: forcing a failure.
[  326.766664][T17938] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  326.779821][T17938] CPU: 1 UID: 0 PID: 17938 Comm: syz.1.4420 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  326.779854][T17938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  326.779870][T17938] Call Trace:
[  326.779877][T17938]  <TASK>
[  326.779886][T17938]  __dump_stack+0x1d/0x30
[  326.779932][T17938]  dump_stack_lvl+0xe8/0x140
[  326.779964][T17938]  dump_stack+0x15/0x1b
[  326.779980][T17938]  should_fail_ex+0x265/0x280
[  326.780084][T17938]  should_fail+0xb/0x20
[  326.780200][T17938]  should_fail_usercopy+0x1a/0x20
[  326.780221][T17938]  _copy_from_user+0x1c/0xb0
[  326.780252][T17938]  memdup_user+0x5e/0xd0
[  326.780277][T17938]  strndup_user+0x68/0xb0
[  326.780398][T17938]  __se_sys_mount+0x4d/0x2e0
[  326.780427][T17938]  ? fput+0x8f/0xc0
[  326.780524][T17938]  ? ksys_write+0x192/0x1a0
[  326.780552][T17938]  __x64_sys_mount+0x67/0x80
[  326.780574][T17938]  x64_sys_call+0x2b51/0x3000
[  326.780704][T17938]  do_syscall_64+0xd2/0x200
[  326.780726][T17938]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  326.780833][T17938]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  326.780910][T17938]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.780935][T17938] RIP: 0033:0x7f92707beec9
[  326.780949][T17938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.781044][T17938] RSP: 002b:00007f926f21f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  326.781117][T17938] RAX: ffffffffffffffda RBX: 00007f9270a15fa0 RCX: 00007f92707beec9
[  326.781134][T17938] RDX: 00002000000002c0 RSI: 0000200000000080 RDI: 0000000000000000
[  326.781150][T17938] RBP: 00007f926f21f090 R08: 0000200000000240 R09: 0000000000000000
[  326.781166][T17938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  326.781181][T17938] R13: 00007f9270a16038 R14: 00007f9270a15fa0 R15: 00007ffc705c8af8
[  326.781203][T17938]  </TASK>
[  326.791683][T17940] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17940 comm=syz.2.4421
[  326.909757][T17919] lo speed is unknown, defaulting to 1000
[  326.987066][T17940] tipc: Started in network mode
[  326.992013][T17940] tipc: Node identity 12e8fafed002, cluster identity 4711
[  326.999170][T17940] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  327.011743][T17935] EXT4-fs error (device loop5): ext4_validate_block_bitmap:432: comm syz.5.4419: bg 0: block 104: invalid block bitmap
[  327.037941][T17943] loop1: detected capacity change from 0 to 512
[  327.048145][T17935] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  327.057615][T17943] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  327.068662][T17939] tipc: Disabling bearer <eth:syzkaller0>
[  327.074855][T17935] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.4419: invalid indirect mapped block 1 (level 1)
[  327.093891][T17943] EXT4-fs (loop1): 1 truncate cleaned up
[  327.100199][T17943] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  327.124339][T17935] EXT4-fs (loop5): 1 truncate cleaned up
[  327.130343][T17935] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  327.161753][T17943] EXT4-fs (loop1): shut down requested (2)
[  327.193314][T17943] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  327.214676][T17430] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.228113][T12466] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  327.237936][T12466] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.278691][T10340] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.278775][T17952] loop5: detected capacity change from 0 to 512
[  327.297877][T17919] chnl_net:caif_netlink_parms(): no params data found
[  327.318270][T17952] EXT4-fs: Ignoring removed nomblk_io_submit option
[  327.326920][T17955] loop2: detected capacity change from 0 to 512
[  327.333551][T17952] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  327.343446][T17952] EXT4-fs (loop5): invalid inodes per group: 196640
[  327.343446][T17952] 
[  327.346558][T17955] EXT4-fs: Ignoring removed nomblk_io_submit option
[  327.360227][T12466] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  327.370035][T12466] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.387109][T17955] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  327.397000][T17955] EXT4-fs (loop2): invalid inodes per group: 196640
[  327.397000][T17955] 
[  327.449558][T17966] random: crng reseeded on system resumption
[  327.466903][T17919] bridge0: port 1(bridge_slave_0) entered blocking state
[  327.474093][T17919] bridge0: port 1(bridge_slave_0) entered disabled state
[  327.484484][T17919] bridge_slave_0: entered allmulticast mode
[  327.491187][T17919] bridge_slave_0: entered promiscuous mode
[  327.498084][T17919] bridge0: port 2(bridge_slave_1) entered blocking state
[  327.505231][T17919] bridge0: port 2(bridge_slave_1) entered disabled state
[  327.512531][T17919] bridge_slave_1: entered allmulticast mode
[  327.519359][T17919] bridge_slave_1: entered promiscuous mode
[  327.528178][T12466] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  327.538087][T12466] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.624912][T17919] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  327.642993][T12466] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  327.652958][T12466] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.701279][T17919] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  327.741788][T17919] team0: Port device team_slave_0 added
[  327.748525][T17919] team0: Port device team_slave_1 added
[  327.789069][T17919] batman_adv: batadv0: Adding interface: batadv_slave_0
[  327.796133][T17919] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  327.822085][T17919] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  327.889184][T17989] netlink: 'syz.0.4439': attribute type 9 has an invalid length.
[  327.990935][T17998] loop2: detected capacity change from 0 to 512
[  327.997603][T17998] EXT4-fs: Ignoring removed nomblk_io_submit option
[  328.021592][T17998] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  328.031513][T17998] EXT4-fs (loop2): invalid inodes per group: 196640
[  328.031513][T17998] 
[  328.211928][T18005] loop1: detected capacity change from 0 to 512
[  328.218679][T18005] EXT4-fs: Ignoring removed nomblk_io_submit option
[  328.227244][T12466] .` (unregistering): Released all slaves
[  328.235811][T18005] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  328.245837][T18005] EXT4-fs (loop1): invalid inodes per group: 196640
[  328.245837][T18005] 
[  328.273837][T12466] bond1 (unregistering): Released all slaves
[  328.292712][T17919] batman_adv: batadv0: Adding interface: batadv_slave_1
[  328.299781][T17919] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  328.325750][T17919] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  328.347811][T18006] loop0: detected capacity change from 0 to 8192
[  328.368559][   T29] kauditd_printk_skb: 203 callbacks suppressed
[  328.368579][   T29] audit: type=1326 audit(1760046066.336:82944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17992 comm="syz.0.4441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff1648eec9 code=0x7ffc0000
[  328.398388][   T29] audit: type=1326 audit(1760046066.336:82945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17992 comm="syz.0.4441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff1648eec9 code=0x7ffc0000
[  328.422006][   T29] audit: type=1326 audit(1760046066.336:82946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17992 comm="syz.0.4441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff1648eec9 code=0x7ffc0000
[  328.445667][   T29] audit: type=1326 audit(1760046066.336:82947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17992 comm="syz.0.4441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff1648eec9 code=0x7ffc0000
[  328.469260][   T29] audit: type=1326 audit(1760046066.336:82948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17992 comm="syz.0.4441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff1648eec9 code=0x7ffc0000
[  328.492957][   T29] audit: type=1326 audit(1760046066.336:82949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17992 comm="syz.0.4441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff1648eec9 code=0x7ffc0000
[  328.516639][   T29] audit: type=1326 audit(1760046066.336:82950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17992 comm="syz.0.4441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff1648eec9 code=0x7ffc0000
[  328.540241][   T29] audit: type=1326 audit(1760046066.336:82951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17992 comm="syz.0.4441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff1648eec9 code=0x7ffc0000
[  328.563920][   T29] audit: type=1326 audit(1760046066.336:82952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17992 comm="syz.0.4441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff1648eec9 code=0x7ffc0000
[  328.587653][   T29] audit: type=1326 audit(1760046066.336:82953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17992 comm="syz.0.4441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=310 compat=0 ip=0x7eff1648eec9 code=0x7ffc0000
[  328.639713][T17919] hsr_slave_0: entered promiscuous mode
[  328.652903][T17919] hsr_slave_1: entered promiscuous mode
[  328.658924][T17919] debugfs: 'hsr0' already exists in 'hsr'
[  328.664710][T17919] Cannot create hsr debugfs directory
[  328.672603][T12466] hsr_slave_0: left promiscuous mode
[  328.678672][T12466] hsr_slave_1: left promiscuous mode
[  328.687092][T12466] veth1_macvtap: left promiscuous mode
[  328.694630][T12466] veth0_macvtap: left promiscuous mode
[  328.700328][T12466] veth1_vlan: left promiscuous mode
[  328.723379][T12466] veth0_vlan: left promiscuous mode
[  328.817341][T18019] __nla_validate_parse: 5 callbacks suppressed
[  328.817359][T18019] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4448'.
[  328.854542][T18021] netlink: 432 bytes leftover after parsing attributes in process `syz.5.4447'.
[  328.868705][T18022] capability: warning: `syz.0.4448' uses 32-bit capabilities (legacy support in use)
[  328.891588][T18013] bridge: RTM_NEWNEIGH with unconfigured vlan 4 on bridge0
[  328.901062][T18021] netlink: 136 bytes leftover after parsing attributes in process `syz.5.4447'.
[  329.104680][T12466] IPVS: stop unused estimator thread 0...
[  329.307703][T18031] netlink: 432 bytes leftover after parsing attributes in process `syz.2.4451'.
[  329.383367][T18031] netlink: 136 bytes leftover after parsing attributes in process `syz.2.4451'.
[  329.459029][T18041] lo speed is unknown, defaulting to 1000
[  329.581413][T17919] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  329.592836][T17919] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  329.622329][T17919] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  329.651731][T17919] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  329.832523][T17919] 8021q: adding VLAN 0 to HW filter on device bond0
[  329.849262][T17919] 8021q: adding VLAN 0 to HW filter on device team0
[  329.864620][T12466] bridge0: port 1(bridge_slave_0) entered blocking state
[  329.871760][T12466] bridge0: port 1(bridge_slave_0) entered forwarding state
[  329.871982][T18055] loop5: detected capacity change from 0 to 512
[  329.887989][T18055] EXT4-fs: Ignoring removed nomblk_io_submit option
[  329.888917][T12456] bridge0: port 2(bridge_slave_1) entered blocking state
[  329.896047][T18055] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  329.901691][T12456] bridge0: port 2(bridge_slave_1) entered forwarding state
[  329.911567][T18055] EXT4-fs (loop5): invalid inodes per group: 196640
[  329.911567][T18055] 
[  330.035723][T17919] 8021q: adding VLAN 0 to HW filter on device batadv0
[  330.083315][T18070] FAULT_INJECTION: forcing a failure.
[  330.083315][T18070] name failslab, interval 1, probability 0, space 0, times 0
[  330.096051][T18070] CPU: 0 UID: 0 PID: 18070 Comm: syz.5.4460 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  330.096083][T18070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  330.096111][T18070] Call Trace:
[  330.096120][T18070]  <TASK>
[  330.096131][T18070]  __dump_stack+0x1d/0x30
[  330.096159][T18070]  dump_stack_lvl+0xe8/0x140
[  330.096185][T18070]  dump_stack+0x15/0x1b
[  330.096205][T18070]  should_fail_ex+0x265/0x280
[  330.096359][T18070]  ? sctp_association_new+0x71/0x1200
[  330.096401][T18070]  should_failslab+0x8c/0xb0
[  330.096437][T18070]  __kmalloc_cache_noprof+0x4c/0x4a0
[  330.096479][T18070]  sctp_association_new+0x71/0x1200
[  330.096524][T18070]  ? security_capable+0x83/0x90
[  330.096563][T18070]  ? sctp_v4_scope+0x140/0x150
[  330.096597][T18070]  sctp_connect_new_asoc+0x1a8/0x3a0
[  330.096662][T18070]  sctp_sendmsg+0xf10/0x18d0
[  330.096701][T18070]  ? selinux_socket_sendmsg+0x161/0x1b0
[  330.096811][T18070]  ? __pfx_sctp_sendmsg+0x10/0x10
[  330.096840][T18070]  inet_sendmsg+0xc5/0xd0
[  330.096955][T18070]  __sock_sendmsg+0x102/0x180
[  330.096976][T18070]  ____sys_sendmsg+0x31e/0x4e0
[  330.097015][T18070]  ___sys_sendmsg+0x17b/0x1d0
[  330.097072][T18070]  __x64_sys_sendmsg+0xd4/0x160
[  330.097191][T18070]  x64_sys_call+0x191e/0x3000
[  330.097366][T18070]  do_syscall_64+0xd2/0x200
[  330.097395][T18070]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  330.097423][T18070]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  330.097446][T18070]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.097547][T18070] RIP: 0033:0x7fd932bfeec9
[  330.097567][T18070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  330.097587][T18070] RSP: 002b:00007fd931667038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  330.097606][T18070] RAX: ffffffffffffffda RBX: 00007fd932e55fa0 RCX: 00007fd932bfeec9
[  330.097619][T18070] RDX: 00000000000080d1 RSI: 0000200000000140 RDI: 0000000000000003
[  330.097633][T18070] RBP: 00007fd931667090 R08: 0000000000000000 R09: 0000000000000000
[  330.097727][T18070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  330.097742][T18070] R13: 00007fd932e56038 R14: 00007fd932e55fa0 R15: 00007fff68d0a758
[  330.097768][T18070]  </TASK>
[  330.394937][T18079] 9pnet_fd: Insufficient options for proto=fd
[  330.409190][T17919] veth0_vlan: entered promiscuous mode
[  330.438849][T18085] loop5: detected capacity change from 0 to 512
[  330.447390][T18085] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  330.453762][T17919] veth1_vlan: entered promiscuous mode
[  330.466597][T18083] loop2: detected capacity change from 0 to 128
[  330.473996][T18083] vfat: Unknown parameter ''
[  330.479449][T18085] EXT4-fs (loop5): 1 truncate cleaned up
[  330.487772][T18085] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  330.509448][T17919] veth0_macvtap: entered promiscuous mode
[  330.517510][T17919] veth1_macvtap: entered promiscuous mode
[  330.524964][T18085] EXT4-fs (loop5): shut down requested (2)
[  330.530454][T17919] batman_adv: batadv0: Interface activated: batadv_slave_0
[  330.534665][T18085] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  330.540881][T17919] batman_adv: batadv0: Interface activated: batadv_slave_1
[  330.561278][T12439] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  330.594222][T12439] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  330.621435][T12439] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  330.652569][T12439] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  330.663766][T17430] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.893970][T18092] lo speed is unknown, defaulting to 1000
[  331.059379][T18106] lo speed is unknown, defaulting to 1000
[  331.696030][T18118] 9pnet_fd: Insufficient options for proto=fd
[  331.819507][T18065] loop1: detected capacity change from 0 to 1024
[  331.833707][T18065] EXT4-fs: Ignoring removed bh option
[  331.842226][T18065] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  331.867274][T18065] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  331.870901][T18105] loop3: detected capacity change from 0 to 2048
[  331.935222][T18105]  loop3: p1 p2 p3
[  331.945608][T18105] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18105 comm=syz.3.4469
[  332.039976][T18128] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4477'.
[  332.089046][T18132] FAULT_INJECTION: forcing a failure.
[  332.089046][T18132] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  332.102199][T18132] CPU: 1 UID: 0 PID: 18132 Comm: syz.2.4478 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  332.102248][T18132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  332.102264][T18132] Call Trace:
[  332.102272][T18132]  <TASK>
[  332.102281][T18132]  __dump_stack+0x1d/0x30
[  332.102306][T18132]  dump_stack_lvl+0xe8/0x140
[  332.102330][T18132]  dump_stack+0x15/0x1b
[  332.102398][T18132]  should_fail_ex+0x265/0x280
[  332.102439][T18132]  should_fail+0xb/0x20
[  332.102535][T18132]  should_fail_usercopy+0x1a/0x20
[  332.102603][T18132]  _copy_to_user+0x20/0xa0
[  332.102635][T18132]  simple_read_from_buffer+0xb5/0x130
[  332.102665][T18132]  proc_fail_nth_read+0x10e/0x150
[  332.102803][T18132]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  332.102831][T18132]  vfs_read+0x1a8/0x770
[  332.102852][T18132]  ? __rcu_read_unlock+0x4f/0x70
[  332.102898][T18132]  ? __fget_files+0x184/0x1c0
[  332.102935][T18132]  ksys_read+0xda/0x1a0
[  332.102962][T18132]  __x64_sys_read+0x40/0x50
[  332.102984][T18132]  x64_sys_call+0x27c0/0x3000
[  332.103026][T18132]  do_syscall_64+0xd2/0x200
[  332.103177][T18132]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  332.103206][T18132]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  332.103234][T18132]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.103301][T18132] RIP: 0033:0x7f47bfc8d8dc
[  332.103321][T18132] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  332.103343][T18132] RSP: 002b:00007f47be6ef030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  332.103364][T18132] RAX: ffffffffffffffda RBX: 00007f47bfee5fa0 RCX: 00007f47bfc8d8dc
[  332.103377][T18132] RDX: 000000000000000f RSI: 00007f47be6ef0a0 RDI: 0000000000000005
[  332.103400][T18132] RBP: 00007f47be6ef090 R08: 0000000000000000 R09: 0000000000000000
[  332.103417][T18132] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000001
[  332.103435][T18132] R13: 00007f47bfee6038 R14: 00007f47bfee5fa0 R15: 00007ffc4d9be948
[  332.103457][T18132]  </TASK>
[  332.104473][T18133] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  332.351173][T18133] vhci_hcd: default hub control req: 1f30 v0041 i0008 l0
[  332.424134][T18142] netlink: 332 bytes leftover after parsing attributes in process `syz.3.4483'.
[  332.435633][T18065] EXT4-fs error (device loop1): ext4_read_inline_dir:1476: inode #12: block 7: comm syz.1.4458: path /483/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  332.457615][T18142] netlink: 'syz.3.4483': attribute type 9 has an invalid length.
[  332.465430][T18142] netlink: 108 bytes leftover after parsing attributes in process `syz.3.4483'.
[  332.474739][T18142] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4483'.
[  332.503813][T18146] loop2: detected capacity change from 0 to 512
[  332.569495][T18146] EXT4-fs: Ignoring removed nomblk_io_submit option
[  332.594828][T18146] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  332.604986][T18146] EXT4-fs (loop2): invalid inodes per group: 196640
[  332.604986][T18146] 
[  332.628141][T10340] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.664101][T18154] loop3: detected capacity change from 0 to 128
[  332.670565][T18154] vfat: Unknown parameter ''
[  332.690385][T18156] 9pnet_fd: Insufficient options for proto=fd
[  332.769993][T18158] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4489'.
[  332.826211][T18162] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.884251][T18165] loop3: detected capacity change from 0 to 512
[  332.896577][T18165] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  332.914581][T18162] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.918383][T18165] EXT4-fs (loop3): 1 truncate cleaned up
[  332.931448][T18165] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  332.949875][T18165] EXT4-fs (loop3): shut down requested (2)
[  332.961410][T18165] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  332.998632][T17919] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.015395][T18168] FAULT_INJECTION: forcing a failure.
[  333.015395][T18168] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  333.028555][T18168] CPU: 1 UID: 0 PID: 18168 Comm: syz.1.4493 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  333.028660][T18168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  333.028678][T18168] Call Trace:
[  333.028686][T18168]  <TASK>
[  333.028697][T18168]  __dump_stack+0x1d/0x30
[  333.028719][T18168]  dump_stack_lvl+0xe8/0x140
[  333.028743][T18168]  dump_stack+0x15/0x1b
[  333.028812][T18168]  should_fail_ex+0x265/0x280
[  333.028928][T18168]  should_fail+0xb/0x20
[  333.028965][T18168]  should_fail_usercopy+0x1a/0x20
[  333.028992][T18168]  _copy_from_user+0x1c/0xb0
[  333.029090][T18168]  get_itimerspec64+0xf9/0x1a0
[  333.029121][T18168]  __x64_sys_timer_settime+0x9a/0x160
[  333.029198][T18168]  x64_sys_call+0x17f0/0x3000
[  333.029264][T18168]  do_syscall_64+0xd2/0x200
[  333.029313][T18168]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  333.029347][T18168]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  333.029374][T18168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.029395][T18168] RIP: 0033:0x7f92707beec9
[  333.029410][T18168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.029465][T18168] RSP: 002b:00007f926f21f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000df
[  333.029538][T18168] RAX: ffffffffffffffda RBX: 00007f9270a15fa0 RCX: 00007f92707beec9
[  333.029550][T18168] RDX: 0000200000000280 RSI: 0000000000000000 RDI: 0000000000000000
[  333.029563][T18168] RBP: 00007f926f21f090 R08: 0000000000000000 R09: 0000000000000000
[  333.029578][T18168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  333.029595][T18168] R13: 00007f9270a16038 R14: 00007f9270a15fa0 R15: 00007ffc705c8af8
[  333.029621][T18168]  </TASK>
[  333.033277][T18162] team0: Failed to send options change via netlink (err -105)
[  333.210522][T18162] team0: Failed to send port change of device netdevsim1 via netlink (err -105)
[  333.230015][T18172] loop5: detected capacity change from 0 to 512
[  333.238958][T18162] team0: Port device netdevsim1 removed
[  333.256472][   T36] IPVS: starting estimator thread 0...
[  333.269900][T18162] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.317243][T18162] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.351429][T18177] IPVS: using max 2256 ests per chain, 112800 per kthread
[  333.372473][T18184] FAULT_INJECTION: forcing a failure.
[  333.372473][T18184] name failslab, interval 1, probability 0, space 0, times 0
[  333.385211][T18184] CPU: 0 UID: 0 PID: 18184 Comm: syz.5.4500 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  333.385297][T18184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  333.385310][T18184] Call Trace:
[  333.385317][T18184]  <TASK>
[  333.385328][T18184]  __dump_stack+0x1d/0x30
[  333.385356][T18184]  dump_stack_lvl+0xe8/0x140
[  333.385381][T18184]  dump_stack+0x15/0x1b
[  333.385421][T18184]  should_fail_ex+0x265/0x280
[  333.385497][T18184]  ? __se_sys_mount+0xef/0x2e0
[  333.385517][T18184]  should_failslab+0x8c/0xb0
[  333.385541][T18184]  __kmalloc_cache_noprof+0x4c/0x4a0
[  333.385653][T18184]  ? memdup_user+0x99/0xd0
[  333.385676][T18184]  __se_sys_mount+0xef/0x2e0
[  333.385731][T18184]  ? fput+0x8f/0xc0
[  333.385780][T18184]  ? ksys_write+0x192/0x1a0
[  333.385852][T18184]  __x64_sys_mount+0x67/0x80
[  333.385879][T18184]  x64_sys_call+0x2b51/0x3000
[  333.385899][T18184]  do_syscall_64+0xd2/0x200
[  333.385920][T18184]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  333.386006][T18184]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  333.386025][T18184]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.386045][T18184] RIP: 0033:0x7fd932bfeec9
[  333.386109][T18184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.386125][T18184] RSP: 002b:00007fd931667038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  333.386141][T18184] RAX: ffffffffffffffda RBX: 00007fd932e55fa0 RCX: 00007fd932bfeec9
[  333.386153][T18184] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 0000000000000000
[  333.386236][T18184] RBP: 00007fd931667090 R08: 0000200000000340 R09: 0000000000000000
[  333.386247][T18184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  333.386258][T18184] R13: 00007fd932e56038 R14: 00007fd932e55fa0 R15: 00007fff68d0a758
[  333.386276][T18184]  </TASK>
[  333.579014][T12461] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  333.593720][T12461] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  333.614759][T12461] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  333.623238][T12461] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  333.632384][T18188] veth0: entered promiscuous mode
[  333.668382][T18192] loop2: detected capacity change from 0 to 256
[  333.675257][T18192] vfat: Unknown parameter '000000000000000000000030x0000000000000000'
[  333.751761][T17430] ==================================================================
[  333.759891][T17430] BUG: KCSAN: data-race in shmem_getattr / shmem_recalc_inode
[  333.767403][T17430] 
[  333.769749][T17430] read-write to 0xffff888104a4dd20 of 8 bytes by task 18200 on cpu 0:
[  333.777920][T17430]  shmem_recalc_inode+0x3b/0x200
[  333.782907][T17430]  shmem_get_folio_gfp+0x7a3/0xd60
[  333.788054][T17430]  shmem_write_begin+0xa8/0x190
[  333.792950][T17430]  generic_perform_write+0x184/0x490
[  333.798286][T17430]  shmem_file_write_iter+0xc5/0xf0
[  333.803427][T17430]  __kernel_write_iter+0x2d6/0x540
[  333.808560][T17430]  dump_user_range+0x61e/0x8f0
[  333.813361][T17430]  elf_core_dump+0x1de7/0x1f80
[  333.818158][T17430]  coredump_write+0xb12/0xe30
[  333.822845][T17430]  vfs_coredump+0x143a/0x20d0
[  333.827543][T17430]  get_signal+0xd84/0xf70
[  333.831881][T17430]  arch_do_signal_or_restart+0x96/0x440
[  333.837435][T17430]  irqentry_exit_to_user_mode+0x5b/0xa0
[  333.842996][T17430]  irqentry_exit+0x12/0x50
[  333.847418][T17430]  asm_exc_page_fault+0x26/0x30
[  333.852286][T17430] 
[  333.854613][T17430] read to 0xffff888104a4dd20 of 8 bytes by task 17430 on cpu 1:
[  333.862248][T17430]  shmem_getattr+0x41/0x200
[  333.866765][T17430]  vfs_getattr_nosec+0x146/0x1e0
[  333.871730][T17430]  vfs_statx+0x113/0x390
[  333.875994][T17430]  vfs_fstatat+0x115/0x170
[  333.880433][T17430]  __se_sys_newfstatat+0x55/0x260
[  333.885483][T17430]  __x64_sys_newfstatat+0x55/0x70
[  333.890529][T17430]  x64_sys_call+0x135a/0x3000
[  333.895223][T17430]  do_syscall_64+0xd2/0x200
[  333.899738][T17430]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.905642][T17430] 
[  333.907967][T17430] value changed: 0x0000000000000212 -> 0x0000000000000214
[  333.915094][T17430] 
[  333.917419][T17430] Reported by Kernel Concurrency Sanitizer on:
[  333.923574][T17430] CPU: 1 UID: 0 PID: 17430 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[  333.933660][T17430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  333.943730][T17430] ==================================================================