last executing test programs:

2.51611297s ago: executing program 1 (id=13270):
socket$netlink(0x10, 0x3, 0xf)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r0, 0x89f7, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000240)={@broadcast, 0x0, 0x0, 0xa0, 0x0, [{@multicast1}, {@dev}, {@initdev}, {}, {@private}, {@remote}, {}, {}, {@multicast2}, {@broadcast}]}})
r1 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r1, &(0x7f0000000a40)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc)
r2 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
write$binfmt_script(r2, &(0x7f0000000180)={'#! ', './file0', [{0x20, '}[\\[{[*/,]@}%'}], 0xa, "8f3180ef78d1337b85b3e996106a23525fd3e4ecb2b1ac7be3f97af4f3e9b6f42d78a1bb561f9300eb309408d584750e9b0b0e6d11394c14c49ca76ea270a834a48b903fac898b79e015877a"}, 0x65)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=@newlink={0x34, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}]}, 0x34}}, 0x4040004)

2.443399713s ago: executing program 1 (id=13274):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbff, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000180)=0x7, 0x4)
r1 = socket(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000440)='kmem_cache_free\x00', r2}, 0x18)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x3548}}}]}, 0x78}}, 0x0)

2.352648547s ago: executing program 1 (id=13276):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x48)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'hsr0\x00'})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1, 0x0, 0x4}, 0x18)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$netlink(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
renameat2(0xffffffffffffffff, &(0x7f00000000c0)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x0)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000080)={0x0, 0xa1, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r3, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

2.348271167s ago: executing program 3 (id=13277):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
unlink(0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffd6c)
r1 = socket(0x10, 0x803, 0x0)
sendto$isdn(r1, &(0x7f0000000400)=ANY=[], 0x8, 0x100480c0, &(0x7f0000000340)={0x22, 0x3, 0x1, 0xa, 0x2}, 0x6)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
io_setup(0x2, &(0x7f0000000000))
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2000000000000022, &(0x7f0000000000)=0x1, 0x4)
mount$9p_fd(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=', @ANYRES32=r0, @ANYBLOB=',access=', @ANYBLOB="03"])
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$FICLONE(r1, 0x40049409, 0xffffffffffffffff)
futex(0x0, 0x3, 0x801, 0x0, &(0x7f00000003c0)=0x2, 0xfffffffc)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
ioctl$USBDEVFS_SETCONFIGURATION(0xffffffffffffffff, 0x80045505, &(0x7f0000000380))
mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0)
mincore(&(0x7f00006fb000/0x2000)=nil, 0x2000, &(0x7f0000000280)=""/150)
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x2)

1.659471138s ago: executing program 1 (id=13280):
sigaltstack(&(0x7f0000000480)={&(0x7f0000004000)=""/4126, 0x80000001, 0x101e}, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
clock_gettime(0x0, &(0x7f0000000040))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000f00)='kfree\x00', r2, 0x0, 0x34}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000020500000a3c000000090a010400000000000000000a0000040900010073797a3100000000080005400000002b0900020073797a310000000008000a40ffff"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00')
tkill(0x0, 0x7)
r3 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000001d00), 0x20140)
ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000140)={0x0, <r6=>0x0}, &(0x7f00000000c0)=0xc)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000100)=ANY=[@ANYBLOB="2800000018000100c1c10000000000000a00000008000000e00000020c00088008000c00", @ANYRES32=r6, @ANYBLOB], 0x28}}, 0x0)

1.536860253s ago: executing program 4 (id=13285):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbff, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000180)=0x7, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000440)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)

1.486216855s ago: executing program 4 (id=13287):
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000180)={0x0, 0x2}, 0x8)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4008014, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0xc, &(0x7f00000004c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5816}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
write(r0, &(0x7f0000000080)="f1c21e85647b89bd643b7f4f0cff92ba9f7622e71d8e2279571791c3d7d89211c15c5f68cd7701c2d4129363212a3a6576c299df693567bd7376f6fe3403d89a9125ba9f934babb14ad848bb694cff9c7a6507551796720da8816e9d7683cbc32283d9a38af91d06139cbf090444d52ce82f9e5ae2851d997e10a2ac1c97c59b523c9e71", 0x84)
lsetxattr(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000280)=ANY=[@ANYBLOB='security.'], 0x0, 0x0, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8d}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x0, 0x2, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3, 0x0, 0x1}, 0x18)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={0x0, 0x0, 0x28}, 0x28)
rmdir(&(0x7f0000000000)='./file0\x00')

1.457405986s ago: executing program 4 (id=13288):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0a000000040000000c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000100000000000000", @ANYRES32=0x1], 0x50)
r2 = socket$kcm(0xa, 0x5, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4, 0x0, 0x3}, 0x18)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000180)={0x2, 0xfffe, @dev}, 0x10, &(0x7f0000001400)=[{&(0x7f0000000080)='_', 0x1}], 0x1}, 0x865)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x1e, &(0x7f0000000240), 0x4)
r5 = socket$kcm(0xa, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x8916, &(0x7f0000000000)={r5})
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x8936, &(0x7f0000000000)={r5})

1.423573258s ago: executing program 4 (id=13289):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRESHEX, @ANYRES32, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
unlink(0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffd6c)
r2 = socket(0x10, 0x803, 0x0)
sendto$isdn(r2, &(0x7f0000000400)=ANY=[@ANYBLOB="dbffffff060000002de7db291be8965e7e94e946bc0b8663a8300380fcc80df4fdafdaac8314f8a9a70941e0335db7538edb9ab821373b30135fd7d574d495656ce9"], 0x8, 0x100480c0, &(0x7f0000000340)={0x22, 0x3, 0x1, 0xa, 0x2}, 0x6)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000000), 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
io_setup(0x2, &(0x7f0000000000))
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r3, 0x6, 0x2000000000000022, &(0x7f0000000000)=0x1, 0x4)
pipe2(&(0x7f0000000340)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x180880)
mount$9p_fd(0x0, &(0x7f0000000700)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',access=', @ANYBLOB])
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d0000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r5}, 0x10)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES64=r6], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$FICLONE(r2, 0x40049409, 0xffffffffffffffff)
futex(&(0x7f000000cffc), 0x3, 0x801, 0x0, &(0x7f00000003c0)=0x2, 0xfffffffc)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
ioctl$USBDEVFS_SETCONFIGURATION(0xffffffffffffffff, 0x80045505, &(0x7f0000000380))
mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0)
mincore(&(0x7f00006fb000/0x2000)=nil, 0x2000, &(0x7f0000000280)=""/150)
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x2)

1.013049306s ago: executing program 3 (id=13292):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x48)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'hsr0\x00'})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1, 0x0, 0x4}, 0x18)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$netlink(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
renameat2(0xffffffffffffffff, &(0x7f00000000c0)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x0)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000080)={0x0, 0xa1, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r3, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

847.483223ms ago: executing program 4 (id=13293):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRESHEX, @ANYRES32, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
unlink(0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffd6c)
r2 = socket(0x10, 0x803, 0x0)
sendto$isdn(r2, &(0x7f0000000400)=ANY=[@ANYBLOB="dbffffff060000002de7db291be8965e7e94e946bc0b8663a8300380fcc80df4fdafdaac8314f8a9a70941e0335db7538edb9ab821373b30135fd7d574d495656ce9"], 0x8, 0x100480c0, &(0x7f0000000340)={0x22, 0x3, 0x1, 0xa, 0x2}, 0x6)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000000), 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
io_setup(0x2, &(0x7f0000000000))
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r3, 0x6, 0x2000000000000022, &(0x7f0000000000)=0x1, 0x4)
pipe2(&(0x7f0000000340)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x180880)
mount$9p_fd(0x0, &(0x7f0000000700)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',access=', @ANYBLOB])
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d0000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r5}, 0x10)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES64=r6], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$FICLONE(r2, 0x40049409, 0xffffffffffffffff)
futex(&(0x7f000000cffc), 0x3, 0x801, 0x0, &(0x7f00000003c0)=0x2, 0xfffffffc)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
ioctl$USBDEVFS_SETCONFIGURATION(0xffffffffffffffff, 0x80045505, &(0x7f0000000380))
mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0)
mincore(&(0x7f00006fb000/0x2000)=nil, 0x2000, &(0x7f0000000280)=""/150)
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x2)

499.607649ms ago: executing program 1 (id=13294):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000040000000100000022bf0000000000", @ANYBLOB, @ANYBLOB], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000003c0), 0x0}, 0x20)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000340)="bd335a1dca247bb3b919c91c3273d032a2e4e9654ee5a17af639338cce3981338bd3a5c97853902d6a082841d8dcd40f5cc1d584d7e12df333089a9e67b432c53b6d118442d7a7aa5aa61d83b641db338891803f8f9a9da60297a13f75bc6d600004af8801", &(0x7f00000002c0)="f7b1ecf59876d753e70d0018aa1af0a75e7338cffc20d6e0543a16819f45ac0ddeea586b498b3fdb4694f480b98407851d2045edec3ba41e800ab434cecc7a349218ddb37e03e9060286cdf07bf9da7a10de4e5ce9d0d0fe2c58d34126a1b64473f3e23b97040c26038f7ddb60eb0991dc340103472e8e73e2", 0xffffd6c0, r2}, 0x38)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x200000a, 0x13, r0, 0x0)
pipe(&(0x7f0000002480))

499.042839ms ago: executing program 1 (id=13295):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000400)=[{0x6, 0x1, 0x2, 0x8000}]})
socket$packet(0x11, 0x3, 0x300)
close_range(r2, 0xffffffffffffffff, 0x0)

497.325849ms ago: executing program 3 (id=13296):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'lo\x00', <r3=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000005b80)={@loopback, 0x33, r3})
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r6}, 0x18)
r7 = socket$key(0xf, 0x3, 0x2)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x60, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r9}, 0x10)
sendmsg$key(r7, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)={0x2, 0x23, 0x0, 0x3, 0x1e90, 0x0, 0x70bd2a, 0x25df5bfc}, 0x88}, 0x1, 0x7}, 0x0)
r10 = socket$pppl2tp(0x18, 0x1, 0x1)
r11 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r10, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r11, {0x2, 0x4e22, @multicast2}, 0x2, 0x0, 0x1}}, 0x2e)
r12 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r12, &(0x7f0000000480)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}, 0x2, 0x2, 0x0, 0x2}}, 0x26)
close_range(r11, 0xffffffffffffffff, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$wireguard(&(0x7f00000000c0), r0)
sendmsg$WG_CMD_GET_DEVICE(r13, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000140)={&(0x7f0000000d00)=ANY=[@ANYBLOB="7c060000", @ANYRES16=r14, @ANYBLOB="000228bd7000fddbdf2500000000e4040880b800008024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b3922200004000a004e2400000007ff020000000000000000000000000001fbffffff080003000100000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b3922200004000a004e2400000002fe8800000000000000000000000000010300000024000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691c140400800800030004000000b803098028000080060001000a00000014000200000000000000000000000000000000010500030002000000180100800600010002000000080002007f0000010500030002000000060001000a00000014000200200100000000000000000000000000010500030003000000060001000200000008000200e00000010500030002000000060001000200000008000200000000000500030003000000060001000a00000014000200000000000000000000000000000000010500030003000000060001000200000008000200e00000010500030002000000060001000200000008000200640101010500030002000000060001000a00000014000200fe8000000000000000000000000000aa0500030001000000060001000200000008000200ac1414aa050003000000000006000100020000000800020064010102050003000200000064000080060001000200000008000200e00000010500030000000000060001000a00000014000200ff0200000000000000000000000000010500030001000000060001000a00000014000200ff010000000000000000000000000001050003000000000094000080060001000200000008000200e00000020500030001000000060001000200000008000200e00000020500030002000000060001000a00000014000200fe8000000000000000000000000000160500030000000000060001000a00000014000200fc000000000000000000000000000000050003000300000006000100020000000800020064010101050003000100000000010080060001000200000008000200ffffffff0500030003000000060001000200000008000200ac1414bb0500030002000000060001000200000008000200000000000500030002000000060001000a00000014000200fc0200000000000000000000000000000500030001000000060001000200000008000200e00000010500030001000000060001000a00000014000200fe8000000000000000000000000000bb0500030002000000060001000200000008000200ac1e01010500030000000000060001000200000008000200ac1414bb0500030000000000060001000a000000140002000000000000000000000000000000000105000300030000007c000080060001000a00000014000200fe8000000000000000000000000000aa0500030003000000060001000a00000014000200fc0200000000000000000000000000010500030001000000060001000200000008000200e00000020500030002000000060001000200000008000200ac1414bb05000300010000002c00098028000080060001000a000000140002000000000000000000000000000000000105000300000000002400020051589fe770c56de8a1888a3361977f242dae58d02f63b73e081a3f9012836d2414000080060005004000000008000a0001000000840108808001008008000a0001000000240001000000000000000000000000000000000000000000000000000000000000000000200004000a004e2000000000fe8000000000000000000000000000aa070000000800030001000000200004000a004e240000000200000000000000000000ffff000000000e000000d00009800400008064000080060001000a00000014000200fe8800000000000000000000000001010500030001000000060001000200000008000200e00000010500030001000000060001000a00000014000200ff020000000000000000000000000001050003000300000064000080060001000200000008000200e00000010500030001000000060001000a00000014000200fc0200000000000000000000000000000500030003000000060001000a00000014000200fe8000000000000000000000000000aa05000300000000001400040002004e20ac1e0101000000000000000024000200ecd2ee62e36458a34b432182e0c6e9391ff44535903caed0b900bc1069fed3cedfa51b8fd349e6ec5fbf5716fdc178d10d881101a5b3b66340c5249bdeb8a1f915197bfd5cfe02e3d1f3f0f9d358db7ccdce91e9ab052bff79014a206b4938485b691826340d74445ff2c58b6dad7f29bd7dddf05651a5a08d795ac0ce2a2157c2acca22de68930667a9d782b15e658c488a714dd129acf2a62b4fc7b78d7009cc8a1712d5948d78765e2240739a2082"], 0x67c}, 0x1, 0x0, 0x0, 0x880}, 0x20000000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r15=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r15, 0x8933, &(0x7f0000000000)={'lo\x00', <r16=>0x0})
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000001a0000000c00018008000100", @ANYRES32=r16], 0x20}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)

386.013134ms ago: executing program 3 (id=13297):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0) (async)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) (async, rerun: 64)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000200), 0x4) (async, rerun: 64)
bpf$MAP_CREATE(0x0, &(0x7f0000000cc0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
socket(0x10, 0x3, 0x9) (async, rerun: 32)
r5 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 32)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="4c000000100003042adcff7ed440782d4dbc37d4", @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c0002800600190000000000050001000400000008001a"], 0x4c}}, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b70300000000000085000000040000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1070}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r6}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
getsockopt$inet_sctp_SCTP_CONTEXT(r4, 0x84, 0x11, &(0x7f00000001c0)={0x0, 0x28000}, &(0x7f0000000240)=0x8) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x39) (async)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000cab000)) (async)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c230000, 0x3, 0x2})
timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (async, rerun: 32)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0) (async, rerun: 32)
r7 = getpid()
madvise(&(0x7f0000a5e000/0x1000)=nil, 0x1000, 0x17) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) (async)
getpgid(r7)
process_vm_readv(r7, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)

362.521455ms ago: executing program 3 (id=13299):
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000180)={0x0, 0x2}, 0x8)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4008014, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0xc, &(0x7f00000004c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5816}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
write(r0, &(0x7f0000000080)="f1c21e85647b89bd643b7f4f0cff92ba9f7622e71d8e2279571791c3d7d89211c15c5f68cd7701c2d4129363212a3a6576c299df693567bd7376f6fe3403d89a9125ba9f934babb14ad848bb694cff9c7a6507551796720da8816e9d7683cbc32283d9a38af91d06139cbf090444d52ce82f9e5ae2851d997e10a2ac1c97c59b523c9e71", 0x84)
lsetxattr(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000280)=ANY=[@ANYBLOB='security.'], 0x0, 0x0, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8d}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x0, 0x2, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3, 0x0, 0x1}, 0x18)
rmdir(&(0x7f0000000000)='./file0\x00')

362.060615ms ago: executing program 2 (id=13300):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0a000000040000000c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000100000000000000", @ANYRES32=0x1], 0x50)
r2 = socket$kcm(0xa, 0x5, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4, 0x0, 0x3}, 0x18)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000180)={0x2, 0xfffe, @dev}, 0x10, &(0x7f0000001400)=[{&(0x7f0000000080)='_', 0x1}], 0x1}, 0x865)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x1e, &(0x7f0000000240), 0x4)
r5 = socket$kcm(0xa, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x8916, &(0x7f0000000000)={r5})
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x8936, &(0x7f0000000000)={r5})

325.389727ms ago: executing program 3 (id=13301):
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000180)={0x0, &(0x7f0000000040)})
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x3, 0x0, 0x3, 0x0, 0x0, 0x100, 0x10420, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x400, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000080)=@newtaction={0x48, 0x30, 0x9, 0x1, 0x25dfdbfb, {}, [{0x34, 0x1, [@m_skbedit={0x30, 0x1, 0x0, 0x0, {{0xc}, {0x4}, {0x4}, {0xc, 0x5}, {0xc, 0x9, {0x4c, 0x3}}}}]}]}, 0x48}}, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
syz_emit_ethernet(0x66, &(0x7f0000000700)=ANY=[@ANYBLOB="b25f375d58783b72fba66ecb19f60740b799449af083d999db27a1c4774fe64231ae606c4fc85cb4f6c020b301b66b641488435e9edf412c077de7ffbaed8ed869d4891cecf00a77f6c05a691128bb03721b43f4350f2aa8401b872c1ffef100a3e2c7c6806fd9c3b8182421cc6ee12384a68d69ebc7380506803cb7ead7c3804b29bc5b25d7fb97551af9040cceef731ea4"], 0x0)
r5 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r5, 0x402, 0x8000001f)
r6 = open(&(0x7f0000000400)='./file0\x00', 0x180, 0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000240)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000fd7dfe6531000000000021457af5f4858d9d46865498842ca134a5d6cb1e28ddd6f0f0511ee877c23fa1a57e808135d55871e29f22e6272f539358d2b316eabda9ed25c56c68bed86553267244c9a995817b21c36d630e1684d9dd93a0f8b78dd6bc262c956190c987e2cfa2b9450b3544a808dc12933da093b3d4451c8901e3e4a11627177e718c92294e3be4595515a7a40a7edd62220586b1cb14bde5eb6117bc005b1758a7bb6553a3b84b70aa98f483113622d98d5310714d42bfe61184e944af2f2654a6ac0d1ac9c105478192dfe4796fe3fd5d85cc3e74a06d9c56000000000000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000003c0)='kmem_cache_free\x00', r8, 0x0, 0x1}, 0x18)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
fcntl$lock(r9, 0x5, &(0x7f0000000180)={0x0, 0x1, 0x7, 0xa})
close_range(r5, r6, 0x0)
ioctl$KDSETMODE(r5, 0x4b3a, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x8e)
r10 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x3fffffffc}, 0x0, 0x0, 0x0, 0x3, 0xfff, 0x8001, 0xfff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$rds(0xffffffffffffffff, 0x0, 0x6a1a8b3e81ade295)
ptrace(0x10, r10)

286.721098ms ago: executing program 0 (id=13303):
socket$netlink(0x10, 0x3, 0xf)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r0, 0x89f7, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000240)={@broadcast, 0x0, 0x0, 0xa0, 0x0, [{@multicast1}, {@dev}, {@initdev}, {}, {@private}, {@remote}, {}, {}, {@multicast2}, {@broadcast}]}})
r1 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r1, &(0x7f0000000a40)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc)
r2 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
write$binfmt_script(r2, &(0x7f0000000180)={'#! ', './file0', [{0x20, '}[\\[{[*/,]@}%'}], 0xa, "8f3180ef78d1337b85b3e996106a23525fd3e4ecb2b1ac7be3f97af4f3e9b6f42d78a1bb561f9300eb309408d584750e9b0b0e6d11394c14c49ca76ea270a834a48b903fac898b79e015877a"}, 0x65)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=@newlink={0x34, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}]}, 0x34}}, 0x4040004)

239.78559ms ago: executing program 2 (id=13304):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c25000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00'}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000025c0)='fib6_table_lookup\x00', r0}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x9)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f1, &(0x7f0000000080))

239.35857ms ago: executing program 2 (id=13305):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
sendmsg$sock(r0, &(0x7f00000003c0)={&(0x7f0000000140)=@ieee802154={0x24, @short={0x2, 0x0, 0xfffe}}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000200)="5090221645d2cb8f428b3f567050f1d5cc8b58dd1b4fc52eabc1fdf323aa5faa3cb756e9af6c4d4ff0d1f55154c6ab913d0f682ea99f5d5915b55a3572cfce51ec5573b3c45d251d041d9cd2a41704fc", 0x50}], 0x1, &(0x7f00000002c0)=[@mark={{0x14, 0x1, 0x24, 0x1}}, @timestamping={{0x14, 0x1, 0x25, 0xd}}, @timestamping={{0x14, 0x1, 0x25, 0x2}}, @mark={{0x14, 0x1, 0x24, 0x6}}, @mark={{0x14, 0x1, 0x24, 0x1}}, @mark={{0x14}}, @mark={{0x14, 0x1, 0x24, 0xb690}}, @txtime={{0x18, 0x1, 0x3d, 0x3}}, @mark={{0x14, 0x1, 0x24, 0x7fff}}, @mark={{0x14, 0x1, 0x24, 0xc1d}}], 0xf0}, 0x24008000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000007c0)={0xffffffffffffffff, 0x0, 0x2c, 0x61, &(0x7f0000000540)="ef91bc03e925d5c994d6008101c932b4ca2dfbfd761a15085c0397535ed92f9a28b1cd6907b5a654017282c0", &(0x7f0000000640)=""/97, 0x5, 0x0, 0x0, 0xb9, &(0x7f00000006c0), &(0x7f0000000700)="d46759ed7bdf1d209f523ba8b3e79c9edce883d7cdf0fb5326edb6cff22b25af146cbfdd26fc8946e138c681f44c8d9934f463ccda832dc133e13b6df398811404736670e47da5a6f2b809bba3d7f0f6a3560fa28d17ba3179c25197af651ebd945004c8a9df43904f97d7fadeaa4e754d92acd075ca22eb5eda7843385c2441b87df789c4bf68a485c972ae8b4f4a2d5b9f24de1022af2f52b71af8f5a2d28dcdf82c5dd3ede53e0cac4f2153996e8e88540145cb48af7b69", 0x7, 0x0, 0x80000001}, 0x50)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000440)={r0})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x6, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000400)='syzkaller\x00', 0xfffffffd, 0x0, 0x0, 0x40f00, 0x1b, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x34c746b98992f11d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='dlm_bast\x00', r1, 0x0, 0x2}, 0x18)
socket$tipc(0x1e, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000020000000000000f9ffff0b8500000007000000850000000700000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000ac0)='percpu_alloc_percpu\x00', r2}, 0x10)
listxattr(&(0x7f0000006440)='./file0\x00', 0x0, 0x0)

233.58025ms ago: executing program 0 (id=13306):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000040000000100000022bf0000000000", @ANYBLOB, @ANYBLOB], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000003c0), 0x0}, 0x20)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000340)="bd335a1dca247bb3b919c91c3273d032a2e4e9654ee5a17af639338cce3981338bd3a5c97853902d6a082841d8dcd40f5cc1d584d7e12df333089a9e67b432c53b6d118442d7a7aa5aa61d83b641db338891803f8f9a9da60297a13f75bc6d600004af8801", &(0x7f00000002c0)="f7b1ecf59876d753e70d0018aa1af0a75e7338cffc20d6e0543a16819f45ac0ddeea586b498b3fdb4694f480b98407851d2045edec3ba41e800ab434cecc7a349218ddb37e03e9060286cdf07bf9da7a10de4e5ce9d0d0fe2c58d34126a1b64473f3e23b97040c26038f7ddb60eb0991dc340103472e8e73e2", 0xffffd6c0, r2}, 0x38)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x200000a, 0x13, r0, 0x0)
pipe(&(0x7f0000002480))

211.242451ms ago: executing program 0 (id=13307):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280), 0x8)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000500)=ANY=[@ANYBLOB="9feb01001800000000000000e4000000e4000000030000000304000200000013040000001000000007000000090000000b0000000000000c020000000100000002000004040000001000000001000000020000001000000005000000ff0700000d000000050000130c0000000c000000010000000400000001000000ba0e00000a0000000b00000061bf00000300000010000000d00500000200000004000000dc3b00000100000009000000060000930f0000001000000001000000070000000100fb0000000000090000000f0000000400000005000000080000000100008007000000100000000900000000000000060000000100000003000000005f00"], &(0x7f00000000c0)=""/58, 0xff, 0x3a, 0x1, 0xf9a}, 0x28)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRESOCT=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1c, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val={'init_itable', 0x3d, 0x200}}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@data_journal}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_access\x00', &(0x7f0000001440)=ANY=[@ANYBLOB="0200000001000000000000000400050000000000100000000000000020"], 0x24, 0x3)
pwrite64(r2, &(0x7f0000000180)="f7", 0x1, 0x200980)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000b00)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kmem_cache_free\x00', r5, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
rmdir(0x0)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r7 = mq_open(&(0x7f0000000040)='!se\xf7ih,\x17i\xacP\xe6lNnuxselinux\x00', 0x6e93ebbbcc0884f2, 0x2, &(0x7f0000000300)={0x0, 0x1, 0x6})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x200000000000000, 0x0)

135.834164ms ago: executing program 0 (id=13308):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3000003, 0x110, 0xffffffffffffffff, 0x1b15a000)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000000)={0x84, @remote, 0x0, 0x0, 'sh\x00', 0x1e, 0x80}, 0x2c)
r0 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r0, &(0x7f0000000880)=[{{&(0x7f0000000080)={0x2, 0x0, @rand_addr=0xac1414bb}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000140)="f3bd14", 0x3}], 0x1}, 0x20000000}], 0x1, 0x0)

135.099505ms ago: executing program 2 (id=13309):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000180)=0x7, 0x4)
r1 = socket(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000440)='kmem_cache_free\x00', r2}, 0x18)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x3548}}}]}, 0x78}}, 0x0)

127.225195ms ago: executing program 0 (id=13310):
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x3000003, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x7fffffffffffffff}, 0x18)
r2 = syz_io_uring_setup(0xbc3, &(0x7f0000000540)={0x0, 0x1568, 0x10000, 0x2, 0x264}, &(0x7f0000000040)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x2, 0xa3d8, &(0x7f00000005c0)=[{&(0x7f0000000240)="5db5bd", 0x3}], 0x10000000000002a8, 0x8, 0x1, {0x2}})
io_uring_enter(r2, 0x29ab, 0xd480, 0x0, 0x0, 0x0)

74.742837ms ago: executing program 2 (id=13311):
timer_create(0xfffffffffffffffd, 0x0, &(0x7f00000000c0))
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000), 0x4)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000005600)='sys_enter\x00', r0, 0x0, 0x2}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)

57.962098ms ago: executing program 0 (id=13312):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$sock(r2, &(0x7f0000001d40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001c80)=[@mark={{0x14, 0x1, 0x24, 0x40}}, @timestamping={{0x14, 0x1, 0x25, 0x9cf}}], 0x30}}], 0x1, 0x34000050)
r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r3, &(0x7f0000000000)={0x24, @short={0x2, 0x1, 0x555d}}, 0xa)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000a00)={@link_local, @random="305904008f00", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "108114", 0x8, 0x11, 0x0, @empty, @mcast2, {[], {0x0, 0xe22, 0x8}}}}}}, 0x0)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x190da)
openat$selinux_load(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0) (async)
openat$selinux_policy(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0) (async)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
sendmmsg$sock(r2, &(0x7f0000001d40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001c80)=[@mark={{0x14, 0x1, 0x24, 0x40}}, @timestamping={{0x14, 0x1, 0x25, 0x9cf}}], 0x30}}], 0x1, 0x34000050) (async)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) (async)
bind$802154_dgram(r3, &(0x7f0000000000)={0x24, @short={0x2, 0x1, 0x555d}}, 0xa) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0) (async)
syz_emit_ethernet(0x3e, &(0x7f0000000a00)={@link_local, @random="305904008f00", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "108114", 0x8, 0x11, 0x0, @empty, @mcast2, {[], {0x0, 0xe22, 0x8}}}}}}, 0x0) (async)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x190da) (async)

19.86347ms ago: executing program 2 (id=13313):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbff, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000180)=0x7, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000440)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)

0s ago: executing program 4 (id=13314):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1], 0x28}, 0x1, 0x0, 0x0, 0x890}, 0x800)

kernel console output (not intermixed with test programs):

ev passed as './file1'
[  840.499474][ T6987] EXT4-fs: error: could not find journal device path
[  840.508533][ T6974] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.12559: iget: bad extra_isize 65535 (inode size 256)
[  840.599785][ T7000] loop2: detected capacity change from 0 to 512
[  840.602876][ T7001] loop1: detected capacity change from 0 to 1024
[  840.635106][ T7000] EXT4-fs (loop2): 1 orphan inode deleted
[  840.641518][ T7000] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  840.654318][ T6882] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:0: Failed to release dquot type 1
[  840.710049][ T6730] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  840.712858][ T7000] ext4 filesystem being mounted at /99/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  840.823760][ T5147] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  841.541291][ T7030] No such timeout policy "syz1"
[  841.586929][ T7030] ref_ctr_offset mismatch. inode: 0x54b offset: 0x0 ref_ctr_offset(old): 0x24 ref_ctr_offset(new): 0x0
[  841.748493][ T7034] bond_slave_0: entered promiscuous mode
[  841.754189][ T7034] bond_slave_1: entered promiscuous mode
[  841.765204][ T7034] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  841.776553][ T7034] bond_slave_0: left promiscuous mode
[  841.782098][ T7034] bond_slave_1: left promiscuous mode
[  841.834948][ T7040] netlink: 'syz.4.12580': attribute type 4 has an invalid length.
[  841.934713][ T7056] netlink: 'syz.2.12587': attribute type 6 has an invalid length.
[  841.943293][ T7056] netlink: 'syz.2.12587': attribute type 6 has an invalid length.
[  842.085403][ T7066] IPv6: NLM_F_CREATE should be specified when creating new route
[  842.375112][ T7083] loop3: detected capacity change from 0 to 128
[  842.418939][ T7077] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  842.512817][ T7077] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  842.718023][ T7077] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  842.798985][ T7077] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  842.928481][ T6882] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  842.952292][ T6882] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  842.992673][ T6882] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  843.069521][ T6882] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  843.251076][ T7092] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1 sclass=netlink_route_socket pid=7092 comm=syz.4.12602
[  843.419641][ T7107] __nla_validate_parse: 8 callbacks suppressed
[  843.419657][ T7107] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12609'.
[  843.426927][ T7106] loop3: detected capacity change from 0 to 512
[  843.458032][ T7106] EXT4-fs (loop3): 1 orphan inode deleted
[  843.464434][ T7106] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  843.485834][T16086] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:39: Failed to release dquot type 1
[  843.519514][ T7106] ext4 filesystem being mounted at /104/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  843.570929][ T7115] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  843.622617][ T7112] loop2: detected capacity change from 0 to 512
[  843.633503][ T7115] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  843.651847][ T5472] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  843.680388][ T7112] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  843.704792][ T7115] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  843.714842][ T7112] ext4 filesystem being mounted at /111/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  843.740706][ T7112] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  843.793201][ T7115] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  843.837209][ T7129] loop4: detected capacity change from 0 to 512
[  843.853752][ T7129] ------------[ cut here ]------------
[  843.859344][ T7129] EA inode 11 i_nlink=2
[  843.859676][ T7129] WARNING: CPU: 1 PID: 7129 at fs/ext4/xattr.c:1058 ext4_xattr_inode_update_ref+0x36a/0x380
[  843.874012][ T7129] Modules linked in:
[  843.877991][ T7129] CPU: 1 UID: 0 PID: 7129 Comm: syz.4.12616 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  843.889426][ T7129] Tainted: [W]=WARN
[  843.893262][ T7129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  843.903409][ T7129] RIP: 0010:ext4_xattr_inode_update_ref+0x36a/0x380
[  843.910080][ T7129] Code: 90 49 8d 7e 40 e8 16 f7 b8 ff 4d 8b 6e 40 4c 89 e7 e8 2a f2 b8 ff 41 8b 56 48 48 c7 c7 55 d7 55 86 4c 89 ee e8 e7 f2 67 ff 90 <0f> 0b 90 90 e9 ff fe ff ff e8 68 01 b6 03 0f 1f 84 00 00 00 00 00
[  843.929766][ T7129] RSP: 0018:ffffc9000181b5a0 EFLAGS: 00010246
[  843.935904][ T7129] RAX: 3126f22083272f00 RBX: ffff888106bc3170 RCX: ffff888109bdd280
[  843.943932][ T7129] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000002
[  843.952023][ T7129] RBP: 0000000000000002 R08: 0000000000005b0b R09: 0000000000400000
[  843.960044][ T7129] R10: 00000000000b6168 R11: ffffc9000c8d8000 R12: ffff888106bc3120
[  843.968106][ T7129] R13: 000000000000000b R14: ffff888106bc30d8 R15: 0000000000000001
[  843.976168][ T7129] FS:  00007fd079a676c0(0000) GS:ffff8882aef10000(0000) knlGS:0000000000000000
[  843.985264][ T7129] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  843.991939][ T7129] CR2: 00007ff7335942f8 CR3: 0000000160306000 CR4: 00000000003506f0
[  844.000007][ T7129] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  844.008116][ T7129] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  844.016133][ T7129] Call Trace:
[  844.019410][ T7129]  <TASK>
[  844.022344][ T7129]  ext4_xattr_set_entry+0x77f/0x1020
[  844.027747][ T7129]  ext4_xattr_ibody_set+0x184/0x3c0
[  844.033017][ T7129]  ext4_expand_extra_isize_ea+0xcbb/0x11f0
[  844.038876][ T7129]  __ext4_expand_extra_isize+0x246/0x280
[  844.044532][ T7129]  __ext4_mark_inode_dirty+0x29d/0x3f0
[  844.050162][ T7129]  ext4_evict_inode+0x80e/0xd90
[  844.055067][ T7129]  ? __pfx_ext4_evict_inode+0x10/0x10
[  844.060610][ T7129]  evict+0x2e3/0x550
[  844.064521][ T7129]  ? __dquot_initialize+0x146/0x7c0
[  844.069941][ T7129]  iput+0x4ed/0x650
[  844.073769][ T7129]  ext4_process_orphan+0x1a9/0x1c0
[  844.078952][ T7129]  ext4_orphan_cleanup+0x6a8/0xa00
[  844.084139][ T7129]  ext4_fill_super+0x3483/0x3810
[  844.089091][ T7129]  ? snprintf+0x86/0xb0
[  844.093295][ T7129]  ? set_blocksize+0x1a8/0x310
[  844.098065][ T7129]  ? sb_set_blocksize+0xe3/0x100
[  844.103115][ T7129]  ? setup_bdev_super+0x30e/0x370
[  844.108207][ T7129]  ? __pfx_ext4_fill_super+0x10/0x10
[  844.113532][ T7129]  get_tree_bdev_flags+0x291/0x300
[  844.118870][ T7129]  ? __pfx_ext4_fill_super+0x10/0x10
[  844.124188][ T7129]  get_tree_bdev+0x1f/0x30
[  844.128624][ T7129]  ext4_get_tree+0x1c/0x30
[  844.133055][ T7129]  vfs_get_tree+0x57/0x1d0
[  844.137531][ T7129]  do_new_mount+0x24d/0x660
[  844.142106][ T7129]  path_mount+0x4a5/0xb70
[  844.146550][ T7129]  ? user_path_at+0x109/0x130
[  844.151226][ T7129]  __se_sys_mount+0x28c/0x2e0
[  844.155939][ T7129]  __x64_sys_mount+0x67/0x80
[  844.160647][ T7129]  x64_sys_call+0x2b51/0x3000
[  844.165382][ T7129]  do_syscall_64+0xd2/0x200
[  844.169883][ T7129]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  844.175990][ T7129]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  844.181851][ T7129]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  844.187858][ T7129] RIP: 0033:0x7fd07b000eea
[  844.192287][ T7129] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  844.211961][ T7129] RSP: 002b:00007fd079a66e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  844.220491][ T7129] RAX: ffffffffffffffda RBX: 00007fd079a66ef0 RCX: 00007fd07b000eea
[  844.228461][ T7129] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007fd079a66eb0
[  844.236540][ T7129] RBP: 0000200000000180 R08: 00007fd079a66ef0 R09: 0000000000800718
[  844.244631][ T7129] R10: 0000000000800718 R11: 0000000000000246 R12: 00002000000001c0
[  844.252634][ T7129] R13: 00007fd079a66eb0 R14: 000000000000046f R15: 0000200000000200
[  844.260618][ T7129]  </TASK>
[  844.263656][ T7129] ---[ end trace 0000000000000000 ]---
[  844.269592][ T7129] EXT4-fs (loop4): 1 orphan inode deleted
[  844.275722][ T7129] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  844.318778][ T6730] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  844.432516][ T7142] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  844.452566][ T7143] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  844.498562][ T7143] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  844.564659][ T7143] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  844.627143][ T7143] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  844.697059][ T3415] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  844.712849][ T3415] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  844.729525][ T3415] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  844.739109][ T3415] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  844.770109][   T29] kauditd_printk_skb: 1365 callbacks suppressed
[  844.770125][   T29] audit: type=1400 audit(2000000498.988:182730): avc:  denied  { execute } for  pid=7144 comm="syz.3.12622" dev="tmpfs" ino=2328 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  844.798274][   T29] audit: type=1400 audit(2000000498.988:182731): avc:  denied  { execute_no_trans } for  pid=7144 comm="syz.3.12622" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=2328 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  844.841823][   T29] audit: type=1400 audit(2000000499.063:182732): avc:  denied  { read write } for  pid=5472 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  844.866250][   T29] audit: type=1400 audit(2000000499.063:182733): avc:  denied  { read write open } for  pid=5472 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  844.896817][   T29] audit: type=1400 audit(2000000499.073:182734): avc:  denied  { ioctl } for  pid=5472 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=103 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  844.927379][   T29] audit: type=1400 audit(2000000499.110:182735): avc:  denied  { prog_load } for  pid=7146 comm="syz.3.12623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  844.946756][   T29] audit: type=1400 audit(2000000499.110:182736): avc:  denied  { bpf } for  pid=7146 comm="syz.3.12623" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  844.967680][   T29] audit: type=1400 audit(2000000499.138:182737): avc:  denied  { create } for  pid=7146 comm="syz.3.12623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  844.987447][   T29] audit: type=1400 audit(2000000499.138:182738): avc:  denied  { map_create } for  pid=7146 comm="syz.3.12623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  845.006950][   T29] audit: type=1400 audit(2000000499.138:182739): avc:  denied  { map_read map_write } for  pid=7146 comm="syz.3.12623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  845.238822][ T7150] loop2: detected capacity change from 0 to 512
[  845.258720][ T7150] EXT4-fs (loop2): 1 orphan inode deleted
[  845.265226][ T7150] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  845.280055][ T3415] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:6: Failed to release dquot type 1
[  845.292108][ T7150] ext4 filesystem being mounted at /114/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  845.319398][ T5147] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  845.359227][ T7158] loop4: detected capacity change from 0 to 4096
[  845.369944][ T7162] netlink: 12 bytes leftover after parsing attributes in process `syz.2.12628'.
[  845.370041][ T7158] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  845.466511][ T7171] No such timeout policy "syz1"
[  845.475378][ T7171] ref_ctr_offset mismatch. inode: 0x281 offset: 0x0 ref_ctr_offset(old): 0x24 ref_ctr_offset(new): 0x0
[  845.550294][ T7171] loop2: detected capacity change from 0 to 512
[  845.560214][ T7171] journal_path: Non-blockdev passed as './file1'
[  845.566696][ T7171] EXT4-fs: error: could not find journal device path
[  845.623688][ T6730] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  845.936115][ T7185] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  845.996062][ T7185] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  846.060341][ T7185] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  846.124058][ T7185] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  846.201118][T16086] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  846.220184][T16086] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  846.238602][T16086] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  846.247329][T16086] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  846.350312][ T7189] vlan2: entered allmulticast mode
[  846.434961][ T7192] sch_fq: defrate 4294967295 ignored.
[  846.462177][ T7192] vlan2: entered allmulticast mode
[  846.563219][ T7197] netlink: 40 bytes leftover after parsing attributes in process `syz.0.12640'.
[  846.625329][ T7195] loop2: detected capacity change from 0 to 512
[  846.659114][ T7203] No such timeout policy "syz1"
[  846.670175][ T7203] ref_ctr_offset mismatch. inode: 0x5b1 offset: 0x0 ref_ctr_offset(old): 0x24 ref_ctr_offset(new): 0x0
[  846.709536][ T7195] EXT4-fs (loop2): 1 orphan inode deleted
[  846.715793][ T7195] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  846.731154][   T41] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:2: Failed to release dquot type 1
[  846.743988][ T7195] ext4 filesystem being mounted at /119/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  846.839252][ T5147] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  846.873131][ T7213] loop3: detected capacity change from 0 to 512
[  846.895079][ T7213] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  846.918982][ T7213] EXT4-fs (loop3): 1 truncate cleaned up
[  846.925131][ T7213] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  846.968595][ T7222] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12650'.
[  847.034403][ T7225] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12651'.
[  847.105230][ T7222] loop2: detected capacity change from 0 to 2048
[  847.121035][ T7225] bond_slave_0: entered promiscuous mode
[  847.126703][ T7225] bond_slave_1: entered promiscuous mode
[  847.134688][ T7225] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  847.143912][ T7225] bond_slave_0: left promiscuous mode
[  847.149428][ T7225] bond_slave_1: left promiscuous mode
[  847.171161][ T7222]  loop2: p2 < > p4
[  847.181619][ T7222] loop2: p4 size 262144 extends beyond EOD, truncated
[  847.443635][ T7234] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12654'.
[  847.457353][ T7234] bond_slave_0: entered promiscuous mode
[  847.463045][ T7234] bond_slave_1: entered promiscuous mode
[  847.470075][ T7234] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  847.479033][ T7234] bond_slave_0: left promiscuous mode
[  847.484431][ T7234] bond_slave_1: left promiscuous mode
[  847.505152][ T6882] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  847.523507][ T6882] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  847.536648][ T6882] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  847.577981][ T6882] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  847.659558][ T7240] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12657'.
[  847.802438][ T5472] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  847.855393][ T7256] siw: device registration error -23
[  847.867277][ T7257] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12663'.
[  847.925623][ T7262] loop1: detected capacity change from 0 to 1024
[  847.935859][ T7262] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  847.963464][ T7262] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #3: block 1: comm syz.1.12666: lblock 1 mapped to illegal pblock 1 (length 1)
[  847.988238][ T7262] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.12666: Failed to acquire dquot type 0
[  848.001695][ T7267] sch_fq: defrate 4294967295 ignored.
[  848.011995][ T7262] EXT4-fs error (device loop1): ext4_free_blocks:6706: comm syz.1.12666: Freeing blocks not in datazone - block = 0, count = 4096
[  848.017426][ T7267] loop3: detected capacity change from 0 to 1024
[  848.035137][ T7267] EXT4-fs: Ignoring removed orlov option
[  848.040960][ T7267] EXT4-fs: Ignoring removed mblk_io_submit option
[  848.047743][ T7262] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.12666: Invalid inode bitmap blk 0 in block_group 0
[  848.060669][ T7262] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[  848.069640][ T7262] EXT4-fs (loop1): 1 orphan inode deleted
[  848.070136][ T7267] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c118, mo2=0002]
[  848.083770][ T6882] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1)
[  848.084583][ T7262] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  848.104219][ T7267] System zones: 0-1, 3-12
[  848.118230][ T6882] EXT4-fs error (device loop1): ext4_release_dquot:6981: comm kworker/u8:0: Failed to release dquot type 0
[  848.130840][ T7267] EXT4-fs (loop3): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  848.159949][ T7267] vlan2: entered allmulticast mode
[  848.253940][ T7277] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12671'.
[  848.265542][ T5290] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  848.303667][ T5472] EXT4-fs (loop3): unmounting filesystem 00000000-0500-0000-0000-000000000000.
[  848.345821][ T7287] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12675'.
[  848.366170][ T7287] bond_slave_0: entered promiscuous mode
[  848.371946][ T7287] bond_slave_1: entered promiscuous mode
[  848.378945][ T7287] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  848.400357][ T7287] bond_slave_0: left promiscuous mode
[  848.405813][ T7287] bond_slave_1: left promiscuous mode
[  848.437765][ T7288] serio: Serial port ttyS3
[  848.471950][ T7295] loop2: detected capacity change from 0 to 1024
[  848.480357][ T7295] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  848.493946][ T7295] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #3: block 1: comm syz.2.12678: lblock 1 mapped to illegal pblock 1 (length 1)
[  848.508327][ T7295] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.12678: Failed to acquire dquot type 0
[  848.521829][ T7295] EXT4-fs error (device loop2): ext4_free_blocks:6706: comm syz.2.12678: Freeing blocks not in datazone - block = 0, count = 4096
[  848.542880][ T7295] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.12678: Invalid inode bitmap blk 0 in block_group 0
[  848.580748][   T41] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1)
[  848.596404][ T7295] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[  848.605533][   T41] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:2: Failed to release dquot type 0
[  848.627953][ T7295] EXT4-fs (loop2): 1 orphan inode deleted
[  848.636376][ T7295] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  848.804092][ T5147] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  848.864772][ T7314] __nla_validate_parse: 5 callbacks suppressed
[  848.864789][ T7314] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12685'.
[  848.895742][ T7312] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  848.957317][ T7312] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  848.971776][ T7316] bridge0: entered promiscuous mode
[  849.016217][ T7312] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  849.105203][ T7312] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  849.157713][ T7325] xt_connbytes: Forcing CT accounting to be enabled
[  849.164500][ T7325] Cannot find set identified by id 0 to match
[  849.262923][ T7329] No such timeout policy "syz1"
[  849.284221][ T7331] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12692'.
[  849.293345][ T7331] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12692'.
[  849.320183][ T7332] siw: device registration error -23
[  849.326224][ T7329] ref_ctr_offset mismatch. inode: 0x2d8 offset: 0x0 ref_ctr_offset(old): 0x24 ref_ctr_offset(new): 0x0
[  849.368288][ T7329] loop2: detected capacity change from 0 to 512
[  849.381851][ T7329] journal_path: Non-blockdev passed as './file1'
[  849.388235][ T7329] EXT4-fs: error: could not find journal device path
[  849.519467][ T7342] loop2: detected capacity change from 0 to 1024
[  849.581695][ T7346] loop2: detected capacity change from 0 to 512
[  849.590328][ T7346] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  849.618370][ T7346] EXT4-fs (loop2): 1 truncate cleaned up
[  849.624633][ T7346] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  850.122168][   T29] kauditd_printk_skb: 1247 callbacks suppressed
[  850.122183][   T29] audit: type=1400 audit(2000000504.003:183979): avc:  denied  { read write } for  pid=5290 comm="syz-executor" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  850.152803][   T29] audit: type=1400 audit(2000000504.003:183980): avc:  denied  { open } for  pid=5290 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  850.177453][   T29] audit: type=1400 audit(2000000504.021:183981): avc:  denied  { ioctl } for  pid=5290 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  850.204594][   T29] audit: type=1400 audit(2000000504.068:183982): avc:  denied  { map_create } for  pid=7359 comm="syz.1.12702" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  850.224100][   T29] audit: type=1400 audit(2000000504.087:183983): avc:  denied  { prog_load } for  pid=7359 comm="syz.1.12702" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  850.243515][   T29] audit: type=1400 audit(2000000504.087:183984): avc:  denied  { bpf } for  pid=7359 comm="syz.1.12702" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  850.264300][   T29] audit: type=1400 audit(2000000504.087:183985): avc:  denied  { perfmon } for  pid=7359 comm="syz.1.12702" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  850.285633][   T29] audit: type=1400 audit(2000000504.143:183986): avc:  denied  { read write } for  pid=5290 comm="syz-executor" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  850.310250][   T29] audit: type=1400 audit(2000000504.143:183987): avc:  denied  { open } for  pid=5290 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  850.334988][   T29] audit: type=1400 audit(2000000504.143:183988): avc:  denied  { ioctl } for  pid=5290 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  850.473792][ T7363] xt_connbytes: Forcing CT accounting to be enabled
[  850.476746][   T41] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  850.480402][ T7363] Cannot find set identified by id 0 to match
[  850.539120][   T41] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  850.552847][   T41] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  850.562528][ T6882] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  850.563050][ T5147] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  850.611803][ T7369] netlink: 12 bytes leftover after parsing attributes in process `syz.2.12706'.
[  850.665333][ T7371] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12707'.
[  850.675733][ T7371] netlink: 312 bytes leftover after parsing attributes in process `syz.3.12707'.
[  850.787430][ T7392] loop4: detected capacity change from 0 to 1024
[  850.794971][ T7394] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  850.832484][ T7395] syzkaller0: entered promiscuous mode
[  850.838416][ T7395] syzkaller0: entered allmulticast mode
[  850.897724][ T7397] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32206 sclass=netlink_route_socket pid=7397 comm=syz.4.12716
[  850.921161][ T7397] loop4: detected capacity change from 0 to 512
[  850.929733][ T7397] ext4: Unknown parameter 'appraise_type'
[  851.055932][ T7410] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12720'.
[  851.093135][ T7412] loop1: detected capacity change from 0 to 512
[  851.105581][ T7412] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  851.118668][ T7412] ext4 filesystem being mounted at /118/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  851.142474][ T7412] random: crng reseeded on system resumption
[  851.272697][ T7416] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  851.281388][ T7416] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  851.674787][ T7425] netlink: 36 bytes leftover after parsing attributes in process `syz.2.12726'.
[  851.705001][ T7427] loop2: detected capacity change from 0 to 512
[  851.730746][ T7427] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  851.743679][ T7427] ext4 filesystem being mounted at /142/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  851.754193][ T7431] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  851.890680][ T7438] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  851.899259][ T7438] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  851.964216][ T7440] loop4: detected capacity change from 0 to 1024
[  851.972292][ T7440] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  851.987048][ T7440] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #3: block 1: comm syz.4.12731: lblock 1 mapped to illegal pblock 1 (length 1)
[  852.002849][ T7440] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.12731: Failed to acquire dquot type 0
[  852.015488][ T7440] EXT4-fs error (device loop4): ext4_free_blocks:6706: comm syz.4.12731: Freeing blocks not in datazone - block = 0, count = 4096
[  852.030512][ T7440] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.12731: Invalid inode bitmap blk 0 in block_group 0
[  852.044126][   T41] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1)
[  852.059137][ T7440] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[  852.059554][   T41] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:2: Failed to release dquot type 0
[  852.075394][ T7440] EXT4-fs (loop4): 1 orphan inode deleted
[  852.085562][ T7440] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  852.150046][ T6730] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  852.419841][ T7458] syzkaller0: entered promiscuous mode
[  852.425361][ T7458] syzkaller0: entered allmulticast mode
[  852.655271][ T7464] No such timeout policy "syz1"
[  852.679259][ T7464] ref_ctr_offset mismatch. inode: 0x2b5 offset: 0x0 ref_ctr_offset(old): 0x24 ref_ctr_offset(new): 0x0
[  852.742253][ T7465] loop3: detected capacity change from 0 to 512
[  852.753571][ T7465] journal_path: Non-blockdev passed as './file1'
[  852.759991][ T7465] EXT4-fs: error: could not find journal device path
[  852.813147][ T7348] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  853.313187][ T7472] sch_fq: defrate 4294967295 ignored.
[  853.327930][ T7472] loop3: detected capacity change from 0 to 1024
[  853.335558][ T7472] EXT4-fs: Ignoring removed orlov option
[  853.341401][ T7472] EXT4-fs: Ignoring removed mblk_io_submit option
[  853.366821][ T7472] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c118, mo2=0002]
[  853.375753][ T7472] System zones: 0-1, 3-12
[  853.382189][ T7472] EXT4-fs (loop3): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  853.407112][ T7472] vlan2: entered allmulticast mode
[  853.594658][ T5472] EXT4-fs (loop3): unmounting filesystem 00000000-0500-0000-0000-000000000000.
[  853.903428][ T7348] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  854.322722][ T7507] FAULT_INJECTION: forcing a failure.
[  854.322722][ T7507] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  854.336067][ T7507] CPU: 0 UID: 0 PID: 7507 Comm: syz.4.12755 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  854.336088][ T7507] Tainted: [W]=WARN
[  854.336091][ T7507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  854.336098][ T7507] Call Trace:
[  854.336102][ T7507]  <TASK>
[  854.336107][ T7507]  __dump_stack+0x1d/0x30
[  854.336121][ T7507]  dump_stack_lvl+0xe8/0x140
[  854.336197][ T7507]  dump_stack+0x15/0x1b
[  854.336206][ T7507]  should_fail_ex+0x265/0x280
[  854.336218][ T7507]  should_fail+0xb/0x20
[  854.336260][ T7507]  should_fail_usercopy+0x1a/0x20
[  854.336281][ T7507]  _copy_to_user+0x20/0xa0
[  854.336295][ T7507]  simple_read_from_buffer+0xb5/0x130
[  854.336368][ T7507]  proc_fail_nth_read+0x10e/0x150
[  854.336495][ T7507]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  854.336564][ T7507]  vfs_read+0x1a8/0x770
[  854.336577][ T7507]  ? bpf_trace_run2+0x124/0x1c0
[  854.336627][ T7507]  ? __rcu_read_unlock+0x4f/0x70
[  854.336642][ T7507]  ? __fget_files+0x184/0x1c0
[  854.336753][ T7507]  ksys_read+0xda/0x1a0
[  854.336853][ T7507]  __x64_sys_read+0x40/0x50
[  854.336867][ T7507]  x64_sys_call+0x27c0/0x3000
[  854.336879][ T7507]  do_syscall_64+0xd2/0x200
[  854.336891][ T7507]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  854.336914][ T7507]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  854.336932][ T7507]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.336943][ T7507] RIP: 0033:0x7fd07affe15c
[  854.336953][ T7507] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  854.336985][ T7507] RSP: 002b:00007fd079a67030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  854.336997][ T7507] RAX: ffffffffffffffda RBX: 00007fd07b255fa0 RCX: 00007fd07affe15c
[  854.337004][ T7507] RDX: 000000000000000f RSI: 00007fd079a670a0 RDI: 0000000000000006
[  854.337012][ T7507] RBP: 00007fd079a67090 R08: 0000000000000000 R09: 0000000000000000
[  854.337021][ T7507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  854.337028][ T7507] R13: 00007fd07b256038 R14: 00007fd07b255fa0 R15: 00007ffcdad9cb98
[  854.337040][ T7507]  </TASK>
[  854.593698][ T5290] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  854.651712][ T7514] syzkaller0: entered promiscuous mode
[  854.657205][ T7514] syzkaller0: entered allmulticast mode
[  854.793528][ T7520] No such timeout policy "syz1"
[  854.804293][ T7520] ref_ctr_offset mismatch. inode: 0x28a offset: 0x0 ref_ctr_offset(old): 0x24 ref_ctr_offset(new): 0x0
[  854.804305][ T7523] No such timeout policy "syz1"
[  854.811369][ T7523] ref_ctr_offset mismatch. inode: 0x114 offset: 0x0 ref_ctr_offset(old): 0x24 ref_ctr_offset(new): 0x0
[  854.855355][ T7520] loop1: detected capacity change from 0 to 512
[  854.863663][ T7520] journal_path: Non-blockdev passed as './file1'
[  854.870047][ T7520] EXT4-fs: error: could not find journal device path
[  854.890794][ T7528] loop4: detected capacity change from 0 to 512
[  854.898373][ T7528] journal_path: Non-blockdev passed as './file1'
[  854.904728][ T7528] EXT4-fs: error: could not find journal device path
[  854.930617][ T7533] netlink: 'syz.1.12765': attribute type 4 has an invalid length.
[  854.932768][ T7532] loop3: detected capacity change from 0 to 1024
[  854.938452][ T7533] __nla_validate_parse: 5 callbacks suppressed
[  854.938474][ T7533] netlink: 152 bytes leftover after parsing attributes in process `syz.1.12765'.
[  854.949761][ T7532] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  854.965486][ T7533] .`: renamed from bond0 (while UP)
[  854.979570][ T7532] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #3: block 1: comm syz.3.12766: lblock 1 mapped to illegal pblock 1 (length 1)
[  854.995336][ T7532] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.12766: Failed to acquire dquot type 0
[  855.026154][ T7532] EXT4-fs error (device loop3): ext4_free_blocks:6706: comm syz.3.12766: Freeing blocks not in datazone - block = 0, count = 4096
[  855.047225][ T7532] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.12766: Invalid inode bitmap blk 0 in block_group 0
[  855.060358][ T6882] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1)
[  855.088808][ T6882] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:0: Failed to release dquot type 0
[  855.100977][ T7532] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[  855.122327][ T7542] loop1: detected capacity change from 0 to 1024
[  855.128919][ T7532] EXT4-fs (loop3): 1 orphan inode deleted
[  855.143596][ T5147] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  855.149312][ T7542] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  855.294716][ T7542] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #3: block 1: comm syz.1.12768: lblock 1 mapped to illegal pblock 1 (length 1)
[  855.314669][ T7549] serio: Serial port ttyS3
[  855.314945][ T7542] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.12768: Failed to acquire dquot type 0
[  855.335730][ T7542] EXT4-fs error (device loop1): ext4_free_blocks:6706: comm syz.1.12768: Freeing blocks not in datazone - block = 0, count = 4096
[  855.367993][ T7542] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.12768: Invalid inode bitmap blk 0 in block_group 0
[  855.380330][ T7552] syzkaller0: entered promiscuous mode
[  855.381891][ T7542] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[  855.386218][ T7552] syzkaller0: entered allmulticast mode
[  855.394932][T16086] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:39: lblock 1 mapped to illegal pblock 1 (length 1)
[  855.480621][T16086] __quota_error: 1311 callbacks suppressed
[  855.480643][T16086] Quota error (device loop1): remove_tree: Can't read quota data block 1
[  855.494906][T16086] EXT4-fs error (device loop1): ext4_release_dquot:6981: comm kworker/u8:39: Failed to release dquot type 0
[  855.752628][ T7542] EXT4-fs (loop1): 1 orphan inode deleted
[  855.760629][   T29] audit: type=1400 audit(2000000509.270:185290): avc:  denied  { mount } for  pid=7540 comm="syz.1.12768" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  855.782577][   T29] audit: type=1400 audit(2000000509.270:185291): avc:  denied  { read write } for  pid=7540 comm="syz.1.12768" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  855.806925][   T29] audit: type=1400 audit(2000000509.270:185292): avc:  denied  { open } for  pid=7540 comm="syz.1.12768" path="/dev/loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  855.831422][   T29] audit: type=1326 audit(2000000509.326:185293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7540 comm="syz.1.12768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc085c1f749 code=0x7ffc0000
[  855.855278][   T29] audit: type=1326 audit(2000000509.326:185294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7540 comm="syz.1.12768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc085c1f749 code=0x7ffc0000
[  855.878968][   T29] audit: type=1326 audit(2000000509.326:185295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7540 comm="syz.1.12768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fc085c1f749 code=0x7ffc0000
[  855.902775][   T29] audit: type=1400 audit(2000000509.326:185296): avc:  denied  { open } for  pid=7540 comm="syz.1.12768" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  855.922839][   T29] audit: type=1400 audit(2000000509.326:185297): avc:  denied  { perfmon } for  pid=7540 comm="syz.1.12768" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  855.944061][   T29] audit: type=1400 audit(2000000509.326:185298): avc:  denied  { kernel } for  pid=7540 comm="syz.1.12768" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  856.011710][ T7564] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12775'.
[  856.062185][ T7569] netlink: 36 bytes leftover after parsing attributes in process `syz.1.12778'.
[  856.109620][ T7571] loop1: detected capacity change from 0 to 512
[  856.149341][ T7571] ext4 filesystem being mounted at /126/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  856.165619][ T7575] loop4: detected capacity change from 0 to 4096
[  856.223497][ T7571] random: crng reseeded on system resumption
[  856.280624][ T7591] netlink: 156 bytes leftover after parsing attributes in process `syz.2.12786'.
[  856.321431][ T7596] netlink: 36 bytes leftover after parsing attributes in process `syz.3.12789'.
[  856.325608][ T7597] sch_tbf: burst 0 is lower than device vxcan1 mtu (2060) !
[  856.383626][ T7600] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  856.415291][ T7600] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  856.452911][ T7607] loop2: detected capacity change from 0 to 512
[  856.467105][ T7607] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  856.509784][ T7607] EXT4-fs (loop2): 1 truncate cleaned up
[  856.872192][ T7621] netlink: 'syz.4.12797': attribute type 1 has an invalid length.
[  856.890023][ T7621] 8021q: adding VLAN 0 to HW filter on device bond1
[  856.919923][ T7621] netlink: 4 bytes leftover after parsing attributes in process `syz.4.12797'.
[  856.936010][ T7621] bond1 (unregistering): Released all slaves
[  857.090666][ T7626] netlink: 156 bytes leftover after parsing attributes in process `syz.4.12799'.
[  857.138566][ T7628] netlink: 36 bytes leftover after parsing attributes in process `syz.4.12800'.
[  857.212414][ T7630] netlink: 4 bytes leftover after parsing attributes in process `syz.4.12801'.
[  857.229122][ T7630] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12801'.
[  857.348358][ T7635] No such timeout policy "syz1"
[  857.437036][ T7635] loop4: detected capacity change from 0 to 512
[  857.460960][ T7635] journal_path: Non-blockdev passed as './file1'
[  857.467484][ T7635] EXT4-fs: error: could not find journal device path
[  857.560167][ T7650] FAULT_INJECTION: forcing a failure.
[  857.560167][ T7650] name failslab, interval 1, probability 0, space 0, times 0
[  857.572959][ T7650] CPU: 0 UID: 0 PID: 7650 Comm: syz.4.12810 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  857.572994][ T7650] Tainted: [W]=WARN
[  857.573001][ T7650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  857.573014][ T7650] Call Trace:
[  857.573020][ T7650]  <TASK>
[  857.573028][ T7650]  __dump_stack+0x1d/0x30
[  857.573057][ T7650]  dump_stack_lvl+0xe8/0x140
[  857.573079][ T7650]  dump_stack+0x15/0x1b
[  857.573096][ T7650]  should_fail_ex+0x265/0x280
[  857.573113][ T7650]  ? __se_sys_memfd_create+0x1cc/0x590
[  857.573137][ T7650]  should_failslab+0x8c/0xb0
[  857.573208][ T7650]  __kmalloc_cache_noprof+0x4c/0x4a0
[  857.573240][ T7650]  __se_sys_memfd_create+0x1cc/0x590
[  857.573263][ T7650]  __x64_sys_memfd_create+0x31/0x40
[  857.573285][ T7650]  x64_sys_call+0x2ac2/0x3000
[  857.573303][ T7650]  do_syscall_64+0xd2/0x200
[  857.573321][ T7650]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  857.573390][ T7650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  857.573411][ T7650] RIP: 0033:0x7fd07afff749
[  857.573486][ T7650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  857.573502][ T7650] RSP: 002b:00007fd079a66e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  857.573518][ T7650] RAX: ffffffffffffffda RBX: 00000000000002eb RCX: 00007fd07afff749
[  857.573530][ T7650] RDX: 00007fd079a66ef0 RSI: 0000000000000000 RDI: 00007fd07b084960
[  857.573541][ T7650] RBP: 00002000000004c0 R08: 00007fd079a66bb7 R09: 00007fd079a66e40
[  857.573604][ T7650] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000480
[  857.573658][ T7650] R13: 00007fd079a66ef0 R14: 00007fd079a66eb0 R15: 0000200000003b40
[  857.573675][ T7650]  </TASK>
[  857.695369][ T7655] loop3: detected capacity change from 0 to 2048
[  857.743831][ T7649] netlink: 'syz.0.12811': attribute type 7 has an invalid length.
[  857.782076][ T7655] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  857.818499][ T7658] loop4: detected capacity change from 0 to 1024
[  857.825765][ T7658] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  857.836788][ T7658] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  857.863955][ T7658] JBD2: no valid journal superblock found
[  857.869750][ T7658] EXT4-fs (loop4): Could not load journal inode
[  857.891530][ T7666] loop3: detected capacity change from 0 to 512
[  857.903645][ T7666] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  857.922120][ T7666] EXT4-fs (loop3): 1 truncate cleaned up
[  858.010591][ T7673] No such timeout policy "syz1"
[  858.026052][ T7673] loop4: detected capacity change from 0 to 512
[  858.034302][ T7673] journal_path: Non-blockdev passed as './file1'
[  858.040925][ T7673] EXT4-fs: error: could not find journal device path
[  858.218940][ T7685] netlink: 'syz.4.12825': attribute type 7 has an invalid length.
[  858.540373][ T7704] loop2: detected capacity change from 0 to 4096
[  858.796301][ T7719] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  858.858098][ T7719] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  858.894437][ T7723] loop3: detected capacity change from 0 to 1024
[  858.931238][ T7719] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  858.984148][ T7719] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  859.020795][ T7727] loop3: detected capacity change from 0 to 1024
[  859.030071][ T7727] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  859.059559][T16086] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  859.081269][ T7727] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #3: block 1: comm syz.3.12841: lblock 1 mapped to illegal pblock 1 (length 1)
[  859.097424][T16086] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  859.110645][T16086] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  859.119278][ T7727] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.12841: Failed to acquire dquot type 0
[  859.132358][T16086] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  859.140993][ T7727] EXT4-fs error (device loop3): ext4_free_blocks:6706: comm syz.3.12841: Freeing blocks not in datazone - block = 0, count = 4096
[  859.155758][ T7727] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.12841: Invalid inode bitmap blk 0 in block_group 0
[  859.168913][ T7727] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[  859.177645][T16086] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:39: lblock 1 mapped to illegal pblock 1 (length 1)
[  859.209932][T16086] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:39: Failed to release dquot type 0
[  859.222267][ T7727] EXT4-fs (loop3): 1 orphan inode deleted
[  859.338528][ T7734] loop3: detected capacity change from 0 to 512
[  859.347034][ T7734] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  859.356442][ T7734] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  859.366492][ T7734] EXT4-fs (loop3): group descriptors corrupted!
[  859.379997][ T7734] loop3: detected capacity change from 0 to 128
[  859.426704][ T5290] EXT4-fs unmount: 15 callbacks suppressed
[  859.426720][ T5290] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  859.490525][ T7737] sch_fq: defrate 4294967295 ignored.
[  859.520055][ T7737] loop4: detected capacity change from 0 to 1024
[  859.527499][ T7737] EXT4-fs: Ignoring removed orlov option
[  859.533198][ T7737] EXT4-fs: Ignoring removed mblk_io_submit option
[  859.564205][ T7737] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c118, mo2=0002]
[  859.572368][ T7737] System zones: 0-1, 3-12
[  859.577608][ T7737] EXT4-fs (loop4): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  859.627313][ T7737] vlan2: entered allmulticast mode
[  859.645951][ T7754] No such timeout policy "syz1"
[  859.669981][ T7754] loop3: detected capacity change from 0 to 512
[  859.682186][ T7754] journal_path: Non-blockdev passed as './file1'
[  859.688584][ T7754] EXT4-fs: error: could not find journal device path
[  859.696536][ T7755] FAULT_INJECTION: forcing a failure.
[  859.696536][ T7755] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  859.709793][ T7755] CPU: 0 UID: 0 PID: 7755 Comm: syz.1.12851 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  859.709823][ T7755] Tainted: [W]=WARN
[  859.709830][ T7755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  859.709843][ T7755] Call Trace:
[  859.709850][ T7755]  <TASK>
[  859.709870][ T7755]  __dump_stack+0x1d/0x30
[  859.709889][ T7755]  dump_stack_lvl+0xe8/0x140
[  859.709906][ T7755]  dump_stack+0x15/0x1b
[  859.709920][ T7755]  should_fail_ex+0x265/0x280
[  859.709939][ T7755]  should_fail+0xb/0x20
[  859.709974][ T7755]  should_fail_usercopy+0x1a/0x20
[  859.709991][ T7755]  _copy_from_user+0x1c/0xb0
[  859.710011][ T7755]  perf_copy_attr+0x145/0x610
[  859.710061][ T7755]  __se_sys_perf_event_open+0x67/0x11c0
[  859.710087][ T7755]  ? vfs_write+0x7e8/0x960
[  859.710110][ T7755]  ? __rcu_read_unlock+0x4f/0x70
[  859.710171][ T7755]  __x64_sys_perf_event_open+0x67/0x80
[  859.710196][ T7755]  x64_sys_call+0x7bd/0x3000
[  859.710216][ T7755]  do_syscall_64+0xd2/0x200
[  859.710233][ T7755]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  859.710337][ T7755]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  859.710368][ T7755]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  859.710388][ T7755] RIP: 0033:0x7fc085c1f749
[  859.710407][ T7755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  859.710457][ T7755] RSP: 002b:00007fc08465e038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  859.710477][ T7755] RAX: ffffffffffffffda RBX: 00007fc085e76090 RCX: 00007fc085c1f749
[  859.710491][ T7755] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000200000000100
[  859.710504][ T7755] RBP: 00007fc08465e090 R08: 0000000000000002 R09: 0000000000000000
[  859.710517][ T7755] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  859.710537][ T7755] R13: 00007fc085e76128 R14: 00007fc085e76090 R15: 00007fff5d93d768
[  859.710556][ T7755]  </TASK>
[  859.980566][ T6730] EXT4-fs (loop4): unmounting filesystem 00000000-0500-0000-0000-000000000000.
[  860.128473][ T7785] loop3: detected capacity change from 0 to 4096
[  860.139258][ T7785] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  860.193626][ T7789] siw: device registration error -23
[  860.281621][ T7794] loop1: detected capacity change from 0 to 764
[  860.295303][ T7794] iso9660: Unknown parameter ''
[  860.416412][ T5472] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  860.425881][ T7798] FAULT_INJECTION: forcing a failure.
[  860.425881][ T7798] name failslab, interval 1, probability 0, space 0, times 0
[  860.438510][ T7798] CPU: 1 UID: 0 PID: 7798 Comm: syz.1.12868 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  860.438566][ T7798] Tainted: [W]=WARN
[  860.438572][ T7798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  860.438582][ T7798] Call Trace:
[  860.438587][ T7798]  <TASK>
[  860.438594][ T7798]  __dump_stack+0x1d/0x30
[  860.438613][ T7798]  dump_stack_lvl+0xe8/0x140
[  860.438630][ T7798]  dump_stack+0x15/0x1b
[  860.438645][ T7798]  should_fail_ex+0x265/0x280
[  860.438734][ T7798]  ? __se_sys_memfd_create+0x1cc/0x590
[  860.438758][ T7798]  should_failslab+0x8c/0xb0
[  860.438780][ T7798]  __kmalloc_cache_noprof+0x4c/0x4a0
[  860.438885][ T7798]  ? fput+0x8f/0xc0
[  860.438904][ T7798]  __se_sys_memfd_create+0x1cc/0x590
[  860.438925][ T7798]  __x64_sys_memfd_create+0x31/0x40
[  860.438953][ T7798]  x64_sys_call+0x2ac2/0x3000
[  860.438987][ T7798]  do_syscall_64+0xd2/0x200
[  860.439007][ T7798]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  860.439031][ T7798]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  860.439102][ T7798]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  860.439123][ T7798] RIP: 0033:0x7fc085c1f749
[  860.439138][ T7798] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  860.439155][ T7798] RSP: 002b:00007fc08467ee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  860.439231][ T7798] RAX: ffffffffffffffda RBX: 000000000000065b RCX: 00007fc085c1f749
[  860.439242][ T7798] RDX: 00007fc08467eef0 RSI: 0000000000000000 RDI: 00007fc085ca4960
[  860.439255][ T7798] RBP: 00002000000007c0 R08: 00007fc08467ebb7 R09: 00007fc08467ee40
[  860.439267][ T7798] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000
[  860.439279][ T7798] R13: 00007fc08467eef0 R14: 00007fc08467eeb0 R15: 0000200000001f80
[  860.439298][ T7798]  </TASK>
[  860.651739][ T7800] sch_fq: defrate 4294967295 ignored.
[  860.677246][ T7800] loop3: detected capacity change from 0 to 1024
[  860.713510][ T7800] EXT4-fs: Ignoring removed orlov option
[  860.719203][ T7800] EXT4-fs: Ignoring removed mblk_io_submit option
[  860.747236][ T7800] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c118, mo2=0002]
[  860.755531][ T7800] System zones: 0-1, 3-12
[  860.758863][ T7809] __nla_validate_parse: 6 callbacks suppressed
[  860.758876][ T7809] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12872'.
[  860.761373][ T7800] EXT4-fs (loop3): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  860.767108][ T7809] netlink: 32 bytes leftover after parsing attributes in process `syz.1.12872'.
[  860.790509][ T7800] vlan2: entered allmulticast mode
[  860.855655][   T29] kauditd_printk_skb: 1429 callbacks suppressed
[  860.855670][   T29] audit: type=1400 audit(2000000514.041:186725): avc:  denied  { write } for  pid=7807 comm="syz.1.12872" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  860.927315][   T29] audit: type=1400 audit(2000000514.116:186726): avc:  denied  { prog_load } for  pid=7807 comm="syz.1.12872" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  861.055148][ T5472] EXT4-fs (loop3): unmounting filesystem 00000000-0500-0000-0000-000000000000.
[  861.082112][   T29] audit: type=1400 audit(2000000514.116:186727): avc:  denied  { bpf } for  pid=7807 comm="syz.1.12872" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  861.103183][   T29] audit: type=1400 audit(2000000514.116:186728): avc:  denied  { perfmon } for  pid=7807 comm="syz.1.12872" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  861.124419][   T29] audit: type=1400 audit(2000000514.116:186729): avc:  denied  { write } for  pid=7807 comm="syz.1.12872" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  861.144366][   T29] audit: type=1400 audit(2000000514.116:186730): avc:  denied  { connect } for  pid=7807 comm="syz.1.12872" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  861.164391][   T29] audit: type=1400 audit(2000000514.116:186731): avc:  denied  { name_connect } for  pid=7807 comm="syz.1.12872" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  861.185016][   T29] audit: type=1400 audit(2000000514.144:186732): avc:  denied  { execmem } for  pid=7807 comm="syz.1.12872" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  861.204900][   T29] audit: type=1400 audit(2000000514.181:186733): avc:  denied  { read write } for  pid=5147 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  861.229368][   T29] audit: type=1400 audit(2000000514.181:186734): avc:  denied  { open } for  pid=5147 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  861.296816][ T7820] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12874'.
[  861.309796][ T7820] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12874'.
[  861.332376][ T7828] loop4: detected capacity change from 0 to 128
[  861.342843][ T7828] FAULT_INJECTION: forcing a failure.
[  861.342843][ T7828] name failslab, interval 1, probability 0, space 0, times 0
[  861.355738][ T7828] CPU: 0 UID: 0 PID: 7828 Comm: syz.4.12878 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  861.355773][ T7828] Tainted: [W]=WARN
[  861.355780][ T7828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  861.355791][ T7828] Call Trace:
[  861.355796][ T7828]  <TASK>
[  861.355803][ T7828]  __dump_stack+0x1d/0x30
[  861.355835][ T7828]  dump_stack_lvl+0xe8/0x140
[  861.355854][ T7828]  dump_stack+0x15/0x1b
[  861.355872][ T7828]  should_fail_ex+0x265/0x280
[  861.355892][ T7828]  should_failslab+0x8c/0xb0
[  861.355918][ T7828]  kmem_cache_alloc_noprof+0x50/0x480
[  861.355940][ T7828]  ? getname_flags+0x80/0x3b0
[  861.355968][ T7828]  ? fput+0x8f/0xc0
[  861.356006][ T7828]  getname_flags+0x80/0x3b0
[  861.356092][ T7828]  __x64_sys_mkdirat+0x40/0x60
[  861.356115][ T7828]  x64_sys_call+0x2b7/0x3000
[  861.356137][ T7828]  do_syscall_64+0xd2/0x200
[  861.356221][ T7828]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  861.356246][ T7828]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  861.356271][ T7828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  861.356289][ T7828] RIP: 0033:0x7fd07afff749
[  861.356303][ T7828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  861.356390][ T7828] RSP: 002b:00007fd079a67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  861.356411][ T7828] RAX: ffffffffffffffda RBX: 00007fd07b255fa0 RCX: 00007fd07afff749
[  861.356422][ T7828] RDX: 00000000000001ff RSI: 0000200000000000 RDI: ffffffffffffff9c
[  861.356432][ T7828] RBP: 00007fd079a67090 R08: 0000000000000000 R09: 0000000000000000
[  861.356443][ T7828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  861.356456][ T7828] R13: 00007fd07b256038 R14: 00007fd07b255fa0 R15: 00007ffcdad9cb98
[  861.356476][ T7828]  </TASK>
[  861.606410][ T7836] loop4: detected capacity change from 0 to 512
[  861.615145][ T7836] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  861.761752][ T7836] EXT4-fs (loop4): 1 truncate cleaned up
[  861.794776][ T7836] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  861.828539][ T7845] FAULT_INJECTION: forcing a failure.
[  861.828539][ T7845] name failslab, interval 1, probability 0, space 0, times 0
[  861.841184][ T7845] CPU: 1 UID: 0 PID: 7845 Comm: syz.3.12886 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  861.841224][ T7845] Tainted: [W]=WARN
[  861.841230][ T7845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  861.841240][ T7845] Call Trace:
[  861.841246][ T7845]  <TASK>
[  861.841290][ T7845]  __dump_stack+0x1d/0x30
[  861.841313][ T7845]  dump_stack_lvl+0xe8/0x140
[  861.841334][ T7845]  dump_stack+0x15/0x1b
[  861.841352][ T7845]  should_fail_ex+0x265/0x280
[  861.841370][ T7845]  should_failslab+0x8c/0xb0
[  861.841415][ T7845]  kmem_cache_alloc_noprof+0x50/0x480
[  861.841439][ T7845]  ? getname_flags+0x80/0x3b0
[  861.841545][ T7845]  getname_flags+0x80/0x3b0
[  861.841600][ T7845]  do_sys_openat2+0x60/0x110
[  861.841621][ T7845]  __x64_sys_openat+0xf2/0x120
[  861.841649][ T7845]  x64_sys_call+0x2eab/0x3000
[  861.841726][ T7845]  do_syscall_64+0xd2/0x200
[  861.841748][ T7845]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  861.841845][ T7845]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  861.841915][ T7845]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  861.841936][ T7845] RIP: 0033:0x7f7c1397df90
[  861.841952][ T7845] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44
[  861.841971][ T7845] RSP: 002b:00007f7c123e6b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  861.842010][ T7845] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f7c1397df90
[  861.842024][ T7845] RDX: 0000000000000002 RSI: 00007f7c123e6c10 RDI: 00000000ffffff9c
[  861.842040][ T7845] RBP: 00007f7c123e6c10 R08: 0000000000000000 R09: 00007f7c123e6986
[  861.842054][ T7845] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  861.842067][ T7845] R13: 00007f7c13bd6038 R14: 00007f7c13bd5fa0 R15: 00007ffdd4437348
[  861.842084][ T7845]  </TASK>
[  862.185598][ T7858] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12893'.
[  862.196283][ T7858] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12893'.
[  862.248227][ T7860] siw: device registration error -23
[  862.517314][ T6730] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  862.549582][ T7897] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  862.605378][ T7897] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  862.669143][ T7902] netlink: 80 bytes leftover after parsing attributes in process `syz.0.12909'.
[  862.788131][ T7904] syzkaller0: entered promiscuous mode
[  862.793624][ T7904] syzkaller0: entered allmulticast mode
[  863.017608][ T7907] siw: device registration error -23
[  863.227586][ T7910] bond_slave_0: entered promiscuous mode
[  863.233285][ T7910] bond_slave_1: entered promiscuous mode
[  863.297982][ T7910] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  863.631692][ T7942] bond_slave_0: entered promiscuous mode
[  863.637570][ T7942] bond_slave_1: entered promiscuous mode
[  863.653202][ T7942] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  863.888597][ T7967] siw: device registration error -23
[  864.027843][ T7980] netlink: 'syz.1.12941': attribute type 3 has an invalid length.
[  864.041659][ T7980] 9pnet_fd: Insufficient options for proto=fd
[  864.087596][ T7984] FAULT_INJECTION: forcing a failure.
[  864.087596][ T7984] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  864.100717][ T7984] CPU: 0 UID: 0 PID: 7984 Comm: syz.1.12943 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  864.100765][ T7984] Tainted: [W]=WARN
[  864.100772][ T7984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  864.100783][ T7984] Call Trace:
[  864.100797][ T7984]  <TASK>
[  864.100805][ T7984]  __dump_stack+0x1d/0x30
[  864.100826][ T7984]  dump_stack_lvl+0xe8/0x140
[  864.100888][ T7984]  dump_stack+0x15/0x1b
[  864.100906][ T7984]  should_fail_ex+0x265/0x280
[  864.100926][ T7984]  should_fail+0xb/0x20
[  864.100942][ T7984]  should_fail_usercopy+0x1a/0x20
[  864.100955][ T7984]  _copy_from_user+0x1c/0xb0
[  864.101016][ T7984]  do_sock_getsockopt+0xf1/0x240
[  864.101105][ T7984]  __x64_sys_getsockopt+0x11e/0x1a0
[  864.101124][ T7984]  x64_sys_call+0x2bca/0x3000
[  864.101152][ T7984]  do_syscall_64+0xd2/0x200
[  864.101164][ T7984]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  864.101179][ T7984]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  864.101214][ T7984]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  864.101226][ T7984] RIP: 0033:0x7fc085c1f749
[  864.101236][ T7984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  864.101245][ T7984] RSP: 002b:00007fc08467f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  864.101328][ T7984] RAX: ffffffffffffffda RBX: 00007fc085e75fa0 RCX: 00007fc085c1f749
[  864.101335][ T7984] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000003
[  864.101342][ T7984] RBP: 00007fc08467f090 R08: 0000200000000180 R09: 0000000000000000
[  864.101348][ T7984] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  864.101358][ T7984] R13: 00007fc085e76038 R14: 00007fc085e75fa0 R15: 00007fff5d93d768
[  864.101377][ T7984]  </TASK>
[  864.340716][ T7992] loop1: detected capacity change from 0 to 1024
[  864.349824][ T7992] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  864.362583][ T7992] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #3: block 1: comm syz.1.12947: lblock 1 mapped to illegal pblock 1 (length 1)
[  864.377243][ T7992] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.12947: Failed to acquire dquot type 0
[  864.390819][ T7992] EXT4-fs error (device loop1): ext4_free_blocks:6706: comm syz.1.12947: Freeing blocks not in datazone - block = 0, count = 4096
[  864.405458][ T7992] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.12947: Invalid inode bitmap blk 0 in block_group 0
[  864.418558][ T7992] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[  864.418543][ T3415] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:6: lblock 1 mapped to illegal pblock 1 (length 1)
[  864.441401][ T7992] EXT4-fs (loop1): 1 orphan inode deleted
[  864.447984][ T7992] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  864.461525][ T7998] loop4: detected capacity change from 0 to 128
[  864.496886][ T3415] EXT4-fs error (device loop1): ext4_release_dquot:6981: comm kworker/u8:6: Failed to release dquot type 0
[  864.537743][ T8000] loop2: detected capacity change from 0 to 4096
[  864.544708][ T5290] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  864.556034][ T8000] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  864.756978][ T8017] loop3: detected capacity change from 0 to 512
[  864.765812][ T8017] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  864.783799][ T8013] sch_fq: defrate 4294967295 ignored.
[  864.825645][ T8013] loop4: detected capacity change from 0 to 1024
[  864.835777][ T8017] EXT4-fs (loop3): 1 truncate cleaned up
[  864.841185][ T8013] EXT4-fs: Ignoring removed orlov option
[  864.847151][ T8013] EXT4-fs: Ignoring removed mblk_io_submit option
[  864.861473][ T8013] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c118, mo2=0002]
[  864.881167][ T8013] System zones: 0-1, 3-12
[  864.886133][ T8017] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  864.899322][ T8013] EXT4-fs (loop4): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  864.938324][ T8013] vlan2: entered allmulticast mode
[  864.960188][ T5147] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  865.128351][ T6730] EXT4-fs (loop4): unmounting filesystem 00000000-0500-0000-0000-000000000000.
[  865.186728][ T8029] netlink: 4 bytes leftover after parsing attributes in process `syz.4.12958'.
[  865.239922][ T8037] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12958'.
[  865.290656][ T8039] No such timeout policy "syz1"
[  865.314105][ T8039] loop2: detected capacity change from 0 to 512
[  865.339269][ T8039] journal_path: Non-blockdev passed as './file1'
[  865.345662][ T8039] EXT4-fs: error: could not find journal device path
[  865.374482][ T8043] No such timeout policy "syz1"
[  865.423666][ T8043] loop4: detected capacity change from 0 to 512
[  865.450232][ T8043] journal_path: Non-blockdev passed as './file1'
[  865.456636][ T8043] EXT4-fs: error: could not find journal device path
[  865.477519][ T8051] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12966'.
[  865.571580][ T8058] loop1: detected capacity change from 0 to 1024
[  865.664321][ T5472] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  865.691582][ T8070] siw: device registration error -23
[  865.827925][ T8076] loop2: detected capacity change from 0 to 4096
[  865.847151][ T8076] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  865.871722][ T8087] loop4: detected capacity change from 0 to 1024
[  865.882920][ T8086] FAULT_INJECTION: forcing a failure.
[  865.882920][ T8086] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  865.896518][ T8086] CPU: 1 UID: 0 PID: 8086 Comm: syz.3.12979 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  865.896556][ T8086] Tainted: [W]=WARN
[  865.896563][ T8086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  865.896575][ T8086] Call Trace:
[  865.896595][ T8086]  <TASK>
[  865.896603][ T8086]  __dump_stack+0x1d/0x30
[  865.896625][ T8086]  dump_stack_lvl+0xe8/0x140
[  865.896654][ T8086]  dump_stack+0x15/0x1b
[  865.896671][ T8086]  should_fail_ex+0x265/0x280
[  865.896699][ T8086]  should_fail+0xb/0x20
[  865.896716][ T8086]  should_fail_usercopy+0x1a/0x20
[  865.896736][ T8086]  _copy_to_user+0x20/0xa0
[  865.896786][ T8086]  pagemap_read+0x379/0x5e0
[  865.896814][ T8086]  ? __pfx_pagemap_read+0x10/0x10
[  865.896910][ T8086]  vfs_readv+0x3fb/0x690
[  865.896942][ T8086]  ? mutex_lock+0xd/0x30
[  865.896970][ T8086]  do_readv+0xe7/0x210
[  865.897020][ T8086]  __x64_sys_readv+0x45/0x50
[  865.897078][ T8086]  x64_sys_call+0x29fc/0x3000
[  865.897096][ T8086]  do_syscall_64+0xd2/0x200
[  865.897132][ T8086]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  865.897158][ T8086]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  865.897188][ T8086]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  865.897210][ T8086] RIP: 0033:0x7f7c1397f749
[  865.897259][ T8086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  865.897277][ T8086] RSP: 002b:00007f7c123e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  865.897298][ T8086] RAX: ffffffffffffffda RBX: 00007f7c13bd5fa0 RCX: 00007f7c1397f749
[  865.897311][ T8086] RDX: 0000000000000001 RSI: 0000200000003400 RDI: 0000000000000005
[  865.897338][ T8086] RBP: 00007f7c123e7090 R08: 0000000000000000 R09: 0000000000000000
[  865.897350][ T8086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  865.897407][ T8086] R13: 00007f7c13bd6038 R14: 00007f7c13bd5fa0 R15: 00007ffdd4437348
[  865.897428][ T8086]  </TASK>
[  866.203430][ T8094] FAULT_INJECTION: forcing a failure.
[  866.203430][ T8094] name failslab, interval 1, probability 0, space 0, times 0
[  866.216100][ T8094] CPU: 0 UID: 0 PID: 8094 Comm: syz.3.12983 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  866.216128][ T8094] Tainted: [W]=WARN
[  866.216134][ T8094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  866.216173][ T8094] Call Trace:
[  866.216180][ T8094]  <TASK>
[  866.216187][ T8094]  __dump_stack+0x1d/0x30
[  866.216207][ T8094]  dump_stack_lvl+0xe8/0x140
[  866.216223][ T8094]  dump_stack+0x15/0x1b
[  866.216238][ T8094]  should_fail_ex+0x265/0x280
[  866.216258][ T8094]  should_failslab+0x8c/0xb0
[  866.216296][ T8094]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[  866.216326][ T8094]  ? sidtab_sid2str_get+0xa0/0x130
[  866.216406][ T8094]  kmemdup_noprof+0x2b/0x70
[  866.216473][ T8094]  sidtab_sid2str_get+0xa0/0x130
[  866.216500][ T8094]  security_sid_to_context_core+0x1eb/0x2e0
[  866.216528][ T8094]  security_sid_to_context+0x27/0x40
[  866.216619][ T8094]  selinux_lsmprop_to_secctx+0x67/0xf0
[  866.216648][ T8094]  security_lsmprop_to_secctx+0x1a3/0x1c0
[  866.216672][ T8094]  audit_log_subj_ctx+0xa4/0x3e0
[  866.216699][ T8094]  ? skb_put+0xa9/0xf0
[  866.216733][ T8094]  audit_log_task_context+0x48/0x70
[  866.216798][ T8094]  audit_log_task+0xf4/0x250
[  866.216824][ T8094]  ? kstrtouint+0x76/0xc0
[  866.216848][ T8094]  audit_seccomp+0x61/0x100
[  866.216892][ T8094]  ? __seccomp_filter+0x82d/0x1250
[  866.216924][ T8094]  __seccomp_filter+0x83e/0x1250
[  866.216952][ T8094]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  866.216979][ T8094]  ? vfs_write+0x7e8/0x960
[  866.217021][ T8094]  __secure_computing+0x82/0x150
[  866.217046][ T8094]  syscall_trace_enter+0xcf/0x1e0
[  866.217072][ T8094]  do_syscall_64+0xac/0x200
[  866.217089][ T8094]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  866.217163][ T8094]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  866.217194][ T8094]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  866.217215][ T8094] RIP: 0033:0x7f7c1397f749
[  866.217232][ T8094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  866.217276][ T8094] RSP: 002b:00007f7c123e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b8
[  866.217328][ T8094] RAX: ffffffffffffffda RBX: 00007f7c13bd5fa0 RCX: 00007f7c1397f749
[  866.217338][ T8094] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  866.217349][ T8094] RBP: 00007f7c123e7090 R08: 0000000000000000 R09: 0000000000000000
[  866.217361][ T8094] R10: 0000000000000014 R11: 0000000000000246 R12: 0000000000000001
[  866.217375][ T8094] R13: 00007f7c13bd6038 R14: 00007f7c13bd5fa0 R15: 00007ffdd4437348
[  866.217395][ T8094]  </TASK>
[  866.468910][ T8094] audit_panic: 1379 callbacks suppressed
[  866.468923][ T8094] audit: error in audit_log_subj_ctx
[  866.481268][   T29] audit: type=1326 audit(2000000519.046:188111): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=8092 comm="syz.3.12983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=440 compat=0 ip=0x7f7c1397f749 code=0x7ffc0000
[  866.503023][   T29] audit: type=1326 audit(2000000519.326:188112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8092 comm="syz.3.12983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f7c1397e15c code=0x7ffc0000
[  866.526529][   T29] audit: type=1326 audit(2000000519.326:188113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8092 comm="syz.3.12983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f7c1397e1ff code=0x7ffc0000
[  866.550173][   T29] audit: type=1326 audit(2000000519.326:188114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8092 comm="syz.3.12983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f7c1397e3aa code=0x7ffc0000
[  866.573893][   T29] audit: type=1326 audit(2000000519.326:188115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8092 comm="syz.3.12983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c1397f749 code=0x7ffc0000
[  866.598295][   T29] audit: type=1326 audit(2000000519.326:188116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8092 comm="syz.3.12983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c1397f749 code=0x7ffc0000
[  866.661378][   T29] audit: type=1400 audit(2000000519.439:188117): avc:  denied  { sys_module } for  pid=8088 comm="syz.4.12982" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  866.682785][   T29] audit: type=1400 audit(2000000519.439:188118): avc:  denied  { module_request } for  pid=8088 comm="syz.4.12982" kmod=FA7C scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  866.686240][ T5147] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  866.704056][   T29] audit: type=1400 audit(2000000519.448:188119): avc:  denied  { read write } for  pid=5472 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  866.720864][ T8097] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8097 comm=syz.3.12984
[  866.770115][ T8099] loop1: detected capacity change from 0 to 2048
[  866.778190][ T8099] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  867.085706][ T8140] syzkaller0: entered promiscuous mode
[  867.091238][ T8140] syzkaller0: entered allmulticast mode
[  867.307816][ T8162] FAULT_INJECTION: forcing a failure.
[  867.307816][ T8162] name failslab, interval 1, probability 0, space 0, times 0
[  867.320775][ T8162] CPU: 1 UID: 0 PID: 8162 Comm: syz.1.13009 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  867.320795][ T8162] Tainted: [W]=WARN
[  867.320799][ T8162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  867.320809][ T8162] Call Trace:
[  867.320813][ T8162]  <TASK>
[  867.320844][ T8162]  __dump_stack+0x1d/0x30
[  867.320857][ T8162]  dump_stack_lvl+0xe8/0x140
[  867.320869][ T8162]  dump_stack+0x15/0x1b
[  867.320914][ T8162]  should_fail_ex+0x265/0x280
[  867.320933][ T8162]  should_failslab+0x8c/0xb0
[  867.320972][ T8162]  kmem_cache_alloc_noprof+0x50/0x480
[  867.320988][ T8162]  ? security_inode_alloc+0x37/0x100
[  867.321002][ T8162]  security_inode_alloc+0x37/0x100
[  867.321013][ T8162]  inode_init_always_gfp+0x4b7/0x500
[  867.321028][ T8162]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  867.321117][ T8162]  alloc_inode+0x58/0x170
[  867.321130][ T8162]  new_inode+0x1d/0xe0
[  867.321143][ T8162]  __debugfs_create_file+0x109/0x330
[  867.321226][ T8162]  debugfs_create_file_full+0x3f/0x60
[  867.321289][ T8162]  ? __pfx_gtp_link_setup+0x10/0x10
[  867.321308][ T8162]  ref_tracker_dir_debugfs+0x100/0x1e0
[  867.321332][ T8162]  alloc_netdev_mqs+0x1a7/0xa50
[  867.321364][ T8162]  rtnl_create_link+0x239/0x710
[  867.321375][ T8162]  rtnl_newlink_create+0x14c/0x620
[  867.321389][ T8162]  ? security_capable+0x83/0x90
[  867.321488][ T8162]  ? netlink_ns_capable+0x86/0xa0
[  867.321505][ T8162]  rtnl_newlink+0xf29/0x12d0
[  867.321537][ T8162]  ? bpf_trace_run3+0x12c/0x1d0
[  867.321552][ T8162]  ? context_struct_compute_av+0x96d/0xaa0
[  867.321593][ T8162]  ? __kfree_skb+0x109/0x150
[  867.321620][ T8162]  ? __memcg_slab_free_hook+0x135/0x230
[  867.321633][ T8162]  ? __rcu_read_unlock+0x4f/0x70
[  867.321651][ T8162]  ? avc_has_perm_noaudit+0x1b1/0x200
[  867.321716][ T8162]  ? cred_has_capability+0x210/0x280
[  867.321734][ T8162]  ? selinux_capable+0x31/0x40
[  867.321746][ T8162]  ? security_capable+0x83/0x90
[  867.321763][ T8162]  ? ns_capable+0x7d/0xb0
[  867.321847][ T8162]  ? __pfx_rtnl_newlink+0x10/0x10
[  867.321864][ T8162]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  867.321879][ T8162]  netlink_rcv_skb+0x123/0x220
[  867.321896][ T8162]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  867.321958][ T8162]  rtnetlink_rcv+0x1c/0x30
[  867.321969][ T8162]  netlink_unicast+0x5c0/0x690
[  867.321986][ T8162]  netlink_sendmsg+0x58b/0x6b0
[  867.322001][ T8162]  ? __pfx_netlink_sendmsg+0x10/0x10
[  867.322012][ T8162]  __sock_sendmsg+0x145/0x180
[  867.322029][ T8162]  ____sys_sendmsg+0x31e/0x4e0
[  867.322050][ T8162]  ___sys_sendmsg+0x17b/0x1d0
[  867.322130][ T8162]  __x64_sys_sendmsg+0xd4/0x160
[  867.322143][ T8162]  x64_sys_call+0x191e/0x3000
[  867.322156][ T8162]  do_syscall_64+0xd2/0x200
[  867.322231][ T8162]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  867.322246][ T8162]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  867.322263][ T8162]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  867.322312][ T8162] RIP: 0033:0x7fc085c1f749
[  867.322321][ T8162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  867.322331][ T8162] RSP: 002b:00007fc08467f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  867.322342][ T8162] RAX: ffffffffffffffda RBX: 00007fc085e75fa0 RCX: 00007fc085c1f749
[  867.322361][ T8162] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  867.322368][ T8162] RBP: 00007fc08467f090 R08: 0000000000000000 R09: 0000000000000000
[  867.322375][ T8162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  867.322399][ T8162] R13: 00007fc085e76038 R14: 00007fc085e75fa0 R15: 00007fff5d93d768
[  867.322418][ T8162]  </TASK>
[  867.322430][ T8162] debugfs: out of free dentries, can not create file 'netdev@ffff888119dcc558'
[  867.701215][ T8164] xt_recent: hitcount (4294901760) is larger than allowed maximum (65535)
[  867.769833][ T8168] __nla_validate_parse: 5 callbacks suppressed
[  867.769848][ T8168] netlink: 16 bytes leftover after parsing attributes in process `syz.1.13012'.
[  867.826655][ T8175] loop3: detected capacity change from 0 to 512
[  867.834470][ T8177] FAULT_INJECTION: forcing a failure.
[  867.834470][ T8177] name failslab, interval 1, probability 0, space 0, times 0
[  867.847166][ T8177] CPU: 1 UID: 0 PID: 8177 Comm: syz.4.13015 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  867.847195][ T8177] Tainted: [W]=WARN
[  867.847201][ T8177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  867.847282][ T8177] Call Trace:
[  867.847290][ T8177]  <TASK>
[  867.847298][ T8177]  __dump_stack+0x1d/0x30
[  867.847320][ T8177]  dump_stack_lvl+0xe8/0x140
[  867.847337][ T8177]  dump_stack+0x15/0x1b
[  867.847352][ T8177]  should_fail_ex+0x265/0x280
[  867.847372][ T8177]  should_failslab+0x8c/0xb0
[  867.847470][ T8177]  kmem_cache_alloc_noprof+0x50/0x480
[  867.847493][ T8177]  ? getname_flags+0x80/0x3b0
[  867.847521][ T8177]  getname_flags+0x80/0x3b0
[  867.847546][ T8177]  user_path_at+0x28/0x130
[  867.847565][ T8177]  __x64_sys_umount+0x85/0xe0
[  867.847704][ T8177]  x64_sys_call+0xdd2/0x3000
[  867.847836][ T8177]  do_syscall_64+0xd2/0x200
[  867.847857][ T8177]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  867.847960][ T8177]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  867.847991][ T8177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  867.848010][ T8177] RIP: 0033:0x7fd07afff749
[  867.848025][ T8177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  867.848041][ T8177] RSP: 002b:00007fd079a67038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  867.848071][ T8177] RAX: ffffffffffffffda RBX: 00007fd07b255fa0 RCX: 00007fd07afff749
[  867.848082][ T8177] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000002c0
[  867.848092][ T8177] RBP: 00007fd079a67090 R08: 0000000000000000 R09: 0000000000000000
[  867.848103][ T8177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  867.848113][ T8177] R13: 00007fd07b256038 R14: 00007fd07b255fa0 R15: 00007ffcdad9cb98
[  867.848130][ T8177]  </TASK>
[  867.848151][ T8173] loop1: detected capacity change from 0 to 1024
[  867.887323][ T8175] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  868.012676][ T8186] loop1: detected capacity change from 0 to 4096
[  868.019780][ T8175] ext4 filesystem being mounted at /180/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  868.084485][ T8186] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  868.104064][ T8175] random: crng reseeded on system resumption
[  868.225697][ T8195] netlink: 4 bytes leftover after parsing attributes in process `{/}\'.
[  868.237746][ T8201] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  868.246367][ T8201] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  868.261326][ T8195] netlink: 4 bytes leftover after parsing attributes in process `{/}\'.
[  868.280037][ T8195] netlink: 3 bytes leftover after parsing attributes in process `{/}\'.
[  868.288712][ T8195] 0ªX¹¦À: renamed from caif0
[  868.299142][ T8195] 0ªX¹¦À: entered allmulticast mode
[  868.304534][ T8195] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  868.403998][ T5290] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  868.494799][ T8209] serio: Serial port ttyS3
[  869.117502][ T8225] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13031'.
[  869.126541][ T8225] netlink: 20 bytes leftover after parsing attributes in process `syz.0.13031'.
[  869.140004][T16086] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  869.148643][T16086] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  869.157188][T16086] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  869.165633][T16086] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  869.311620][ T8229] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  869.524660][ T8237] loop2: detected capacity change from 0 to 4096
[  869.532122][ T8239] No such timeout policy "syz1"
[  869.540980][ T8237] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  869.554296][ T8239] loop1: detected capacity change from 0 to 512
[  869.562197][ T8239] journal_path: Non-blockdev passed as './file1'
[  869.568624][ T8239] EXT4-fs: error: could not find journal device path
[  869.653508][ T8247] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13039'.
[  869.663125][ T8247] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13039'.
[  869.747050][ T8254] siw: device registration error -23
[  869.845954][ T5147] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  869.887947][ T8265] loop1: detected capacity change from 0 to 1024
[  869.897341][ T8265] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  869.918297][ T8265] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #3: block 1: comm syz.1.13047: lblock 1 mapped to illegal pblock 1 (length 1)
[  869.940759][ T8265] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.13047: Failed to acquire dquot type 0
[  869.946607][ T8273] loop4: detected capacity change from 0 to 512
[  869.960770][ T8273] journal_path: Non-blockdev passed as './file1'
[  869.960818][ T8265] EXT4-fs error (device loop1): ext4_free_blocks:6706: comm syz.1.13047: Freeing blocks not in datazone - block = 0, count = 4096
[  869.967854][ T8273] EXT4-fs: error: could not find journal device path
[  870.010758][ T8265] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.13047: Invalid inode bitmap blk 0 in block_group 0
[  870.024595][   T41] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1)
[  870.033565][ T8265] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[  870.061785][ T8265] EXT4-fs (loop1): 1 orphan inode deleted
[  870.068024][ T8265] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  870.081730][   T41] EXT4-fs error (device loop1): ext4_release_dquot:6981: comm kworker/u8:2: Failed to release dquot type 0
[  870.115321][ T5290] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  870.155611][ T8278] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  870.229677][ T8278] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  870.258023][ T8286] netlink: 28 bytes leftover after parsing attributes in process `syz.2.13053'.
[  870.286765][ T8278] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  870.324038][T31845] hid_parser_main: 54 callbacks suppressed
[  870.324111][T31845] hid-generic 0003:FFFFFFF8:0004.0006: unknown main item tag 0x0
[  870.337972][T31845] hid-generic 0003:FFFFFFF8:0004.0006: unknown main item tag 0x0
[  870.346074][T31845] hid-generic 0003:FFFFFFF8:0004.0006: unknown main item tag 0x0
[  870.353821][T31845] hid-generic 0003:FFFFFFF8:0004.0006: unknown main item tag 0x0
[  870.361572][T31845] hid-generic 0003:FFFFFFF8:0004.0006: unknown main item tag 0x0
[  870.369427][T31845] hid-generic 0003:FFFFFFF8:0004.0006: unknown main item tag 0x0
[  870.377232][T31845] hid-generic 0003:FFFFFFF8:0004.0006: unknown main item tag 0x0
[  870.385033][T31845] hid-generic 0003:FFFFFFF8:0004.0006: unknown main item tag 0x0
[  870.392805][T31845] hid-generic 0003:FFFFFFF8:0004.0006: unknown main item tag 0x0
[  870.400608][T31845] hid-generic 0003:FFFFFFF8:0004.0006: unknown main item tag 0x0
[  870.425133][T31845] hid-generic 0003:FFFFFFF8:0004.0006: hidraw0: USB HID v0.a0 Device [syz1] on syz0
[  870.440505][ T8278] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  870.522436][   T41] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  870.541685][T16101] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  870.568051][T16101] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  870.602216][T16086] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  870.703326][ T8301] netlink: 16 bytes leftover after parsing attributes in process `syz.0.13060'.
[  871.026904][ T8315] 9pnet_fd: p9_fd_create_unix (8315): problem connecting socket: ./file0: -111
[  871.105037][ T5472] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  871.184909][ T8325] netlink: 'syz.3.13068': attribute type 4 has an invalid length.
[  871.382129][ T8335] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  871.392362][ T8335] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  871.405933][ T8341] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  871.415925][ T8341] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  871.479336][ T8341] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  871.480895][ T8344] loop1: detected capacity change from 0 to 2048
[  871.489163][ T8341] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  871.520552][ T8344] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  871.553247][ T8341] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  871.563066][ T8341] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  871.629031][ T8341] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  871.638950][ T8341] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  871.724902][ T6882] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  871.733239][ T6882] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  871.744743][ T6882] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  871.752935][ T6882] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  871.776455][ T6882] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  871.784654][ T6882] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  871.828204][   T29] kauditd_printk_skb: 1415 callbacks suppressed
[  871.828216][   T29] audit: type=1400 audit(2000000524.303:189532): avc:  denied  { read write } for  pid=8351 comm="syz.2.13078" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  871.858881][   T29] audit: type=1400 audit(2000000524.303:189533): avc:  denied  { read write open } for  pid=8351 comm="syz.2.13078" path="/dev/loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  871.872825][ T8352] loop2: detected capacity change from 0 to 512
[  871.892454][ T6882] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  871.900687][ T6882] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  871.910629][   T29] audit: type=1400 audit(2000000524.350:189534): avc:  denied  { ioctl } for  pid=8351 comm="syz.2.13078" path="/dev/loop2" dev="devtmpfs" ino=102 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  871.936509][   T29] audit: type=1400 audit(2000000524.359:189535): avc:  denied  { mounton } for  pid=8351 comm="syz.2.13078" path="/201/file1" dev="tmpfs" ino=1085 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  871.974765][   T29] audit: type=1400 audit(2000000524.416:189536): avc:  denied  { prog_load } for  pid=8355 comm="syz.0.13079" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  871.979844][ T8352] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  871.994280][   T29] audit: type=1400 audit(2000000524.416:189537): avc:  denied  { bpf } for  pid=8355 comm="syz.0.13079" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  872.021843][ T8352] ext4 filesystem being mounted at /201/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  872.027464][   T29] audit: type=1400 audit(2000000524.416:189538): avc:  denied  { perfmon } for  pid=8355 comm="syz.0.13079" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  872.059808][   T29] audit: type=1326 audit(2000000524.416:189539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8355 comm="syz.0.13079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0da1d0f749 code=0x7ffc0000
[  872.065645][ T8352] random: crng reseeded on system resumption
[  872.083622][   T29] audit: type=1326 audit(2000000524.416:189540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8355 comm="syz.0.13079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f0da1d0f749 code=0x7ffc0000
[  872.113204][   T29] audit: type=1400 audit(2000000524.416:189541): avc:  denied  { allowed } for  pid=8355 comm="syz.0.13079" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  872.243264][ T8368] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  872.252710][ T8368] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  872.270781][ T8370] loop4: detected capacity change from 0 to 512
[  872.278630][ T8370] journal_path: Non-blockdev passed as './file1'
[  872.284975][ T8370] EXT4-fs: error: could not find journal device path
[  873.596556][ T8419] __nla_validate_parse: 8 callbacks suppressed
[  873.596572][ T8419] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13104'.
[  873.645795][ T8421] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13105'.
[  873.682287][ T8423] FAULT_INJECTION: forcing a failure.
[  873.682287][ T8423] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  873.695491][ T8423] CPU: 1 UID: 0 PID: 8423 Comm: syz.1.13106 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  873.695511][ T8423] Tainted: [W]=WARN
[  873.695587][ T8423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  873.695594][ T8423] Call Trace:
[  873.695597][ T8423]  <TASK>
[  873.695601][ T8423]  __dump_stack+0x1d/0x30
[  873.695693][ T8423]  dump_stack_lvl+0xe8/0x140
[  873.695704][ T8423]  dump_stack+0x15/0x1b
[  873.695765][ T8423]  should_fail_ex+0x265/0x280
[  873.695777][ T8423]  should_fail+0xb/0x20
[  873.695786][ T8423]  should_fail_usercopy+0x1a/0x20
[  873.695797][ T8423]  _copy_from_user+0x1c/0xb0
[  873.695852][ T8423]  ___sys_sendmsg+0xc1/0x1d0
[  873.695872][ T8423]  __x64_sys_sendmsg+0xd4/0x160
[  873.695885][ T8423]  x64_sys_call+0x191e/0x3000
[  873.695979][ T8423]  do_syscall_64+0xd2/0x200
[  873.695992][ T8423]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  873.696044][ T8423]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  873.696105][ T8423]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  873.696117][ T8423] RIP: 0033:0x7fc085c1f749
[  873.696126][ T8423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  873.696138][ T8423] RSP: 002b:00007fc08467f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  873.696150][ T8423] RAX: ffffffffffffffda RBX: 00007fc085e75fa0 RCX: 00007fc085c1f749
[  873.696174][ T8423] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  873.696182][ T8423] RBP: 00007fc08467f090 R08: 0000000000000000 R09: 0000000000000000
[  873.696188][ T8423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  873.696195][ T8423] R13: 00007fc085e76038 R14: 00007fc085e75fa0 R15: 00007fff5d93d768
[  873.696230][ T8423]  </TASK>
[  873.890863][ T8425] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13107'.
[  873.900010][ T8425] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13107'.
[  873.977243][ T8429] loop1: detected capacity change from 0 to 512
[  873.985322][ T8429] journal_path: Non-blockdev passed as './file1'
[  873.991722][ T8429] EXT4-fs: error: could not find journal device path
[  874.021960][ T8431] loop1: detected capacity change from 0 to 128
[  874.245385][ T8442] sch_fq: defrate 4294967295 ignored.
[  874.270069][ T8442] vlan2: entered allmulticast mode
[  874.379614][ T8447] loop3: detected capacity change from 0 to 1024
[  874.421763][ T8451] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13118'.
[  874.430834][ T8451] netlink: 12 bytes leftover after parsing attributes in process `syz.3.13118'.
[  874.931359][ T8471] serio: Serial port ttyS3
[  875.112553][ T5147] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  875.149409][ T8478] sch_fq: defrate 4294967295 ignored.
[  875.162087][ T8478] loop2: detected capacity change from 0 to 1024
[  875.169675][ T8478] EXT4-fs: Ignoring removed orlov option
[  875.175452][ T8478] EXT4-fs: Ignoring removed mblk_io_submit option
[  875.202212][ T8478] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c118, mo2=0002]
[  875.210591][ T8478] System zones: 0-1, 3-12
[  875.215344][ T8478] EXT4-fs (loop2): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  875.236247][ T8478] vlan2: entered allmulticast mode
[  875.422543][ T5147] EXT4-fs (loop2): unmounting filesystem 00000000-0500-0000-0000-000000000000.
[  875.459610][ T8496] siw: device registration error -23
[  875.600767][ T8508] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13139'.
[  875.610475][ T8508] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13139'.
[  875.868491][ T8517] syzkaller0: entered promiscuous mode
[  875.874024][ T8517] syzkaller0: entered allmulticast mode
[  876.137599][ T8523] sch_fq: defrate 4294967295 ignored.
[  876.160292][ T8521] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  876.176115][ T8523] loop1: detected capacity change from 0 to 1024
[  876.183507][ T8523] EXT4-fs: Ignoring removed orlov option
[  876.189350][ T8523] EXT4-fs: Ignoring removed mblk_io_submit option
[  876.202684][ T8523] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c118, mo2=0002]
[  876.210953][ T8523] System zones: 0-1, 3-12
[  876.216095][ T8523] EXT4-fs (loop1): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  876.256343][ T8530] syzkaller0: entered promiscuous mode
[  876.261829][ T8530] syzkaller0: entered allmulticast mode
[  876.273432][ T8523] vlan2: entered allmulticast mode
[  876.311551][ T8534] siw: device registration error -23
[  876.345665][ T8536] loop3: detected capacity change from 0 to 1024
[  876.409462][ T5290] EXT4-fs (loop1): unmounting filesystem 00000000-0500-0000-0000-000000000000.
[  876.439381][   T36] IPVS: starting estimator thread 0...
[  876.441562][ T8543] IPVS: sh: SCTP 172.20.20.187:0 - no destination available
[  876.508280][ T8547] loop1: detected capacity change from 0 to 512
[  876.516632][ T8547] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  876.529094][ T8547] EXT4-fs (loop1): 1 truncate cleaned up
[  876.532772][ T8544] IPVS: using max 2832 ests per chain, 141600 per kthread
[  876.535626][ T8547] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  876.660476][ T8551] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13154'.
[  876.669546][ T8551] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13154'.
[  877.180405][   T29] kauditd_printk_skb: 1211 callbacks suppressed
[  877.180421][   T29] audit: type=1400 audit(2000000529.308:190753): avc:  denied  { prog_load } for  pid=8556 comm="syz.4.13156" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  877.206215][   T29] audit: type=1400 audit(2000000529.308:190754): avc:  denied  { bpf } for  pid=8556 comm="syz.4.13156" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  877.438581][   T29] audit: type=1400 audit(2000000529.364:190755): avc:  denied  { read } for  pid=8539 comm="syz.3.13151" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  877.458376][   T29] audit: type=1400 audit(2000000529.364:190756): avc:  denied  { map_create } for  pid=8556 comm="syz.4.13156" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  877.477806][   T29] audit: type=1400 audit(2000000529.364:190757): avc:  denied  { map_read map_write } for  pid=8556 comm="syz.4.13156" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  877.497895][   T29] audit: type=1400 audit(2000000529.495:190758): avc:  denied  { read write } for  pid=6730 comm="syz-executor" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  877.522475][   T29] audit: type=1400 audit(2000000529.495:190759): avc:  denied  { open } for  pid=6730 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  877.546961][   T29] audit: type=1400 audit(2000000529.495:190760): avc:  denied  { ioctl } for  pid=6730 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  877.572699][   T29] audit: type=1400 audit(2000000529.533:190761): avc:  denied  { read write } for  pid=5472 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  877.597045][   T29] audit: type=1400 audit(2000000529.533:190762): avc:  denied  { open } for  pid=5472 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  877.691730][ T8561] loop3: detected capacity change from 0 to 512
[  877.711345][ T8561] journal_path: Non-blockdev passed as './file1'
[  877.717777][ T8561] EXT4-fs: error: could not find journal device path
[  877.784934][ T5290] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  877.841436][ T8567] loop3: detected capacity change from 0 to 512
[  877.858415][ T8567] journal_path: Non-blockdev passed as './file1'
[  877.864790][ T8567] EXT4-fs: error: could not find journal device path
[  877.943011][ T8573] loop1: detected capacity change from 0 to 128
[  878.122753][ T8584] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  878.232760][ T8585] syzkaller0: entered promiscuous mode
[  878.238279][ T8585] syzkaller0: entered allmulticast mode
[  878.451908][ T8584] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  878.534152][ T8584] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  878.620173][ T8584] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  878.697316][T16101] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  878.708436][T16101] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  878.720741][T16101] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  878.732353][T16101] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  878.983999][ T8612] siw: device registration error -23
[  879.052360][ T8620] loop3: detected capacity change from 0 to 2048
[  879.060289][ T8620] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  879.084572][ T8622] loop1: detected capacity change from 0 to 512
[  879.113011][ T8622] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  879.126354][ T8622] ext4 filesystem being mounted at /235/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  879.146363][ T8622] random: crng reseeded on system resumption
[  879.274197][ T8637] netlink: 'syz.3.13190': attribute type 4 has an invalid length.
[  879.285776][ T8638] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  879.295090][ T8638] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  879.518009][ T8642] syzkaller0: entered promiscuous mode
[  879.523501][ T8642] syzkaller0: entered allmulticast mode
[  879.705684][ T8644] __nla_validate_parse: 2 callbacks suppressed
[  879.705697][ T8644] netlink: 16 bytes leftover after parsing attributes in process `syz.2.13192'.
[  879.720972][ T8644] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13192'.
[  879.896114][ T8646] loop2: detected capacity change from 0 to 1024
[  879.917056][ T8650] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13195'.
[  879.926266][ T8650] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13195'.
[  879.995719][ T8655] loop4: detected capacity change from 0 to 4096
[  880.006176][ T8655] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  880.045950][ T8662] netlink: 'syz.2.13197': attribute type 29 has an invalid length.
[  880.054640][ T8662] netlink: 'syz.2.13197': attribute type 29 has an invalid length.
[  880.304917][ T6730] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  880.340810][ T8671] loop3: detected capacity change from 0 to 2048
[  880.358321][ T8671] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  880.389042][ T8673] loop4: detected capacity change from 0 to 512
[  880.400370][ T8673] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  880.412514][ T8673] EXT4-fs (loop4): 1 truncate cleaned up
[  880.420366][ T8673] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  881.064859][ T8684] syzkaller0: entered promiscuous mode
[  881.070430][ T8684] syzkaller0: entered allmulticast mode
[  881.129069][ T8686] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13208'.
[  881.138253][ T8686] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13208'.
[  881.280960][ T6730] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  881.340836][ T8692] netlink: 12 bytes leftover after parsing attributes in process `syz.3.13211'.
[  881.358597][ T8694] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13212'.
[  881.371600][ T8694] netlink: 12 bytes leftover after parsing attributes in process `syz.4.13212'.
[  881.513150][ T8704] netlink: 'syz.4.13215': attribute type 29 has an invalid length.
[  881.522186][ T8704] netlink: 'syz.4.13215': attribute type 29 has an invalid length.
[  882.406836][ T5290] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  882.482783][ T8724] loop1: detected capacity change from 0 to 2048
[  882.500480][ T8724] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  882.522979][ T8727] siw: device registration error -23
[  882.529750][ T8728] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  882.547989][   T29] kauditd_printk_skb: 881 callbacks suppressed
[  882.548003][   T29] audit: type=1400 audit(2000000534.332:191539): avc:  denied  { read write } for  pid=5290 comm="syz-executor" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  882.587688][   T29] audit: type=1400 audit(2000000534.332:191540): avc:  denied  { open } for  pid=5290 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  882.612103][   T29] audit: type=1400 audit(2000000534.332:191541): avc:  denied  { ioctl } for  pid=5290 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  882.646983][   T29] audit: type=1400 audit(2000000534.398:191542): avc:  denied  { prog_load } for  pid=8729 comm="syz.3.13228" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  882.666633][   T29] audit: type=1400 audit(2000000534.398:191543): avc:  denied  { bpf } for  pid=8729 comm="syz.3.13228" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  882.679726][ T8736] serio: Serial port ttyS3
[  882.687556][   T29] audit: type=1400 audit(2000000534.398:191544): avc:  denied  { perfmon } for  pid=8729 comm="syz.3.13228" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  882.713381][   T29] audit: type=1326 audit(2000000534.398:191545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8729 comm="syz.3.13228" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7c1397f749 code=0x0
[  882.737396][   T29] audit: type=1400 audit(2000000534.426:191546): avc:  denied  { read write } for  pid=5290 comm="syz-executor" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  882.761926][   T29] audit: type=1400 audit(2000000534.426:191547): avc:  denied  { open } for  pid=5290 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  882.786375][   T29] audit: type=1400 audit(2000000534.426:191548): avc:  denied  { ioctl } for  pid=5290 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  882.813944][ T8728] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  882.847462][ T8739] loop2: detected capacity change from 0 to 512
[  882.854962][ T8739] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  882.872495][ T8728] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  882.893845][ T8739] EXT4-fs (loop2): 1 truncate cleaned up
[  882.905331][ T8739] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  882.947712][ T8728] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  883.013050][   T41] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  883.044958][   T41] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  883.060174][   T41] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  883.068668][   T41] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  883.147171][ T8750] loop4: detected capacity change from 0 to 512
[  883.196540][ T8750] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  883.210019][ T8750] ext4 filesystem being mounted at /133/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  883.244365][ T8750] random: crng reseeded on system resumption
[  883.379789][ T8756] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  883.419563][ T8756] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  883.836844][ T5147] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  884.125645][ T8780] netlink: 16 bytes leftover after parsing attributes in process `syz.2.13243'.
[  884.252179][ T8785] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  884.262031][ T8785] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  884.317456][ T8785] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  884.327292][ T8785] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  884.412651][ T8785] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  884.422495][ T8785] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  884.455787][ T8785] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  884.465695][ T8785] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  884.524270][   T41] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  884.532578][   T41] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  884.560038][   T41] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  884.568384][   T41] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  884.577333][   T41] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  884.585685][   T41] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  884.594937][   T41] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  884.603154][   T41] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  884.733141][ T8788] loop1: detected capacity change from 0 to 2048
[  884.740776][ T8788] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  884.873286][ T8795] netlink: 'syz.1.13248': attribute type 4 has an invalid length.
[  885.212582][ T8180] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  885.243142][ T8817] siw: device registration error -23
[  885.281641][ T8820] siw: device registration error -23
[  885.510334][ T8833] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  885.566612][ T8833] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  885.630502][ T8833] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  885.684328][ T8833] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  885.736153][T16086] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  885.747262][T16086] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  885.762200][T16086] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  885.770683][T16086] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  885.816125][ T8837] loop1: detected capacity change from 0 to 512
[  885.843187][ T8837] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  885.852120][ T8837] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  885.859559][ T8842] loop2: detected capacity change from 0 to 128
[  885.869411][ T8842] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  885.881755][ T8842] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  885.898226][ T8842] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  885.906834][ T8842] FAT-fs (loop2): Filesystem has been set read-only
[  885.916478][ T8842] __nla_validate_parse: 1 callbacks suppressed
[  885.916494][ T8842] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13266'.
[  885.937888][ T8837] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.13263: Allocating blocks 41-42 which overlap fs metadata
[  885.938311][ T8842] 8021q: adding VLAN 0 to HW filter on device bond1
[  885.970936][ T8837] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.13263: Allocating blocks 41-42 which overlap fs metadata
[  885.986739][ T8837] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.13263: Failed to acquire dquot type 1
[  886.003729][ T8837] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  886.036491][ T8837] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.13263: corrupted inode contents
[  886.047143][ T8842] 8021q: adding VLAN 0 to HW filter on device bond0
[  886.055691][ T8837] EXT4-fs error (device loop1): ext4_dirty_inode:6517: inode #12: comm syz.1.13263: mark_inode_dirty error
[  886.067750][ T8837] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.13263: corrupted inode contents
[  886.081555][ T8837] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #12: comm syz.1.13263: mark_inode_dirty error
[  886.081656][ T8842] bond1: (slave bond0): Enslaving as an active interface with an up link
[  886.099860][ T8837] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.13263: corrupted inode contents
[  886.115143][ T8837] EXT4-fs error (device loop1) in ext4_orphan_del:301: Corrupt filesystem
[  886.125382][ T8852] netlink: 'syz.0.13269': attribute type 4 has an invalid length.
[  886.133441][ T8837] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.13263: corrupted inode contents
[  886.146701][ T8850] sch_fq: defrate 4294967295 ignored.
[  886.159927][ T8837] EXT4-fs error (device loop1): ext4_truncate:4637: inode #12: comm syz.1.13263: mark_inode_dirty error
[  886.167086][ T8850] loop3: detected capacity change from 0 to 1024
[  886.171553][ T8842] bond1 (unregistering): (slave bond0): Releasing backup interface
[  886.178353][ T8850] EXT4-fs: Ignoring removed orlov option
[  886.185854][ T8837] EXT4-fs error (device loop1) in ext4_process_orphan:343: Corrupt filesystem
[  886.191057][ T8850] EXT4-fs: Ignoring removed mblk_io_submit option
[  886.200248][ T8837] EXT4-fs (loop1): 1 truncate cleaned up
[  886.208845][ T8842] bond1 (unregistering): Released all slaves
[  886.224529][ T8837] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  886.239285][ T8850] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c118, mo2=0002]
[  886.247474][ T8850] System zones: 0-1, 3-12
[  886.249857][ T8854] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  886.252837][ T8850] EXT4-fs (loop3): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  886.286153][ T8837] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13263'.
[  886.300030][ T8850] vlan2: entered allmulticast mode
[  886.318850][ T8837] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  886.339033][ T5290] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  886.398007][ T6730] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  886.455775][ T8866] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13274'.
[  886.475540][ T8866] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13274'.
[  886.501495][ T8869] loop4: detected capacity change from 0 to 4096
[  886.512183][ T8863] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13273'.
[  886.529850][ T5472] EXT4-fs (loop3): unmounting filesystem 00000000-0500-0000-0000-000000000000.
[  886.547025][ T8869] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  886.547094][ T8872] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  886.689587][ T8872] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  886.732932][ T8872] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  886.840875][ T8881] syzkaller0: entered promiscuous mode
[  886.846359][ T8881] syzkaller0: entered allmulticast mode
[  886.968891][ T8872] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  887.118315][T16086] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  887.166205][T16086] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  887.188265][T16086] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  887.221936][T16086] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  887.253053][ T6730] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  887.362587][ T8896] netlink: 12 bytes leftover after parsing attributes in process `syz.4.13285'.
[  887.434418][ T8901] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13286'.
[  887.443707][ T8901] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13286'.
[  887.681939][ T8915] serio: Serial port ttyS3
[  887.888203][ T8919] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  887.920432][ T8919] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  887.983811][ T8919] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  888.033050][   T29] kauditd_printk_skb: 906 callbacks suppressed
[  888.033065][   T29] audit: type=1400 audit(2000000539.459:192451): avc:  denied  { read write } for  pid=6730 comm="syz-executor" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  888.064053][   T29] audit: type=1400 audit(2000000539.459:192452): avc:  denied  { open } for  pid=6730 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  888.075112][ T8919] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  888.088521][   T29] audit: type=1400 audit(2000000539.459:192453): avc:  denied  { ioctl } for  pid=6730 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  888.124000][   T29] audit: type=1400 audit(2000000539.487:192454): avc:  denied  { prog_load } for  pid=8920 comm="syz.4.13293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  888.143409][   T29] audit: type=1400 audit(2000000539.487:192455): avc:  denied  { bpf } for  pid=8920 comm="syz.4.13293" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  888.164205][   T29] audit: type=1400 audit(2000000539.487:192456): avc:  denied  { perfmon } for  pid=8920 comm="syz.4.13293" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  888.185406][   T29] audit: type=1326 audit(2000000539.487:192457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8920 comm="syz.4.13293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd07afff749 code=0x7ffc0000
[  888.209077][   T29] audit: type=1326 audit(2000000539.487:192458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8920 comm="syz.4.13293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd07afff749 code=0x7ffc0000
[  888.232895][   T29] audit: type=1326 audit(2000000539.487:192459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8920 comm="syz.4.13293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7fd07afff749 code=0x7ffc0000
[  888.256453][   T29] audit: type=1326 audit(2000000539.487:192460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8920 comm="syz.4.13293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd07afff749 code=0x7ffc0000
[  888.324958][ T6882] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  888.336730][ T6882] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  888.382695][   T41] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  888.398249][   T41] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  888.530607][ T8939] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13298'.
[  888.766305][ T8964] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13309'.
[  888.852421][ T8971] ==================================================================
[  888.860527][ T8971] BUG: KCSAN: data-race in mas_state_walk / mas_wmb_replace
[  888.867822][ T8971] 
[  888.870143][ T8971] write to 0xffff888104531100 of 8 bytes by task 8968 on cpu 1:
[  888.877757][ T8971]  mas_wmb_replace+0x208/0xfa0
[  888.882511][ T8971]  mas_wr_store_entry+0x13e3/0x2750
[  888.887691][ T8971]  mas_store_prealloc+0x760/0xa90
[  888.892699][ T8971]  vma_iter_store_new+0x1c5/0x200
[  888.897720][ T8971]  vma_complete+0x125/0x580
[  888.902211][ T8971]  __split_vma+0x5d9/0x650
[  888.906629][ T8971]  vma_modify+0x3f2/0xc80
[  888.910946][ T8971]  vma_modify_flags+0x101/0x130
[  888.915787][ T8971]  mprotect_fixup+0x2cc/0x570
[  888.920456][ T8971]  do_mprotect_pkey+0x6d6/0x980
[  888.925299][ T8971]  __x64_sys_mprotect+0x48/0x60
[  888.930139][ T8971]  x64_sys_call+0x2752/0x3000
[  888.934803][ T8971]  do_syscall_64+0xd2/0x200
[  888.939292][ T8971]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  888.945172][ T8971] 
[  888.947475][ T8971] read to 0xffff888104531100 of 8 bytes by task 8971 on cpu 0:
[  888.954996][ T8971]  mas_state_walk+0x119/0x650
[  888.959656][ T8971]  mas_walk+0x60/0x150
[  888.963703][ T8971]  lock_vma_under_rcu+0x95/0x1b0
[  888.968627][ T8971]  do_user_addr_fault+0x233/0x1080
[  888.973722][ T8971]  exc_page_fault+0x62/0xa0
[  888.978212][ T8971]  asm_exc_page_fault+0x26/0x30
[  888.983043][ T8971] 
[  888.985347][ T8971] value changed: 0xffff888108fdf901 -> 0xffff888104531100
[  888.992429][ T8971] 
[  888.994730][ T8971] Reported by Kernel Concurrency Sanitizer on:
[  889.000861][ T8971] CPU: 0 UID: 0 PID: 8971 Comm: syz.0.13312 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  889.012217][ T8971] Tainted: [W]=WARN
[  889.015997][ T8971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  889.026032][ T8971] ==================================================================