last executing test programs:

2.795230508s ago: executing program 4 (id=2479):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r0}, 0x18)
r1 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100}, &(0x7f0000000180)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_OPENAT={0x12, 0x14, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1cb, 0x40000, 0x12345})
io_uring_enter(r1, 0x2ded, 0xef92, 0x0, 0x0, 0x0)

2.735932288s ago: executing program 2 (id=2480):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000340), &(0x7f0000000300)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
r2 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000002c0), 0x1, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r4 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f00000004c0)=[{0x28, 0x0, 0x5, 0xfffff034}, {0x80000006, 0x0, 0x12, 0xf9}]}, 0x10)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000cc0)='kfree\x00', r6, 0x0, 0xfff}, 0x18)
write$binfmt_register(r2, &(0x7f0000000040)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0xffffffffffffffff, 0x3a, 'allow_other', 0x3a, '', 0x3a, './cgroup.cpu/cpuset.cpus', 0x3a, [0x46]}, 0x44)

2.727375169s ago: executing program 4 (id=2481):
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='kmem_cache_free\x00', r2, 0x0, 0x100000008}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xe, 0x0, 0x7ffc1ffb}]})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r3, 0x0, 0x0, 0x9000)

2.697866979s ago: executing program 2 (id=2482):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x9, 0x0, 0x7ffc0006}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$int_in(r3, 0x5452, &(0x7f0000000180)=0xffffffffffffffff)
fcntl$setsig(r3, 0xa, 0x12)
ppoll(&(0x7f0000000240)=[{r4}], 0x1, 0x0, 0x0, 0x0)
dup2(r3, r4)
fcntl$setown(r4, 0x8, r2)
tkill(r2, 0x13)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
lstat(&(0x7f0000000140)='./file1\x00', &(0x7f00000002c0))

2.679665109s ago: executing program 4 (id=2483):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
semctl$SETALL(0x0, 0x0, 0x11, 0x0)

2.62918103s ago: executing program 2 (id=2485):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000300)={'#! ', '', [{0x20, 'memory.events\x00'}]}, 0x13)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x0, 0x0, &(0x7f0000000580)='GPL\x00', 0x800000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbff, 0x2ffffffff}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000040000000000000180100002020702500000000002020207b1af8ff010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xfffffffffffffd8b}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r4}, 0x10)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @remote})
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="25390000290003"], 0x33fe0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x5, 0x3, 0x8, 0x8000, 0x80}, &(0x7f0000000240)=0x14)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000180)=0x7, 0x4)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000400)=@deltaction={0xb4, 0x31, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@TCA_ACT_TAB={0x28, 0x1, [{0xc, 0x3, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0xc, 0x3, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7fff}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffffff9}}]}, @TCA_ACT_TAB={0x58, 0x1, [{0x10, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0xc, 0x7, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x200}}, {0x14, 0x15, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0xc, 0x14, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x10}}, {0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}]}]}, 0xb4}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$isdn(0x22, 0x2, 0x25)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000300)={0x6d00, 0x8200, 0x6, 0x7ff}, 0x10)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
close(r7)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$TUNSETLINK(r6, 0x400454cd, 0x6)

2.620432451s ago: executing program 4 (id=2486):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
getrandom(0x0, 0x0, 0x2)
r3 = socket$unix(0x1, 0x5, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4, 0x0, 0x2}, 0x18)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100}, &(0x7f0000000180)=<r7=>0x0, &(0x7f00000001c0)=<r8=>0x0)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000040)=@IORING_OP_OPENAT={0x12, 0x14, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1cb, 0x40000, 0x12345, {0x0, r9}})
io_uring_enter(r6, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd27, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93, 0xfc}, [{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0xfffffffc}, {0x1, 0x0, 0x0, 0x4000000, 0x7, 0x80000}, {0x8, 0x5, 0x0, 0xfffffffc, 0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0x6}, {0x4, 0xc3, 0x0, 0x0, 0x0, 0x8000000}, {0x0, 0x5}, {0x5}, {}, {0x0, 0x10}, {0x0, 0x4, 0x0, 0x8000000}, {0x0, 0xffffffff, 0x0, 0x0, 0xfffffffd}, {0x2, 0x0, 0x400000, 0x9, 0x6}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0x0, 0xed}, {0x0, 0x0, 0x0, 0x8000000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, {0xe}, {0xa, 0xfffffffc}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0x2000}, {}, {0x0, 0x7, 0x0, 0x0, 0xfffffffe}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x5, 0xfffffffd}, {0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0x0, 0x10000000, 0x0, 0x0, 0x6}, {0xffffffff, 0xfffffffc}, {}, {0x0, 0x0, 0x2}, {}, {0xffffffff, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x0, 0x9, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x1, 0x3}, {0x80}, {0x0, 0x0, 0x0, 0x5}, {0x0, 0x8}, {0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x20000000, 0x0, 0x3}, {}, {}, {0x0, 0x15, 0x0, 0x48510}, {0xf}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xd, 0xffffffff}, {0x0, 0xffffffff}, {}, {0x0, 0xffff0000}, {0x0, 0xfffffffc, 0x0, 0x1}, {}, {0x5, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {0x0, 0x0, 0x0, 0x3ff, 0x40000000}, {}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x400000}, {0x4, 0x0, 0x200}, {}, {}, {0x5}, {}, {0xfffffff9, 0x0, 0x0, 0x0, 0xbf, 0xfb4}, {}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {0x4}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x4, 0x9}, {0xfffffffe}, {0x0, 0x80000, 0x0, 0x0, 0x1}, {0x0, 0x2, 0x0, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, {0x800000, 0x0, 0x0, 0x0, 0x1, 0x56}, {0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffefffff}, {}, {0x0, 0x0, 0x6, 0x0, 0x4}, {}, {}, {0x0, 0xfffffffd, 0x0, 0x10}, {0x6, 0x0, 0x1}, {0x7f, 0x0, 0x0, 0x4, 0x8}, {}, {}, {0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x2, 0x0, 0x20000000, 0x0, 0x2}, {}, {}, {}, {0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x992}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5, 0x0, 0x0, 0x1}, {0x0, 0x5, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x2e9c, 0x0, 0x15a06c2c, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0xffffffff, 0x8}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0xfffffffe, 0x0, 0x0, 0x0, 0x8000, 0xfffffffd}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {0x80000}, {}, {0x0, 0x8000}, {0x1, 0x0, 0x10000, 0x0, 0xfffffffc}, {0x0, 0x80000000, 0x0, 0x7dff800}], [{}, {}, {}, {}, {}, {0x3}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {0x4}, {}, {}, {0x1}, {0x0, 0x1}, {}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}, {}, {0x4, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x1}, {}, {}, {0x6}, {}, {}, {0x3}, {0x0, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x1}, {}, {0x5}, {}, {0x3}, {}, {}, {}, {0x0, 0x1}, {}, {0x2, 0x1}, {}, {0x1}, {}, {0x3}, {0x0, 0x1}, {}, {}, {}, {0x2}, {}, {}, {0x4}, {0x3}, {}, {}, {0x0, 0x1}, {0x2}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@deltfilter={0x34, 0x2d, 0x20, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, r10, {0x1, 0x3}, {0xb, 0xc}, {0xa, 0xf}}, [@TCA_RATE={0x6, 0x5, {0x6, 0xdf}}, @TCA_CHAIN={0x8, 0xb, 0x7}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x121e, &(0x7f0000003680)="$eJzs3E9rHGUcB/Bf0tq0qclGrdUWxAe96GVocvCilyApSBeUthFaQZiaiS4Zd0NmCayItSevvgHfgAgieBPEm15y8R0IXiQXjxXEkd2t6UZTMVI6bfl8LvuDZ76zv3n2DzzLPrP7yqfvb6xX2Xrej+mpqZjejEg3U6SYjr98HC++/P0Pz1y6cvXCcru9cjGl88uXF19KKc0/++1bH37x3Hf9k29+Pf/NTOwsvL3769LPO6d3zuz+cfm9TpU6Ver2+ilP13q9fn6tLNJap9rIUnqjLPKqSJ1uVWztG18ve5ubg5R31+ZmN7eKqkp5d5A2ikHq91J/a5Dyd/NON2VZluZmg8M7uletfn6zruuIun4kjkVd1/WJmI2T8WjMxXy0YiEei8frVpyKJ+N0PBVPx1c/fTkYJgAAAAAAAAAAAAAAAAAAAIC75z/s/48nJvb/nxkd1XTXAAAAAAAAAAAAAAAAAAAA8HC5dOXqheV2e+ViSscjyk+2V7dXx4/j8eX16EQZRZyLVvweo93/Y+P6/GvtlXNpZCFulNdv5a9vrx7Zn18c3U7gwPziOJ/ixolbXQ3zMzE7mV+KVpw6OL+0l598/uPxwvMT+Sxa8eM70Ysy1mKYvZ3/aDGlV19v/y1/dnQcAAAAPAyytOfA9XuW3Wl8nD/E7wP71tfD7NmjjV46EVENPtjIy7LYegCKI/dHG40Vx5pt47e6rpufhH8tPvtl/K6++2e+8ydlJiL+95mnIuL+mLp/FE1/M3Ev3H7Rm+4EAAAAAAAAAACAw7gXfyds+hoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA/2YFjAQAAAABh/tZpdGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBVAAAA///ovs87")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x0, 0x0, 0x0, 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x94)
r11 = open(&(0x7f0000000640)='./file2\x00', 0x4000, 0x2)
preadv2(r11, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x2, 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
rt_sigaction(0x1e, 0x0, 0x0, 0x8, &(0x7f0000000380))

1.763486703s ago: executing program 2 (id=2490):
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="07000000040000006f30bbd9f7dcb6cdd9080200", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f00000002c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x4800)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r5, 0x0, r4, 0x0, 0x6, 0x0)

1.736682464s ago: executing program 0 (id=2492):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r0}, 0x18)
r1 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100}, &(0x7f0000000180)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_OPENAT={0x12, 0x14, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1cb, 0x40000, 0x12345})
io_uring_enter(r1, 0x2ded, 0xef92, 0x0, 0x0, 0x0)

1.735323944s ago: executing program 3 (id=2493):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000340), &(0x7f0000000300)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
r2 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000002c0), 0x1, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r3 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f00000004c0)=[{0x28, 0x0, 0x5, 0xfffff034}, {0x80000006, 0x0, 0x12, 0xf9}]}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000cc0)='kfree\x00', r5, 0x0, 0xfff}, 0x18)
write$binfmt_register(r2, &(0x7f0000000040)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0xffffffffffffffff, 0x3a, 'allow_other', 0x3a, '', 0x3a, './cgroup.cpu/cpuset.cpus', 0x3a, [0x46]}, 0x44)

1.714819384s ago: executing program 0 (id=2495):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000300)={'#! ', '', [{0x20, 'memory.events\x00'}]}, 0x13)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x0, 0x0, &(0x7f0000000580)='GPL\x00', 0x800000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbff, 0x2ffffffff}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000040000000000000180100002020702500000000002020207b1af8ff010000f8ffffffb702"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xfffffffffffffd8b}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r4}, 0x10)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @remote})
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="25390000290003"], 0x33fe0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x5, 0x3, 0x8, 0x8000, 0x80}, &(0x7f0000000240)=0x14)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000180)=0x7, 0x4)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000400)=@deltaction={0x120, 0x31, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@TCA_ACT_TAB={0x28, 0x1, [{0xc, 0x3, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0xc, 0x3, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7fff}}]}, @TCA_ACT_TAB={0x6c, 0x1, [{0x14, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0xc, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0xc, 0x18, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0xc, 0x4, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0xc, 0xc, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffffff9}}]}, @TCA_ACT_TAB={0x58, 0x1, [{0x10, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0xc, 0x7, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x200}}, {0x14, 0x15, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0xc, 0x14, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x10}}, {0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}]}]}, 0x120}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$isdn(0x22, 0x2, 0x25)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000300)={0x6d00, 0x8200, 0x6, 0x7ff}, 0x10)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
close(r7)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$TUNSETLINK(r6, 0x400454cd, 0x6)

1.699838534s ago: executing program 3 (id=2496):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x9, 0x0, 0x7ffc0006}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$int_in(r3, 0x5452, &(0x7f0000000180)=0xffffffffffffffff)
fcntl$setsig(r3, 0xa, 0x12)
ppoll(&(0x7f0000000240)=[{r4}], 0x1, 0x0, 0x0, 0x0)
dup2(r3, r4)
fcntl$setown(r4, 0x8, r2)
tkill(r2, 0x13)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
lstat(&(0x7f0000000140)='./file1\x00', &(0x7f00000002c0))

1.665764805s ago: executing program 4 (id=2497):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x48}}, 0x0)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[], 0x50}}, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

1.644272695s ago: executing program 4 (id=2498):
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_sctp(0xa, 0x801, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2d"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0)
r2 = openat$cgroup_type(r1, &(0x7f00000002c0), 0x2, 0x0)
write$cgroup_type(r2, 0x0, 0x0)
r3 = openat$cgroup_procs(r1, &(0x7f0000000340)='cgroup.threads\x00', 0x2, 0x0)
prctl$PR_CAP_AMBIENT(0x2f, 0x4, 0x0)
write$cgroup_pid(r3, &(0x7f0000000c40), 0x12)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
syz_usbip_server_init(0x5)
sendto(0xffffffffffffffff, &(0x7f0000000440)="9bc0f2bb1f99194ea93de83f2b692d639c5159b3b1c1386ed03fdc4b8eafa792ae3049f02aef269f76cf563a4fd41a2f7212ffd6ad31b096729f7003ef7a5ba684fd3b35256bb7fcecbfb903ef0f7490ce86d0c0e95d47c7d3ecdc13a9372d975db40fa60d9b452ae7b0ac6ac7b11cff1fb4c143ea15ec3b0475078b81e10dfaa881a1c891cd47fdf7ce311bd98cc9340597e49064254afb", 0x98, 0x80, &(0x7f0000000500)=@ieee802154={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0302}}}, 0x80)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="2000000003060407000b0000000000100ae200070900020073797a31005b0000"], 0x20}, 0x1, 0x0, 0x0, 0x260000d0}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = openat$cgroup_ro(r4, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r5, &(0x7f0000000200)=0x1, 0x12)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_procs(r6, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r7, &(0x7f0000000380), 0x12)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x1000)

1.628975375s ago: executing program 3 (id=2499):
r0 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
ioctl$MON_IOCX_GETX(r0, 0x80089203, &(0x7f0000000a40)={0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x839eef59733fa2ad, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="ff0f00"/12, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sendmsg$NLBL_CIPSOV4_C_LISTALL(0xffffffffffffffff, 0x0, 0x4000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x37e2f4aba9289b81, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
inotify_rm_watch(0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0xe4ffffff00000000, 0x0, 0x0)
syz_open_procfs$namespace(0x0, 0x0)

1.598982055s ago: executing program 3 (id=2500):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000002c0)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100d0000000fbdbdf25010000001800018014000200766574683100000000000000000000001c0002800c"], 0x48}, 0x1, 0x0, 0x0, 0x840}, 0x4008800)

1.596396436s ago: executing program 0 (id=2501):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000300)={'#! ', '', [{0x20, 'memory.events\x00'}]}, 0x13)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x0, 0x0, &(0x7f0000000580)='GPL\x00', 0x800000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbff, 0x2ffffffff}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000040000000000000180100002020702500000000002020207b1af8ff010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xfffffffffffffd8b}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r4}, 0x10)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @remote})
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="25390000290003"], 0x33fe0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x5, 0x3, 0x8, 0x8000, 0x80}, &(0x7f0000000240)=0x14)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000180)=0x7, 0x4)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000400)=@deltaction={0xb4, 0x31, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@TCA_ACT_TAB={0x28, 0x1, [{0xc, 0x3, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0xc, 0x3, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7fff}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffffff9}}]}, @TCA_ACT_TAB={0x58, 0x1, [{0x10, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0xc, 0x7, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x200}}, {0x14, 0x15, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0xc, 0x14, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x10}}, {0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}]}]}, 0xb4}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$isdn(0x22, 0x2, 0x25)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000300)={0x6d00, 0x8200, 0x6, 0x7ff}, 0x10)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
close(r7)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$TUNSETLINK(r6, 0x400454cd, 0x6)

1.545584527s ago: executing program 3 (id=2502):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x80, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0x5, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$hiddev(&(0x7f00000002c0), 0x4, 0x40)
ioctl$HIDIOCGUSAGES(r2, 0xd01c4813, &(0x7f0000001d80)={{0x3, 0xfffffcfe, 0x14a955fb, 0x1, 0xd0, 0x4}, 0x204, [0xfffffffd, 0xfffffffa, 0xaf2, 0x6, 0x3, 0x7, 0x0, 0x1, 0x0, 0x3, 0x1, 0x3, 0x3a16, 0x8, 0x2, 0x3, 0x8, 0x4, 0xbc2, 0x5e, 0x5, 0x4, 0x4, 0x9, 0x0, 0x6, 0xc0, 0x4, 0x7ff, 0x2, 0x2, 0xde8, 0x1ff, 0x80000000, 0x9, 0x6, 0xffffc6cb, 0x7, 0x0, 0xfffffff7, 0x2, 0x9, 0xd05, 0x0, 0x6c2, 0x3, 0x0, 0x2, 0xfffffff7, 0x9, 0xf, 0x1740000, 0x2, 0x100, 0x2, 0x0, 0x10, 0x7, 0x6, 0x1, 0x1000, 0x3, 0x5, 0x4, 0xb2, 0x9, 0x4, 0x1, 0x60, 0x0, 0xf, 0x4, 0x3e8e, 0x7f, 0xfff, 0x5, 0x8, 0x1, 0x0, 0xffffffff, 0x1000, 0xfffffff9, 0x2, 0xa, 0x34b, 0x2, 0xa, 0x8, 0x2ea, 0x8000, 0xfffffff7, 0x2, 0x3, 0x5, 0xd, 0x7fff, 0x3, 0x8, 0x6, 0x1, 0x3, 0x5, 0x100, 0x1, 0x7, 0x4, 0x1c06, 0x8000, 0x6, 0x2, 0x1, 0xfffffffd, 0xff, 0x4, 0x17d, 0x3, 0xa2f, 0x6, 0x7b5, 0x4, 0x2aab, 0xffffffff, 0x2, 0x0, 0x6, 0x0, 0xd482, 0x3, 0x5, 0x70d85437, 0x80, 0x3, 0x2, 0xc4, 0x7, 0x9dbc, 0x8001, 0x3, 0xe3, 0x7, 0x6, 0x4, 0x4, 0x0, 0x2, 0x6, 0x3, 0x1, 0x5, 0x2b1, 0x5, 0xf8f, 0x7, 0x4, 0x9, 0x4, 0x2, 0x7fff, 0x89, 0x3, 0xc, 0x6, 0x1, 0x2, 0x8, 0x3, 0x8, 0x7a, 0x2, 0x1, 0x3, 0x3, 0x10001, 0x6, 0x1bf, 0xfffff801, 0x35, 0x4, 0x3, 0x200, 0x1, 0x2, 0x7, 0xd0, 0x3, 0x80000000, 0x4, 0xb9, 0xffffffff, 0x5, 0x7a71, 0x4, 0x8000, 0xff, 0x5, 0x1dd9, 0xff, 0xb, 0xc0, 0x93, 0x25, 0x8, 0x3, 0x40, 0x7, 0x4, 0x2, 0x28e, 0x3, 0xfffeffff, 0x101, 0x1800, 0x2, 0x5, 0x40, 0xa, 0x1, 0x9, 0x2, 0x2, 0x10000, 0xc7, 0x3b, 0x7, 0x773ae736, 0x4, 0xe6, 0x7, 0x80, 0x10000, 0x1, 0x4, 0x6, 0x8, 0x0, 0x3, 0x7fffffff, 0xffff, 0x7, 0xa2, 0x5cf, 0x4, 0x3, 0xdeb, 0x8, 0x1, 0x10001, 0x3, 0x2, 0x3, 0x8, 0xfbc, 0x7fff, 0x98, 0x7, 0x40, 0x2, 0x6, 0x8, 0x9, 0xa532, 0xfeca, 0xafd8, 0x6, 0x106, 0xe, 0x9, 0x1974, 0xc, 0x200, 0x8, 0x60000000, 0xcf, 0xc88c, 0x2, 0xd, 0x5, 0x5, 0xd, 0x5, 0x7, 0x94c6, 0x2, 0xff, 0x0, 0x7f, 0x7ff, 0xdc, 0x80000000, 0xd05f, 0xffffffff, 0x6, 0x81, 0x16, 0x6, 0x4d54, 0x7c2a, 0x0, 0x1ff, 0x100, 0x4, 0x7, 0x4, 0x10, 0x4ed, 0xd6, 0x800, 0x80000001, 0x0, 0x3, 0xfffffff8, 0x1, 0x9, 0x6, 0x2, 0x6, 0x4ec5, 0x5, 0x2, 0x0, 0x9, 0x10, 0x5, 0x8ea, 0xeeb, 0x5, 0x7, 0x4, 0xb, 0x3, 0x8001, 0x7fff, 0x3, 0x0, 0x9, 0x4, 0x0, 0x0, 0x8, 0x9, 0x0, 0x5, 0x81, 0x8, 0x80000001, 0x9, 0xe, 0x80, 0x8000, 0xa17b, 0x0, 0x6, 0x7, 0xfffff801, 0xfffffffe, 0x1, 0x38, 0x3, 0xec, 0xff, 0x9, 0x2, 0xe, 0xc, 0x6, 0x0, 0x6, 0x1000, 0x120000, 0xff, 0x200, 0xa, 0x8, 0x43bd, 0x4, 0x3ff, 0xdf, 0x5, 0x3, 0xffffffff, 0xcef, 0x0, 0x2, 0xdae9b6b, 0x0, 0x76, 0xf, 0xa7ef, 0x0, 0x6, 0xffff8001, 0x3c1, 0x3, 0x67, 0xfffffffa, 0x9, 0x3, 0x7, 0xffff, 0x0, 0x10000, 0x5, 0x1ff, 0x0, 0xfffffeff, 0x8000, 0xfffffffa, 0x10000, 0x8200, 0x1ff, 0x4, 0x94500000, 0x3, 0x401, 0x5, 0x0, 0x5, 0x0, 0xc075, 0x8, 0x0, 0x81, 0x7, 0x3, 0x10, 0xf, 0x7, 0x2506, 0x10001, 0xfff, 0x2, 0x6, 0x0, 0xb, 0x7fffffff, 0x1, 0x0, 0x2, 0x5, 0x36e1, 0xad01, 0x1ff, 0x51fc, 0x5, 0x7f9, 0x0, 0x7, 0x8001, 0x6, 0x7, 0x3, 0x80, 0x1ff, 0x60, 0x1, 0xdb, 0x3, 0x40, 0x4, 0x4, 0x2, 0x9, 0x2, 0x7, 0x1, 0x9, 0x2, 0xffffff21, 0x80000001, 0x7f, 0x9, 0x8, 0x7fffffff, 0x2, 0x6, 0xd7, 0xc814, 0x7, 0x8, 0x2, 0x6e, 0x8001, 0x98, 0xfff, 0x371bdc11, 0x0, 0x2, 0xfdbe, 0x4, 0x63b5, 0x5, 0x7, 0x9, 0x57, 0x4, 0x0, 0x101, 0x5, 0x7, 0x800, 0xfffffff8, 0x2, 0x3, 0x9, 0x3, 0xc, 0x80000000, 0xe, 0x1ae7bdc8, 0x6, 0x8, 0x3, 0x3, 0x8, 0x80000000, 0x10001, 0x1, 0xffffffff, 0xffff4e39, 0x5, 0x1, 0x1, 0x6, 0x4, 0x0, 0xffff, 0xfffffffb, 0x9169810, 0x1, 0x2, 0x7fffffff, 0x6, 0x8, 0x1a668ab2, 0x7, 0x1, 0x5, 0x1000, 0x81, 0xc20, 0x0, 0x5, 0x8001, 0xe, 0x6286, 0xac3, 0x680000, 0x7, 0x1, 0x8, 0x0, 0x7, 0x6, 0x4, 0x7, 0x0, 0x6, 0xa, 0xf, 0xffff6d3d, 0x9, 0x0, 0x10, 0x2, 0x353a, 0x8001, 0x800, 0x0, 0x0, 0xfffffffb, 0x5, 0x3ff, 0x5, 0x1, 0x0, 0x1, 0x4, 0x6, 0x37, 0x6, 0xc, 0x7, 0x4, 0xfda, 0x2, 0x5, 0x296, 0x80000000, 0x1, 0x81, 0xfffffff8, 0xffff, 0x4, 0x8, 0x400, 0x7fff, 0x8, 0x1, 0x7, 0x5, 0x800, 0xfe7, 0x0, 0xa93, 0x2, 0x4, 0x35, 0x2, 0x3, 0x4, 0x2, 0xdd7, 0x400, 0x5, 0x1, 0x2, 0x5, 0xbc, 0x7fffffff, 0x3, 0xfffffff7, 0x6, 0x3, 0x6, 0x2, 0x2, 0x80, 0x39, 0x1ff, 0x3ff, 0xfffff001, 0x0, 0x8, 0x3, 0x0, 0xb29, 0x1, 0x4, 0x2, 0x10001, 0x61, 0x7, 0xffffffff, 0xa73, 0x1, 0x3, 0x5, 0xffffffa1, 0xd, 0x992e, 0x9, 0x872, 0x1, 0x6, 0x8, 0x2, 0x6, 0xdcf, 0x8, 0xfffff801, 0x9, 0xffff8001, 0x8, 0x2, 0xe00000, 0x4b, 0x7, 0x6, 0x6, 0x25, 0x4d, 0x911, 0x44, 0xe, 0x81, 0x4, 0x8, 0x2, 0x4, 0x8, 0x3, 0x1, 0x1, 0x4eda, 0x6, 0x8000, 0x7fff, 0x4, 0x0, 0x7695, 0x9, 0x2, 0x3, 0x4, 0x4, 0x7, 0x8, 0x7, 0xfff, 0xf, 0x947, 0x0, 0x7, 0x4, 0x8, 0x7, 0x7, 0x5, 0x6, 0x5, 0x2835, 0x63, 0x1, 0x2, 0x8, 0x8, 0x100, 0x6, 0xc61, 0x8, 0x9, 0x9, 0x5, 0x6, 0x80000001, 0x8, 0xffffd967, 0x80, 0x3, 0x1, 0x6, 0x4, 0x3, 0xfa3, 0x2, 0x2419, 0x8, 0x6, 0x10001, 0x1, 0x6, 0x9, 0x0, 0x6, 0x8000, 0x7, 0x9, 0x7, 0x1, 0x7, 0x35f4285d, 0x1, 0xfffffffb, 0x9, 0x2, 0x2, 0x1, 0x7, 0x401, 0x7fff, 0x7f, 0x6, 0x9, 0xa0000, 0x5, 0x7ff, 0x71b, 0x8, 0xe3, 0x6, 0x0, 0xff, 0x9, 0x7, 0x5256, 0x2, 0x9, 0x9, 0x8, 0x2, 0x401, 0x7ff, 0x8, 0x1ff, 0x3, 0x78, 0x4, 0x10000000, 0x5, 0x8001, 0x5, 0x4, 0x6, 0x3, 0x5, 0x2, 0x6, 0x1, 0x3ff, 0x1, 0x8, 0x96e2, 0x7e, 0x9, 0x0, 0x1436, 0x0, 0x1d021750, 0xfffff6d6, 0x401, 0x100, 0x1, 0x400, 0x7fffffff, 0xffffffff, 0xe10, 0x80000001, 0x139, 0xa853, 0x50, 0x8000, 0x1, 0x40, 0x80000000, 0x1, 0x1, 0x2, 0xab, 0x8001, 0xb469, 0x9, 0xb, 0x39, 0x4, 0x5, 0x4, 0x3, 0x10000, 0xfffff001, 0x9, 0x8, 0x7fffffff, 0xe3, 0x7, 0x9, 0x0, 0x272, 0x37f, 0x878, 0x0, 0x7ff, 0xe, 0x8, 0x4, 0x0, 0x1, 0xd7, 0x800, 0x4, 0x6, 0xc, 0xfd, 0x0, 0xd, 0x2, 0xd36c, 0x40, 0x8, 0xfffffff9, 0x0, 0x3, 0x2a05, 0x1, 0x2, 0x8, 0x7, 0xf3c, 0x2b9c, 0x7fffffff, 0x8e5, 0xc000000, 0x6, 0x7, 0x8001, 0x6, 0xd, 0xfffffffa, 0x7f, 0x3, 0x0, 0x7fffffff, 0x7f, 0x1000, 0x8, 0xb, 0x40, 0x4e5, 0x4, 0x8, 0x3ff, 0x4, 0x9, 0xa, 0x5, 0x3, 0x7, 0x7, 0x8, 0x4acf68fa, 0x4, 0x96, 0x1, 0xa001, 0x80000000, 0x4, 0x0, 0x3, 0x3, 0x2, 0x9, 0x2800000, 0x40, 0xffff, 0x2, 0x7, 0x5, 0x1e5313e7, 0x3, 0x6, 0x4, 0x6, 0x10000, 0xd, 0x4, 0x5, 0x9, 0xe, 0x8, 0x8, 0x600000, 0x9, 0x8, 0x9, 0x8000, 0x4864221b, 0x3, 0x7ff, 0x4, 0x80e2, 0x3, 0x7, 0x73b, 0x3b, 0x2, 0x1, 0x6, 0xffffff81, 0x0, 0x46, 0x5, 0x9, 0x3b71, 0x1, 0x3, 0x1ff, 0x40, 0x20000000, 0x8e70, 0x81, 0x1000, 0xfd, 0x3, 0xc, 0x800, 0x10001, 0x3, 0x1ff, 0x474, 0x1, 0x6, 0x8, 0x7f, 0x3, 0x6, 0x5, 0x5, 0x8, 0xfffffff7, 0xfffff801, 0x9, 0x9, 0xffffffff, 0x3f, 0x3, 0x2, 0x7, 0x1, 0x8b88, 0x9, 0x32c, 0xffffffff, 0x10, 0x1, 0x3, 0x4de97de6, 0xef, 0x7, 0x6, 0x0, 0xc, 0x806, 0x7, 0x9, 0x5, 0x7ff, 0x2368, 0x9, 0x4, 0xd, 0x2, 0x9, 0x6a, 0xf, 0x10001]})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
renameat(0xffffffffffffffff, &(0x7f0000000080)='./mnt\x00', 0xffffffffffffffff, &(0x7f0000000100)='./mnt\x00')
unlinkat(0xffffffffffffffff, &(0x7f00000000c0)='./mnt\x00', 0x200)
syz_genetlink_get_family_id$SEG6(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$SEG6_CMD_DUMPHMAC(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000005c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="1c400000", @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x10d0}, 0x20010)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
r4 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x1e, &(0x7f0000000080)={0x0, {{0xa, 0x6, 0x0, @mcast1={0xff, 0x7}, 0x8a4}}, {{0xa, 0x4e20, 0x8100, @remote}}}, 0x108)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000a00)=ANY=[@ANYBLOB="7c010000190001000000000003000000ac141425000000000000000000000000fe8000000000000000000000000000aa00000000fffd00060a00008000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="020000000000000000000000000000000000008000000000000000000000000000000000000000000000b2b70000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000c4000500fe880000000000000000000000000101000004d62b000000020000000a0101020000000000000000000000000000000004030700080000000400000000000000fe80000000000000000000000000004c000004d66c00000002000000fc00000000000000000000000000000101350000020073ea008000000400000006000000ff010000000000000000000000000001000004d43200000002000000fe8000000000000000000000000000bb02350000b9010700f5ff000003000000050000007161c649c34f94aa00"], 0x17c}}, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x10000000, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a31000000004c000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000200004801400030076657468315f6d6163767461700000000800014000000005"], 0xe8}, 0x1, 0x0, 0x0, 0x40040000}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000025940000000c0a01030000000000000000070000080900020073797a31000000000900010073797a30000000006800038064000080080003400000000258000b802c0001800a0001006c696d69740000001c0002800c00014000000000000000030c0002400000000000000010140001800c0001"], 0x118}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r9, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)

1.400419209s ago: executing program 0 (id=2503):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
rseq(&(0x7f00000000c0), 0x20, 0x0, 0x0)

1.353236949s ago: executing program 0 (id=2504):
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r3, 0x5607, 0x3)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000b"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
write$selinux_attr(0xffffffffffffffff, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
ioctl$VT_ACTIVATE(r3, 0x5606, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r7}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{}, {0x0, 0x4}, {0x0, 0x4, 0x10009, 0x5}], 0x10, 0xfffffff7}, 0x94)
r8 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803002d000b12d25a80648c2594f90124fc60100c020000040000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
ioctl$TIOCSWINSZ(r3, 0x5414, &(0x7f0000000180)={0x9, 0x0, 0x3, 0x7fff})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2008002, &(0x7f00000000c0)={[{@nojournal_checksum}, {@usrquota}, {@quota}]}, 0x1, 0x558, &(0x7f0000000680)="$eJzs3c9vI1cdAPDvTH52d9vsQg9QAbtAYUGrtTfedlX10nIBoaoSouKAOGxD4o3C2nGIndKESKR/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACbZA4GM14kriJw5rEsdn485Fm58ebme979s6852dnXgBj60ZE7ETEdES8GRFzxfakmOLVzpTt92h3e3Fvd3sxiXb7jb8leXq2LbqOyVwuzjkbEV/9UsQ3k+Nxm5tbDxdqtep6sV5u1dfKzc2t2yv1heXqcnW1Urk3f+/OS3dfrAysrNfrP3v/iyuvfe2Xv/j4e7/Z+fx3s2xdKdK6yzFInaJPHcTJTEbEa+cRbAQmivn0iPPB6aQR8aGI+FR+/c/FRP6/EwC4yNrtuWjPda8DABddmveBJWkpItK0aASUOn14z8altNZotm49aGysLnX6yq7GVPpgpVa9c23md9/Od55KsvX5PC1Pz9crR9bvRsS1iPjBzFP5emmxUVsaTZMHAMbe5e76PyL+OZOmpVJfh/b4Vg8AeGLMjjoDAMDQqf8BYPyo/wFg/PRR/xdf9u+ce14AgOHw+R8Axo/6HwDGj/ofAMbKV15/PZvae8Xzr5fe2tx42Hjr9lK1+bBU31gsLTbW10rLjcZy/sye+uPOV2s01uZfiI23y61qs1Vubm7drzc2Vlv38+d6369ODaVUAMB/c+36u79NImLn5afyKbrGclBXw8WWDnAv4MkycZaDNRDgiWa0LxhffVXheSPh1+eeF2A0ej7Me7bn4gf96H8I4ndG8H/l5kf77/83xjNcLHr2YXydrv//lYHnAxi+U/f//2Gw+QCGr91Ojo75P32QBABcSGf4CV/7e4NqhAAj9bjBvAfy/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcMFci4luRpKV8LPA0+zctlSKejoirMZU8WKlV70TEM3E9IqZmsvX5UWcaADij9C9JMf7XzbnnrxxNnU7+NZPPI+I7P37jh28vtFrr89n2vx9sn9kfPqxyeNwZxhUEAPr3p352yuvvSjHv+iD/aHd7cX86xzwe8/4XDgYfXdzb3c6nTspktNvtdsRs3pa49I8kJotjZiPiuYiYGED8nXci4iO9yp/kfSNXi5FPu+NHEfvpocZPPxA/zdM68+zl+/AA8gLj5t3s/vNqr+svjRv5vPf1P5vfoc4uv//NRuzf+/a64k8WkSZ6xM+u+Rv9xnjhV18+trE910l7J+K5yV7xk4P4yQnxn+8z/u8/9onvv3JCWvsnETejd/zuWOVWfa3c3Ny6vVJfWK4uV1crlXvz9+68dPfFSjnvoy7v91Qf99eXbz1zUt6y8l86IX7nnb98pPzTB8d+ps/y//Tfb37jk4erM0fjf+7Tvd//Z/N579c/qxM/22f8hUs/P3H47iz+0gnlf9z7f6vP+O/9eWupz10BgCFobm49XKjVqutnWsg+hQ7iPMcWsiz2t/N+c/FsQf8Y+cLhy5JEEoMuV9YY62fnqfN6Vc99YfKgrTjYM389O+OQi5MOvBSnWYirxcKjYQUd3T0JGI7Di37UOQEAAAAAAAAAAAAAAE4yjL9hGnUZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+EwAA//8GP8IF")
r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FIEMAP(r9, 0xc020660b, &(0x7f0000000100)=ANY=[@ANYBLOB="0300000000000000000000000500"/32])
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x8}, 0x50)
syz_open_dev$usbfs(&(0x7f0000000000), 0x6, 0x28200)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x48, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r1, {0x0, 0xfff2}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x18, 0x2, [@TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME={0x2d, 0x8, 0x8000000000007ff}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0x1}]}}]}, 0x48}}, 0x0)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r10}, 0x10)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)

1.162640652s ago: executing program 3 (id=2505):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
openat$nvram(0xffffffffffffff9c, &(0x7f0000001740), 0x8c200, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
io_uring_setup(0x4663, 0x0)
kexec_load(0x0, 0x1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x41000000}], 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/kernel/kexec_crash_size', 0x202, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000940)=ANY=[], 0x48)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000008, 0x110, 0xffffffffffffffff, 0x8000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x2}, 0x18)
r1 = syz_genetlink_get_family_id$smc(0x0, 0xffffffffffffffff)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000014c0)={0x4c, r1, 0x200, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x4c}}, 0x20040810)
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='\xac\xed\x00\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
fcntl$lock(r2, 0x5, &(0x7f0000000100)={0x2, 0x0, 0x1, 0x6})

906.864256ms ago: executing program 2 (id=2506):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r1, 0x0, 0x0, 0x2, &(0x7f00000001c0)={0x77359400})

863.248047ms ago: executing program 2 (id=2507):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r3)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(r4, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)

862.727647ms ago: executing program 1 (id=2508):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x48}}, 0x0)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[], 0x50}}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000000000), 0x4000000000001f2, 0x0)

809.160108ms ago: executing program 1 (id=2509):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffff05850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x16}, 0x94)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreq(r1, 0x0, 0x20, &(0x7f00000001c0)={@rand_addr=0x64010101, @remote}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r0}, 0x10)
socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
syz_emit_ethernet(0x12, &(0x7f00000004c0)=ANY=[@ANYBLOB="bbbbbbbbbbbf0180c200000e00044242f3f4"], 0x0)

807.677617ms ago: executing program 1 (id=2510):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x9, 0x0, 0x7ffc0006}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$int_in(r3, 0x5452, &(0x7f0000000180)=0xffffffffffffffff)
fcntl$setsig(r3, 0xa, 0x12)
ppoll(&(0x7f0000000240)=[{r4}], 0x1, 0x0, 0x0, 0x0)
dup2(r3, r4)
fcntl$setown(r4, 0x8, r2)
tkill(r2, 0x13)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
lstat(&(0x7f0000000140)='./file1\x00', &(0x7f00000002c0))

731.914678ms ago: executing program 1 (id=2511):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffff05850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x16}, 0x94)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreq(r1, 0x0, 0x20, &(0x7f00000001c0)={@rand_addr=0x64010101, @remote}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r0}, 0x10)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r5 = epoll_create(0x8)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000040)={0xf6c447fee59241f0})
r6 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
write$selinux_attr(r6, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
close(r5)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000380)={'caif0\x00'})
r7 = openat$rfkill(0xffffff9c, &(0x7f0000000040), 0x182, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18)
r8 = eventfd2(0x4, 0x80000)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000c40)={{0x1, 0x1, 0x18, <r9=>r7}, './file0\x00'})
io_submit(0x0, 0x4, &(0x7f0000000e40)=[&(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0xfff, r6, &(0x7f0000000a40)="b3f9bf690b658075c2087e7b23ad0c9df12f267b6251a4830c304950db9cc89d2e96b2ce19abda3cf5a5814214e3e106352e60b46f10986ebcf77621e99f474f53df939a9c7d949bd1ef6219520ffe9406a73357806ea06ab79e3c80f06c5c6b12c4424046c74dfb1f2ebb044da87ae9f7203b10676a80d1722f9f", 0x7b, 0xfffffffffffffffd, 0x0, 0x2}, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x7, 0x5, 0xffffffffffffffff, &(0x7f0000000ac0)="207cc38427bbd58c86a005", 0xb, 0xffffffffffffffff, 0x0, 0x2, r1}, &(0x7f0000000b40)={0x0, 0x0, 0x0, 0x1, 0x9, r6, &(0x7f0000000d40)="6bd2a464bf48faa27f0b2e3239e886130cfa8daad6650f21d329f0ffc3fac7e99544456bd8182a5e944dd144aa4ed8b0ab1c83ab11df0e49ac3751d2e6574fad494b19b0cc07b686605a2b347961adcafe4256c5f2f56566d15bf579bcd4a154167516f5333bcdc15a2bc0080177f89f9270dcc9583311938fe48f9a88cc94d849970cd0e41f0404e0fdebdbc704913546f4a8e1d33ddf71042d67630becaa2f851ff9029f87bca891b727f57965f9e9305e1076429e99", 0xb7, 0xb57, 0x0, 0x3, r8}, &(0x7f0000000e00)={0x0, 0x0, 0x0, 0x1, 0x7ff, 0xffffffffffffffff, &(0x7f0000000c00)="9fdb969795f0e29dcee22edb37", 0xd, 0x6, 0x0, 0x0, r9}])
syz_emit_ethernet(0x12, &(0x7f00000004c0)=ANY=[@ANYBLOB="bbbbbbbbbbbf0180c200000e00044242f3f4"], 0x0)
openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0)

692.102989ms ago: executing program 1 (id=2512):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
semctl$SETALL(0x0, 0x0, 0x11, 0x0)

656.76371ms ago: executing program 1 (id=2513):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000340), &(0x7f0000000300)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000300), 0x5aa, 0x0, 0x0, 0xfffffffffffffdfd)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x8205, &(0x7f0000000200)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x15}}, {@quota}, {@grpid}, {@errors_remount}, {@data_err_ignore}, {@noblock_validity}, {@minixdf}, {@min_batch_time={'min_batch_time', 0x3d, 0x13}}, {@norecovery}]}, 0x1, 0x60a, &(0x7f0000001c40)="$eJzs3c9rHNcdAPDvzEqqZKuVXYqpTUsFPdhQrB+uqduebF/qg6GG+lBKDxaW5AqvbGHJULuGytBDCy2UkGsIvuQfyD2YXHMLgSS3nANOCA45JMEbZnbHXla78lrR7qw9nw/s6s2b2X3vu09P896u3k4AlTWb3aURRyPiShIx07ZvOpo7Z1vHPf7i3tXslkSj8afPk0haecXxT1o/D2Z3ScRkRLx/PuLHtZ3lbt65e32p3mj6Z8T81vrG/OaduyfX1peurVxbubF46renzyz8bvH04r7EWcR14eIff/a/f/3tN6sf1E8mcTYuj/9jOTri2C+zMRtPWiG2549FxJks0eV1edkUISQl14O9qbV+H8cj4kjMRC3fapqJtf+WWjlgoBq1iAZQUYn+DxVVjAOKuf0g5sGj7NG55gRoZ/xjzfdGYjKfGx14nLTNjJrz3UP7UH5Wxrf3jr2R3aLH+xBj+1BOL9v3I+Kn3eJP8rodyt/FyeJPI217XJZeiIiJ1mux1/n/bMf2sH//XiT+9nbI4j/b+pnln99j+WXHD0A1PTzXOpFvZ1vPzn/ZyLAY/0SX8c90l3PXXpR9/us9/ivO95P5e+RpxzgsG+9c6v6U450Zn/znwmu9ym8f/2W3rPxiLDgMj+5HHOuI/9/5QC952v5Jl/bPDrnSZxl/+PCzC732lR1/40HE8a7zn2cj2iw1v7W+UeR1fD45v7pWX1lo3nct4533/vpWr/LLjj9r/+gR/27tn+Vt9FnG25cerPfaN/3c+NNPJ5LLeWqilfP3pa2tW4sRE8nF1iFt+ad2r0txTPEcWfwnftm9/+8Sf97Q233Gv/Hn64+bqZ2zpL7bf8dfldyTRp916CWLf3mP7f//Psv46i+3f96RNVUkdot/audTJf2+5gAAAAAAAFBFaf4ZbJLOPU2n6dxccw3vT+JAWr+5ufWr1Zu3byxHnMj/H3I8LT7pnmluJ9n2Yuv/YYvtUx3bv46IwxHxem0q3567erO+XHbwAAAAAAAAAAAAAAAAAAAAMCIOttb/F9ep/rLWXP/fl60jA64dMHCDvMAcMNr0f6iuvP+nZdcCKIPzP1SX/g/Vpf9Dden/UF36P1SX/g/Vpf9Dden/AAAAAPBKOvyLhx8nEbH9+6n8lplo7RsvtWbAoL14H58dSD2A4asN9WHAKHn60b/l/1A5fY3/v259OeDgqwOUIOmWmQ8OGrt3/oddHwkAAAAAAAAAAAAADMDxo9b/Q1Wl8W7ZVQBK8j0W8vsOAHjJ+ep/qC5zfOB5q/gne+2w/h8AAAAAAAAAAAAAhmY6vyXpXOsSoNORpnNzET+MiEMxnqyu1VcWIuJHEfFRbfwH2fZi2ZUGAAAAAAAAAAAAAAAAAACAV8zmnbvXl+r1lVvtiW925LzaieIqqKNSn/ZEJMMvdCoiRiH2wSTG2nKSiO2s5UeiYrc2YySqkebVKPkPEwAAAAAAAAAAAAAAAAAAVFDb2uPujr055BoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPA9u/7/3hPJc56n7BgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJfTdwEAAP//wbQ5Jw==")

0s ago: executing program 0 (id=2514):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000300)={'#! ', '', [{0x20, 'memory.events\x00'}]}, 0x13)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x0, 0x0, &(0x7f0000000580)='GPL\x00', 0x800000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbff, 0x2ffffffff}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000040000000000000180100002020702500000000002020207b1af8ff010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xfffffffffffffd8b}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r4}, 0x10)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @remote})
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="25390000290003"], 0x33fe0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x5, 0x3, 0x8, 0x8000, 0x80}, &(0x7f0000000240)=0x14)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000180)=0x7, 0x4)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000400)=@deltaction={0xb8, 0x31, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@TCA_ACT_TAB={0x28, 0x1, [{0xc, 0x3, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0xc, 0x3, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7fff}}]}, @TCA_ACT_TAB={0x4}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffffff9}}]}, @TCA_ACT_TAB={0x58, 0x1, [{0x10, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0xc, 0x7, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x200}}, {0x14, 0x15, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0xc, 0x14, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x10}}, {0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}]}]}, 0xb8}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$isdn(0x22, 0x2, 0x25)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000300)={0x6d00, 0x8200, 0x6, 0x7ff}, 0x10)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
close(r7)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$TUNSETLINK(r6, 0x400454cd, 0x6)

kernel console output (not intermixed with test programs):

 invalid access to FAT (entry 0x0000ff12)
[  181.545169][T10022] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000ff12)
[  181.552987][T10022] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000ff12)
[  181.560886][T10022] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000ff12)
[  181.571283][T10022] syz.1.2187: attempt to access beyond end of device
[  181.571283][T10022] loop1: rw=0, sector=65368, nr_sectors = 1 limit=8192
[  181.584837][T10022] Buffer I/O error on dev loop1, logical block 65368, async page read
[  181.604053][T10027] netlink: 'syz.0.2189': attribute type 27 has an invalid length.
[  181.685901][T10027] 8021q: adding VLAN 0 to HW filter on device bond0
[  181.725123][T10032] __nla_validate_parse: 29 callbacks suppressed
[  181.725183][T10032] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2189'.
[  181.740313][T10032] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2189'.
[  181.764198][T10034] loop1: detected capacity change from 0 to 512
[  181.768277][T10027] 8021q: adding VLAN 0 to HW filter on device team0
[  181.779312][T10032] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2189'.
[  181.784082][T10034] EXT4-fs: Ignoring removed nomblk_io_submit option
[  181.795013][ T9995] vhci_hcd: connection reset by peer
[  181.795031][T10027] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  181.800787][  T170] vhci_hcd: stop threads
[  181.820643][  T170] vhci_hcd: release socket
[  181.825058][  T170] vhci_hcd: disconnect device
[  181.831602][T10034] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  181.844742][T10034] EXT4-fs (loop1): 1 truncate cleaned up
[  181.858832][T10032] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2189'.
[  181.867776][T10032] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2189'.
[  181.879191][T10032] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2189'.
[  181.924933][T10032] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2189'.
[  181.933915][T10032] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2189'.
[  181.934002][T10041] loop1: detected capacity change from 0 to 2048
[  181.950329][T10032] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2189'.
[  181.960721][   T29] kauditd_printk_skb: 674 callbacks suppressed
[  181.960735][   T29] audit: type=1326 audit(1752109843.462:24679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10011 comm="syz.2.2184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff01c5e929 code=0x7ffc0000
[  181.991123][   T29] audit: type=1326 audit(1752109843.462:24680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10011 comm="syz.2.2184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff01c5e929 code=0x7ffc0000
[  182.031629][T10041] netlink: 'syz.1.2191': attribute type 27 has an invalid length.
[  182.053401][T10045] loop2: detected capacity change from 0 to 512
[  182.057316][ T9987] syz.4.2178 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  182.073995][ T9987] CPU: 1 UID: 0 PID: 9987 Comm: syz.4.2178 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(voluntary) 
[  182.074072][ T9987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  182.074149][ T9987] Call Trace:
[  182.074155][ T9987]  <TASK>
[  182.074163][ T9987]  __dump_stack+0x1d/0x30
[  182.074187][ T9987]  dump_stack_lvl+0xe8/0x140
[  182.074208][ T9987]  dump_stack+0x15/0x1b
[  182.074227][ T9987]  dump_header+0x81/0x220
[  182.074338][ T9987]  oom_kill_process+0x334/0x3f0
[  182.074370][ T9987]  out_of_memory+0x979/0xb80
[  182.074425][ T9987]  try_charge_memcg+0x5e6/0x9e0
[  182.074467][ T9987]  obj_cgroup_charge_pages+0xa6/0x150
[  182.074569][ T9987]  __memcg_kmem_charge_page+0x9f/0x170
[  182.074601][ T9987]  __alloc_frozen_pages_noprof+0x188/0x360
[  182.074637][ T9987]  alloc_pages_mpol+0xb3/0x250
[  182.074674][ T9987]  alloc_pages_noprof+0x90/0x130
[  182.074726][ T9987]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  182.074764][ T9987]  __kvmalloc_node_noprof+0x30f/0x4e0
[  182.074788][ T9987]  ? ip_set_alloc+0x1f/0x30
[  182.074834][ T9987]  ? ip_set_alloc+0x1f/0x30
[  182.074942][ T9987]  ? __kmalloc_cache_noprof+0x189/0x320
[  182.075047][ T9987]  ip_set_alloc+0x1f/0x30
[  182.075075][ T9987]  hash_netiface_create+0x282/0x740
[  182.075171][ T9987]  ? __pfx_hash_netiface_create+0x10/0x10
[  182.075199][ T9987]  ip_set_create+0x3c9/0x960
[  182.075232][ T9987]  ? __nla_parse+0x40/0x60
[  182.075312][ T9987]  nfnetlink_rcv_msg+0x4c3/0x590
[  182.075349][ T9987]  ? selinux_capable+0x1f9/0x270
[  182.075381][ T9987]  netlink_rcv_skb+0x120/0x220
[  182.075435][ T9987]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  182.075466][ T9987]  nfnetlink_rcv+0x16b/0x1690
[  182.075545][ T9987]  ? __list_del_entry_valid_or_report+0x65/0x130
[  182.075647][ T9987]  ? __rmqueue_pcplist+0x9d2/0xbd0
[  182.075681][ T9987]  ? should_fail_ex+0x30/0x280
[  182.075707][ T9987]  ? selinux_nlmsg_lookup+0x99/0x890
[  182.075808][ T9987]  ? selinux_netlink_send+0x59f/0x5f0
[  182.075840][ T9987]  ? __rcu_read_unlock+0x34/0x70
[  182.075872][ T9987]  ? __netlink_lookup+0x266/0x2a0
[  182.075969][ T9987]  netlink_unicast+0x59e/0x670
[  182.075999][ T9987]  netlink_sendmsg+0x58b/0x6b0
[  182.076085][ T9987]  ? __pfx_netlink_sendmsg+0x10/0x10
[  182.076118][ T9987]  __sock_sendmsg+0x142/0x180
[  182.076177][ T9987]  ____sys_sendmsg+0x31e/0x4e0
[  182.076239][ T9987]  ___sys_sendmsg+0x17b/0x1d0
[  182.076274][ T9987]  __x64_sys_sendmsg+0xd4/0x160
[  182.076355][ T9987]  x64_sys_call+0x2999/0x2fb0
[  182.076377][ T9987]  do_syscall_64+0xd2/0x200
[  182.076409][ T9987]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  182.076436][ T9987]  ? clear_bhb_loop+0x40/0x90
[  182.076464][ T9987]  ? clear_bhb_loop+0x40/0x90
[  182.076487][ T9987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.076506][ T9987] RIP: 0033:0x7fc57a5be929
[  182.076520][ T9987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  182.076610][ T9987] RSP: 002b:00007fc578c27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  182.076630][ T9987] RAX: ffffffffffffffda RBX: 00007fc57a7e5fa0 RCX: 00007fc57a5be929
[  182.076644][ T9987] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005
[  182.076657][ T9987] RBP: 00007fc57a640b39 R08: 0000000000000000 R09: 0000000000000000
[  182.076672][ T9987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  182.076737][ T9987] R13: 0000000000000000 R14: 00007fc57a7e5fa0 R15: 00007ffff9648ea8
[  182.076753][ T9987]  </TASK>
[  182.076761][ T9987] memory: usage 307200kB, limit 307200kB, failcnt 9886
[  182.085078][T10045] EXT4-fs (loop2): orphan cleanup on readonly fs
[  182.089244][ T9987] memory+swap: usage 307388kB, limit 9007199254740988kB, failcnt 0
[  182.146478][T10045] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2193: bg 0: block 248: padding at end of block bitmap is not set
[  182.148301][ T9987] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[  182.154257][T10045] Quota error (device loop2): write_blk: dquota write failed
[  182.158667][ T9987] Memory cgroup stats for /syz4:
[  182.169628][T10051] loop0: detected capacity change from 0 to 128
[  182.170218][ T9987] cache 0
[  182.175434][T10045] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  182.179925][ T9987] rss 0
[  182.179934][ T9987] shmem 0
[  182.184415][T10045] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.2193: Failed to acquire dquot type 1
[  182.189959][ T9987] mapped_file 0
[  182.189968][ T9987] dirty 0
[  182.195379][   T29] audit: type=1400 audit(1752109843.672:24681): avc:  denied  { create } for  pid=10050 comm="syz.0.2194" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  182.199489][ T9987] writeback 0
[  182.199499][ T9987] workingset_refault_anon 481
[  182.199508][ T9987] workingset_refault_file 1421
[  182.199517][ T9987] swap 192512
[  182.199523][ T9987] swapcached 4096
[  182.199529][ T9987] pgpgin 95603
[  182.199535][ T9987] pgpgout 95602
[  182.199542][ T9987] pgfault 117618
[  182.199548][ T9987] pgmajfault 128
[  182.199554][ T9987] inactive_anon 4096
[  182.199562][ T9987] active_anon 0
[  182.199570][ T9987] inactive_file 0
[  182.199586][ T9987] active_file 0
[  182.199593][ T9987] unevictable 0
[  182.199601][ T9987] hierarchical_memory_limit 314572800
[  182.199611][ T9987] hierarchical_memsw_limit 9223372036854771712
[  182.199621][ T9987] total_cache 0
[  182.199627][ T9987] total_rss 0
[  182.199633][ T9987] total_shmem 0
[  182.199641][ T9987] total_mapped_file 0
[  182.199649][ T9987] total_dirty 0
[  182.199670][ T9987] total_writeback 0
[  182.199679][ T9987] total_workingset_refault_anon 481
[  182.199688][ T9987] total_workingset_refault_file 1453
[  182.199698][ T9987] total_swap 192512
[  182.199706][ T9987] total_swapcached 4096
[  182.199715][ T9987] total_pgpgin 115853
[  182.199724][ T9987] total_pgpgout 115852
[  182.199732][ T9987] total_pgfault 138130
[  182.199740][ T9987] total_pgmajfault 332
[  182.199748][ T9987] total_inactive_anon 4096
[  182.199756][ T9987] total_active_anon 0
[  182.199830][ T9987] total_inactive_file 0
[  182.199839][ T9987] total_active_file 0
[  182.199848][ T9987] total_unevictable 0
[  182.199857][ T9987] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4/syz1,task=syz.4.2178,pid=9985,uid=0
[  182.199987][ T9987] Memory cgroup out of memory: Killed process 9985 (syz.4.2178) total-vm:93756kB, anon-rss:940kB, file-rss:22372kB, shmem-rss:128kB, UID:0 pgtables:140kB oom_score_adj:1000
[  182.213943][T10045] EXT4-fs (loop2): 1 truncate cleaned up
[  182.214861][   T29] audit: type=1400 audit(1752109843.672:24682): avc:  denied  { read append } for  pid=10050 comm="syz.0.2194" name="ptp0" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  182.405153][T10056] loop4: detected capacity change from 0 to 512
[  182.409278][   T29] audit: type=1400 audit(1752109843.672:24683): avc:  denied  { open } for  pid=10050 comm="syz.0.2194" path="/dev/ptp0" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  182.409306][   T29] audit: type=1400 audit(1752109843.672:24684): avc:  denied  { ioctl } for  pid=10050 comm="syz.0.2194" path="/dev/ptp0" dev="devtmpfs" ino=245 ioctlcmd=0x3d0c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  182.418772][T10056] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.2196: casefold flag without casefold feature
[  182.437245][T10059] loop0: detected capacity change from 0 to 512
[  182.442098][T10053] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2191'.
[  182.458221][T10056] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.2196: couldn't read orphan inode 15 (err -117)
[  182.471657][T10059] EXT4-fs (loop0): orphan cleanup on readonly fs
[  182.840288][T10059] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2195: bg 0: block 248: padding at end of block bitmap is not set
[  182.848047][T10045] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  182.855380][ T1081] lo speed is unknown, defaulting to 1000
[  182.864359][T10059] Quota error (device loop0): write_blk: dquota write failed
[  182.870250][ T1081] syz0: Port: 1 Link DOWN
[  182.877000][T10059] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  182.891328][T10059] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.2195: Failed to acquire dquot type 1
[  182.907800][T10049] 8021q: adding VLAN 0 to HW filter on device bond0
[  182.914662][T10045] EXT4-fs warning (device loop2): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop2.
[  182.916046][T10049] 8021q: adding VLAN 0 to HW filter on device team0
[  182.930732][T10059] EXT4-fs (loop0): 1 truncate cleaned up
[  182.938404][T10049] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  182.956885][ T3991] lo speed is unknown, defaulting to 1000
[  182.963324][ T3991] syz0: Port: 1 Link ACTIVE
[  182.968758][ T3374] usb 6-1: device descriptor read/8, error -110
[  182.976241][T10059] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  182.990159][T10059] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  182.998776][T10059] FAULT_INJECTION: forcing a failure.
[  182.998776][T10059] name failslab, interval 1, probability 0, space 0, times 0
[  183.011517][T10059] CPU: 0 UID: 0 PID: 10059 Comm: syz.0.2195 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(voluntary) 
[  183.011546][T10059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  183.011559][T10059] Call Trace:
[  183.011563][T10059]  <TASK>
[  183.011590][T10059]  __dump_stack+0x1d/0x30
[  183.011671][T10059]  dump_stack_lvl+0xe8/0x140
[  183.011683][T10059]  dump_stack+0x15/0x1b
[  183.011692][T10059]  should_fail_ex+0x265/0x280
[  183.011712][T10059]  should_failslab+0x8c/0xb0
[  183.011771][T10059]  __kmalloc_noprof+0xa5/0x3e0
[  183.011830][T10059]  ? find_next_id+0x3d/0x540
[  183.011843][T10059]  ? __d_lookup_rcu+0x248/0x2a0
[  183.011858][T10059]  find_next_id+0x3d/0x540
[  183.011929][T10059]  ? __rcu_read_unlock+0x4f/0x70
[  183.011941][T10059]  ? from_kgid+0x13d/0x330
[  183.011961][T10059]  qtree_get_next_id+0x55/0x120
[  183.011975][T10059]  v2_get_next_id+0x81/0xc0
[  183.011988][T10059]  ? __pfx_v2_get_next_id+0x10/0x10
[  183.012056][T10059]  dquot_get_next_id+0xaf/0xe0
[  183.012068][T10059]  dquot_get_next_dqblk+0x41/0x200
[  183.012080][T10059]  quota_getnextquota+0x16e/0x2c0
[  183.012149][T10059]  ? selinux_capable+0x1f9/0x270
[  183.012169][T10059]  do_quotactl+0x38f/0x670
[  183.012183][T10059]  __se_sys_quotactl+0x3a5/0x670
[  183.012251][T10059]  __x64_sys_quotactl+0x55/0x70
[  183.012265][T10059]  x64_sys_call+0x2886/0x2fb0
[  183.012277][T10059]  do_syscall_64+0xd2/0x200
[  183.012345][T10059]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  183.012360][T10059]  ? clear_bhb_loop+0x40/0x90
[  183.012372][T10059]  ? clear_bhb_loop+0x40/0x90
[  183.012384][T10059]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.012413][T10059] RIP: 0033:0x7f339494e929
[  183.012422][T10059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.012433][T10059] RSP: 002b:00007f3392fb7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  183.012444][T10059] RAX: ffffffffffffffda RBX: 00007f3394b75fa0 RCX: 00007f339494e929
[  183.012482][T10059] RDX: 0000000000000000 RSI: 00002000000080c0 RDI: ffffffff80000901
[  183.012489][T10059] RBP: 00007f3392fb7090 R08: 0000000000000000 R09: 0000000000000000
[  183.012496][T10059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.012503][T10059] R13: 0000000000000000 R14: 00007f3394b75fa0 R15: 00007ffd5b2cfaf8
[  183.012513][T10059]  </TASK>
[  183.252764][ T3374] usb 6-1: new SuperSpeed USB device number 27 using vhci_hcd
[  183.282688][T10055] delete_channel: no stack
[  183.287694][ T3374] usb 6-1: enqueue for inactive port 0
[  183.298402][ T3374] usb 6-1: enqueue for inactive port 0
[  183.312187][ T3374] usb 6-1: enqueue for inactive port 0
[  183.333433][T10080] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  183.340044][T10080] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  183.347819][T10080] vhci_hcd vhci_hcd.0: Device attached
[  183.363818][T10086] FAULT_INJECTION: forcing a failure.
[  183.363818][T10086] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  183.377511][T10086] CPU: 0 UID: 0 PID: 10086 Comm: syz.4.2203 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(voluntary) 
[  183.377597][T10086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  183.377666][T10086] Call Trace:
[  183.377674][T10086]  <TASK>
[  183.377681][T10086]  __dump_stack+0x1d/0x30
[  183.377708][T10086]  dump_stack_lvl+0xe8/0x140
[  183.377724][T10086]  dump_stack+0x15/0x1b
[  183.377738][T10086]  should_fail_ex+0x265/0x280
[  183.377763][T10086]  should_fail+0xb/0x20
[  183.377859][T10086]  should_fail_usercopy+0x1a/0x20
[  183.377885][T10086]  _copy_to_user+0x20/0xa0
[  183.377952][T10086]  simple_read_from_buffer+0xb5/0x130
[  183.378081][T10086]  proc_fail_nth_read+0x100/0x140
[  183.378112][T10086]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  183.378204][T10086]  vfs_read+0x1a0/0x6f0
[  183.378252][T10086]  ? __rcu_read_unlock+0x4f/0x70
[  183.378270][T10086]  ? __rcu_read_unlock+0x4f/0x70
[  183.378287][T10086]  ? __fget_files+0x184/0x1c0
[  183.378304][T10086]  ksys_read+0xda/0x1a0
[  183.378409][T10086]  __x64_sys_read+0x40/0x50
[  183.378454][T10086]  x64_sys_call+0x2d77/0x2fb0
[  183.378548][T10086]  do_syscall_64+0xd2/0x200
[  183.378575][T10086]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  183.378596][T10086]  ? clear_bhb_loop+0x40/0x90
[  183.378685][T10086]  ? clear_bhb_loop+0x40/0x90
[  183.378717][T10086]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.378753][T10086] RIP: 0033:0x7fc57a5bd33c
[  183.378774][T10086] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  183.378830][T10086] RSP: 002b:00007fc578c27030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  183.378851][T10086] RAX: ffffffffffffffda RBX: 00007fc57a7e5fa0 RCX: 00007fc57a5bd33c
[  183.378861][T10086] RDX: 000000000000000f RSI: 00007fc578c270a0 RDI: 0000000000000005
[  183.378871][T10086] RBP: 00007fc578c27090 R08: 0000000000000000 R09: 0000000000000000
[  183.378960][T10086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.378970][T10086] R13: 0000000000000000 R14: 00007fc57a7e5fa0 R15: 00007ffff9648ea8
[  183.378984][T10086]  </TASK>
[  183.639191][ T3377] usb 2-1: device descriptor read/8, error -110
[  183.719101][ T3374] usb 6-1: SetAddress Request (28) to port 0
[  183.725517][ T3374] usb 6-1: new SuperSpeed USB device number 28 using vhci_hcd
[  183.749443][ T3377] usb 2-1: new SuperSpeed USB device number 30 using vhci_hcd
[  183.760120][T10084] loop0: detected capacity change from 0 to 128
[  183.779089][ T3377] usb 2-1: enqueue for inactive port 0
[  183.784582][ T3377] usb 2-1: enqueue for inactive port 0
[  183.798068][ T3377] usb 2-1: enqueue for inactive port 0
[  183.825082][T10098] loop4: detected capacity change from 0 to 1024
[  183.840136][T10098] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  183.858040][T10081] vhci_hcd: connection reset by peer
[  183.864559][T10096] loop1: detected capacity change from 0 to 512
[  183.871532][T10098] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  183.879550][T10098] EXT4-fs (loop4): orphan cleanup on readonly fs
[  183.879785][   T31] vhci_hcd: stop threads
[  183.890206][   T31] vhci_hcd: release socket
[  183.894618][   T31] vhci_hcd: disconnect device
[  183.917067][T10096] EXT4-fs: Ignoring removed nomblk_io_submit option
[  183.919172][T10098] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  183.929396][T10096] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  183.949458][T10098] EXT4-fs (loop4): Remounting filesystem read-only
[  183.956023][T10098] EXT4-fs (loop4): 1 truncate cleaned up
[  183.973400][T10098] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  183.984727][T10096] EXT4-fs (loop1): 1 truncate cleaned up
[  183.993516][T10096] EXT4-fs (loop1): shut down requested (2)
[  184.062119][T10113] loop3: detected capacity change from 0 to 512
[  184.081575][T10113] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.2212: casefold flag without casefold feature
[  184.109303][T10113] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.2212: couldn't read orphan inode 15 (err -117)
[  184.138007][T10116] netlink: 'syz.0.2213': attribute type 2 has an invalid length.
[  184.145796][T10116] netlink: 'syz.0.2213': attribute type 1 has an invalid length.
[  184.159272][    T9] usb 4-1: device descriptor read/8, error -110
[  184.184284][T10116] loop0: detected capacity change from 0 to 512
[  184.201732][T10116] ext4 filesystem being mounted at /471/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  184.218079][T10116] EXT4-fs error (device loop0): ext4_map_blocks:780: inode #2: block 3: comm syz.0.2213: lblock 8 mapped to illegal pblock 3 (length 26)
[  184.232711][T10111] delete_channel: no stack
[  184.269734][    T9] usb 4-1: new SuperSpeed USB device number 31 using vhci_hcd
[  184.289816][    T9] usb 4-1: enqueue for inactive port 0
[  184.300930][    T9] usb 4-1: enqueue for inactive port 0
[  184.312378][    T9] usb 4-1: enqueue for inactive port 0
[  184.419954][    T9] usb usb4-port1: attempt power cycle
[  184.522627][T10129] dvmrp1: entered allmulticast mode
[  184.528750][T10129] dvmrp1: left allmulticast mode
[  184.594267][T10132] loop3: detected capacity change from 0 to 128
[  184.613903][T10132] EXT4-fs: Ignoring removed oldalloc option
[  184.620711][T10136] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  184.632842][T10132] ext4 filesystem being mounted at /395/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  184.644126][T10136] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  184.662100][T10136] loop1: detected capacity change from 0 to 1024
[  184.680566][T10136] ext4 filesystem being mounted at /503/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  184.694122][T10136] process 'syz.1.2220' launched './file1' with NULL argv: empty string added
[  184.726136][T10136] kernel read not supported for file /policy (pid: 10136 comm: syz.1.2220)
[  184.729148][T10140] loop2: detected capacity change from 0 to 1024
[  184.741539][T10140] EXT4-fs: Ignoring removed nobh option
[  184.747110][T10140] EXT4-fs: inline encryption not supported
[  184.829246][ T3377] usb usb2-port1: attempt power cycle
[  185.009019][T10148] loop0: detected capacity change from 0 to 128
[  185.087224][T10153] loop4: detected capacity change from 0 to 512
[  185.095121][T10153] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.2225: casefold flag without casefold feature
[  185.107953][T10153] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.2225: couldn't read orphan inode 15 (err -117)
[  185.120430][ T9968] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 393: padding at end of block bitmap is not set
[  185.179368][T10152] delete_channel: no stack
[  185.225483][T10165] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  185.269500][T10169] loop1: detected capacity change from 0 to 128
[  185.854369][T10178] loop4: detected capacity change from 0 to 1024
[  185.862358][T10178] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  185.873971][T10178] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  185.882231][T10178] EXT4-fs (loop4): orphan cleanup on readonly fs
[  185.890318][T10178] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  185.900188][T10178] EXT4-fs (loop4): Remounting filesystem read-only
[  185.906866][T10178] EXT4-fs (loop4): 1 truncate cleaned up
[  186.011877][T10184] loop4: detected capacity change from 0 to 2048
[  186.044268][T10184] netlink: 'syz.4.2236': attribute type 27 has an invalid length.
[  186.063964][T10184] 8021q: adding VLAN 0 to HW filter on device bond0
[  186.073099][T10184] 8021q: adding VLAN 0 to HW filter on device team0
[  186.082371][T10184] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  186.089156][   T36] usb 10-1: device descriptor read/8, error -110
[  186.115679][T10188] loop0: detected capacity change from 0 to 128
[  186.251045][T10191] loop1: detected capacity change from 0 to 512
[  186.262909][T10191] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.2238: casefold flag without casefold feature
[  186.272999][   T36] usb 10-1: new SuperSpeed USB device number 23 using vhci_hcd
[  186.275837][T10191] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.2238: couldn't read orphan inode 15 (err -117)
[  186.309108][   T36] usb 10-1: enqueue for inactive port 0
[  186.309986][    T9] usb usb4-port1: unable to enumerate USB device
[  186.314732][   T36] usb 10-1: enqueue for inactive port 0
[  186.327382][   T36] usb 10-1: enqueue for inactive port 0
[  186.380567][T10205] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  186.419249][T10190] delete_channel: no stack
[  186.424125][T10207] loop3: detected capacity change from 0 to 128
[  186.449298][   T36] usb usb10-port1: attempt power cycle
[  186.511848][T10212] loop1: detected capacity change from 0 to 2048
[  186.545951][T10212] netlink: 'syz.1.2245': attribute type 27 has an invalid length.
[  186.562327][T10218] loop4: detected capacity change from 0 to 1024
[  186.570412][T10218] EXT4-fs: Ignoring removed nobh option
[  186.576015][T10218] EXT4-fs: inline encryption not supported
[  186.589411][   T23] lo speed is unknown, defaulting to 1000
[  186.595183][   T23] syz0: Port: 1 Link DOWN
[  186.614909][T10212] 8021q: adding VLAN 0 to HW filter on device bond0
[  186.632361][T10212] 8021q: adding VLAN 0 to HW filter on device team0
[  186.642436][T10212] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  186.732473][T10212] __nla_validate_parse: 24 callbacks suppressed
[  186.732485][T10212] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2245'.
[  186.747607][T10212] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2245'.
[  186.756979][T10212] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2245'.
[  186.803656][T10212] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2245'.
[  186.812578][T10212] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2245'.
[  186.822387][T10212] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2245'.
[  186.861386][ T3305] EXT4-fs unmount: 88 callbacks suppressed
[  186.861400][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.948199][   T23] lo speed is unknown, defaulting to 1000
[  186.954016][   T23] syz0: Port: 1 Link ACTIVE
[  186.990229][   T29] kauditd_printk_skb: 293 callbacks suppressed
[  186.990244][   T29] audit: type=1326 audit(1752109848.492:24974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10233 comm="syz.1.2249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6f24ee929 code=0x7ffc0000
[  187.020317][   T29] audit: type=1326 audit(1752109848.492:24975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10233 comm="syz.1.2249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6f24ee929 code=0x7ffc0000
[  187.044026][   T29] audit: type=1326 audit(1752109848.492:24976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10233 comm="syz.1.2249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa6f24ee929 code=0x7ffc0000
[  187.067583][   T29] audit: type=1326 audit(1752109848.492:24977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10233 comm="syz.1.2249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6f24ee929 code=0x7ffc0000
[  187.091137][   T29] audit: type=1326 audit(1752109848.492:24978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10233 comm="syz.1.2249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6f24ee929 code=0x7ffc0000
[  187.091492][T10234] loop1: detected capacity change from 0 to 8192
[  187.114662][   T29] audit: type=1326 audit(1752109848.492:24979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10233 comm="syz.1.2249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa6f24ee929 code=0x7ffc0000
[  187.114702][   T29] audit: type=1326 audit(1752109848.522:24980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10233 comm="syz.1.2249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6f24ee929 code=0x7ffc0000
[  187.168238][   T29] audit: type=1326 audit(1752109848.522:24981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10233 comm="syz.1.2249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6f24ee929 code=0x7ffc0000
[  187.191837][   T29] audit: type=1326 audit(1752109848.542:24982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10233 comm="syz.1.2249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=318 compat=0 ip=0x7fa6f24ee929 code=0x7ffc0000
[  187.193997][ T3377] usb usb2-port1: unable to enumerate USB device
[  187.216060][   T29] audit: type=1326 audit(1752109848.542:24983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10233 comm="syz.1.2249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6f24ee929 code=0x7ffc0000
[  187.310437][T10237] loop3: detected capacity change from 0 to 2048
[  187.330882][T10237] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  187.345647][T10237] netlink: 'syz.3.2250': attribute type 27 has an invalid length.
[  187.375818][T10237] 8021q: adding VLAN 0 to HW filter on device bond0
[  187.383805][T10237] 8021q: adding VLAN 0 to HW filter on device team0
[  187.393247][T10237] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  187.414358][T10237] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2250'.
[  187.423504][T10237] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2250'.
[  187.427972][T10245] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2253'.
[  187.432749][T10237] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2250'.
[  187.481223][T10253] loop1: detected capacity change from 0 to 512
[  187.487939][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.488939][T10253] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.2255: casefold flag without casefold feature
[  187.510399][T10253] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.2255: couldn't read orphan inode 15 (err -117)
[  187.525098][T10253] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  187.571084][T10264] loop3: detected capacity change from 0 to 512
[  187.578783][T10264] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.2260: casefold flag without casefold feature
[  187.592067][T10264] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.2260: couldn't read orphan inode 15 (err -117)
[  187.592355][T10252] delete_channel: no stack
[  187.605253][T10264] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  187.636877][T10268] FAULT_INJECTION: forcing a failure.
[  187.636877][T10268] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  187.650021][T10268] CPU: 1 UID: 0 PID: 10268 Comm: syz.0.2261 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(voluntary) 
[  187.650052][T10268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  187.650136][T10268] Call Trace:
[  187.650143][T10268]  <TASK>
[  187.650150][T10268]  __dump_stack+0x1d/0x30
[  187.650241][T10268]  dump_stack_lvl+0xe8/0x140
[  187.650295][T10268]  dump_stack+0x15/0x1b
[  187.650313][T10268]  should_fail_ex+0x265/0x280
[  187.650342][T10268]  should_fail+0xb/0x20
[  187.650367][T10268]  should_fail_usercopy+0x1a/0x20
[  187.650478][T10268]  _copy_to_iter+0x381/0xe30
[  187.650510][T10268]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  187.650587][T10268]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  187.650621][T10268]  __skb_datagram_iter+0xc6/0x690
[  187.650662][T10268]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  187.650720][T10268]  skb_copy_datagram_iter+0x3d/0x110
[  187.650752][T10268]  netlink_recvmsg+0x1a8/0x550
[  187.650782][T10268]  ? __pfx_netlink_recvmsg+0x10/0x10
[  187.650903][T10268]  sock_recvmsg+0x139/0x170
[  187.650926][T10268]  ____sys_recvmsg+0xf5/0x280
[  187.650962][T10268]  ___sys_recvmsg+0x11f/0x370
[  187.651000][T10268]  do_recvmmsg+0x1ef/0x540
[  187.651020][T10268]  ? get_timespec64+0xc9/0x100
[  187.651039][T10268]  __x64_sys_recvmmsg+0xfb/0x170
[  187.651123][T10268]  x64_sys_call+0x1c6a/0x2fb0
[  187.651145][T10268]  do_syscall_64+0xd2/0x200
[  187.651189][T10268]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  187.651216][T10268]  ? clear_bhb_loop+0x40/0x90
[  187.651238][T10268]  ? clear_bhb_loop+0x40/0x90
[  187.651288][T10268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.651307][T10268] RIP: 0033:0x7f339494e929
[  187.651322][T10268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.651414][T10268] RSP: 002b:00007f3392fb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  187.651431][T10268] RAX: ffffffffffffffda RBX: 00007f3394b75fa0 RCX: 00007f339494e929
[  187.651442][T10268] RDX: 04000000000003b4 RSI: 00002000000037c0 RDI: 0000000000000003
[  187.651486][T10268] RBP: 00007f3392fb7090 R08: 0000200000003700 R09: 0000000000000000
[  187.651497][T10268] R10: 0000000002040000 R11: 0000000000000246 R12: 0000000000000001
[  187.651509][T10268] R13: 0000000000000000 R14: 00007f3394b75fa0 R15: 00007ffd5b2cfaf8
[  187.651578][T10268]  </TASK>
[  187.651618][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.896137][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.939394][T10263] delete_channel: no stack
[  187.943986][T10276] loop0: detected capacity change from 0 to 1024
[  187.951793][T10276] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  187.963131][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.969097][T10276] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  187.980381][T10276] EXT4-fs (loop0): orphan cleanup on readonly fs
[  187.988722][T10279] netlink: 'syz.1.2264': attribute type 2 has an invalid length.
[  187.997294][T10279] netlink: 'syz.1.2264': attribute type 1 has an invalid length.
[  188.006262][T10282] loop2: detected capacity change from 0 to 2048
[  188.012784][T10279] loop1: detected capacity change from 0 to 512
[  188.021063][T10276] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  188.031425][T10276] EXT4-fs (loop0): Remounting filesystem read-only
[  188.038088][T10276] EXT4-fs (loop0): 1 truncate cleaned up
[  188.044358][T10276] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  188.057901][T10282] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  188.070843][T10279] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  188.086185][T10276] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  188.106427][T10279] ext4 filesystem being mounted at /514/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  188.118069][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.123196][T10279] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #2: block 3: comm syz.1.2264: lblock 8 mapped to illegal pblock 3 (length 26)
[  188.139205][T10282] netlink: 'syz.2.2267': attribute type 27 has an invalid length.
[  188.165221][T10282] wg2: left promiscuous mode
[  188.169969][T10282] wg2: left allmulticast mode
[  188.209316][T10282] 8021q: adding VLAN 0 to HW filter on device bond0
[  188.217260][T10282] 8021q: adding VLAN 0 to HW filter on device team0
[  188.226784][T10282] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  188.277757][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.321910][T10315] loop0: detected capacity change from 0 to 1024
[  188.328665][T10315] EXT4-fs: Ignoring removed nobh option
[  188.334267][T10315] EXT4-fs: inline encryption not supported
[  188.354063][T10315] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  188.397256][T10324] hsr_slave_0: left promiscuous mode
[  188.403217][T10324] hsr_slave_1: left promiscuous mode
[  188.457015][T10331] bridge3: entered promiscuous mode
[  188.462257][T10331] bridge3: entered allmulticast mode
[  188.516609][T10335] loop2: detected capacity change from 0 to 2048
[  188.525411][T10335] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  188.541343][T10335] netlink: 'syz.2.2285': attribute type 27 has an invalid length.
[  188.549438][   T36] usb usb10-port1: unable to enumerate USB device
[  188.565688][T10335] bridge3: left promiscuous mode
[  188.570660][T10335] bridge3: left allmulticast mode
[  188.589602][T10335] 8021q: adding VLAN 0 to HW filter on device bond0
[  188.597240][T10335] 8021q: adding VLAN 0 to HW filter on device team0
[  188.605720][T10335] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  188.637089][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.770633][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.799706][ T3374] usb 6-1: device descriptor read/8, error -110
[  188.806233][T10346] loop1: detected capacity change from 0 to 128
[  188.813073][T10346] EXT4-fs: Ignoring removed nobh option
[  188.820062][T10346] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  188.832653][T10346] ext4 filesystem being mounted at /516/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  188.909098][ T3374] usb 6-1: new SuperSpeed USB device number 28 using vhci_hcd
[  188.929138][ T3374] usb 6-1: enqueue for inactive port 0
[  188.934724][ T3374] usb 6-1: enqueue for inactive port 0
[  188.940483][ T3374] usb 6-1: enqueue for inactive port 0
[  188.962853][ T3305] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  188.982839][T10350] $Hÿ: renamed from bond0 (while UP)
[  188.989725][T10350] $Hÿ: entered promiscuous mode
[  188.996343][T10350] vhci_hcd: invalid port number 22
[  189.001520][T10350] vhci_hcd: default hub control req: 0d06 v0000 i0016 l0
[  189.041793][T10352] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  189.050233][ T3374] usb usb6-port1: attempt power cycle
[  189.076160][T10354] loop1: detected capacity change from 0 to 128
[  189.430375][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.504428][T10365] loop4: detected capacity change from 0 to 2048
[  189.521756][T10365] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  189.536649][T10365] netlink: 'syz.4.2296': attribute type 27 has an invalid length.
[  189.566224][T10365] 8021q: adding VLAN 0 to HW filter on device bond0
[  189.574049][T10365] 8021q: adding VLAN 0 to HW filter on device team0
[  189.584779][T10365] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  189.638193][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.689455][T10380] netlink: 'syz.1.2298': attribute type 2 has an invalid length.
[  189.697192][T10380] netlink: 'syz.1.2298': attribute type 1 has an invalid length.
[  189.706997][T10380] loop1: detected capacity change from 0 to 512
[  189.720285][T10380] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.732871][T10380] ext4 filesystem being mounted at /522/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  189.743431][T10383] loop4: detected capacity change from 0 to 512
[  189.743988][T10380] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #2: block 3: comm syz.1.2298: lblock 8 mapped to illegal pblock 3 (length 26)
[  189.750182][T10383] EXT4-fs: Ignoring removed nomblk_io_submit option
[  189.772482][T10383] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  189.783804][T10383] EXT4-fs (loop4): 1 truncate cleaned up
[  189.789993][T10383] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  189.809340][T10383] EXT4-fs (loop4): shut down requested (2)
[  189.878610][T10387] loop3: detected capacity change from 0 to 1024
[  189.885738][T10387] EXT4-fs: Ignoring removed nobh option
[  189.891383][T10387] EXT4-fs: inline encryption not supported
[  189.900621][T10387] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.463403][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.480345][T10391] FAULT_INJECTION: forcing a failure.
[  190.480345][T10391] name failslab, interval 1, probability 0, space 0, times 0
[  190.493093][T10391] CPU: 0 UID: 0 PID: 10391 Comm: syz.1.2301 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(voluntary) 
[  190.493119][T10391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  190.493130][T10391] Call Trace:
[  190.493135][T10391]  <TASK>
[  190.493142][T10391]  __dump_stack+0x1d/0x30
[  190.493160][T10391]  dump_stack_lvl+0xe8/0x140
[  190.493176][T10391]  dump_stack+0x15/0x1b
[  190.493281][T10391]  should_fail_ex+0x265/0x280
[  190.493348][T10391]  ? do_proc_control+0x1d6/0x8b0
[  190.493363][T10391]  should_failslab+0x8c/0xb0
[  190.493383][T10391]  __kmalloc_cache_noprof+0x4c/0x320
[  190.493416][T10391]  do_proc_control+0x1d6/0x8b0
[  190.493432][T10391]  ? should_fail_ex+0xdb/0x280
[  190.493457][T10391]  proc_control_compat+0xae/0xe0
[  190.493606][T10391]  usbdev_ioctl+0xee1/0x1710
[  190.493635][T10391]  ? __pfx_usbdev_ioctl+0x10/0x10
[  190.493658][T10391]  __se_sys_ioctl+0xce/0x140
[  190.493716][T10391]  __x64_sys_ioctl+0x43/0x50
[  190.493738][T10391]  x64_sys_call+0x19a8/0x2fb0
[  190.493756][T10391]  do_syscall_64+0xd2/0x200
[  190.493863][T10391]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  190.493963][T10391]  ? clear_bhb_loop+0x40/0x90
[  190.493981][T10391]  ? clear_bhb_loop+0x40/0x90
[  190.493999][T10391]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.494017][T10391] RIP: 0033:0x7fa6f24ee929
[  190.494030][T10391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.494122][T10391] RSP: 002b:00007fa6f0b57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  190.494138][T10391] RAX: ffffffffffffffda RBX: 00007fa6f2715fa0 RCX: 00007fa6f24ee929
[  190.494149][T10391] RDX: 0000200000000040 RSI: 00000000c0105500 RDI: 0000000000000004
[  190.494160][T10391] RBP: 00007fa6f0b57090 R08: 0000000000000000 R09: 0000000000000000
[  190.494170][T10391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.494180][T10391] R13: 0000000000000000 R14: 00007fa6f2715fa0 R15: 00007ffe00cc1278
[  190.494270][T10391]  </TASK>
[  190.699790][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.754059][T10393] loop1: detected capacity change from 0 to 8192
[  190.759862][T10395] loop4: detected capacity change from 0 to 8192
[  190.833402][T10397] loop1: detected capacity change from 0 to 512
[  190.841010][T10397] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.2304: casefold flag without casefold feature
[  190.854014][T10397] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.2304: couldn't read orphan inode 15 (err -117)
[  190.866558][T10397] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.909849][ T3374] usb usb6-port1: unable to enumerate USB device
[  190.929363][T10396] delete_channel: no stack
[  190.941871][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.003722][T10409] loop4: detected capacity change from 0 to 1024
[  191.010781][T10409] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  191.022451][T10409] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  191.030541][T10409] EXT4-fs (loop4): orphan cleanup on readonly fs
[  191.037373][T10409] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  191.047104][T10409] EXT4-fs (loop4): Remounting filesystem read-only
[  191.053646][T10409] EXT4-fs (loop4): 1 truncate cleaned up
[  191.060266][T10409] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  191.081001][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.096805][T10415] loop4: detected capacity change from 0 to 512
[  191.104132][T10415] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.2311: casefold flag without casefold feature
[  191.116974][T10415] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.2311: couldn't read orphan inode 15 (err -117)
[  191.129603][T10415] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.199451][T10414] delete_channel: no stack
[  191.211526][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.267780][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.320243][T10427] loop0: detected capacity change from 0 to 2048
[  191.331458][T10427] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.343772][T10420] loop4: detected capacity change from 0 to 512
[  191.347339][T10427] netlink: 'syz.0.2315': attribute type 27 has an invalid length.
[  191.350630][T10420] EXT4-fs: Ignoring removed nomblk_io_submit option
[  191.364882][T10420] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  191.375758][T10420] EXT4-fs (loop4): 1 truncate cleaned up
[  191.381834][T10420] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.397971][T10420] EXT4-fs (loop4): shut down requested (2)
[  191.415587][T10431] 8021q: adding VLAN 0 to HW filter on device bond0
[  191.423055][T10431] 8021q: adding VLAN 0 to HW filter on device team0
[  191.431893][T10431] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  191.486702][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.540741][T10436] loop0: detected capacity change from 0 to 8192
[  191.753434][T10450] loop0: detected capacity change from 0 to 1024
[  191.760858][T10450] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  191.773172][T10450] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  191.781380][T10450] EXT4-fs (loop0): orphan cleanup on readonly fs
[  191.788133][T10450] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  191.797830][T10450] EXT4-fs (loop0): Remounting filesystem read-only
[  191.804672][T10450] EXT4-fs (loop0): 1 truncate cleaned up
[  191.810930][T10450] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  191.831393][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.884245][T10472] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  192.039774][   T29] kauditd_printk_skb: 1063 callbacks suppressed
[  192.039801][   T29] audit: type=1326 audit(1752109853.542:26041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10474 comm="syz.0.2329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f339494e929 code=0x7ffc0000
[  192.087392][   T29] audit: type=1326 audit(1752109853.582:26042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10485 comm="syz.1.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6f24ee929 code=0x7ffc0000
[  192.111113][   T29] audit: type=1326 audit(1752109853.582:26043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10485 comm="syz.1.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6f24ee929 code=0x7ffc0000
[  192.136153][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.138337][   T29] audit: type=1326 audit(1752109853.632:26044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10485 comm="syz.1.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7fa6f24ee929 code=0x7ffc0000
[  192.168995][   T29] audit: type=1326 audit(1752109853.632:26045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10485 comm="syz.1.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6f24ee929 code=0x7ffc0000
[  192.192886][   T29] audit: type=1326 audit(1752109853.632:26046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10485 comm="syz.1.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6f24ee929 code=0x7ffc0000
[  192.216648][   T29] audit: type=1326 audit(1752109853.632:26047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10485 comm="syz.1.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7fa6f24ee929 code=0x7ffc0000
[  192.227770][T10486] loop1: detected capacity change from 0 to 128
[  192.240255][   T29] audit: type=1326 audit(1752109853.632:26048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10485 comm="syz.1.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6f24ee929 code=0x7ffc0000
[  192.240331][   T29] audit: type=1326 audit(1752109853.632:26049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10485 comm="syz.1.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fa6f24ee929 code=0x7ffc0000
[  192.240367][   T29] audit: type=1326 audit(1752109853.632:26050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10485 comm="syz.1.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6f24ee929 code=0x7ffc0000
[  192.455048][T10494] loop0: detected capacity change from 0 to 1024
[  192.463232][T10494] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  192.474442][T10494] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  192.482785][T10494] EXT4-fs (loop0): orphan cleanup on readonly fs
[  192.490363][T10494] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  192.500042][T10494] EXT4-fs (loop0): Remounting filesystem read-only
[  192.506570][T10494] EXT4-fs (loop0): 1 truncate cleaned up
[  192.512803][T10494] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  192.539099][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.649993][T10503] loop0: detected capacity change from 0 to 256
[  192.685032][T10508] loop0: detected capacity change from 0 to 1024
[  192.691859][T10508] EXT4-fs: Ignoring removed oldalloc option
[  192.697902][T10508] EXT4-fs: Invalid want_extra_isize 5
[  192.740732][T10510] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  192.842263][T10513] loop2: detected capacity change from 0 to 512
[  192.936754][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.947230][T10513] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.2342: casefold flag without casefold feature
[  192.969942][T10513] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.2342: couldn't read orphan inode 15 (err -117)
[  192.993840][T10513] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.035353][T10521] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(11)
[  193.042047][T10521] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  193.049960][T10521] vhci_hcd vhci_hcd.0: Device attached
[  193.165580][T10529] loop3: detected capacity change from 0 to 512
[  193.180103][T10511] delete_channel: no stack
[  193.270774][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.300433][T10529] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.2347: casefold flag without casefold feature
[  193.317402][T10532] loop4: detected capacity change from 0 to 1024
[  193.330182][T10529] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.2347: couldn't read orphan inode 15 (err -117)
[  193.354542][T10532] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  193.383397][T10529] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.422269][T10532] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  193.439099][   T23] usb 2-1: SetAddress Request (34) to port 0
[  193.439951][T10532] EXT4-fs (loop4): orphan cleanup on readonly fs
[  193.445221][   T23] usb 2-1: new SuperSpeed USB device number 34 using vhci_hcd
[  193.489496][T10532] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  193.501720][T10541] __nla_validate_parse: 51 callbacks suppressed
[  193.501735][T10541] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2348'.
[  193.504466][T10532] EXT4-fs (loop4): Remounting filesystem read-only
[  193.508003][T10541] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2348'.
[  193.517772][T10532] EXT4-fs (loop4): 1 truncate cleaned up
[  193.562907][T10532] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  193.580222][T10528] delete_channel: no stack
[  193.602446][T10541] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2348'.
[  193.613152][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.646245][T10546] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2352'.
[  193.669276][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.747134][T10556] loop2: detected capacity change from 0 to 2048
[  193.774103][T10556] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.802049][T10565] loop1: detected capacity change from 0 to 1024
[  193.808899][T10565] EXT4-fs: Ignoring removed nobh option
[  193.814765][T10565] EXT4-fs: inline encryption not supported
[  193.835844][T10556] netlink: 'syz.2.2356': attribute type 27 has an invalid length.
[  193.854839][T10524] vhci_hcd: connection reset by peer
[  193.860988][  T170] vhci_hcd: stop threads
[  193.865302][  T170] vhci_hcd: release socket
[  193.869777][  T170] vhci_hcd: disconnect device
[  193.882531][T10568] bridge2: entered promiscuous mode
[  193.887774][T10568] bridge2: entered allmulticast mode
[  193.895713][T10567] loop4: detected capacity change from 0 to 512
[  193.918016][T10556] 8021q: adding VLAN 0 to HW filter on device bond0
[  193.925633][T10567] EXT4-fs: Ignoring removed nomblk_io_submit option
[  193.931232][T10556] 8021q: adding VLAN 0 to HW filter on device team0
[  193.933516][T10567] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  193.955056][T10565] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.967432][T10556] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  193.967978][T10567] EXT4-fs (loop4): 1 truncate cleaned up
[  193.991537][T10556] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2356'.
[  193.992516][T10567] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.000599][T10556] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2356'.
[  194.022283][T10556] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2356'.
[  194.040525][T10556] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2356'.
[  194.048451][T10567] EXT4-fs (loop4): shut down requested (2)
[  194.050047][T10556] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2356'.
[  194.064954][T10556] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2356'.
[  194.108196][T10518] syz.0.2345 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  194.122862][T10518] CPU: 0 UID: 0 PID: 10518 Comm: syz.0.2345 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(voluntary) 
[  194.122903][T10518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  194.122911][T10518] Call Trace:
[  194.122916][T10518]  <TASK>
[  194.122920][T10518]  __dump_stack+0x1d/0x30
[  194.122934][T10518]  dump_stack_lvl+0xe8/0x140
[  194.122945][T10518]  dump_stack+0x15/0x1b
[  194.122955][T10518]  dump_header+0x81/0x220
[  194.123021][T10518]  oom_kill_process+0x334/0x3f0
[  194.123039][T10518]  out_of_memory+0x979/0xb80
[  194.123056][T10518]  try_charge_memcg+0x5e6/0x9e0
[  194.123079][T10518]  obj_cgroup_charge_pages+0xa6/0x150
[  194.123158][T10518]  __memcg_kmem_charge_page+0x9f/0x170
[  194.123175][T10518]  __alloc_frozen_pages_noprof+0x188/0x360
[  194.123195][T10518]  alloc_pages_mpol+0xb3/0x250
[  194.123273][T10518]  alloc_pages_noprof+0x90/0x130
[  194.123289][T10518]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  194.123313][T10518]  __kvmalloc_node_noprof+0x30f/0x4e0
[  194.123386][T10518]  ? ip_set_alloc+0x1f/0x30
[  194.123402][T10518]  ? ip_set_alloc+0x1f/0x30
[  194.123417][T10518]  ? __kmalloc_cache_noprof+0x189/0x320
[  194.123489][T10518]  ip_set_alloc+0x1f/0x30
[  194.123507][T10518]  hash_netiface_create+0x282/0x740
[  194.123608][T10518]  ? __pfx_hash_netiface_create+0x10/0x10
[  194.123682][T10518]  ip_set_create+0x3c9/0x960
[  194.123831][T10518]  ? __nla_parse+0x40/0x60
[  194.123893][T10518]  nfnetlink_rcv_msg+0x4c3/0x590
[  194.123917][T10518]  ? selinux_capable+0x1f9/0x270
[  194.123960][T10518]  netlink_rcv_skb+0x120/0x220
[  194.123977][T10518]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  194.124067][T10518]  nfnetlink_rcv+0x16b/0x1690
[  194.124140][T10518]  ? __kfree_skb+0x109/0x150
[  194.124156][T10518]  ? nlmon_xmit+0x4f/0x60
[  194.124167][T10518]  ? consume_skb+0x49/0x150
[  194.124183][T10518]  ? nlmon_xmit+0x4f/0x60
[  194.124261][T10518]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  194.124403][T10518]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  194.124420][T10518]  ? __dev_queue_xmit+0x182/0x1fb0
[  194.124438][T10518]  ? ref_tracker_free+0x37d/0x3e0
[  194.124458][T10518]  ? __netlink_deliver_tap+0x4dc/0x500
[  194.124520][T10518]  netlink_unicast+0x59e/0x670
[  194.124590][T10518]  netlink_sendmsg+0x58b/0x6b0
[  194.124665][T10518]  ? __pfx_netlink_sendmsg+0x10/0x10
[  194.124730][T10518]  __sock_sendmsg+0x142/0x180
[  194.124744][T10518]  ____sys_sendmsg+0x31e/0x4e0
[  194.124828][T10518]  ___sys_sendmsg+0x17b/0x1d0
[  194.124917][T10518]  __x64_sys_sendmsg+0xd4/0x160
[  194.124936][T10518]  x64_sys_call+0x2999/0x2fb0
[  194.124979][T10518]  do_syscall_64+0xd2/0x200
[  194.125117][T10518]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  194.125132][T10518]  ? clear_bhb_loop+0x40/0x90
[  194.125145][T10518]  ? clear_bhb_loop+0x40/0x90
[  194.125157][T10518]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.125170][T10518] RIP: 0033:0x7f339494e929
[  194.125204][T10518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.125215][T10518] RSP: 002b:00007f3392fb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  194.125233][T10518] RAX: ffffffffffffffda RBX: 00007f3394b75fa0 RCX: 00007f339494e929
[  194.125241][T10518] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005
[  194.125252][T10518] RBP: 00007f33949d0b39 R08: 0000000000000000 R09: 0000000000000000
[  194.125260][T10518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  194.125267][T10518] R13: 0000000000000000 R14: 00007f3394b75fa0 R15: 00007ffd5b2cfaf8
[  194.125282][T10518]  </TASK>
[  194.125286][T10518] memory: usage 307200kB, limit 307200kB, failcnt 17250
[  194.483234][T10518] memory+swap: usage 307500kB, limit 9007199254740988kB, failcnt 0
[  194.491202][T10518] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[  194.498481][T10518] Memory cgroup stats for /syz0:
[  194.498921][T10518] cache 0
[  194.506880][T10518] rss 0
[  194.510251][T10518] shmem 0
[  194.513189][T10518] mapped_file 0
[  194.516644][T10518] dirty 0
[  194.517412][T10577] loop3: detected capacity change from 0 to 512
[  194.519658][T10518] writeback 0
[  194.519668][T10518] workingset_refault_anon 730
[  194.519676][T10518] workingset_refault_file 1434
[  194.519684][T10518] swap 307200
[  194.542516][T10518] swapcached 4096
[  194.546140][T10518] pgpgin 100321
[  194.549621][T10518] pgpgout 100320
[  194.553155][T10518] pgfault 126727
[  194.556694][T10518] pgmajfault 263
[  194.556726][T10577] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.2359: casefold flag without casefold feature
[  194.560277][T10518] inactive_anon 0
[  194.573301][T10577] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.2359: couldn't read orphan inode 15 (err -117)
[  194.573889][T10577] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.576998][T10518] active_anon 0
[  194.577007][T10518] inactive_file 0
[  194.577014][T10518] active_file 0
[  194.577020][T10518] unevictable 0
[  194.577026][T10518] hierarchical_memory_limit 314572800
[  194.577034][T10518] hierarchical_memsw_limit 9223372036854771712
[  194.627307][T10518] total_cache 0
[  194.631441][T10518] total_rss 0
[  194.634713][T10518] total_shmem 0
[  194.638146][T10518] total_mapped_file 0
[  194.642171][T10518] total_dirty 0
[  194.645624][T10518] total_writeback 0
[  194.649426][T10518] total_workingset_refault_anon 730
[  194.654609][T10518] total_workingset_refault_file 1465
[  194.660287][T10518] total_swap 307200
[  194.664067][T10518] total_swapcached 4096
[  194.668203][T10518] total_pgpgin 137707
[  194.672243][T10518] total_pgpgout 137706
[  194.676433][T10518] total_pgfault 164428
[  194.680490][T10518] total_pgmajfault 522
[  194.684541][T10518] total_inactive_anon 0
[  194.688695][T10518] total_active_anon 0
[  194.693063][T10518] total_inactive_file 0
[  194.697195][T10518] total_active_file 0
[  194.701274][T10518] total_unevictable 0
[  194.705227][T10518] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0/syz1,task=syz.0.2345,pid=10517,uid=0
[  194.720633][T10518] Memory cgroup out of memory: Killed process 10517 (syz.0.2345) total-vm:95804kB, anon-rss:1068kB, file-rss:22464kB, shmem-rss:128kB, UID:0 pgtables:144kB oom_score_adj:1000
[  194.738791][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.748860][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.819350][T10576] delete_channel: no stack
[  194.841852][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.902050][T10596] 9pnet_fd: Insufficient options for proto=fd
[  194.942349][T10600] loop4: detected capacity change from 0 to 2048
[  194.948986][T10592] loop3: detected capacity change from 0 to 8192
[  194.966820][T10592] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000ff12)
[  194.974714][T10592] FAT-fs (loop3): Filesystem has been set read-only
[  194.981479][T10592] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000ff12)
[  194.989870][T10592] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000ff12)
[  194.997699][T10592] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000ff12)
[  195.005607][T10592] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000ff12)
[  195.013490][T10592] syz.3.2366: attempt to access beyond end of device
[  195.013490][T10592] loop3: rw=0, sector=65368, nr_sectors = 1 limit=8192
[  195.027518][T10592] Buffer I/O error on dev loop3, logical block 65368, async page read
[  195.027804][T10605] loop2: detected capacity change from 0 to 128
[  195.035693][T10592] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000ff12)
[  195.050818][T10592] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000ff12)
[  195.051164][T10600] Alternate GPT is invalid, using primary GPT.
[  195.058689][T10592] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000ff12)
[  195.065843][T10592] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000ff12)
[  195.073161][T10600]  loop4: p1 p2 p3
[  195.081227][T10592] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000ff12)
[  195.092274][T10592] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000ff12)
[  195.100132][T10592] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000ff12)
[  195.108065][T10592] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000ff12)
[  195.139928][T10592] syz.3.2366: attempt to access beyond end of device
[  195.139928][T10592] loop3: rw=0, sector=65368, nr_sectors = 1 limit=8192
[  195.153503][T10592] Buffer I/O error on dev loop3, logical block 65368, async page read
[  195.236634][T10609] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(11)
[  195.243260][T10609] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  195.251020][T10609] vhci_hcd vhci_hcd.0: Device attached
[  195.340019][T10619] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11)
[  195.346645][T10619] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  195.354983][T10619] vhci_hcd vhci_hcd.0: Device attached
[  195.451910][T10624] loop2: detected capacity change from 0 to 512
[  195.479673][T10624] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.2376: casefold flag without casefold feature
[  195.502683][T10624] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.2376: couldn't read orphan inode 15 (err -117)
[  195.520464][T10624] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.609398][T10623] delete_channel: no stack
[  195.623236][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.632264][    T9] usb 8-1: SetAddress Request (22) to port 0
[  195.638357][    T9] usb 8-1: new SuperSpeed USB device number 22 using vhci_hcd
[  195.781260][T10632] netlink: 'syz.2.2378': attribute type 2 has an invalid length.
[  195.789004][T10632] netlink: 'syz.2.2378': attribute type 1 has an invalid length.
[  195.800637][T10632] loop2: detected capacity change from 0 to 512
[  195.810324][T10632] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.823165][T10632] ext4 filesystem being mounted at /435/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  195.835698][T10632] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #2: block 3: comm syz.2.2378: lblock 8 mapped to illegal pblock 3 (length 26)
[  195.878730][T10639] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11)
[  195.885388][T10639] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  195.892131][T10608] syz.0.2372 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  195.893688][T10639] vhci_hcd vhci_hcd.0: Device attached
[  195.907145][T10608] CPU: 1 UID: 0 PID: 10608 Comm: syz.0.2372 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(voluntary) 
[  195.907174][T10608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  195.907187][T10608] Call Trace:
[  195.907194][T10608]  <TASK>
[  195.907202][T10608]  __dump_stack+0x1d/0x30
[  195.907234][T10608]  dump_stack_lvl+0xe8/0x140
[  195.907254][T10608]  dump_stack+0x15/0x1b
[  195.907271][T10608]  dump_header+0x81/0x220
[  195.907302][T10608]  oom_kill_process+0x334/0x3f0
[  195.907371][T10608]  out_of_memory+0x979/0xb80
[  195.907470][T10608]  try_charge_memcg+0x5e6/0x9e0
[  195.907529][T10608]  obj_cgroup_charge_pages+0xa6/0x150
[  195.907624][T10608]  __memcg_kmem_charge_page+0x9f/0x170
[  195.907668][T10608]  __alloc_frozen_pages_noprof+0x188/0x360
[  195.907764][T10608]  alloc_pages_mpol+0xb3/0x250
[  195.907843][T10608]  alloc_pages_noprof+0x90/0x130
[  195.907903][T10608]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  195.907943][T10608]  __kvmalloc_node_noprof+0x30f/0x4e0
[  195.907971][T10608]  ? ip_set_alloc+0x1f/0x30
[  195.907999][T10608]  ? ip_set_alloc+0x1f/0x30
[  195.908064][T10608]  ? __kmalloc_cache_noprof+0x189/0x320
[  195.908092][T10608]  ip_set_alloc+0x1f/0x30
[  195.908167][T10608]  hash_netiface_create+0x282/0x740
[  195.908199][T10608]  ? __pfx_hash_netiface_create+0x10/0x10
[  195.908230][T10608]  ip_set_create+0x3c9/0x960
[  195.908347][T10608]  ? __nla_parse+0x40/0x60
[  195.908380][T10608]  nfnetlink_rcv_msg+0x4c3/0x590
[  195.908490][T10608]  ? selinux_capable+0x1f9/0x270
[  195.908520][T10608]  netlink_rcv_skb+0x120/0x220
[  195.908551][T10608]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  195.908648][T10608]  nfnetlink_rcv+0x16b/0x1690
[  195.908673][T10608]  ? __kfree_skb+0x109/0x150
[  195.908704][T10608]  ? nlmon_xmit+0x4f/0x60
[  195.908724][T10608]  ? consume_skb+0x49/0x150
[  195.908801][T10608]  ? nlmon_xmit+0x4f/0x60
[  195.908821][T10608]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  195.908917][T10608]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  195.909034][T10608]  ? __dev_queue_xmit+0x182/0x1fb0
[  195.909070][T10608]  ? ref_tracker_free+0x37d/0x3e0
[  195.909160][T10608]  ? __netlink_deliver_tap+0x4dc/0x500
[  195.909196][T10608]  netlink_unicast+0x59e/0x670
[  195.909226][T10608]  netlink_sendmsg+0x58b/0x6b0
[  195.909351][T10608]  ? __pfx_netlink_sendmsg+0x10/0x10
[  195.909384][T10608]  __sock_sendmsg+0x142/0x180
[  195.909427][T10608]  ____sys_sendmsg+0x31e/0x4e0
[  195.909462][T10608]  ___sys_sendmsg+0x17b/0x1d0
[  195.909570][T10608]  __x64_sys_sendmsg+0xd4/0x160
[  195.909605][T10608]  x64_sys_call+0x2999/0x2fb0
[  195.909627][T10608]  do_syscall_64+0xd2/0x200
[  195.909737][T10608]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  195.909764][T10608]  ? clear_bhb_loop+0x40/0x90
[  195.909794][T10608]  ? clear_bhb_loop+0x40/0x90
[  195.909828][T10608]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.909849][T10608] RIP: 0033:0x7f339494e929
[  195.909864][T10608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.909957][T10608] RSP: 002b:00007f3392fb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  195.909976][T10608] RAX: ffffffffffffffda RBX: 00007f3394b75fa0 RCX: 00007f339494e929
[  195.909991][T10608] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005
[  195.910004][T10608] RBP: 00007f33949d0b39 R08: 0000000000000000 R09: 0000000000000000
[  195.910018][T10608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  195.910030][T10608] R13: 0000000000000000 R14: 00007f3394b75fa0 R15: 00007ffd5b2cfaf8
[  195.910134][T10608]  </TASK>
[  195.910175][T10608] memory: usage 307200kB, limit 307200kB, failcnt 20362
[  196.119401][T10621] vhci_hcd: connection reset by peer
[  196.123142][T10608] memory+swap: usage 307496kB, limit 9007199254740988kB, failcnt 0
[  196.128365][ T3571] vhci_hcd: stop threads
[  196.133153][T10608] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[  196.133168][T10608] Memory cgroup stats for /syz0:
[  196.136037][T10608] cache 0
[  196.138524][ T3571] vhci_hcd: release socket
[  196.143314][T10608] rss 0
[  196.143322][T10608] shmem 0
[  196.143330][T10608] mapped_file 0
[  196.147979][ T3571] vhci_hcd: disconnect device
[  196.199095][ T3374] usb 10-1: SetAddress Request (26) to port 0
[  196.207373][T10608] dirty 0
[  196.215887][ T3374] usb 10-1: new SuperSpeed USB device number 26 using vhci_hcd
[  196.223719][T10608] writeback 0
[  196.223773][T10608] workingset_refault_anon 816
[  196.223781][T10608] workingset_refault_file 1561
[  196.223791][T10608] swap 303104
[  196.223798][T10608] swapcached 8192
[  196.223806][T10608] pgpgin 100575
[  196.223814][T10608] pgpgout 100573
[  196.223821][T10608] pgfault 126916
[  196.223829][T10608] pgmajfault 318
[  196.223836][T10608] inactive_anon 8192
[  196.223870][T10608] active_anon 0
[  196.223877][T10608] inactive_file 0
[  196.223885][T10608] active_file 0
[  196.223892][T10608] unevictable 0
[  196.223907][T10608] hierarchical_memory_limit 314572800
[  196.223917][T10608] hierarchical_memsw_limit 9223372036854771712
[  196.223927][T10608] total_cache 0
[  196.223933][T10608] total_rss 0
[  196.223938][T10608] total_shmem 0
[  196.223946][T10608] total_mapped_file 0
[  196.223954][T10608] total_dirty 0
[  196.223962][T10608] total_writeback 0
[  196.223970][T10608] total_workingset_refault_anon 816
[  196.223979][T10608] total_workingset_refault_file 1592
[  196.224010][T10608] total_swap 303104
[  196.224018][T10608] total_swapcached 8192
[  196.224046][T10608] total_pgpgin 140831
[  196.224052][T10608] total_pgpgout 140829
[  196.224059][T10608] total_pgfault 167508
[  196.224066][T10608] total_pgmajfault 584
[  196.224075][T10608] total_inactive_anon 8192
[  196.224083][T10608] total_active_anon 0
[  196.224091][T10608] total_inactive_file 0
[  196.224098][T10608] total_active_file 0
[  196.224123][T10608] total_unevictable 0
[  196.224132][T10608] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0/syz1,task=syz.0.2372,pid=10607,uid=0
[  196.224277][T10608] Memory cgroup out of memory: Killed process 10607 (syz.0.2372) total-vm:95804kB, anon-rss:936kB, file-rss:22464kB, shmem-rss:128kB, UID:0 pgtables:144kB oom_score_adj:1000
[  196.564230][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.587949][T10644] 9pnet_fd: Insufficient options for proto=fd
[  196.628270][T10640] vhci_hcd: connection reset by peer
[  196.639872][   T51] vhci_hcd: stop threads
[  196.644144][   T51] vhci_hcd: release socket
[  196.648555][   T51] vhci_hcd: disconnect device
[  196.679873][T10610] vhci_hcd: connection closed
[  196.680910][   T51] vhci_hcd: stop threads
[  196.690091][   T51] vhci_hcd: release socket
[  196.694613][   T51] vhci_hcd: disconnect device
[  196.723955][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.817705][T10652] loop0: detected capacity change from 0 to 8192
[  196.845170][T10652] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000ff12)
[  196.853786][T10652] FAT-fs (loop0): Filesystem has been set read-only
[  196.860475][T10652] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000ff12)
[  196.868354][T10652] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000ff12)
[  196.876250][T10652] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000ff12)
[  196.884682][T10652] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000ff12)
[  196.896681][T10652] syz.0.2384: attempt to access beyond end of device
[  196.896681][T10652] loop0: rw=0, sector=65368, nr_sectors = 1 limit=8192
[  196.910199][T10652] Buffer I/O error on dev loop0, logical block 65368, async page read
[  196.918393][T10652] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000ff12)
[  196.936405][T10652] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000ff12)
[  196.944307][T10652] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000ff12)
[  196.958156][T10652] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000ff12)
[  196.966031][T10652] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000ff12)
[  196.973879][T10652] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000ff12)
[  196.981708][T10652] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000ff12)
[  196.989534][T10652] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000ff12)
[  196.998633][T10652] syz.0.2384: attempt to access beyond end of device
[  196.998633][T10652] loop0: rw=0, sector=65368, nr_sectors = 1 limit=8192
[  197.012077][T10652] Buffer I/O error on dev loop0, logical block 65368, async page read
[  197.136607][T10680] loop2: detected capacity change from 0 to 2048
[  197.147783][T10682] loop0: detected capacity change from 0 to 512
[  197.170880][T10682] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.2394: casefold flag without casefold feature
[  197.186255][T10680] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.208529][T10682] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.2394: couldn't read orphan inode 15 (err -117)
[  197.230062][T10682] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.230967][T10680] netlink: 'syz.2.2395': attribute type 27 has an invalid length.
[  197.308085][T10680] 8021q: adding VLAN 0 to HW filter on device bond0
[  197.314943][T10694] loop1: detected capacity change from 0 to 2048
[  197.317359][T10680] 8021q: adding VLAN 0 to HW filter on device team0
[  197.331463][T10694] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.341557][T10694] netlink: 'syz.1.2399': attribute type 27 has an invalid length.
[  197.352030][T10680] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  197.352429][T10700] netlink: 'syz.4.2397': attribute type 2 has an invalid length.
[  197.375788][T10700] netlink: 'syz.4.2397': attribute type 1 has an invalid length.
[  197.392789][T10700] loop4: detected capacity change from 0 to 512
[  197.402581][T10694] $Hÿ: left promiscuous mode
[  197.409774][ T7522] lo speed is unknown, defaulting to 1000
[  197.417430][T10700] ext4 filesystem being mounted at /480/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  197.427525][T10706] 8021q: adding VLAN 0 to HW filter on device $Hÿ
[  197.429421][T10700] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #2: block 3: comm syz.4.2397: lblock 8 mapped to illegal pblock 3 (length 26)
[  197.435778][T10706] 8021q: adding VLAN 0 to HW filter on device team0
[  197.469822][T10706] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  197.485482][ T3418] lo speed is unknown, defaulting to 1000
[  197.508258][   T29] kauditd_printk_skb: 411 callbacks suppressed
[  197.508349][   T29] audit: type=1326 audit(1752109859.002:26458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10712 comm="syz.2.2402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff01c5e929 code=0x7ffc0000
[  197.540123][   T29] audit: type=1326 audit(1752109859.002:26459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10712 comm="syz.2.2402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff01c5e929 code=0x7ffc0000
[  197.563891][   T29] audit: type=1326 audit(1752109859.002:26460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10712 comm="syz.2.2402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff01c5e929 code=0x7ffc0000
[  197.587590][   T29] audit: type=1326 audit(1752109859.002:26461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10712 comm="syz.2.2402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff01c5e929 code=0x7ffc0000
[  197.587765][T10681] delete_channel: no stack
[  197.611884][   T29] audit: type=1326 audit(1752109859.002:26462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10712 comm="syz.2.2402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7eff01c5e929 code=0x7ffc0000
[  197.639737][   T29] audit: type=1326 audit(1752109859.002:26463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10712 comm="syz.2.2402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff01c5e929 code=0x7ffc0000
[  197.663372][   T29] audit: type=1326 audit(1752109859.002:26464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10712 comm="syz.2.2402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff01c5e929 code=0x7ffc0000
[  197.687561][   T29] audit: type=1326 audit(1752109859.002:26465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10712 comm="syz.2.2402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff01c5e929 code=0x7ffc0000
[  197.711905][   T29] audit: type=1326 audit(1752109859.002:26466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10712 comm="syz.2.2402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=255 compat=0 ip=0x7eff01c5e929 code=0x7ffc0000
[  197.735502][   T29] audit: type=1326 audit(1752109859.002:26467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10712 comm="syz.2.2402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff01c5e929 code=0x7ffc0000
[  197.791586][T10725] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  197.798293][T10725] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  197.806101][T10725] vhci_hcd vhci_hcd.0: Device attached
[  197.853274][T10731] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  197.887982][T10723] loop0: detected capacity change from 0 to 512
[  197.894793][T10723] EXT4-fs: Ignoring removed nomblk_io_submit option
[  197.901911][T10723] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  197.924335][T10723] EXT4-fs (loop0): 1 truncate cleaned up
[  197.938507][T10723] EXT4-fs (loop0): shut down requested (2)
[  198.089997][ T7522] usb 6-1: SetAddress Request (31) to port 0
[  198.102886][ T7522] usb 6-1: new SuperSpeed USB device number 31 using vhci_hcd
[  198.198322][T10748] loop4: detected capacity change from 0 to 2048
[  198.206668][T10750] loop1: detected capacity change from 0 to 512
[  198.216871][T10750] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.2414: casefold flag without casefold feature
[  198.230108][T10750] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.2414: couldn't read orphan inode 15 (err -117)
[  198.248167][T10748] netlink: 'syz.4.2413': attribute type 27 has an invalid length.
[  198.287375][T10748] 8021q: adding VLAN 0 to HW filter on device bond0
[  198.294851][T10749] delete_channel: no stack
[  198.307346][T10748] 8021q: adding VLAN 0 to HW filter on device team0
[  198.332798][T10748] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  198.417378][T10761] loop3: detected capacity change from 0 to 8192
[  198.479129][   T23] usb 2-1: device descriptor read/8, error -110
[  198.551113][T10761]  loop3: p2 p3 p4
[  198.555101][T10761] loop3: p2 start 4294967295 is beyond EOD, truncated
[  198.561690][T10719] syz.2.2406 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  198.562151][T10761] loop3: p3 start 83886080 is beyond EOD, truncated
[  198.573425][T10719] CPU: 0 UID: 0 PID: 10719 Comm: syz.2.2406 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(voluntary) 
[  198.573505][T10719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  198.573518][T10719] Call Trace:
[  198.573525][T10719]  <TASK>
[  198.573538][T10719]  __dump_stack+0x1d/0x30
[  198.573558][T10719]  dump_stack_lvl+0xe8/0x140
[  198.573578][T10719]  dump_stack+0x15/0x1b
[  198.573603][T10719]  dump_header+0x81/0x220
[  198.573649][T10719]  oom_kill_process+0x334/0x3f0
[  198.573748][T10719]  out_of_memory+0x979/0xb80
[  198.573852][T10719]  try_charge_memcg+0x5e6/0x9e0
[  198.573892][T10719]  charge_memcg+0x51/0xc0
[  198.573987][T10719]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  198.574021][T10719]  __read_swap_cache_async+0x1df/0x350
[  198.574052][T10719]  swap_cluster_readahead+0x376/0x3e0
[  198.574094][T10719]  swapin_readahead+0xde/0x6f0
[  198.574122][T10719]  ? __filemap_get_folio+0x4f7/0x6b0
[  198.574180][T10719]  ? __rcu_read_unlock+0x34/0x70
[  198.574201][T10719]  ? swap_cache_get_folio+0x77/0x200
[  198.574336][T10719]  do_swap_page+0x301/0x2430
[  198.574355][T10719]  ? css_rstat_updated+0xcd/0x5b0
[  198.574402][T10719]  ? __pfx_default_wake_function+0x10/0x10
[  198.574428][T10719]  handle_mm_fault+0x9a5/0x2be0
[  198.574471][T10719]  ? mas_walk+0xf2/0x120
[  198.574503][T10719]  do_user_addr_fault+0x636/0x1090
[  198.574583][T10719]  exc_page_fault+0x62/0xa0
[  198.574610][T10719]  asm_exc_page_fault+0x26/0x30
[  198.574630][T10719] RIP: 0033:0x7eff01b35379
[  198.574697][T10719] Code: 35 00 00 0f 8e 09 fe ff ff e8 13 a0 fe ff 49 39 c4 72 66 66 0f 1f 44 00 00 69 3d 26 03 e8 00 e8 03 00 00 48 8d 1d 27 0c 35 00 <e8> 02 95 12 00 eb 0c 48 81 c3 e0 00 00 00 48 39 eb 74 24 80 7b 20
[  198.574808][T10719] RSP: 002b:00007ffd5d1ab870 EFLAGS: 00010206
[  198.574823][T10719] RAX: 000000000003076f RBX: 00007eff01e85fa0 RCX: 0000000000030570
[  198.574836][T10719] RDX: 00000000000001ff RSI: 00007ffd5d1ab850 RDI: 00000000000003e8
[  198.574849][T10719] RBP: 00007eff01e87ba0 R08: 000000001e80132a R09: 7fffffffffffffff
[  198.574917][T10719] R10: 3fffffffffffffff R11: 0000000000000293 R12: 000000000003078f
[  198.574930][T10719] R13: 00007ffd5d1ab960 R14: ffffffffffffffff R15: 00007ffd5d1ab980
[  198.574948][T10719]  </TASK>
[  198.574955][T10719] memory: usage 307200kB, limit 307200kB, failcnt 18005
[  198.579510][T10761] loop3: p4 size 3599499264 extends beyond EOD, 
[  198.592018][T10719] memory+swap: usage 307392kB, limit 9007199254740988kB, failcnt 0
[  198.602132][T10761] truncated
[  198.602735][T10769] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  198.606032][T10719] kmem: usage 307168kB, limit 9007199254740988kB, failcnt 0
[  198.608945][   T23] usb 2-1: new SuperSpeed USB device number 34 using vhci_hcd
[  198.613296][T10719] Memory cgroup stats for /syz2:
[  198.729582][T10719] cache 0
[  198.769098][   T23] usb 2-1: enqueue for inactive port 0
[  198.776422][T10719] rss 0
[  198.784618][   T23] usb 2-1: enqueue for inactive port 0
[  198.784637][   T23] usb 2-1: enqueue for inactive port 0
[  198.873176][T10719] shmem 0
[  198.876127][T10719] mapped_file 0
[  198.880174][T10719] dirty 0
[  198.883130][T10719] writeback 0
[  198.886431][T10719] workingset_refault_anon 897
[  198.891119][T10719] workingset_refault_file 1848
[  198.895996][T10719] swap 192512
[  198.899360][T10719] swapcached 4096
[  198.902978][T10719] pgpgin 104970
[  198.903617][T10772] loop3: detected capacity change from 0 to 1024
[  198.906421][T10719] pgpgout 104968
[  198.906429][T10719] pgfault 132833
[  198.906436][T10719] pgmajfault 277
[  198.906442][T10719] inactive_anon 4096
[  198.906448][T10719] active_anon 0
[  198.906454][T10719] inactive_file 4096
[  198.906460][T10719] active_file 0
[  198.906466][T10719] unevictable 0
[  198.906472][T10719] hierarchical_memory_limit 314572800
[  198.933674][T10772] EXT4-fs: Ignoring removed nobh option
[  198.935266][T10719] hierarchical_memsw_limit 9223372036854771712
[  198.938745][T10772] EXT4-fs: inline encryption not supported
[  198.942797][T10719] total_cache 0
[  198.968621][T10719] total_rss 0
[  198.972560][T10719] total_shmem 0
[  198.976026][T10719] total_mapped_file 0
[  198.980025][T10719] total_dirty 0
[  198.983478][T10719] total_writeback 0
[  198.987292][T10719] total_workingset_refault_anon 897
[  198.992515][T10719] total_workingset_refault_file 1878
[  198.997799][T10719] total_swap 192512
[  199.002342][T10719] total_swapcached 4096
[  199.006498][T10719] total_pgpgin 151003
[  199.010582][T10719] total_pgpgout 151001
[  199.014640][T10719] total_pgfault 179363
[  199.018702][T10719] total_pgmajfault 567
[  199.022830][T10719] total_inactive_anon 4096
[  199.027307][T10719] total_active_anon 0
[  199.031877][T10719] total_inactive_file 4096
[  199.036283][T10719] total_active_file 0
[  199.040288][T10719] total_unevictable 0
[  199.044272][T10719] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2/syz1,task=syz.2.2406,pid=10719,uid=0
[  199.060155][T10719] Memory cgroup out of memory: Killed process 10719 (syz.2.2406) total-vm:93756kB, anon-rss:940kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000
[  199.088394][T10779] FAULT_INJECTION: forcing a failure.
[  199.088394][T10779] name failslab, interval 1, probability 0, space 0, times 0
[  199.101718][T10779] CPU: 0 UID: 0 PID: 10779 Comm: syz.3.2421 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(voluntary) 
[  199.101845][T10779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  199.101856][T10779] Call Trace:
[  199.101862][T10779]  <TASK>
[  199.101870][T10779]  __dump_stack+0x1d/0x30
[  199.101892][T10779]  dump_stack_lvl+0xe8/0x140
[  199.101913][T10779]  dump_stack+0x15/0x1b
[  199.101931][T10779]  should_fail_ex+0x265/0x280
[  199.101962][T10779]  should_failslab+0x8c/0xb0
[  199.101993][T10779]  kmem_cache_alloc_noprof+0x50/0x310
[  199.102018][T10779]  ? ext4_mb_new_blocks+0x2ce/0x2050
[  199.102037][T10779]  ? __mark_inode_dirty+0x43c/0x760
[  199.102060][T10779]  ext4_mb_new_blocks+0x2ce/0x2050
[  199.102083][T10779]  ? ext4_ext_search_right+0x30b/0x4f0
[  199.102191][T10779]  ? ext4_inode_to_goal_block+0x1be/0x1e0
[  199.102218][T10779]  ext4_ext_map_blocks+0xff5/0x38a0
[  199.102297][T10779]  ? find_inode_by_ino_rcu+0x9d/0x160
[  199.102348][T10779]  ext4_map_blocks+0x61c/0xd70
[  199.102382][T10779]  ext4_convert_inline_data_nolock+0x16e/0x4c0
[  199.102433][T10779]  ext4_convert_inline_data+0x2b8/0x350
[  199.102528][T10779]  ext4_fallocate+0xa6/0x660
[  199.102673][T10779]  vfs_fallocate+0x413/0x450
[  199.102694][T10779]  __x64_sys_fallocate+0x7a/0xd0
[  199.102784][T10779]  x64_sys_call+0x2b88/0x2fb0
[  199.102802][T10779]  do_syscall_64+0xd2/0x200
[  199.102830][T10779]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  199.102858][T10779]  ? clear_bhb_loop+0x40/0x90
[  199.102950][T10779]  ? clear_bhb_loop+0x40/0x90
[  199.103052][T10779]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.103074][T10779] RIP: 0033:0x7f4cbebfe929
[  199.103090][T10779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.103108][T10779] RSP: 002b:00007f4cbd246038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  199.103128][T10779] RAX: ffffffffffffffda RBX: 00007f4cbee26080 RCX: 00007f4cbebfe929
[  199.103212][T10779] RDX: 0000000000000a20 RSI: 0000000000000000 RDI: 0000000000000004
[  199.103226][T10779] RBP: 00007f4cbd246090 R08: 0000000000000000 R09: 0000000000000000
[  199.103240][T10779] R10: 0000000008000c64 R11: 0000000000000246 R12: 0000000000000001
[  199.103254][T10779] R13: 0000000000000001 R14: 00007f4cbee26080 R15: 00007ffe49288288
[  199.103275][T10779]  </TASK>
[  199.365056][T10786] __nla_validate_parse: 43 callbacks suppressed
[  199.365071][T10786] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2424'.
[  199.390101][T10727] vhci_hcd: connection reset by peer
[  199.395759][  T170] vhci_hcd: stop threads
[  199.400075][  T170] vhci_hcd: release socket
[  199.404548][  T170] vhci_hcd: disconnect device
[  199.411062][T10786] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2424'.
[  199.420952][T10787] netlink: 'syz.1.2423': attribute type 2 has an invalid length.
[  199.428681][T10787] netlink: 'syz.1.2423': attribute type 1 has an invalid length.
[  199.437021][T10787] netlink: 199820 bytes leftover after parsing attributes in process `syz.1.2423'.
[  199.450427][T10787] loop1: detected capacity change from 0 to 512
[  199.450947][T10789] loop0: detected capacity change from 0 to 128
[  199.498135][T10791] loop2: detected capacity change from 0 to 2048
[  199.551677][T10791] Alternate GPT is invalid, using primary GPT.
[  199.558067][T10791]  loop2: p1 p2 p3
[  199.574059][T10787] ext4 filesystem being mounted at /551/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  199.587031][T10787] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #2: block 3: comm syz.1.2423: lblock 8 mapped to illegal pblock 3 (length 26)
[  199.841390][   T23] usb usb2-port1: attempt power cycle
[  199.863360][T10801] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2429'.
[  199.872992][T10801] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2429'.
[  199.886320][T10801] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2429'.
[  199.950681][T10807] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  199.979765][T10810] loop1: detected capacity change from 0 to 1024
[  199.986815][T10810] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  199.998002][T10810] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  200.006601][T10810] EXT4-fs (loop1): orphan cleanup on readonly fs
[  200.014031][T10810] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  200.023640][T10808] loop4: detected capacity change from 0 to 512
[  200.024492][T10810] EXT4-fs (loop1): Remounting filesystem read-only
[  200.030992][T10808] EXT4-fs: Ignoring removed nomblk_io_submit option
[  200.037007][T10810] EXT4-fs (loop1): 1 truncate cleaned up
[  200.043801][T10808] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  200.060061][T10808] EXT4-fs (loop4): 1 truncate cleaned up
[  200.072717][T10808] EXT4-fs (loop4): shut down requested (2)
[  200.384418][T10820] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  200.411694][T10820] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  200.509763][T10821] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  200.516471][T10821] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  200.524251][T10821] vhci_hcd vhci_hcd.0: Device attached
[  200.534497][T10823] loop3: detected capacity change from 0 to 2048
[  200.575015][T10823] netlink: 'syz.3.2437': attribute type 27 has an invalid length.
[  200.603366][T10823] bridge2: left promiscuous mode
[  200.608418][T10823] bridge2: left allmulticast mode
[  200.707593][T10829] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2437'.
[  200.716551][T10829] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2437'.
[  200.729507][    T9] usb 8-1: device descriptor read/8, error -110
[  200.773837][T10823] 8021q: adding VLAN 0 to HW filter on device bond0
[  200.775126][T10829] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2437'.
[  200.803438][T10823] 8021q: adding VLAN 0 to HW filter on device team0
[  200.836582][T10823] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  200.844778][    T9] usb 8-1: new SuperSpeed USB device number 22 using vhci_hcd
[  200.874394][T10829] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2437'.
[  200.898675][    T9] usb 8-1: enqueue for inactive port 0
[  200.938974][    T9] usb 8-1: enqueue for inactive port 0
[  200.956265][    T9] usb 8-1: enqueue for inactive port 0
[  201.075393][T10845] loop4: detected capacity change from 0 to 8192
[  201.099238][T10845] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  201.107204][T10845] FAT-fs (loop4): Filesystem has been set read-only
[  201.113843][T10845] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  201.121912][T10845] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  201.129886][T10845] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  201.137728][T10845] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  201.170379][T10845] syz.4.2444: attempt to access beyond end of device
[  201.170379][T10845] loop4: rw=0, sector=65368, nr_sectors = 1 limit=8192
[  201.183810][T10845] Buffer I/O error on dev loop4, logical block 65368, async page read
[  201.192055][T10845] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  201.211753][T10845] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  201.219786][T10845] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  201.229248][T10845] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  201.237319][T10845] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  201.245212][T10845] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  201.253173][T10845] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  201.261025][T10845] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  201.269158][T10845] syz.4.2444: attempt to access beyond end of device
[  201.269158][T10845] loop4: rw=0, sector=65368, nr_sectors = 1 limit=8192
[  201.282652][T10845] Buffer I/O error on dev loop4, logical block 65368, async page read
[  201.292531][T10824] vhci_hcd: connection closed
[  201.292659][   T12] vhci_hcd: stop threads
[  201.301610][   T12] vhci_hcd: release socket
[  201.306066][   T12] vhci_hcd: disconnect device
[  201.311559][ T3374] usb 10-1: device descriptor read/8, error -110
[  201.311870][T10859] netlink: 'syz.3.2448': attribute type 13 has an invalid length.
[  201.419193][ T3374] usb 10-1: new SuperSpeed USB device number 26 using vhci_hcd
[  201.458970][ T3374] usb 10-1: enqueue for inactive port 0
[  201.464730][ T3374] usb 10-1: enqueue for inactive port 0
[  201.479680][ T3374] usb 10-1: enqueue for inactive port 0
[  201.606324][T10870] loop4: detected capacity change from 0 to 2048
[  201.746012][T10870] netlink: 'syz.4.2454': attribute type 27 has an invalid length.
[  201.786641][T10870] 8021q: adding VLAN 0 to HW filter on device bond0
[  201.945522][T10870] 8021q: adding VLAN 0 to HW filter on device team0
[  201.963944][T10881] netlink: 'syz.3.2458': attribute type 2 has an invalid length.
[  201.971726][T10881] netlink: 'syz.3.2458': attribute type 1 has an invalid length.
[  201.983205][T10881] loop3: detected capacity change from 0 to 512
[  201.996713][T10870] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  202.012974][    T9] usb usb8-port1: attempt power cycle
[  202.071376][T10896] netlink: 'syz.2.2461': attribute type 13 has an invalid length.
[  202.090446][T10881] ext4 filesystem being mounted at /436/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  202.114100][T10881] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #2: block 3: comm syz.3.2458: lblock 8 mapped to illegal pblock 3 (length 26)
[  202.172155][T10900] loop2: detected capacity change from 0 to 2048
[  202.220927][T10900] Alternate GPT is invalid, using primary GPT.
[  202.227264][T10900]  loop2: p1 p2 p3
[  202.399244][   T23] usb usb2-port1: unable to enumerate USB device
[  202.435665][T10906] loop4: detected capacity change from 0 to 8192
[  202.447325][T10906] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  202.455205][T10906] FAT-fs (loop4): Filesystem has been set read-only
[  202.461824][T10906] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  202.469686][T10906] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  202.477503][T10906] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  202.485349][T10906] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  202.493606][T10906] syz.4.2465: attempt to access beyond end of device
[  202.493606][T10906] loop4: rw=0, sector=65368, nr_sectors = 1 limit=8192
[  202.507223][T10906] Buffer I/O error on dev loop4, logical block 65368, async page read
[  202.515421][T10906] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  202.523813][T10906] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  202.531725][T10906] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  202.539779][T10906] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  202.547744][T10906] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  202.555575][T10906] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  202.563455][T10906] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  202.571275][T10906] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  202.579249][T10906] syz.4.2465: attempt to access beyond end of device
[  202.579249][T10906] loop4: rw=0, sector=65368, nr_sectors = 1 limit=8192
[  202.592838][T10906] Buffer I/O error on dev loop4, logical block 65368, async page read
[  202.618479][T10921] loop1: detected capacity change from 0 to 2048
[  202.629426][   T29] kauditd_printk_skb: 1390 callbacks suppressed
[  202.629441][   T29] audit: type=1326 audit(1752109864.132:27856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.4.2465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc57a5be929 code=0x7ffc0000
[  202.659416][   T29] audit: type=1326 audit(1752109864.132:27857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.4.2465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc57a5be929 code=0x7ffc0000
[  202.659756][ T3374] usb usb10-port1: attempt power cycle
[  202.690793][T10923] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(11)
[  202.697420][T10923] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  202.705192][T10923] vhci_hcd vhci_hcd.0: Device attached
[  202.735060][T10921] netlink: 'syz.1.2471': attribute type 27 has an invalid length.
[  202.792268][T10921] 8021q: adding VLAN 0 to HW filter on device $Hÿ
[  202.812781][T10921] 8021q: adding VLAN 0 to HW filter on device team0
[  202.858553][T10921] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  202.874119][   T23] lo speed is unknown, defaulting to 1000
[  202.880106][ T3377] lo speed is unknown, defaulting to 1000
[  202.917530][   T29] audit: type=1326 audit(1752109864.382:27858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10937 comm="syz.4.2474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc57a5be929 code=0x7ffc0000
[  202.941938][   T29] audit: type=1326 audit(1752109864.382:27859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10937 comm="syz.4.2474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc57a5be929 code=0x7ffc0000
[  202.965806][   T29] audit: type=1326 audit(1752109864.382:27860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10937 comm="syz.4.2474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc57a5be929 code=0x7ffc0000
[  202.966122][T10939] loop4: detected capacity change from 0 to 8192
[  202.990348][   T29] audit: type=1326 audit(1752109864.382:27861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10937 comm="syz.4.2474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc57a5be929 code=0x7ffc0000
[  203.019819][T10936] loop3: detected capacity change from 0 to 128
[  203.020038][T10936] EXT4-fs: Ignoring removed oldalloc option
[  203.032358][   T29] audit: type=1326 audit(1752109864.382:27862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10937 comm="syz.4.2474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc57a5be929 code=0x7ffc0000
[  203.056667][   T29] audit: type=1326 audit(1752109864.382:27863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10937 comm="syz.4.2474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc57a5be929 code=0x7ffc0000
[  203.069985][T10936] ext4 filesystem being mounted at /437/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  203.080803][   T29] audit: type=1326 audit(1752109864.382:27864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10937 comm="syz.4.2474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=318 compat=0 ip=0x7fc57a5be929 code=0x7ffc0000
[  203.114855][   T29] audit: type=1326 audit(1752109864.382:27865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10937 comm="syz.4.2474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc57a5be929 code=0x7ffc0000
[  203.156783][T10939] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.164785][T10939] FAT-fs (loop4): Filesystem has been set read-only
[  203.172098][T10939] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.179987][T10939] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.187795][T10939] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.195675][T10939] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.204135][   T10] usb 2-1: SetAddress Request (38) to port 0
[  203.210273][   T10] usb 2-1: new SuperSpeed USB device number 38 using vhci_hcd
[  203.211334][ T7522] usb 6-1: device descriptor read/8, error -110
[  203.263849][T10939] syz.4.2474: attempt to access beyond end of device
[  203.263849][T10939] loop4: rw=0, sector=65368, nr_sectors = 1 limit=8192
[  203.277301][T10939] Buffer I/O error on dev loop4, logical block 65368, async page read
[  203.285484][T10939] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.294498][T10939] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.302558][T10939] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.310860][T10939] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.318735][T10939] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.327226][T10939] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.335147][T10939] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.339148][ T7522] usb 6-1: new SuperSpeed USB device number 31 using vhci_hcd
[  203.343039][T10939] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.358987][T10939] syz.4.2474: attempt to access beyond end of device
[  203.358987][T10939] loop4: rw=0, sector=65368, nr_sectors = 1 limit=8192
[  203.372637][T10939] Buffer I/O error on dev loop4, logical block 65368, async page read
[  203.379250][ T7522] usb 6-1: enqueue for inactive port 0
[  203.393544][ T7522] usb 6-1: enqueue for inactive port 0
[  203.399410][ T7522] usb 6-1: enqueue for inactive port 0
[  203.411633][T10952] netlink: 'syz.1.2476': attribute type 2 has an invalid length.
[  203.423424][T10952] loop1: detected capacity change from 0 to 512
[  203.446292][T10924] vhci_hcd: connection reset by peer
[  203.454147][T10952] ext4 filesystem being mounted at /563/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  203.469706][   T12] vhci_hcd: stop threads
[  203.472644][T10952] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #2: block 3: comm syz.1.2476: lblock 8 mapped to illegal pblock 3 (length 26)
[  203.473973][   T12] vhci_hcd: release socket
[  203.473988][   T12] vhci_hcd: disconnect device
[  203.514998][T10963] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  203.623004][T10974] loop2: detected capacity change from 0 to 512
[  203.660874][T10974] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.2485: casefold flag without casefold feature
[  203.681917][T10979] loop3: detected capacity change from 0 to 2048
[  203.687562][T10974] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.2485: couldn't read orphan inode 15 (err -117)
[  203.717857][T10976] loop4: detected capacity change from 0 to 8192
[  203.725980][T10979] 8021q: adding VLAN 0 to HW filter on device bond0
[  203.735094][T10979] 8021q: adding VLAN 0 to HW filter on device team0
[  203.744974][T10976] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.752850][T10976] FAT-fs (loop4): Filesystem has been set read-only
[  203.752868][T10976] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.767238][T10976] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.767258][T10976] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.775064][T10979] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  203.798960][T10976] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.809301][T10976] syz.4.2486: attempt to access beyond end of device
[  203.809301][T10976] loop4: rw=0, sector=65368, nr_sectors = 1 limit=8192
[  203.822734][T10976] Buffer I/O error on dev loop4, logical block 65368, async page read
[  203.831536][T10976] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.842810][ T3318] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  203.853747][ T3318] CPU: 1 UID: 0 PID: 3318 Comm: syz-executor Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(voluntary) 
[  203.853829][ T3318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  203.853842][ T3318] Call Trace:
[  203.853867][ T3318]  <TASK>
[  203.853873][ T3318]  __dump_stack+0x1d/0x30
[  203.853895][ T3318]  dump_stack_lvl+0xe8/0x140
[  203.853916][ T3318]  dump_stack+0x15/0x1b
[  203.853934][ T3318]  dump_header+0x81/0x220
[  203.853964][ T3318]  oom_kill_process+0x334/0x3f0
[  203.854029][ T3318]  out_of_memory+0x979/0xb80
[  203.854059][ T3318]  try_charge_memcg+0x5e6/0x9e0
[  203.854149][ T3318]  charge_memcg+0x51/0xc0
[  203.854176][ T3318]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  203.854310][ T3318]  __read_swap_cache_async+0x1df/0x350
[  203.854350][ T3318]  swap_cluster_readahead+0x277/0x3e0
[  203.854460][ T3318]  swapin_readahead+0xde/0x6f0
[  203.854492][ T3318]  ? __filemap_get_folio+0x4f7/0x6b0
[  203.854593][ T3318]  ? swap_cache_get_folio+0x77/0x200
[  203.854692][ T3318]  do_swap_page+0x301/0x2430
[  203.854714][ T3318]  ? finish_task_switch+0xad/0x2b0
[  203.854739][ T3318]  ? __pfx_default_wake_function+0x10/0x10
[  203.854767][ T3318]  handle_mm_fault+0x9a5/0x2be0
[  203.854823][ T3318]  ? mas_walk+0xf2/0x120
[  203.854852][ T3318]  do_user_addr_fault+0x636/0x1090
[  203.854947][ T3318]  ? fpregs_restore_userregs+0xe2/0x1d0
[  203.854978][ T3318]  ? switch_fpu_return+0xe/0x20
[  203.855006][ T3318]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  203.855060][ T3318]  exc_page_fault+0x62/0xa0
[  203.855086][ T3318]  asm_exc_page_fault+0x26/0x30
[  203.855107][ T3318] RIP: 0033:0x7f33949811a5
[  203.855123][ T3318] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d 9e 53 1c 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 <c3> 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74
[  203.855143][ T3318] RSP: 002b:00007ffd5b2cfe38 EFLAGS: 00010246
[  203.855160][ T3318] RAX: 0000000000000000 RBX: 00000000000004eb RCX: 00007f33949811a3
[  203.855234][ T3318] RDX: 00007ffd5b2cfe50 RSI: 0000000000000000 RDI: 0000000000000000
[  203.855248][ T3318] RBP: 00007ffd5b2cfebc R08: 000000002e7cb224 R09: 0000000000000000
[  203.855260][ T3318] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388
[  203.855270][ T3318] R13: 00000000000927c0 R14: 0000000000031b0d R15: 00007ffd5b2cff10
[  203.855287][ T3318]  </TASK>
[  203.855292][ T3318] memory: usage 307200kB, limit 307200kB, failcnt 23260
[  203.858511][T10976] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.867892][ T3318] memory+swap: usage 307492kB, limit 9007199254740988kB, failcnt 0
[  203.867908][ T3318] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[  203.867918][ T3318] Memory cgroup stats for /syz0:
[  203.868406][ T3318] cache 0
[  203.868414][ T3318] rss 0
[  203.868477][ T3318] shmem 0
[  203.868484][ T3318] mapped_file 0
[  203.868492][ T3318] dirty 0
[  203.868539][ T3318] writeback 8192
[  203.868547][ T3318] workingset_refault_anon 861
[  203.878646][T10976] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.888790][T10976] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.889247][ T3318] workingset_refault_file 1657
[  203.889257][ T3318] swap 299008
[  203.889264][ T3318] swapcached 12288
[  203.889279][ T3318] pgpgin 112233
[  203.889286][ T3318] pgpgout 112230
[  203.889294][ T3318] pgfault 135434
[  203.889324][ T3318] pgmajfault 330
[  203.889330][ T3318] inactive_anon 12288
[  203.889338][ T3318] active_anon 0
[  203.889344][ T3318] inactive_file 0
[  203.889351][ T3318] active_file 0
[  203.889358][ T3318] unevictable 0
[  203.889366][ T3318] hierarchical_memory_limit 314572800
[  203.889428][ T3318] hierarchical_memsw_limit 9223372036854771712
[  203.889438][ T3318] total_cache 0
[  203.889445][ T3318] total_rss 0
[  203.889452][ T3318] total_shmem 0
[  203.889458][ T3318] total_mapped_file 0
[  203.889466][ T3318] total_dirty 0
[  203.889524][ T3318] total_writeback 8192
[  203.889532][ T3318] total_workingset_refault_anon 861
[  203.889541][ T3318] total_workingset_refault_file 1688
[  203.889631][ T3318] total_swap 299008
[  203.889685][ T3318] total_swapcached 12288
[  203.889692][ T3318] total_pgpgin 155360
[  203.889699][ T3318] total_pgpgout 155357
[  203.889707][ T3318] total_pgfault 178941
[  203.889715][ T3318] total_pgmajfault 607
[  203.889723][ T3318] total_inactive_anon 12288
[  203.889731][ T3318] total_active_anon 0
[  203.889739][ T3318] total_inactive_file 0
[  203.889748][ T3318] total_active_file 0
[  203.889864][ T3318] total_unevictable 0
[  203.889872][ T3318] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/
[  203.894470][T10976] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.898611][ T3318] ,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0/syz1,task=syz.0.2470,pid=10919,uid=0
[  203.903001][T10976] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.907801][ T3318] Memory cgroup out of memory: Killed process 10919 (syz.0.2470) total-vm:93756kB, anon-rss:1068kB, file-rss:22312kB, shmem-rss:128kB, UID:0 pgtables:144kB oom_score_adj:1000
[  203.912373][T10976] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.912391][T10976] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff12)
[  203.928864][T10976] syz.4.2486: attempt to access beyond end of device
[  203.928864][T10976] loop4: rw=0, sector=65368, nr_sectors = 1 limit=8192
[  204.375628][T10976] Buffer I/O error on dev loop4, logical block 65368, async page read
[  204.384156][    T9] usb usb8-port1: unable to enumerate USB device
[  204.406919][T10979] __nla_validate_parse: 38 callbacks suppressed
[  204.407004][T10979] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2487'.
[  204.422276][T10979] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2487'.
[  204.431481][T10979] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2487'.
[  204.432365][ T7522] usb usb6-port1: attempt power cycle
[  204.446386][T10973] delete_channel: no stack
[  204.508075][T10999] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  204.526561][T11003] loop0: detected capacity change from 0 to 512
[  204.539970][T11003] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.2495: casefold flag without casefold feature
[  204.553709][T11003] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.2495: couldn't read orphan inode 15 (err -117)
[  204.620037][T11002] delete_channel: no stack
[  204.650841][T11017] loop0: detected capacity change from 0 to 512
[  204.659366][T11019] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11)
[  204.660903][T11017] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.2501: casefold flag without casefold feature
[  204.665968][T11019] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  204.686949][T11019] vhci_hcd vhci_hcd.0: Device attached
[  204.708297][T11017] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.2501: couldn't read orphan inode 15 (err -117)
[  204.716652][T11024] loop3: detected capacity change from 0 to 2048
[  204.774498][T11024] validate_nla: 3 callbacks suppressed
[  204.774511][T11024] netlink: 'syz.3.2502': attribute type 27 has an invalid length.
[  204.799871][T11016] delete_channel: no stack
[  204.850769][T11024] 8021q: adding VLAN 0 to HW filter on device bond0
[  204.859171][ T3374] usb 10-1: SetAddress Request (29) to port 0
[  204.865344][ T3374] usb 10-1: new SuperSpeed USB device number 29 using vhci_hcd
[  204.866561][T11024] 8021q: adding VLAN 0 to HW filter on device team0
[  204.882983][T11029] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2502'.
[  204.892053][T11029] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2502'.
[  204.907816][T11029] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2502'.
[  204.917242][T11024] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  204.949645][T11029] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2502'.
[  204.958670][T11029] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2502'.
[  204.970701][T11034] netlink: 'syz.0.2504': attribute type 2 has an invalid length.
[  204.978452][T11034] netlink: 'syz.0.2504': attribute type 1 has an invalid length.
[  204.986215][T11034] netlink: 199820 bytes leftover after parsing attributes in process `syz.0.2504'.
[  204.999142][T11029] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2502'.
[  205.008410][T11034] loop0: detected capacity change from 0 to 512
[  205.031333][T11034] ext4 filesystem being mounted at /524/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  205.042496][T11034] EXT4-fs error (device loop0): ext4_map_blocks:780: inode #2: block 3: comm syz.0.2504: lblock 8 mapped to illegal pblock 3 (length 26)
[  205.450961][T11020] vhci_hcd: connection reset by peer
[  205.456467][   T12] vhci_hcd: stop threads
[  205.460733][   T12] vhci_hcd: release socket
[  205.465148][   T12] vhci_hcd: disconnect device
[  205.587955][T11012] syz.4.2498 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  205.602133][T11012] CPU: 1 UID: 0 PID: 11012 Comm: syz.4.2498 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(voluntary) 
[  205.602170][T11012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  205.602182][T11012] Call Trace:
[  205.602189][T11012]  <TASK>
[  205.602261][T11012]  __dump_stack+0x1d/0x30
[  205.602282][T11012]  dump_stack_lvl+0xe8/0x140
[  205.602299][T11012]  dump_stack+0x15/0x1b
[  205.602314][T11012]  dump_header+0x81/0x220
[  205.602374][T11012]  oom_kill_process+0x334/0x3f0
[  205.602403][T11012]  out_of_memory+0x979/0xb80
[  205.602476][T11012]  try_charge_memcg+0x5e6/0x9e0
[  205.602513][T11012]  obj_cgroup_charge_pages+0xa6/0x150
[  205.602599][T11012]  __memcg_kmem_charge_page+0x9f/0x170
[  205.602625][T11012]  __alloc_frozen_pages_noprof+0x188/0x360
[  205.602660][T11012]  alloc_pages_mpol+0xb3/0x250
[  205.602761][T11012]  alloc_pages_noprof+0x90/0x130
[  205.602789][T11012]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  205.602827][T11012]  __kvmalloc_node_noprof+0x30f/0x4e0
[  205.602907][T11012]  ? ip_set_alloc+0x1f/0x30
[  205.602934][T11012]  ? ip_set_alloc+0x1f/0x30
[  205.603028][T11012]  ? __kmalloc_cache_noprof+0x189/0x320
[  205.603054][T11012]  ip_set_alloc+0x1f/0x30
[  205.603097][T11012]  hash_netiface_create+0x282/0x740
[  205.603192][T11012]  ? __pfx_hash_netiface_create+0x10/0x10
[  205.603252][T11012]  ip_set_create+0x3c9/0x960
[  205.603333][T11012]  ? __nla_parse+0x40/0x60
[  205.603365][T11012]  nfnetlink_rcv_msg+0x4c3/0x590
[  205.603402][T11012]  ? selinux_capable+0x1f9/0x270
[  205.603473][T11012]  netlink_rcv_skb+0x120/0x220
[  205.603503][T11012]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  205.603533][T11012]  nfnetlink_rcv+0x16b/0x1690
[  205.603557][T11012]  ? __kfree_skb+0x109/0x150
[  205.603592][T11012]  ? nlmon_xmit+0x4f/0x60
[  205.603610][T11012]  ? consume_skb+0x49/0x150
[  205.603634][T11012]  ? nlmon_xmit+0x4f/0x60
[  205.603706][T11012]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  205.603737][T11012]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  205.603822][T11012]  ? __dev_queue_xmit+0x182/0x1fb0
[  205.603854][T11012]  ? ref_tracker_free+0x37d/0x3e0
[  205.603893][T11012]  ? __netlink_deliver_tap+0x4dc/0x500
[  205.604069][T11012]  netlink_unicast+0x59e/0x670
[  205.604127][T11012]  netlink_sendmsg+0x58b/0x6b0
[  205.604168][T11012]  ? __pfx_netlink_sendmsg+0x10/0x10
[  205.604330][T11012]  __sock_sendmsg+0x142/0x180
[  205.604353][T11012]  ____sys_sendmsg+0x31e/0x4e0
[  205.604391][T11012]  ___sys_sendmsg+0x17b/0x1d0
[  205.604433][T11012]  __x64_sys_sendmsg+0xd4/0x160
[  205.604518][T11012]  x64_sys_call+0x2999/0x2fb0
[  205.604540][T11012]  do_syscall_64+0xd2/0x200
[  205.604570][T11012]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  205.604598][T11012]  ? clear_bhb_loop+0x40/0x90
[  205.604638][T11012]  ? clear_bhb_loop+0x40/0x90
[  205.604659][T11012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.604679][T11012] RIP: 0033:0x7fc57a5be929
[  205.604693][T11012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.604710][T11012] RSP: 002b:00007fc578c27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  205.604822][T11012] RAX: ffffffffffffffda RBX: 00007fc57a7e5fa0 RCX: 00007fc57a5be929
[  205.604835][T11012] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005
[  205.604846][T11012] RBP: 00007fc57a640b39 R08: 0000000000000000 R09: 0000000000000000
[  205.604859][T11012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  205.604871][T11012] R13: 0000000000000000 R14: 00007fc57a7e5fa0 R15: 00007ffff9648ea8
[  205.604888][T11012]  </TASK>
[  205.604895][T11012] memory: usage 307200kB, limit 307200kB, failcnt 11251
[  205.648558][T11061] loop1: detected capacity change from 0 to 1024
[  205.651390][T11012] memory+swap: usage 307392kB, limit 9007199254740988kB, failcnt 0
[  205.651407][T11012] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  205.651469][T11012] Memory cgroup stats for /syz4:
[  205.659866][T11012] cache 0
[  205.731059][T11061] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  205.733786][T11012] rss 0
[  205.779427][T11061] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  205.781052][T11012] shmem 0
[  205.781061][T11012] mapped_file 0
[  205.785665][T11061] EXT4-fs (loop1): orphan cleanup on readonly fs
[  205.790638][T11012] dirty 0
[  205.790647][T11012] writeback 0
[  205.790653][T11012] workingset_refault_anon 524
[  205.790661][T11012] workingset_refault_file 1486
[  205.790669][T11012] swap 196608
[  205.790675][T11012] swapcached 0
[  205.790681][T11012] pgpgin 110400
[  205.869528][T11061] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  205.870275][T11012] pgpgout 110400
[  205.876265][T11061] EXT4-fs (loop1): Remounting filesystem read-only
[  205.880609][T11012] pgfault 136649
[  205.880620][T11012] pgmajfault 138
[  205.880627][T11012] inactive_anon 0
[  205.880634][T11012] active_anon 0
[  205.880660][T11012] inactive_file 0
[  205.880666][T11012] active_file 0
[  205.880672][T11012] unevictable 0
[  205.880678][T11012] hierarchical_memory_limit 314572800
[  205.880686][T11012] hierarchical_memsw_limit 9223372036854771712
[  205.880694][T11012] total_cache 0
[  205.880700][T11012] total_rss 0
[  205.880706][T11012] total_shmem 0
[  205.880714][T11012] total_mapped_file 0
[  205.926085][T11061] EXT4-fs (loop1): 1 truncate cleaned up
[  205.932667][T11012] total_dirty 0
[  205.932677][T11012] total_writeback 0
[  205.932684][T11012] total_workingset_refault_anon 524
[  205.932719][T11012] total_workingset_refault_file 1518
[  205.932727][T11012] total_swap 196608
[  205.932735][T11012] total_swapcached 0
[  205.932743][T11012] total_pgpgin 133520
[  205.932830][T11012] total_pgpgout 133520
[  205.932839][T11012] total_pgfault 160097
[  205.932847][T11012] total_pgmajfault 357
[  205.932856][T11012] total_inactive_anon 0
[  205.932869][T11012] total_active_anon 0
[  205.932876][T11012] total_inactive_file 0
[  205.932883][T11012] total_active_file 0
[  205.932891][T11012] total_unevictable 0
[  205.932898][T11012] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4/syz1,task=syz.4.2498,pid=11010,uid=0
[  205.933056][T11012] Memory cgroup out of memory: Killed process 11010 (syz.4.2498) total-vm:93756kB, anon-rss:1068kB, file-rss:22312kB, shmem-rss:128kB, UID:0 pgtables:140kB oom_score_adj:1000
[  206.259161][ T3314] ==================================================================
[  206.267262][ T3314] BUG: KCSAN: data-race in mem_cgroup_flush_stats_ratelimited / tick_do_update_jiffies64
[  206.277071][ T3314] 
[  206.279387][ T3314] read-write to 0xffffffff868099c0 of 8 bytes by interrupt on cpu 0:
[  206.287438][ T3314]  tick_do_update_jiffies64+0x113/0x1c0
[  206.292981][ T3314]  tick_nohz_handler+0x7f/0x2d0
[  206.297823][ T3314]  __hrtimer_run_queues+0x20f/0x5a0
[  206.303015][ T3314]  hrtimer_interrupt+0x21a/0x460
[  206.307943][ T3314]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[  206.313834][ T3314]  sysvec_apic_timer_interrupt+0x6f/0x80
[  206.319466][ T3314]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  206.325443][ T3314]  xa_load+0xb9/0xe0
[  206.329327][ T3314]  list_lru_count_one+0x68/0x100
[  206.334263][ T3314]  super_cache_count+0xe2/0x160
[  206.339103][ T3314]  do_shrink_slab+0x63/0x680
[  206.343687][ T3314]  shrink_slab+0x448/0x760
[  206.348107][ T3314]  shrink_node+0x6c3/0x2120
[  206.352605][ T3314]  do_try_to_free_pages+0x3f6/0xcd0
[  206.357791][ T3314]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  206.363677][ T3314]  try_charge_memcg+0x358/0x9e0
[  206.368536][ T3314]  obj_cgroup_charge_pages+0xa6/0x150
[  206.373905][ T3314]  __memcg_kmem_charge_page+0x9f/0x170
[  206.379364][ T3314]  __alloc_frozen_pages_noprof+0x188/0x360
[  206.385173][ T3314]  alloc_pages_mpol+0xb3/0x250
[  206.389933][ T3314]  alloc_pages_noprof+0x90/0x130
[  206.394865][ T3314]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  206.400669][ T3314]  __kvmalloc_node_noprof+0x30f/0x4e0
[  206.406048][ T3314]  ip_set_alloc+0x1f/0x30
[  206.410382][ T3314]  hash_netiface_create+0x282/0x740
[  206.415577][ T3314]  ip_set_create+0x3c9/0x960
[  206.420165][ T3314]  nfnetlink_rcv_msg+0x4c3/0x590
[  206.425102][ T3314]  netlink_rcv_skb+0x120/0x220
[  206.429868][ T3314]  nfnetlink_rcv+0x16b/0x1690
[  206.434540][ T3314]  netlink_unicast+0x59e/0x670
[  206.439300][ T3314]  netlink_sendmsg+0x58b/0x6b0
[  206.444073][ T3314]  __sock_sendmsg+0x142/0x180
[  206.448760][ T3314]  ____sys_sendmsg+0x31e/0x4e0
[  206.453523][ T3314]  ___sys_sendmsg+0x17b/0x1d0
[  206.458197][ T3314]  __x64_sys_sendmsg+0xd4/0x160
[  206.463049][ T3314]  x64_sys_call+0x2999/0x2fb0
[  206.467720][ T3314]  do_syscall_64+0xd2/0x200
[  206.472226][ T3314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.478108][ T3314] 
[  206.480420][ T3314] read to 0xffffffff868099c0 of 8 bytes by task 3314 on cpu 1:
[  206.488035][ T3314]  mem_cgroup_flush_stats_ratelimited+0x29/0x70
[  206.494274][ T3314]  count_shadow_nodes+0x6a/0x230
[  206.499215][ T3314]  do_shrink_slab+0x63/0x680
[  206.503810][ T3314]  shrink_slab+0x448/0x760
[  206.508218][ T3314]  shrink_node+0x6c3/0x2120
[  206.512711][ T3314]  do_try_to_free_pages+0x3f6/0xcd0
[  206.517900][ T3314]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  206.523781][ T3314]  try_charge_memcg+0x358/0x9e0
[  206.528629][ T3314]  charge_memcg+0x51/0xc0
[  206.532956][ T3314]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  206.538934][ T3314]  __read_swap_cache_async+0x1df/0x350
[  206.544391][ T3314]  swap_cluster_readahead+0x277/0x3e0
[  206.549761][ T3314]  swapin_readahead+0xde/0x6f0
[  206.554523][ T3314]  do_swap_page+0x301/0x2430
[  206.559100][ T3314]  handle_mm_fault+0x9a5/0x2be0
[  206.563940][ T3314]  do_user_addr_fault+0x636/0x1090
[  206.569052][ T3314]  exc_page_fault+0x62/0xa0
[  206.573557][ T3314]  asm_exc_page_fault+0x26/0x30
[  206.578399][ T3314] 
[  206.580712][ T3314] value changed: 0x00000000ffffdb31 -> 0x00000000ffffdb32
[  206.587807][ T3314] 
[  206.590117][ T3314] Reported by Kernel Concurrency Sanitizer on:
[  206.596251][ T3314] CPU: 1 UID: 0 PID: 3314 Comm: syz-executor Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(voluntary) 
[  206.608837][ T3314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  206.618880][ T3314] ==================================================================
[  206.680593][T11064] loop0: detected capacity change from 0 to 512
[  206.694860][T11064] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.2514: casefold flag without casefold feature
[  206.707944][T11064] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.2514: couldn't read orphan inode 15 (err -117)
[  206.769991][T11063] delete_channel: no stack
[  207.069304][ T7522] usb usb6-port1: unable to enumerate USB device
[  208.319102][   T10] usb 2-1: device descriptor read/8, error -110
[  208.429082][   T10] usb 2-1: new SuperSpeed USB device number 38 using vhci_hcd
[  208.449151][   T10] usb 2-1: enqueue for inactive port 0
[  208.454616][   T10] usb 2-1: enqueue for inactive port 0
[  208.460081][   T10] usb 2-1: enqueue for inactive port 0
[  209.479718][   T10] usb usb2-port1: attempt power cycle
[  209.919078][ T3374] usb 10-1: device descriptor read/8, error -110
[  210.029482][ T3374] usb 10-1: new SuperSpeed USB device number 29 using vhci_hcd
[  210.049095][ T3374] usb 10-1: enqueue for inactive port 0
[  210.054633][ T3374] usb 10-1: enqueue for inactive port 0
[  210.060631][ T3374] usb 10-1: enqueue for inactive port 0
[  211.299526][   T10] usb usb2-port1: unable to enumerate USB device