last executing test programs:

1.683564456s ago: executing program 3 (id=902):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_GETKMSGREDIRECT(r0, 0x541c, &(0x7f0000000000))

1.613021701s ago: executing program 3 (id=907):
r0 = socket$inet6(0xa, 0x802, 0x0)
r1 = openat$incfs(r0, &(0x7f0000000000)='.pending_reads\x00', 0x400, 0x40)
stat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000002380)={[{@uid={'uid', 0x3d, r2}}, {@mode}]})
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000000)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r4}, 0x10)
r5 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
fsetxattr$system_posix_acl(r5, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="0200000008"], 0xfe44, 0x0)
getgroups(0x6, &(0x7f0000000040)=[0xee00, <r6=>0xee00, 0x0, 0xffffffffffffffff, 0xee00, 0x0])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {r2, r6}}, './file0\x00'})
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c)
listxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000300)=""/135, 0x87)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)
write$binfmt_script(r0, 0x0, 0x0)
r7 = socket$rds(0x15, 0x5, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000200000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bind$rds(r7, &(0x7f00000021c0)={0x2, 0x0, @local}, 0x10)
sendmsg$rds(r7, &(0x7f0000002180)={&(0x7f0000000100)={0x2, 0x0, @loopback}, 0x10, 0x0}, 0x0) (fail_nth: 9)

1.088953296s ago: executing program 0 (id=915):
syz_open_procfs(0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r0}, &(0x7f00000003c0), &(0x7f0000000400)}, 0x20)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)

1.088399656s ago: executing program 3 (id=916):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000840)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000fd00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x20}, 0x3, 0x0, 0x0, 0x20000011}, 0x0)
r2 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
shutdown(r3, 0x0)
writev(r2, &(0x7f0000000000), 0x0)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r5, 0x200, 0x70bd2d, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x4}}, ["", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x8040)
mbind(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1, 0x0, 0x0, 0x0)
set_mempolicy_home_node(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0)
write$binfmt_elf32(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c46000000000000000000000000030006000000000002000000380000000000000000191bda000020000100006b5e0200000000000003"], 0x69)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)

1.083308656s ago: executing program 0 (id=918):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000ac0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x16}]}, @NFT_MSG_NEWSETELEM={0x50, 0xc, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x28, 0x3, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x20, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x1a, 0x1, "10c4e3257eaa66a5725a38cd58d26115453baa910be0"}]}]}]}]}], {0x14, 0x10}}, 0xd4}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000ff7f000000000000e2ffffff000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000001008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000440)='kfree\x00', r2}, 0x37)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$sock_SIOCINQ(r3, 0x541b, &(0x7f0000000240))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r8 = fcntl$dupfd(r7, 0x0, r7)
ioctl$SG_IO(r8, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @buffer={0x17, 0x51, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})

1.014890401s ago: executing program 0 (id=920):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x3, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000004000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a300000"], 0x64}}, 0x0)

983.380723ms ago: executing program 4 (id=921):
syz_emit_ethernet(0x52, &(0x7f0000000080)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0xf, 0x4, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty, {[@noop, @timestamp_addr={0x44, 0x24, 0x18, 0x1, 0x3, [{@rand_addr=0x64010100, 0x3}, {@private=0xa010101, 0x7640}, {@empty, 0xffff}, {@local, 0x1}]}]}}, {0x0, 0x4e20, 0x8}}}}}, 0x0)

982.459423ms ago: executing program 1 (id=922):
r0 = dup(0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$gtp(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$GTP_CMD_NEWPDP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="4be0000000000000000000000000080008000000000008000900000000000800020001000000080001"], 0x3c}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x3c, r2, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@GTPA_O_TEI={0x8, 0x9, 0x3}, @GTPA_PEER_ADDRESS={0x8, 0x4, @private=0xa010101}, @GTPA_FLOW={0x6, 0x6, 0x3}, @GTPA_FAMILY={0x5, 0xd, 0x11}, @GTPA_PEER_ADDRESS={0x8, 0x4, @private=0xa010101}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000001440)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a505000000007751e841cca555077e3a159110193dd2ff1fa7c3205bfedbe9d8f3bd23cd78a07e32fe0231368b2264f9c504b2f1f65515b2e1a38d522be18bd10a48b043ccc42646d25dfd73d06d7535f7866925d86751dfced1fd8accae669e173a659c1cfd6587d47578f4c35235138d5521f9453559c35da860e8efbcbfb42c30d294a55e1c46680bee88956f2b3599f455c7a3a49a01010000009f2f0517e4ca0e1803a20000000013d4e21b3336f1ae0796f23526ec0fd97f7325eac34c4dfafe7cc03b0864009d2e7d7ff6ff72ba8972b122b09789d99b3d0524f39d5ae913b2d22eb2c09244ba5dbe9180950f76f7049db5cb19d7962fed44e00f39ed8c13a11fa798de504e2865cd81f2b77fdd76c677f812d249c8130b018d4300000020000000db3947c85c3a9027ce9e856fa8b7fb05000000000000593d60abc9b3e67d127e56f3d3759dcfeb820634fd4d419efaefc74305b2bea2000600000051fcf5d62205561b6efaad206335a309f7b9e01446a6285f4665a7fe3cda2349f8bf400100000000000000f40f420ee83f2d9babe7b922401639ce3c4ff0850a8e078374909413f3fbd3ced3285252dc81a46ef7ce29484dc6b6adfd7a4db730fc594609654d97836f171b766ffd7526847a6bfda9c648e8aa5c558aa6d463ec9d840f3914909187b6b0776952be71b0417d33d3ab25493418ba0fbacf768e07c1a939d31f606085b9e3efc93b0f58d5ec37494d9d10d76e603129e9a726579ac7d672cacd581b7ca77b3610b74039fffd42051d4b7443e5b49c000000000000007d6173050027791c9c1e04ad3711a66da2254a6f911b1469c62a6e1e3f9c1715c009a58e6eadac8f61b45853673df72dc813f7454ae22d79ac48034282f03040889500000000179dcf66d93907cedd49e0c5752f755849953957143a0335d2f62acbf18b251ce63b29fe177745448ccc925770fac12cf9e291200df6bb669d5a57dd74df817ef2f8698f710c359afe73947afebdf5536e4db8b0231d0cbc798766ec60586f14b44775bc9d250e4515cb83275d3b495fa90000e69a68b47ac4595463e1442d88e0606a060000cc914fae896ab129ccdf8792a8435972c8391d132a2fcbd40e865d62cc7c4200000000000000000000000000000800002a77fbbccfdb1ab3d8434905f09726b8145ea99c7640faab578dc98a6134df0a10a54ce7e7ddbb709a27d977d1f91ab9ee940700009594c9a50961b7fcc56d82584dc8254df7c411fa61353a6897c4f3b9f152fdf6f2ab47adb29aefecce96c94f360e129c9f2af569c794b68b2ead404bcdd4aa9cb6a128e1ad45fd4030e1e69adf4986b7860f3122d59c079f0f9a1732f691590f45512aec4ed2413f66cac7dd022301741c576dea82005b166d6c3b9ed0c297ac197a92188a618745e78dca0b3c62f1601243089d9c687563382b0b88a7d80fd7bf7fae8a690f52db1464d29b1b926414cd35705c89662c585e32c881d917b74f027674dbc017499ba15a2e2900000000000000000000000000007b593ecbdd162fee9f239a3c615b3e9a3fb0af254bdd247a5a5abdbc0123c950eec0f1800b295be71418dd65de15e11beef9630499c70fce74135a7c7c8e818b79b85ff65d59d89492d7a663d3f25651e252ab49d358eac853ffe182ee37a5db085a072647719cb8604ba2e0b80af3f1867bd8fb6afca671437e0a5a9d5a088436739262d894986882ec0fb419a377ef47f4920a5de6d8de0d3090b4cb6b773e825442d351f980eed0d997a4d98a5121e941b145e2186546c646128a3e69f52fcad83a026def90b9eb55f4a0a2251bbae428c6c017b5a47f1580831a7ce232857e6aa9e777e99da1a3ad03fdc93fa7ed96228deac5e3bce983971041297a6ba18783a2edc7e3901cc891035872c61e7ea375b0902be0c5cc7fdef968ba1ca17ce5e11f2f384cd28c1194f56d3cf074e8ba4e60e84dc2f352c3cd170581aee0c93ca8ceff84cda40325d340759e79e5c4bcec227e37f7ec2193c78877fb319ec1f2d4dcf1d46a15cde1d6cecce6ecdb0c0a3413394d51341a7b3606ad8c29b6dbf6be3265b528c3208de35161bfe19678df43a45b314e5a0f8754cfaf4f9d3fdf9c8f7b7c296bf2e632d25ba8ee6369b362a8e4c9dff176d482d32249c93680a04f6464f184acfd0376662fee9e1031e569248db9bc724cdd97976a4d7c5c5172d1383fa1e442f68a14b747a9f2597bf115dd0111fe8ba3584a43176f33bd39a408f8648b19839bba9cc47624ea19e46dbbdf0faf591bcdc8613828a0c5a40c04ae34bbf4a0e27828b0c7cb9d7a7455db030425a4bd69cf6dcb4b1d066f8ef4ea1c710e05819df82d5cc94ace6b41c2de37a2eaf24f24b3d9a7dd4d197d51407be3e90000000000000000dbc0b0d6e11ccb71437ebea7ad01d5b93a7a0561e4a1b3fa1aa9c75f3aaec4ace1b6201a3e007b657be62df59133b4d8f0f145d9fc954cc7792077268bf0977e2a699722ce3dbb97248b8a8a771dd0f7d9c97e6587524a44fd6d49330ccbc39ca277b84f7f0a39759ef0b42388bd69fe341a925e8cdc5d7b2d6ddb7331a081bd0672bf4d02255de095a179e51bf5492d4e89c3cbad59db725c0dd7e35cbd9887175286a37d7621a361eb830cc5b842b11b5d040ccceb254d6a0c9c43718d0816bb2465928e236101b8cd46b5ef9cb930378a9249cbb41b92fe3caef70845cde9bb78d71c512153d2f1d765b56d2e5ef3e3d34975787646630051074c9706747fda873ccfdb394fc269c8cfadc0a52c3402f3920001ddd312969ecc08a99f5a3be58de34149af8360a7db3f301e656c5485d5de03be99b04e3593e8e18d7b635ca24a915c82122ac7a5bf6d011ee91573d66fc9522a76fa00211d62dc123fd51d1cb2ce1d4f3a62f99e2d93b2d34324a962a3762b6e8d7d3a7f73af6eb264b44822d8847442c3df4771df9a5d79443174b191878fe586facc18035f09fd70a137809ce970e31c4e6a8e48ce2fc30316087caaa2ed0bda52e969fda35236ac9aedb241a114a8cf1c49b8bd3f73c1c67d7968db4f71202d63bb0963cf128d"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000240)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getcwd(&(0x7f0000000200)=""/197, 0xc5)

965.323825ms ago: executing program 0 (id=923):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000540)='./bus\x00', 0x10, &(0x7f0000000500)=ANY=[@ANYRES64=0x0], 0x81, 0x374, &(0x7f0000000980)="$eJzs3T9oJNUfAPDvZja7uYPfLwELURBWO0HD5TptTJAcHKZRWfxTiIuXU9lEIcFgUlwSC8VSsNTKTkELC7ERRFDEzsLWE+RULDTdgYdPZmd3dpLdhNxhlODnA5m8fe99531n9rE7GXZfnp2P7qXJuLy3dy2mpmpRn394Pq7XYiayGNiJUY0xdQDA6XA9pfg9FY4ZUjvhlACAE9Z7/38+IloxU9S89uVR/ZN3fwA49fp//585qs/UYQ0vn0hKAMAJG7n/f8++5kbvpz54WK98KgAAOK0ef+rpRxaWIh5rtaYiVt/YaG+048Fh+8LleDFWYjnOxXTciCguFPJNrbe9cHFp8Vyr1dqOn2aiHRET/cB2caWwkPXimzFXtpRXGyml7MLHS4tzrZ6I2NnujR+rtY32ZJztj//92VgeXnjMDJKI3ubi0uL5Vn8H7dVB/HbE7vC+RZ7/bEzHt8+Vu0lp8AnGpcUrcxP9B8P4jXYzLpVn4dA7IAAAAAAAAAAAAAAAAAAAAAAAcEtmW6WZcv2clP8uVsqZnR3T3lsfp4jvrw+0W6wPlJopUvrt1fvbb2axb32gg+vzbFhIEAAAAAAAAAAAAAAAAAAAAErrm43orKwsr61vbnWrhe219c2JiMhrXvr6wy/OxG2fpZ4xnccX6sUQzYhyiFZ/2K1uJ2WDzimLGA3P8sEHNe9/UmZc7dMsj2JsGs3xTXuRF/5394/vDJvuygZ7/nPYOYvxB5hV0njowKCr/y9SOsb5GS2cr9Y0R0e/mlKq1LxeDb/yzOgOoxZRj5tOY6s7EYf36U2Ar669cMfg7Hc+LyZGuve+6Seuvv3eL93OSj5y9J7Bxtr6jdTt1Aadb+605Kd6UFOLolCrzoT6UeG7+2s62Xe/PnnnW98cb/RUrXkln88H+mTF4Xx0MLxRFPI080JjOFvODMMn+wexsjw5ZvKXhdr4GX4Lz+nt7376QUo//HzcqP7AefYTIy8btb/n1QcAAAAAAAAAAAAAAAAAAKiqfFe8r/9l38mjoh549OQzAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB/zvD//1cKuztxoOY4hT+2x0Q1l9fWIxr/9mECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAf91cAAAD//92GVcs=")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000f4)

948.437236ms ago: executing program 4 (id=924):
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
socket(0x1, 0x803, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r0}, &(0x7f00000003c0), &(0x7f0000000400)}, 0x20)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)

918.511268ms ago: executing program 3 (id=925):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f0000000380), &(0x7f00000003c0)=r4}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
r6 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r6, 0x8108551b, &(0x7f0000000380)={0x0, 0x0, "5a77bd038786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500031681905db88235f8a5447dd2a2fd6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd500800000000000000e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82577ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b394de70400d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca147df97db"})
syz_open_dev$usbfs(&(0x7f0000000000), 0x9, 0x101100)
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0x80045515, &(0x7f0000000040)={0x1})
unshare(0x40020000)

917.200968ms ago: executing program 4 (id=926):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001500)=@newtaction={0x18, 0x32, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0) (fail_nth: 9)

811.326945ms ago: executing program 4 (id=927):
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x804000, &(0x7f0000000200), 0x3, 0x4ae, &(0x7f0000000a00)="$eJzs3d9rm+UeAPDvm7Y73daddueci53B2SnnTLqhS9rVbcWLbYLo1UCd97W2aSlNm9Kk21qGdPgHCCIqeuWVN4J/gCD7E0QY6L2IKEO3eeGFGknyZqsl/THXNrP5fODp+7zvm+b7fRLyJE+eh7wBtK3+iLgYER0RcTIietPjmbTESr1Ub3f3zvXxakmiUrn8QxJJeqxxX0m6PZj+W3dEvPxCxGtJUj+wSmlpeWasUMgvpPu58ux8rrS0fGp6dmwqP5WfGx4eOjtybuTMyOC2tfX8c9++8+ZHz5//7KmrX49+f+L1ar496bnV7dhO9cekq/ZYNHRGxMJOBGuBjrQ9Xa1OBACALal+xv9HRPwvIu693+psAAAAgJ1QudATvyQRFQAAAGDPytTWwCaZbLoWoCcymWy2vob3X3EhCsVS+cnJ4uLcRH2tbF90ZSanC/nBdK1wX3Ql1f2hWv3B/uk1+8MRcTgi3u7dX9vPjhcLE63+8gMAAADaRHWc35Op16ubn3rr438AAABgj+lrdQIAAADAjjP+BwAAgL1v3fF/0rm7iQAAAAA74cVLl6ql0rj+9cSVpcWZ4pVTE/nSTHZ2cTw7XlyYz04Vi1O13+yb3ez+CsXi/NMxt3gtV86XyrnS0vLobHFxrjxau673aN51ogEAAGD3Hf7vza+SiFh5Zn+tVO1Lzxmrw96WebibJzuVB7D7OlqdANAyFvhC+zLGBzYb2HfvUh4AAMDOGfi3+X9oVw85/w/sIeb/oX2Z/4f2ZYwP/On5/8+3PxcAAGBn9NRKksmmc4E9kclksxGHapcF6Eompwv5wYj4e0R82dv1t+r+UKuTBgAAAAAAAAAAAAAAAAAAAAAAAIC/mEoliQoAAACwp0VkvkvS638N9B7vWfv9wL7k597aNiKufnD53Wtj5fLCUPX4j/ePl99Lj59uxTcYAAAAwFqNcXpjHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2+nunevjjbKbcW8/GxF9zeJ3Rndt2x1dEXHgXhKdq/4viYiObYi/ciMijjSLn1TTir40i7XxMxGxv8XxD25DfGhnN6v9z8Vmr79M9Ne2zV9/nWl5VLf71+v/Mvf7v451+r9Dm9z3vnR79NYnuXXj34g42tm8/2nETx6x/331leXl9c5VPowYaPr+k/whVq48O58rLS2fmp4dm8pP5eeGh4fOjpwbOTMymJucLuTTv01jvPWfT3/bqP0H1onft0n7j2+x/b/eunbnnxvEP/H/5s//kQ3iVx/7J9L3ger5gUZ9pV5f7djHXxzbqP0T67R/s+f/xBbbf/KlN77Z4k0BgF1QWlqeGSsU8gsqj1ul//FIQ6U9K63umQAAgO324EN/qzMBAAAAAAAAAAAAAAAAAACA9rUbPye2Ol5365oKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALCh3wMAAP//LP/UjQ==")
mount$9p_unix(0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r1)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r2, &(0x7f0000000180)='./bus\x00', 0x0)
renameat2(r2, &(0x7f0000000380)='./file0\x00', r2, &(0x7f0000000200)='./bus\x00', 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0xc, 0x0, 0x0, 0x41000, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='tcp_cong_state_set\x00', r3}, 0x10)
connect$unix(r5, &(0x7f0000000080)=@file={0x0, './file0\x00'}, 0x6e)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f00000001c0)=0x1, 0x4)
lstat(&(0x7f00000002c0)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
quotactl$Q_SETQUOTA(0xffffffff80000900, &(0x7f0000000c80)=@loop={'/dev/loop', 0x0}, r6, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x804000, &(0x7f0000000200), 0x3, 0x4ae, &(0x7f0000000a00)="$eJzs3d9rm+UeAPDvm7Y73daddueci53B2SnnTLqhS9rVbcWLbYLo1UCd97W2aSlNm9Kk21qGdPgHCCIqeuWVN4J/gCD7E0QY6L2IKEO3eeGFGknyZqsl/THXNrP5fODp+7zvm+b7fRLyJE+eh7wBtK3+iLgYER0RcTIietPjmbTESr1Ub3f3zvXxakmiUrn8QxJJeqxxX0m6PZj+W3dEvPxCxGtJUj+wSmlpeWasUMgvpPu58ux8rrS0fGp6dmwqP5WfGx4eOjtybuTMyOC2tfX8c9++8+ZHz5//7KmrX49+f+L1ar496bnV7dhO9cekq/ZYNHRGxMJOBGuBjrQ9Xa1OBACALal+xv9HRPwvIu693+psAAAAgJ1QudATvyQRFQAAAGDPytTWwCaZbLoWoCcymWy2vob3X3EhCsVS+cnJ4uLcRH2tbF90ZSanC/nBdK1wX3Ql1f2hWv3B/uk1+8MRcTgi3u7dX9vPjhcLE63+8gMAAADaRHWc35Op16ubn3rr438AAABgj+lrdQIAAADAjjP+BwAAgL1v3fF/0rm7iQAAAAA74cVLl6ql0rj+9cSVpcWZ4pVTE/nSTHZ2cTw7XlyYz04Vi1O13+yb3ez+CsXi/NMxt3gtV86XyrnS0vLobHFxrjxau673aN51ogEAAGD3Hf7vza+SiFh5Zn+tVO1Lzxmrw96WebibJzuVB7D7OlqdANAyFvhC+zLGBzYb2HfvUh4AAMDOGfi3+X9oVw85/w/sIeb/oX2Z/4f2ZYwP/On5/8+3PxcAAGBn9NRKksmmc4E9kclksxGHapcF6Eompwv5wYj4e0R82dv1t+r+UKuTBgAAAAAAAAAAAAAAAAAAAAAAAIC/mEoliQoAAACwp0VkvkvS638N9B7vWfv9wL7k597aNiKufnD53Wtj5fLCUPX4j/ePl99Lj59uxTcYAAAAwFqNcXpjHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2+nunevjjbKbcW8/GxF9zeJ3Rndt2x1dEXHgXhKdq/4viYiObYi/ciMijjSLn1TTir40i7XxMxGxv8XxD25DfGhnN6v9z8Vmr79M9Ne2zV9/nWl5VLf71+v/Mvf7v451+r9Dm9z3vnR79NYnuXXj34g42tm8/2nETx6x/331leXl9c5VPowYaPr+k/whVq48O58rLS2fmp4dm8pP5eeGh4fOjpwbOTMymJucLuTTv01jvPWfT3/bqP0H1onft0n7j2+x/b/eunbnnxvEP/H/5s//kQ3iVx/7J9L3ger5gUZ9pV5f7djHXxzbqP0T67R/s+f/xBbbf/KlN77Z4k0BgF1QWlqeGSsU8gsqj1ul//FIQ6U9K63umQAAgO324EN/qzMBAAAAAAAAAAAAAAAAAACA9rUbPye2Ol5365oKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALCh3wMAAP//LP/UjQ==") (async)
mount$9p_unix(0x0, 0x0, 0x0, 0x0, 0x0) (async)
openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
fchdir(r1) (async)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0) (async)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) (async)
mkdirat(r2, &(0x7f0000000180)='./bus\x00', 0x0) (async)
renameat2(r2, &(0x7f0000000380)='./file0\x00', r2, &(0x7f0000000200)='./bus\x00', 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0xc, 0x0, 0x0, 0x41000, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
fcntl$dupfd(r4, 0x0, r4) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='tcp_cong_state_set\x00', r3}, 0x10) (async)
connect$unix(r5, &(0x7f0000000080)=@file={0x0, './file0\x00'}, 0x6e) (async)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f00000001c0)=0x1, 0x4) (async)
lstat(&(0x7f00000002c0)='./file0\x00', &(0x7f00000003c0)) (async)
quotactl$Q_SETQUOTA(0xffffffff80000900, &(0x7f0000000c80)=@loop={'/dev/loop', 0x0}, r6, 0x0) (async)

717.810131ms ago: executing program 1 (id=928):
syz_open_procfs(0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='mm_page_alloc\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)

678.635524ms ago: executing program 1 (id=929):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000ac0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x16}]}, @NFT_MSG_NEWSETELEM={0x50, 0xc, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x28, 0x3, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x20, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x1a, 0x1, "10c4e3257eaa66a5725a38cd58d26115453baa910be0"}]}]}]}]}], {0x14, 0x10}}, 0xd4}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000ff7f000000000000e2ffffff000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000001008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000440)='kfree\x00', r2}, 0x37)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$sock_SIOCINQ(r3, 0x541b, &(0x7f0000000240))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = io_uring_setup(0x1b91, &(0x7f0000000000))
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r7}, 0x10)
r8 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r9 = fcntl$dupfd(r8, 0x0, r8)
ioctl$SG_IO(r9, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @buffer={0x17, 0x51, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})
close_range(r6, 0xffffffffffffffff, 0x0)

579.120301ms ago: executing program 2 (id=931):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000ac0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x16}]}, @NFT_MSG_NEWSETELEM={0x50, 0xc, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x28, 0x3, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x20, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x1a, 0x1, "10c4e3257eaa66a5725a38cd58d26115453baa910be0"}]}]}]}]}], {0x14, 0x10}}, 0xd4}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000ff7f000000000000e2ffffff000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000001008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000440)='kfree\x00', r2}, 0x37)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$sock_SIOCINQ(r3, 0x541b, &(0x7f0000000240))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r8 = fcntl$dupfd(r7, 0x0, r7)
ioctl$SG_IO(r8, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @buffer={0x17, 0x51, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})

559.054152ms ago: executing program 1 (id=932):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
lsetxattr$system_posix_acl(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000440)='system.posix_acl_default\x00', 0x0, 0x0, 0x0)
unshare(0x68040200)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r2 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f00000003c0)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
r3 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc1}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0900000004000000080000000b00000000000000", @ANYRES32, @ANYBLOB="0000001a000000000000000000000000ff00000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRESOCT, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
keyctl$KEYCTL_MOVE(0x4, r3, r2, 0x0, 0x0)
keyctl$KEYCTL_MOVE(0x4, r1, r1, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x36, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, @void, @value}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x5, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x75}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r6}, &(0x7f0000000200), &(0x7f0000000280)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r7}, 0x10)
r8 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r8, 0x5412, &(0x7f0000000100)=0x13)
ioctl$TIOCSTI(r8, 0x5412, &(0x7f00000001c0))
r9 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSW(r9, 0x5403, &(0x7f0000000040)={0x3d17, 0x0, 0x0, 0x0, 0x0, "7e12091588e633bbb1df022dace17a32d251ee"})
r10 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x40, &(0x7f0000000480)={'mangle\x00'}, &(0x7f0000000040)=0x54)

551.818132ms ago: executing program 2 (id=933):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f0000000000)={[{@orlov}, {@errors_remount}]}, 0x1, 0x784, &(0x7f00000007c0)="$eJzs3c1rHOUfAPDvbJKmSfv7JYKg9RQQNFC6MTW2Ch4qHkSwUNCz7bLZhppNtmQ3pQkBW0TwIqh4EPTSsy/15tWXq/4XHqSlalqseJDI7Eu7bXbTTZvdDeTzgck+z8xsnue7z8wzz+wMOwHsWRPpn0zEoYj4KIkYq89PImKomhqMOFFb7/b6Wj6dktjYePOPpLrOrfW1fDS9J3WgnnkyIn58P+JwZnO55ZXV+VyxWFiq56cqC+enyiurR84t5OYKc4XFY9MzM0ePv3D82M7F+tcvqwevf/zas9+c+Oe9J65++FMSJ+JgfVlzHDtlIibqn8lQ+hHe49WdLqzPkn5XgIeS7poDtb08DsVYDFRTbYz0smYAQLe8GxEbAMAekzj+A8Ae0/ge4Nb6Wr4x9fcbid668UpE7K/F37i+WVsyWL9mt796HXT0VnLPlZEkIsZ3oPyJiPjiu7e/Sqfo0nVIgFYuXY6IM+MTm/v/ZNM9C9v13FYLN4arLxP3zdb/Qe98n45/Xmw1/svcGf9Ei/HPcIt992E8eP/PXNuBYtpKx38vN93bdrsp/rrxgXruf9Ux31By9lyxkPZt/4+IyRgaTvPT1VVb3wU1efPfm+3Kbx7//fnJO1+m5aevd9fIXBscvvc9s7lK7lHjbrhxOeKpwVbxJ3faP2kz/j3VYRmvv/TB5+2WpfGn8TamzfF318aViGdatv/dtky2vD9xqro5TDU2iha+/fWz0XblN7d/OqXlN84FeiFt/9Gt4x9Pmu/XLG+/jJ+vjP3QbtmD42+9/e9L3qqm99XnXcxVKkvTEfuSNzbPP3r3vY18Y/00/smnW+//W23/6TnhmQ7jH7z++9cPH393pfHPbqv9t5+4ent+oF35nbX/TDU1WZ/TSf/XaQUf5bMDAAAAAAAAAAAAAAAAAAAAAAAAgE5lIuJgJJnsnXQmk83WnuH9eIxmiqVy5fDZ0vLibFSflT0eQ5nGT12ONf0e6nT99/Ab+aP35Z+PiMci4tPhkWo+my8VZ/sdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWjz/P/Ub8P9rh0A0DX7+10BAKDnHP8BYO/Z3vF/pGv1AAB6x/k/AOw9HR//z3S3HgBA7zj/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMtOnTyZTht/r6/l0/zshZXl+dKFI7OF8nx2YTmfzZeWzmfnSqW5YiGbLy20/UeXai/FUun8TCwuX5yqFMqVqfLK6umF0vJi5fS5hdxc4XRhqGeRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDnyiur87lisbAksWViZHdUY9ckBmNXVEOia4nmXmKkfx0UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwC73XwAAAP//+Lkq2Q==")
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, 'queue0\x00'})
syz_open_dev$usbfs(&(0x7f0000000000), 0xd7, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10041, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, 0x0, 0x0}, 0x20)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c64656275672c6572726f72733d72656d6f756e742d726f2c757466383d302c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c636865636b3d72656c617865642c757466383d302c726f6469722c726f6469722c00bd11a3d82e3cc8e94a1ac3169cb253bc51dceb1a3c8675eef705933dac0549813c420584251b8849a95afa9de1a80dcc7f9d4e26116050410b89f88108d551843f6115dded9b54fcb36a3a7bab7fb11d2c7265fa11a3ff2f3ca1c0df2142ff9ce532341817f2bb2fef3428793728d4daa090c5becbb74d00c95f965afa83e5bb562620ea9e99853533ca4ef0702dad548503917329f0f431d87efa28137d3f0e0fa2906cb9e236094a2d7a9ce877c1d8509500"/315], 0x1, 0x219, &(0x7f0000000b40)="$eJzs3TFrE2EYB/CnttVQkHQQiiJ44uIUGsU9RSqIAUXJoJPFpihNLBgI6NC6+SX0K+joKjiIq19ABKmCi906CJF6sbFtYiM1OTG/35KH3Pu/93kvIUeGvLl9sr68uNJY2thYj1xuLCZKUYrNsZiOQzEeqccBAPxPNlut+NpKZd0LADAc7v8AMHr6vP9fG2JLAMCA+f4PAKPnxs1bV+bK5fnrSZKLqD9pVpqV9DE9PrcU96IW1ZiNfHyLaG1L60uXy/OzyZZP01Gpr7Xza83K+M58MfIx3T1fTFI785Mx1c6/n4pqnIt8HOuSz7UXsid/OM6e+WX+QuTj3Z1YiVosxla2M/9qMUkuXi3vyh/5MQ4AAAAAAAAAAAAAAAAAAAAAAAahkGzrun9PodDreJrvf3+g3fvzTMSJiWzXDgAAAAAAAAAAAAAAAAAAAP+KxsNHywu1WvXB74r7b5+/3m9Mn8VYe96DnufgxdHTH5/2GjP+Z9fn7xavTmV5Wfos3qzfPX6+MXMhszYmI2LvMz3fWl/yEQPq50Wmr8XPVe87eOZZaeHl6ofP/Z556B9FAAAAAAAAAAAAAAAAAAAw8jo/+s26EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADITuf//wdXZL1GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4HgAA//9YApxH")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000080)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r2, 0x0)
ioctl$TIOCL_GETKMSGREDIRECT(0xffffffffffffffff, 0x541c, &(0x7f0000000000))

503.452206ms ago: executing program 4 (id=934):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x3, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000004000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a300000"], 0x64}}, 0x0)

469.260908ms ago: executing program 4 (id=935):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = socket(0x28, 0x5, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
r6 = dup2(r4, r5)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0xe, &(0x7f0000000440)=ANY=[@ANYBLOB="b7000000fdffffffbfa30000000000000703000020feffff720af0fff8ffffff71a4f0ff000000000f040000000000001d4002000000000065040000000000000f030000000000001d440000000000007a0a00fe000000000f00000000000000b5000000000000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
write$P9_RGETLOCK(r6, &(0x7f0000000500)=ANY=[@ANYBLOB='df'], 0x2c)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x12, r7, 0x0)
connect$vsock_stream(r3, &(0x7f0000000080), 0x10)
getsockopt$inet6_mptcp_buf(r3, 0x11c, 0x3, &(0x7f0000000000)=""/61, &(0x7f00000002c0)=0x3d)
r8 = socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sched_kthread_stop\x00', r2}, 0x10)
syz_usb_connect(0x5, 0x7f4, &(0x7f0000000b00)={{0x12, 0x1, 0x110, 0x1b, 0xb7, 0x8e, 0x8, 0x1e2d, 0xb7, 0x194e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x7e2, 0x4, 0x8, 0x75, 0x0, 0x6, [{{0x9, 0x4, 0x0, 0x5, 0x1, 0x9d, 0x78, 0x11, 0x5, [@cdc_ncm={{0x7, 0x24, 0x6, 0x0, 0x1, "60e3"}, {0x5, 0x24, 0x0, 0x1000}, {0xd, 0x24, 0xf, 0x1, 0x1, 0x4, 0x1ff, 0x8}, {0x6, 0x24, 0x1a, 0x2, 0x28}, [@obex={0x5, 0x24, 0x15, 0x5}, @mdlm_detail={0x17, 0x24, 0x13, 0x4, "ed7a16cc5b5459613251a35e594a0d72b5a412"}, @mbim_extended={0x8, 0x24, 0x1c, 0xbd0, 0x2e, 0x629}, @mdlm={0x15, 0x24, 0x12, 0x200}, @mbim={0xc, 0x24, 0x1b, 0x1, 0x2, 0x30, 0x6, 0x0, 0x1}, @mbim={0xc, 0x24, 0x1b, 0x3, 0x7, 0xf5, 0x5, 0x19e, 0x1}]}, @cdc_ecm={{0x7, 0x24, 0x6, 0x0, 0x0, "66f5"}, {0x5}, {0xd, 0x24, 0xf, 0x1, 0x8, 0x5, 0x5, 0x6}, [@acm={0x4, 0x24, 0x2, 0x8}, @mdlm={0x15, 0x24, 0x12, 0x8}]}], [{{0x9, 0x5, 0xa, 0x2, 0x20, 0xa4, 0x9}}]}}, {{0x9, 0x4, 0xa1, 0x8, 0x5, 0x21, 0x94, 0x21, 0x1, [@cdc_ncm={{0xa, 0x24, 0x6, 0x0, 0x1, "39152a8795"}, {0x5, 0x24, 0x0, 0x6}, {0xd, 0x24, 0xf, 0x1, 0x40, 0x7, 0x2, 0x4}, {0x6, 0x24, 0x1a, 0x2, 0x10}, [@network_terminal={0x7, 0x24, 0xa, 0x3, 0x4, 0x9, 0x5}]}], [{{0x9, 0x5, 0xd, 0x10, 0x200, 0x7, 0x7, 0x93, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x87, 0xf}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x1, 0xc}]}}, {{0x9, 0x5, 0xf, 0x10, 0x8, 0x1, 0x7, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0xf8, 0x5}, @generic={0x46, 0xd, "ec51e90a62f68c97a86bc1d4224455a34320da6180649bcc15fa9a1e91b596d5f4ec20fbf1b8321f1b335143374c085b8a55b48c353df6d9d3949fa1492bcec3b096d637"}]}}, {{0x9, 0x5, 0xe, 0x3, 0x3ff, 0x1, 0x5, 0x98, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0xe, 0x7}]}}, {{0x9, 0x5, 0xc, 0x10, 0x200, 0xf5, 0xd2, 0x0, [@generic={0x73, 0xd, "ac434a2d923f5a26b72993c3ee3569dd471e0718b5ae8729de08c1deff0bb5e4e55e6ee011eee06d7fe62a638434e55f0894110d439f35ebb4e9cb99481a4902715761b22a16a05aacf82cfe581215164873bf2a3348f16b4667d681e19ea6db4e7fbf4d9c798a18cf89878377523cd5ff"}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0xcb, 0x8}]}}, {{0x9, 0x5, 0x4, 0xc, 0x0, 0x6, 0x1, 0x53, [@generic={0x9c, 0xb, "d95704e5ad81ee9cb0345c3f47655e21259bb79ed3622f3f3769d2307e082121a9e1208ff84b25aa0c5004ece1a443507245889089b8d485ba02ae4ac848f07db46b1eb097513c79b58ad1ab16d56c6fc930322feabfc21ced3cd43b1dfe487f7e60d5708c6897c389808daa9766deb784da7ac875a66229d834cc607fdd53ad5ee42dc02d2b860dd3507cf03c2da5527b4279dff165cdaf9339"}]}}]}}, {{0x9, 0x4, 0x4, 0x3, 0xd, 0xeb, 0xec, 0xf8, 0x4, [@hid_hid={0x9, 0x21, 0x4, 0x66, 0x1, {0x22, 0x7c8}}], [{{0x9, 0x5, 0x4, 0x0, 0x10, 0x4, 0x0, 0x2, [@generic={0xff, 0x11, "ed583858e95b138ac9b44eeb69a1e74c23e6b4cfa2a78b8afb0a57588a5d397c0a30e260dcb82239029cc4648b5eaeb7d33c9f70ff6fa681a433f254787d1aa9e5c3bdf2b0b239f2f4e4d60d5dbe5079f9d954c8fc54e13c8371b368da59a06dda80474b191d302a01ff547eb24420ffb7c745c4daad2e1b3ba3c5fbfd07f6466b9ecb73a6ec52f4ca4fd7112368d02558ff0d15c04be3a7e5f1b1429932f81389f92efafe333fdf138056ca0e5b823275f5356db10f212610d7c954dfbc716a8c3d085e65893d06f6e23f77385f486b0ef8880d11cbd63c1bbcb4094b04d47f78aebb447664abe0ed43ed8acaae612c60840449a9f77d7475ec10d186"}]}}, {{0x9, 0x5, 0x4, 0x0, 0x0, 0xb, 0xca, 0xf, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x1, 0x2f8}]}}, {{0x9, 0x5, 0x80, 0x4, 0x3ff, 0xb, 0x12, 0xa}}, {{0x9, 0x5, 0x8, 0x4, 0x8, 0x7, 0x6, 0x9}}, {{0x9, 0x5, 0x4, 0xc, 0x20, 0x7f, 0x9, 0x99, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x63, 0x535}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x2, 0x81}]}}, {{0x9, 0x5, 0x1, 0x10, 0x8, 0xb0, 0x40, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x8, 0x8}, @uac_iso={0x7, 0x25, 0x1, 0x83, 0x5, 0x400}]}}, {{0x9, 0x5, 0x3, 0x1, 0x8, 0x3, 0x3, 0x7f}}, {{0x9, 0x5, 0x80, 0x2, 0x8, 0x4, 0x4, 0x9c}}, {{0x9, 0x5, 0x8, 0x0, 0x3ff, 0x3, 0xc8, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x3, 0x3}]}}, {{0x9, 0x5, 0x0, 0x13, 0x400, 0x81, 0xd, 0x0, [@generic={0x4, 0x5, "0af7"}, @generic={0x6b, 0x23, "89a4b2011fb95009d34faa40509f56ed51182584ea364b6c43670a0e1568921b6acb9bc9de8187f5197a055b1c0fcfe8b1bbaa4758d3bab2ed12b94c354835d65c3af5ed3b014c649d0165c25fa1f73dfd7da5c91428e044124ffaf4427c837bb590f7a21aa9614519"}]}}, {{0x9, 0x5, 0x0, 0x10, 0x400, 0x3, 0xc7, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x81, 0x929f}]}}, {{0x9, 0x5, 0xb, 0x0, 0x40, 0xed, 0xe6, 0x5}}, {{0x9, 0x5, 0x8, 0x2, 0x3ff, 0x10, 0x5, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0xc59655840ee1f8a1, 0x7, 0xb}, @generic={0xf7, 0xd, "62470747bde35aaba3a58599720c10b98b9378a0edf6d7f114dac623e5a37bb0dc4bdbae40366f57e564c9c55bfef7f77eba90a807893df92b204def16a277ac9eb151ee2e996be052e3427b0f56db8cc062d579ac37c6087540022f16eb7f6759b11a8f94fe9ce9ed5a3e97c331691c88d987fda40d4ca58fb728db8e7862781407a435e4ed75c2b7722548d33f6a970ba16717514ce759f1ea1b810f545f30ec1164a45dbadf2c2a0c634a63a3899ef93de69e12da11072361fdd89e446b1d13ef9bc76aad438a324e71ea7259eb40cbc903166481ad7fcd4c7cedf34e946539b54f47ec96daf5f279dc83000dde85573b3e0ca2"}]}}]}}, {{0x9, 0x4, 0x3, 0x3, 0x7, 0xcd, 0xab, 0x1c, 0x4, [@generic={0x9b, 0x6, "a92fb010ef99582e1016f8e74734846014f806b88d63ef3b90c1837d2094cd23b17fb51c283668e073e02883610f14a1170dd550339b42b37b905f7c3e5e11d06dccd9583ce46539b594ee2c590a9d91b8cb27397bbfd402d1b96bee0a99a2123a0d06e0e12adbd980aa87419bef79f8e8cd04b9c7c9292753925f65cb13a15f26fabcc983231c0dc80057405d8051a7cfc959e49d66bd76e6"}, @uac_control={{0xa, 0x24, 0x1, 0x3, 0x2}, [@feature_unit={0x9, 0x24, 0x6, 0x5, 0x3, 0x1, [0x6], 0x4}, @mixer_unit={0x9, 0x24, 0x4, 0x6, 0x9, "4bb8734a"}, @mixer_unit={0xa, 0x24, 0x4, 0x1, 0x0, "6d23c5c93c"}, @extension_unit={0xc, 0x24, 0x8, 0x6, 0x9938, 0x9, "7cf11befb6"}]}], [{{0x9, 0x5, 0x4, 0xc, 0x20, 0x5, 0x5, 0x6, [@generic={0xe, 0xb, "cc1bfc6ed2f0ad030335b171"}]}}, {{0x9, 0x5, 0x5, 0x1, 0x8, 0x7, 0xf8, 0x5}}, {{0x9, 0x5, 0xc, 0x4, 0x8, 0x81, 0x7f, 0xa}}, {{0x9, 0x5, 0xa, 0x1, 0x200, 0xfe, 0xfb, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0x3, 0xf001}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x10, 0x800}]}}, {{0x9, 0x5, 0x2, 0x10, 0x3ff, 0xfa, 0x0, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x8, 0xca}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x8, 0x3ff}]}}, {{0x9, 0x5, 0xb, 0x1, 0x3ff, 0x6b, 0xd, 0xff, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0xab, 0x8}]}}, {{0x9, 0x5, 0x6, 0xc, 0x3ff, 0x0, 0x3, 0x40, [@generic={0xde, 0xa, "96f56d066cd3e619949d4cfc3873637cb906cce2cc30f81eb60aedc1100dcae996e97084dbf6e33ee00ec6e0955f39b4c132b42d26e3d0d91c74b223199c4d0c861aa366e09d0bc500dd488633b8b9f3ee5897d89bb9ab928eb30dd4f447c17be734eefe59e5de8edec906175c00059a994fed05b39aede5a9cfb12bc14db8a187ee82a47c0cd7927bd748ce35aeb6d9d8cd01be02c4a1f7953f28bb39e0834c9ac8d65016174f0bd86a7ebb69020f1ef31f44527d211dd4a64c2adb6730bc77dc904fed83a099703601e65a2abea706a122cbbb07970ada4893be88"}, @uac_iso={0x7, 0x25, 0x1, 0x87, 0xfb, 0x383}]}}]}}]}}]}}, &(0x7f00000005c0)={0xa, &(0x7f0000000300)={0xa, 0x6, 0x200, 0x10, 0x9, 0x8b, 0x20, 0xa5}, 0x5, &(0x7f0000000340)={0x5, 0xf, 0x5}, 0x5, [{0xe, &(0x7f0000000380)=@string={0xe, 0x3, "d05924c4c9c89e1ced3888a0"}}, {0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x1c09}}, {0x100, &(0x7f00000004c0)=@string={0x100, 0x3, "c0639e607fccda7e9f368ca5b460b39f2a703af70624a696fa4e985bcde15fc6137d5e6e3432bf09e0c93fce1731db5a5782bfeb3a231789e36402a3cb292cb0d6d40ab1a02659149e65f2ab81d90c49ef6e3e63834ab73d3079faa2fc0d769f9810d48fd074bcbdbecae9dbddd5c3ded0207aefec4f107098e40457428fc26eb4f5105fa5adcb4f7c4c90b048dc3bc1e8d551c1ea09837c04f433c2dca5260c7157726cd3dbd0c33234a4fb1ce46d2f0d49c83f5f1f53818d15d15b7a11add7e9355b6ed83a146015a820ffcbc30e321b5d49480943f43f9931fd633aec8e99a53d41cda7ee87580fdb76fec4ef6df32962eb8298adfc1436143d2c0bdd"}}, {0x26, &(0x7f0000000400)=@string={0x26, 0x3, "acec1c172574a71da6953ce40ef08273ac2a6862c3ef23128288f241c2660a059a30bae6"}}, {0xf7, &(0x7f00000006c0)=@string={0xf7, 0x3, "2ca6fed4783797fabb41b8daac47aadcd9dd31b8a2deb577a52d127020bbffbb4e5eb8e0beaac952721c0e8d029cbfd78a0fb8d54f06cb3f691ee3062a362d948fe2b74650c3d2224871fcab406247f6b36f519a269e5629a6c628de7157e7c8f83a2401966f2ef1e3f2479426cc63a80053b4a640a43f54d109fda2c0567255e0b04b73364cbfa3294bb861121fb744958c1b6f16687486e765c1764d491d6866555a4196717be4970a49a1938dee56e958d6dc554fffc8c88cadde9c31ed9cb5dfddf635395d14f356f1a47f365060cec10b2482c7dbfcd1fd7d4b0858a95ecd640d8bfad6041eb00ad569c5415239408f27b615"}}]})
sendmsg$nl_route(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}, 0x1, 0x0, 0x0, 0x200000c0}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
link(0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10)
syz_emit_ethernet(0x4a, &(0x7f0000000300)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "88a351", 0x14, 0x6, 0x0, @empty, @remote, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
unshare(0x42000000)
syz_emit_ethernet(0x52, &(0x7f0000000080)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0xf, 0x4, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty, {[@noop, @timestamp_addr={0x44, 0x24, 0x18, 0x1, 0x3, [{@rand_addr=0x64010100, 0x3}, {@private=0xa010101, 0x7640}, {@empty, 0xffff}, {@local, 0x1}]}]}}, {0x0, 0x4e20, 0x8}}}}}, 0x0)

403.552552ms ago: executing program 2 (id=936):
connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x0, 0x0, @remote, 0x12}, 0x1c)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$SG_IO(r2, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x17, 0x51, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})

376.590244ms ago: executing program 0 (id=937):
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
socket(0x1, 0x803, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r0}, &(0x7f00000003c0), &(0x7f0000000400)}, 0x20)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)

309.964189ms ago: executing program 2 (id=938):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000000380)={0x0, 0x0, "5a77bd038786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500031681905db88235f8a5447dd2a2fd6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd500800000000000000e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82577ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b394de70400d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca147df97db"})

309.385539ms ago: executing program 2 (id=939):
syz_open_procfs(0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='mm_page_alloc\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)

304.593349ms ago: executing program 0 (id=940):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
ppoll(&(0x7f0000000000)=[{}, {}], 0x2, 0x0, 0x0, 0x0)
r2 = socket(0x11, 0x800000003, 0x0)
r3 = socket(0x10, 0x3, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r4 = gettid()
r5 = gettid()
tkill(r4, 0x12)
tkill(r5, 0x14)
r6 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x404040, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r6, 0xc0189372, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r1, {0x2}}, './file0\x00'})
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000600)={'team0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=@newqdisc={0x8c, 0x24, 0x2, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x5c, 0x2, {{0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0xe], 0x0, [0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9282], [0x0, 0x4]}, [@TCA_MQPRIO_MAX_RATE64={0x4}]}}}]}, 0x8c}}, 0x0)

304.29917ms ago: executing program 1 (id=941):
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33) (fail_nth: 4)

26.748268ms ago: executing program 1 (id=942):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'veth1_vlan\x00', &(0x7f0000000540)=@ethtool_gstrings={0x1b, 0x1}})
r1 = syz_open_dev$usbfs(&(0x7f0000000200), 0x9, 0x0)
ioctl$USBDEVFS_GETDRIVER(r1, 0x41045508, &(0x7f0000000340)={0x401, "f393cb3adc2865664b3723153f0cdee93a0a8bece34f53ac244b0b0c89c904287512b556bab8929bbf834a45b4ad0236a55b0ea97850abceb53b7eb421245f0b9d85da97dfa4b707bd193838ae6326bdd510d41178dc76a1dd98f1c2037aa84e5192f649d7fd6d585b7342253e8d63608c9fb8b1db6abec5fc995daaf8c4b5191303085c93e9cba5d6f9f4350a3b11a6f3b32100bdab3a275ea6c72b2dcef09586d3473d4135756c02722652c7450cc4a2143691562ee596a33033e7e2d5078625ce1b3a3b79448347d5fe992538b98a75718dc29793237aa3c6ce5eb4a19f8400616adfae171995dfa0c4a6b6b5d557642e657dfb4fb809d5e6ee8ada2b8bc1"})
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
open(0x0, 0x14927e, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
inotify_init1(0x800)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000b80)={'filter\x00', 0x4, 0x4, 0x3e8, 0x0, 0x0, 0x200, 0x300, 0x300, 0x300, 0x4, 0x0, {[{{@arp={@remote, @broadcast, 0x0, 0x0, 0xfd, 0x0, {@mac=@link_local={0x2}, {[0xff]}}, {@mac}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'bridge0\x00', 'erspan0\x00'}, 0xc0, 0x100}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0xc, 0x4}}}, {{@uncond, 0xc0, 0x100}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x0, 0x40}}}, {{@arp={@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {@mac}, {@mac=@multicast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_vlan\x00', 'ipvlan1\x00'}, 0xc0, 0x100}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x2, 0x8}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0xfebe)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
r3 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, 0x30050, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x6541}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readv(r3, &(0x7f0000000100)=[{&(0x7f00000000c0)=""/46, 0x2e}], 0x1)
capset(&(0x7f0000000280)={0x20071026}, &(0x7f0000000340)={0x0, 0x0, 0x80, 0x0, 0x9})
sendmmsg$inet(r2, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000001500)="b2", 0x1}], 0x1}}], 0x1, 0x4000000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_ifreq(r4, 0x89f0, &(0x7f0000000180)={'bond0\x00', @ifru_names='netdevsim0\x00'})

24.347128ms ago: executing program 2 (id=943):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000ac0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x16}]}, @NFT_MSG_NEWSETELEM={0x50, 0xc, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x28, 0x3, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x20, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x1a, 0x1, "10c4e3257eaa66a5725a38cd58d26115453baa910be0"}]}]}]}]}], {0x14, 0x10}}, 0xd4}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000ff7f000000000000e2ffffff000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000001008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000440)='kfree\x00', r2}, 0x37)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$sock_SIOCINQ(r3, 0x541b, &(0x7f0000000240))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = io_uring_setup(0x1b91, &(0x7f0000000000))
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r7}, 0x10)
r8 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r9 = fcntl$dupfd(r8, 0x0, r8)
ioctl$SG_IO(r9, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @buffer={0x17, 0x51, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})
close_range(r6, 0xffffffffffffffff, 0x0)

23.233398ms ago: executing program 3 (id=944):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000ac0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x16}]}, @NFT_MSG_NEWSETELEM={0x50, 0xc, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x28, 0x3, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x20, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x1a, 0x1, "10c4e3257eaa66a5725a38cd58d26115453baa910be0"}]}]}]}]}], {0x14, 0x10}}, 0xd4}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000ff7f000000000000e2ffffff000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000001008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000440)='kfree\x00', r2}, 0x37)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$sock_SIOCINQ(r3, 0x541b, &(0x7f0000000240))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r7 = fcntl$dupfd(r6, 0x0, r6)
ioctl$SG_IO(r7, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @buffer={0x17, 0x51, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})

0s ago: executing program 3 (id=945):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x3, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000004000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a300000"], 0x64}}, 0x0)

kernel console output (not intermixed with test programs):

vfs_get_tree+0x56/0x1e0
[   51.591058][ T4337]  do_new_mount+0x227/0x690
[   51.595594][ T4337]  path_mount+0x49b/0xb30
[   51.599926][ T4337]  __se_sys_mount+0x27c/0x2d0
[   51.604698][ T4337]  __x64_sys_mount+0x67/0x80
[   51.609381][ T4337]  x64_sys_call+0x203e/0x2d60
[   51.614168][ T4337]  do_syscall_64+0xc9/0x1c0
[   51.618769][ T4337]  ? clear_bhb_loop+0x55/0xb0
[   51.623472][ T4337]  ? clear_bhb_loop+0x55/0xb0
[   51.628184][ T4337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.634203][ T4337] RIP: 0033:0x7efd9a3bdef9
[   51.638613][ T4337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.658404][ T4337] RSP: 002b:00007efd99037038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   51.666845][ T4337] RAX: ffffffffffffffda RBX: 00007efd9a575f80 RCX: 00007efd9a3bdef9
[   51.674816][ T4337] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
[   51.683013][ T4337] RBP: 00007efd99037090 R08: 0000000020000380 R09: 0000000000000000
[   51.690994][ T4337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   51.699010][ T4337] R13: 0000000000000000 R14: 00007efd9a575f80 R15: 00007ffe6ceae198
[   51.707024][ T4337]  </TASK>
[   51.778139][   T29] audit: type=1400 audit(1860652992.790:2628): avc:  denied  { relabelfrom } for  pid=4342 comm="syz.0.323" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   51.798060][   T29] audit: type=1400 audit(1860652992.790:2629): avc:  denied  { relabelto } for  pid=4342 comm="syz.0.323" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   51.817881][   T29] audit: type=1400 audit(1860652992.800:2630): avc:  denied  { ioctl } for  pid=4342 comm="syz.0.323" path="socket:[7428]" dev="sockfs" ino=7428 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   51.842591][   T29] audit: type=1400 audit(1860652992.800:2631): avc:  denied  { getopt } for  pid=4342 comm="syz.0.323" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   51.867011][ T4345] FAULT_INJECTION: forcing a failure.
[   51.867011][ T4345] name failslab, interval 1, probability 0, space 0, times 0
[   51.880367][ T4345] CPU: 0 UID: 0 PID: 4345 Comm: syz.2.325 Not tainted 6.11.0-rc7-syzkaller-00151-gd42f7708e27c #0
[   51.881578][   T29] audit: type=1400 audit(1860652992.880:2632): avc:  denied  { connect } for  pid=4346 comm="syz.4.324" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   51.890952][ T4345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   51.890966][ T4345] Call Trace:
[   51.890972][ T4345]  <TASK>
[   51.890992][ T4345]  dump_stack_lvl+0xf2/0x150
[   51.910414][   T29] audit: type=1400 audit(1860652992.880:2633): avc:  denied  { getopt } for  pid=4346 comm="syz.4.324" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   51.920491][ T4345]  dump_stack+0x15/0x20
[   51.954748][ T4345]  should_fail_ex+0x229/0x230
[   51.959477][ T4345]  ? sctp_auth_asoc_copy_shkeys+0x101/0x340
[   51.965513][ T4345]  should_failslab+0x8f/0xb0
[   51.970138][ T4345]  __kmalloc_cache_noprof+0x4b/0x2a0
[   51.975536][ T4345]  sctp_auth_asoc_copy_shkeys+0x101/0x340
[   51.981289][ T4345]  sctp_association_new+0xe75/0x1130
[   51.986683][ T4345]  sctp_connect_new_asoc+0x1b0/0x3b0
[   51.992002][ T4345]  sctp_sendmsg+0xf05/0x1920
[   51.996682][ T4345]  ? __pfx_sctp_sendmsg+0x10/0x10
[   52.001779][ T4345]  inet_sendmsg+0xc5/0xd0
[   52.002894][ T4356] loop1: detected capacity change from 0 to 2048
[   52.006122][ T4345]  __sock_sendmsg+0x102/0x180
[   52.017167][ T4345]  __sys_sendto+0x1e5/0x260
[   52.021687][ T4345]  __x64_sys_sendto+0x78/0x90
[   52.026384][ T4345]  x64_sys_call+0x2959/0x2d60
[   52.031123][ T4345]  do_syscall_64+0xc9/0x1c0
[   52.035720][ T4345]  ? clear_bhb_loop+0x55/0xb0
[   52.040428][ T4345]  ? clear_bhb_loop+0x55/0xb0
[   52.045108][ T4345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.051042][ T4345] RIP: 0033:0x7efd9a3bdef9
[   52.055462][ T4345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.075161][ T4345] RSP: 002b:00007efd99037038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   52.083658][ T4345] RAX: ffffffffffffffda RBX: 00007efd9a575f80 RCX: 00007efd9a3bdef9
[   52.091633][ T4345] RDX: 0000000000000003 RSI: 0000000020000040 RDI: 0000000000000003
[   52.099651][ T4345] RBP: 00007efd99037090 R08: 0000000020000100 R09: 000000000000001c
[   52.107638][ T4345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.115664][ T4345] R13: 0000000000000000 R14: 00007efd9a575f80 R15: 00007ffe6ceae198
[   52.123677][ T4345]  </TASK>
[   52.128249][ T4356] EXT4-fs: Ignoring removed orlov option
[   52.138000][ T4356] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.158116][   T29] audit: type=1400 audit(1860652993.180:2634): avc:  denied  { map } for  pid=4355 comm="syz.1.329" path="/19/file0/cgroup.stat" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   52.191593][ T4361] loop3: detected capacity change from 0 to 512
[   52.206163][   T11] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   52.222681][ T4361] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.330: casefold flag without casefold feature
[   52.252467][ T4361] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.330: couldn't read orphan inode 15 (err -117)
[   52.256913][   T11] EXT4-fs (loop1): Remounting filesystem read-only
[   52.271597][ T4367] syz.0.332[4367] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   52.271664][ T4367] syz.0.332[4367] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   52.271791][ T3935] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.284445][ T4361] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.384291][ T4367] loop0: detected capacity change from 0 to 764
[   52.401120][ T4367] iso9660: Unknown parameter ''
[   52.428982][ T4372] loop1: detected capacity change from 0 to 128
[   52.492501][ T3263] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.716709][ T4392] tap0: tun_chr_ioctl cmd 1074025677
[   52.722322][ T4392] tap0: linktype set to 804
[   52.969129][ T4399] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   52.998269][ T4399] vhci_hcd: invalid port number 23
[   53.008868][ T4401] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.016130][ T4401] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.038415][ T4401] bridge0: left promiscuous mode
[   53.137089][ T4405] loop3: detected capacity change from 0 to 512
[   53.147983][ T4405] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.346: casefold flag without casefold feature
[   53.190201][ T4413] loop2: detected capacity change from 0 to 128
[   53.202483][ T4405] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.346: couldn't read orphan inode 15 (err -117)
[   53.218856][ T4405] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.232242][ T4414] 9pnet_fd: Insufficient options for proto=fd
[   53.247346][ T4414] loop0: detected capacity change from 0 to 512
[   53.258696][ T4413] FAULT_INJECTION: forcing a failure.
[   53.258696][ T4413] name failslab, interval 1, probability 0, space 0, times 0
[   53.271377][ T4413] CPU: 1 UID: 0 PID: 4413 Comm: syz.2.350 Not tainted 6.11.0-rc7-syzkaller-00151-gd42f7708e27c #0
[   53.281992][ T4413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   53.292093][ T4413] Call Trace:
[   53.295387][ T4413]  <TASK>
[   53.298371][ T4413]  dump_stack_lvl+0xf2/0x150
[   53.303056][ T4413]  dump_stack+0x15/0x20
[   53.303158][ T4413]  should_fail_ex+0x229/0x230
[   53.303251][ T4413]  ? io_submit_one+0xb7/0x1240
[   53.303275][ T4413]  should_failslab+0x8f/0xb0
[   53.303308][ T4413]  kmem_cache_alloc_noprof+0x4c/0x290
[   53.303355][ T4413]  io_submit_one+0xb7/0x1240
[   53.303385][ T4413]  ? __rcu_read_unlock+0x4e/0x70
[   53.303454][ T4413]  __se_sys_io_submit+0xf5/0x280
[   53.303527][ T4413]  __x64_sys_io_submit+0x43/0x50
[   53.303549][ T4413]  x64_sys_call+0x1ebc/0x2d60
[   53.303614][ T4413]  do_syscall_64+0xc9/0x1c0
[   53.303635][ T4413]  ? clear_bhb_loop+0x55/0xb0
[   53.303655][ T4413]  ? clear_bhb_loop+0x55/0xb0
[   53.303674][ T4413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.303753][ T4413] RIP: 0033:0x7efd9a3bdef9
[   53.303769][ T4413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.303787][ T4413] RSP: 002b:00007efd99037038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[   53.303824][ T4413] RAX: ffffffffffffffda RBX: 00007efd9a575f80 RCX: 00007efd9a3bdef9
[   53.303838][ T4413] RDX: 0000000020000040 RSI: 0000000000000001 RDI: 00007efd9b0ae000
[   53.303851][ T4413] RBP: 00007efd99037090 R08: 0000000000000000 R09: 0000000000000000
[   53.303863][ T4413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.303881][ T4413] R13: 0000000000000000 R14: 00007efd9a575f80 R15: 00007ffe6ceae198
[   53.303901][ T4413]  </TASK>
[   53.318056][ T4414] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   53.318111][ T4414] ext4 filesystem being mounted at /70/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.332018][ T4415] loop4: detected capacity change from 0 to 256
[   53.503815][ T3263] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.532305][ T4421] syz.3.351[4421] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   53.532362][ T4421] syz.3.351[4421] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   53.573361][ T4421] loop3: detected capacity change from 0 to 764
[   53.592774][ T4421] iso9660: Unknown parameter ''
[   53.593362][ T4429] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.637771][ T4432] sch_tbf: peakrate 6 is lower than or equals to rate 705765376 !
[   53.691585][ T4438] FAULT_INJECTION: forcing a failure.
[   53.691585][ T4438] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   53.704773][ T4438] CPU: 1 UID: 0 PID: 4438 Comm: syz.3.358 Not tainted 6.11.0-rc7-syzkaller-00151-gd42f7708e27c #0
[   53.715391][ T4438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   53.725464][ T4438] Call Trace:
[   53.728764][ T4438]  <TASK>
[   53.731713][ T4438]  dump_stack_lvl+0xf2/0x150
[   53.736382][ T4438]  dump_stack+0x15/0x20
[   53.740606][ T4438]  should_fail_ex+0x229/0x230
[   53.745319][ T4438]  should_fail+0xb/0x10
[   53.749504][ T4438]  should_fail_usercopy+0x1a/0x20
[   53.754586][ T4438]  _copy_from_user+0x1e/0xd0
[   53.759192][ T4438]  copy_msghdr_from_user+0x54/0x2a0
[   53.764564][ T4438]  __sys_sendmsg+0x17d/0x280
[   53.769297][ T4438]  __x64_sys_sendmsg+0x46/0x50
[   53.774245][ T4438]  x64_sys_call+0x2689/0x2d60
[   53.778940][ T4438]  do_syscall_64+0xc9/0x1c0
[   53.783454][ T4438]  ? clear_bhb_loop+0x55/0xb0
[   53.788187][ T4438]  ? clear_bhb_loop+0x55/0xb0
[   53.792871][ T4438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.798828][ T4438] RIP: 0033:0x7f85719bdef9
[   53.803275][ T4438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.823061][ T4438] RSP: 002b:00007f8570637038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   53.831486][ T4438] RAX: ffffffffffffffda RBX: 00007f8571b75f80 RCX: 00007f85719bdef9
[   53.839466][ T4438] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000004
[   53.847450][ T4438] RBP: 00007f8570637090 R08: 0000000000000000 R09: 0000000000000000
[   53.855420][ T4438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.863396][ T4438] R13: 0000000000000000 R14: 00007f8571b75f80 R15: 00007ffdcb4375c8
[   53.871387][ T4438]  </TASK>
[   53.958495][ T4451] loop3: detected capacity change from 0 to 512
[   53.972159][ T4451] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.362: casefold flag without casefold feature
[   53.986148][ T4451] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.362: couldn't read orphan inode 15 (err -117)
[   54.000219][ T4451] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.022111][ T3259] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   54.133870][ T3263] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.514787][ T4467] syz.3.367[4467] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.514928][ T4467] syz.3.367[4467] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.536182][ T4467] loop3: detected capacity change from 0 to 764
[   54.554419][ T4467] iso9660: Unknown parameter ''
[   54.736319][ T4429] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.815932][ T4429] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.880294][ T4429] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.904386][ T4488] netlink: 'syz.3.376': attribute type 4 has an invalid length.
[   54.924151][ T4488] netlink: 'syz.3.376': attribute type 4 has an invalid length.
[   54.969095][ T4429] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   54.969606][ T4493] loop4: detected capacity change from 0 to 512
[   54.987062][ T4429] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   55.007985][ T4429] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   55.016665][ T4493] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.378: casefold flag without casefold feature
[   55.017601][ T4498] syz.3.380[4498] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   55.032179][ T4429] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   55.052040][ T4498] syz.3.380[4498] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   55.055806][ T4493] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.378: couldn't read orphan inode 15 (err -117)
[   55.087491][ T4498] loop3: detected capacity change from 0 to 764
[   55.094511][ T4498] iso9660: Unknown parameter ''
[   55.100934][ T4493] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.244634][ T3258] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.256662][ T4504] FAULT_INJECTION: forcing a failure.
[   55.256662][ T4504] name failslab, interval 1, probability 0, space 0, times 0
[   55.269402][ T4504] CPU: 1 UID: 0 PID: 4504 Comm: syz.1.381 Not tainted 6.11.0-rc7-syzkaller-00151-gd42f7708e27c #0
[   55.280124][ T4504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   55.290208][ T4504] Call Trace:
[   55.293502][ T4504]  <TASK>
[   55.296440][ T4504]  dump_stack_lvl+0xf2/0x150
[   55.301050][ T4504]  dump_stack+0x15/0x20
[   55.305316][ T4504]  should_fail_ex+0x229/0x230
[   55.310030][ T4504]  ? __alloc_skb+0x10b/0x310
[   55.314712][ T4504]  should_failslab+0x8f/0xb0
[   55.319363][ T4504]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[   55.325254][ T4504]  ? __rtnl_unlock+0x99/0xb0
[   55.329961][ T4504]  __alloc_skb+0x10b/0x310
[   55.334419][ T4504]  netlink_ack+0xef/0x4f0
[   55.338891][ T4504]  ? __dev_queue_xmit+0x161/0x1fe0
[   55.344029][ T4504]  netlink_rcv_skb+0x19c/0x230
[   55.348813][ T4504]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   55.354407][ T4504]  rtnetlink_rcv+0x1c/0x30
[   55.358849][ T4504]  netlink_unicast+0x599/0x670
[   55.363644][ T4504]  netlink_sendmsg+0x5cc/0x6e0
[   55.368445][ T4504]  ? __pfx_netlink_sendmsg+0x10/0x10
[   55.373752][ T4504]  __sock_sendmsg+0x140/0x180
[   55.378504][ T4504]  ____sys_sendmsg+0x312/0x410
[   55.383437][ T4504]  __sys_sendmsg+0x1e9/0x280
[   55.388067][ T4504]  __x64_sys_sendmsg+0x46/0x50
[   55.392859][ T4504]  x64_sys_call+0x2689/0x2d60
[   55.397602][ T4504]  do_syscall_64+0xc9/0x1c0
[   55.402127][ T4504]  ? clear_bhb_loop+0x55/0xb0
[   55.406826][ T4504]  ? clear_bhb_loop+0x55/0xb0
[   55.411521][ T4504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.417559][ T4504] RIP: 0033:0x7f6cc486def9
[   55.421990][ T4504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.441616][ T4504] RSP: 002b:00007f6cc34e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   55.450143][ T4504] RAX: ffffffffffffffda RBX: 00007f6cc4a25f80 RCX: 00007f6cc486def9
[   55.458135][ T4504] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000003
[   55.466139][ T4504] RBP: 00007f6cc34e7090 R08: 0000000000000000 R09: 0000000000000000
[   55.474161][ T4504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.482146][ T4504] R13: 0000000000000000 R14: 00007f6cc4a25f80 R15: 00007fff6b122688
[   55.490213][ T4504]  </TASK>
[   55.548414][ T4514] syz.1.387[4514] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   55.548515][ T4514] syz.1.387[4514] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   56.099385][ T4526] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.117850][ T4526] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.247052][ T4526] bridge0: left promiscuous mode
[   56.606155][   T29] kauditd_printk_skb: 1880 callbacks suppressed
[   56.606170][   T29] audit: type=1326 audit(1860652997.630:4515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4532 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41d0edef9 code=0x7ffc0000
[   56.640470][ T4533] syz.0.393[4533] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   56.640596][ T4533] syz.0.393[4533] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   56.665229][ T4536] loop2: detected capacity change from 0 to 512
[   56.701295][ T4536] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.394: casefold flag without casefold feature
[   56.715318][   T29] audit: type=1326 audit(1860652997.670:4516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4532 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7fc41d0edef9 code=0x7ffc0000
[   56.738882][   T29] audit: type=1326 audit(1860652997.670:4517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4532 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41d0edef9 code=0x7ffc0000
[   56.762419][   T29] audit: type=1326 audit(1860652997.670:4518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4532 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41d0edef9 code=0x7ffc0000
[   56.770370][ T4533] loop0: detected capacity change from 0 to 764
[   56.785824][   T29] audit: type=1326 audit(1860652997.670:4519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4532 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc41d0edef9 code=0x7ffc0000
[   56.793327][ T4533] iso9660: Unknown parameter ''
[   56.815310][   T29] audit: type=1326 audit(1860652997.720:4520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4532 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41d0edef9 code=0x7ffc0000
[   56.843830][   T29] audit: type=1326 audit(1860652997.720:4521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4532 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc41d0edef9 code=0x7ffc0000
[   56.871556][ T4536] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.394: couldn't read orphan inode 15 (err -117)
[   56.884988][   T29] audit: type=1326 audit(1860652997.800:4522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4532 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41d0edef9 code=0x7ffc0000
[   56.908383][   T29] audit: type=1326 audit(1860652997.800:4523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4532 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fc41d0edef9 code=0x7ffc0000
[   56.931843][   T29] audit: type=1326 audit(1860652997.800:4524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4532 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41d0edef9 code=0x7ffc0000
[   57.232980][ T4546] loop3: detected capacity change from 0 to 2048
[   57.291762][ T4546] ext4: Unknown parameter 'fsname'
[   57.446822][ T4565] FAULT_INJECTION: forcing a failure.
[   57.446822][ T4565] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   57.460141][ T4565] CPU: 0 UID: 0 PID: 4565 Comm: syz.4.405 Not tainted 6.11.0-rc7-syzkaller-00151-gd42f7708e27c #0
[   57.470849][ T4565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   57.481026][ T4565] Call Trace:
[   57.484298][ T4565]  <TASK>
[   57.487225][ T4565]  dump_stack_lvl+0xf2/0x150
[   57.491818][ T4565]  dump_stack+0x15/0x20
[   57.495990][ T4565]  should_fail_ex+0x229/0x230
[   57.500758][ T4565]  should_fail+0xb/0x10
[   57.504912][ T4565]  should_fail_usercopy+0x1a/0x20
[   57.510044][ T4565]  _copy_from_user+0x1e/0xd0
[   57.514696][ T4565]  copy_msghdr_from_user+0x54/0x2a0
[   57.520004][ T4565]  __sys_sendmsg+0x17d/0x280
[   57.524673][ T4565]  __x64_sys_sendmsg+0x46/0x50
[   57.529522][ T4565]  x64_sys_call+0x2689/0x2d60
[   57.534225][ T4565]  do_syscall_64+0xc9/0x1c0
[   57.538781][ T4565]  ? clear_bhb_loop+0x55/0xb0
[   57.543565][ T4565]  ? clear_bhb_loop+0x55/0xb0
[   57.548240][ T4565]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.554330][ T4565] RIP: 0033:0x7f01668bdef9
[   57.558743][ T4565] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.578399][ T4565] RSP: 002b:00007f0165531038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   57.586837][ T4565] RAX: ffffffffffffffda RBX: 00007f0166a75f80 RCX: 00007f01668bdef9
[   57.594805][ T4565] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000003
[   57.602844][ T4565] RBP: 00007f0165531090 R08: 0000000000000000 R09: 0000000000000000
[   57.610810][ T4565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   57.618806][ T4565] R13: 0000000000000000 R14: 00007f0166a75f80 R15: 00007ffc65b563e8
[   57.626823][ T4565]  </TASK>
[   57.680453][ T4569] loop4: detected capacity change from 0 to 8192
[   57.704643][ T4571] loop2: detected capacity change from 0 to 764
[   57.712823][ T4571] iso9660: Unknown parameter ''
[   58.039635][ T4584] loop3: detected capacity change from 0 to 512
[   58.073930][ T4584] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.410: casefold flag without casefold feature
[   58.172311][ T4584] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.410: couldn't read orphan inode 15 (err -117)
[   58.364081][ T4604] loop0: detected capacity change from 0 to 764
[   58.376605][ T4604] iso9660: Unknown parameter ''
[   58.552608][ T4623] loop2: detected capacity change from 0 to 512
[   58.560839][ T4623] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.428: casefold flag without casefold feature
[   58.573975][ T4623] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.428: couldn't read orphan inode 15 (err -117)
[   58.865273][ T4629] bpf_get_probe_write_proto: 6 callbacks suppressed
[   58.865318][ T4629] syz.2.430[4629] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   58.894661][ T4629] FAULT_INJECTION: forcing a failure.
[   58.894661][ T4629] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   58.919184][ T4629] CPU: 1 UID: 0 PID: 4629 Comm: syz.2.430 Not tainted 6.11.0-rc7-syzkaller-00151-gd42f7708e27c #0
[   58.929937][ T4629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   58.940003][ T4629] Call Trace:
[   58.943279][ T4629]  <TASK>
[   58.946275][ T4629]  dump_stack_lvl+0xf2/0x150
[   58.950878][ T4629]  dump_stack+0x15/0x20
[   58.955129][ T4629]  should_fail_ex+0x229/0x230
[   58.959883][ T4629]  should_fail+0xb/0x10
[   58.964046][ T4629]  should_fail_usercopy+0x1a/0x20
[   58.969287][ T4629]  _copy_from_user+0x1e/0xd0
[   58.973939][ T4629]  copy_msghdr_from_user+0x54/0x2a0
[   58.979246][ T4629]  __sys_sendmmsg+0x22a/0x500
[   58.984003][ T4629]  __x64_sys_sendmmsg+0x57/0x70
[   58.988883][ T4629]  x64_sys_call+0xa49/0x2d60
[   58.993516][ T4629]  do_syscall_64+0xc9/0x1c0
[   58.998027][ T4629]  ? clear_bhb_loop+0x55/0xb0
[   59.002708][ T4629]  ? clear_bhb_loop+0x55/0xb0
[   59.007398][ T4629]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.013385][ T4629] RIP: 0033:0x7efd9a3bdef9
[   59.017802][ T4629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.037415][ T4629] RSP: 002b:00007efd99037038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   59.045911][ T4629] RAX: ffffffffffffffda RBX: 00007efd9a575f80 RCX: 00007efd9a3bdef9
[   59.053884][ T4629] RDX: 0000000000000002 RSI: 0000000020003c40 RDI: 0000000000000003
[   59.061860][ T4629] RBP: 00007efd99037090 R08: 0000000000000000 R09: 0000000000000000
[   59.069835][ T4629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.077812][ T4629] R13: 0000000000000000 R14: 00007efd9a575f80 R15: 00007ffe6ceae198
[   59.085793][ T4629]  </TASK>
[   59.380220][ T4641] syz.0.435[4641] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   59.380304][ T4641] syz.0.435[4641] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   59.399030][ T4641] loop0: detected capacity change from 0 to 764
[   59.417358][ T4641] iso9660: Unknown parameter ''
[   59.603337][ T4650] netlink: 12 bytes leftover after parsing attributes in process `syz.0.439'.
[   59.628027][ T4654] loop0: detected capacity change from 0 to 512
[   59.635813][ T4654] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.441: casefold flag without casefold feature
[   59.649077][ T4654] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.441: couldn't read orphan inode 15 (err -117)
[   60.026826][ T4669] syz.1.447[4669] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   60.026960][ T4669] syz.1.447[4669] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   60.172344][ T4669] loop1: detected capacity change from 0 to 764
[   60.197053][ T4669] iso9660: Unknown parameter ''
[   60.935093][ T4681] netlink: 12 bytes leftover after parsing attributes in process `syz.4.452'.
[   60.974791][ T4683] loop3: detected capacity change from 0 to 512
[   61.003634][ T4683] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.453: casefold flag without casefold feature
[   61.022718][ T4683] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.453: couldn't read orphan inode 15 (err -117)
[   61.187882][ T4693] loop4: detected capacity change from 0 to 512
[   61.200927][ T4693] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   61.218870][ T4701] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   61.236811][ T4701] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   61.249090][ T4693] EXT4-fs (loop4): 1 truncate cleaned up
[   61.258332][ T4701] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   61.281306][ T4701] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   61.743325][ T3360] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.792727][ T3360] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.833611][ T3360] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.882947][ T3360] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.915711][   T29] kauditd_printk_skb: 461 callbacks suppressed
[   61.915728][   T29] audit: type=1326 audit(1860653002.940:4986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4709 comm="syz.4.462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   61.930426][ T4710] loop4: detected capacity change from 0 to 2048
[   61.983737][   T29] audit: type=1326 audit(1860653002.940:4987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4709 comm="syz.4.462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   62.007214][   T29] audit: type=1326 audit(1860653002.940:4988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4709 comm="syz.4.462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   62.008397][ T4710] ext4: Unknown parameter 'obj_user'
[   62.030838][   T29] audit: type=1326 audit(1860653002.940:4989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4709 comm="syz.4.462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   62.059420][   T29] audit: type=1326 audit(1860653002.940:4990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4709 comm="syz.4.462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   62.082963][   T29] audit: type=1326 audit(1860653002.940:4991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4709 comm="syz.4.462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   62.106432][   T29] audit: type=1326 audit(1860653002.940:4992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4709 comm="syz.4.462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   62.130110][   T29] audit: type=1326 audit(1860653002.950:4993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4709 comm="syz.4.462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   62.153455][   T29] audit: type=1326 audit(1860653002.950:4994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4709 comm="syz.4.462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   62.177310][   T29] audit: type=1326 audit(1860653002.950:4995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4709 comm="syz.4.462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   62.200929][ T3360] bridge_slave_1: left allmulticast mode
[   62.206675][ T3360] bridge_slave_1: left promiscuous mode
[   62.212549][ T3360] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.222819][ T4719] netlink: 12 bytes leftover after parsing attributes in process `syz.1.465'.
[   62.250375][ T3360] bridge_slave_0: left allmulticast mode
[   62.256100][ T3360] bridge_slave_0: left promiscuous mode
[   62.261967][ T3360] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.600333][ T3360] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   62.626879][ T3360] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   62.638553][ T3360] bond0 (unregistering): Released all slaves
[   62.749697][ T3360] hsr_slave_0: left promiscuous mode
[   62.760138][ T3360] hsr_slave_1: left promiscuous mode
[   62.805653][ T3360] veth1_macvtap: left promiscuous mode
[   62.811334][ T3360] veth0_macvtap: left promiscuous mode
[   62.816862][ T3360] veth1_vlan: left promiscuous mode
[   62.822145][ T3360] veth0_vlan: left promiscuous mode
[   62.889553][ T4732] loop4: detected capacity change from 0 to 512
[   62.901407][ T4732] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.469: casefold flag without casefold feature
[   62.917444][ T4732] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.469: couldn't read orphan inode 15 (err -117)
[   62.960768][ T3360] team0 (unregistering): Port device team_slave_1 removed
[   62.970994][ T3360] team0 (unregistering): Port device team_slave_0 removed
[   63.126149][ T4755] syz.3.475[4755] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   63.126261][ T4755] syz.3.475[4755] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   63.185775][ T4755] loop3: detected capacity change from 0 to 764
[   63.204269][ T4755] iso9660: Unknown parameter ''
[   63.253824][ T4716] chnl_net:caif_netlink_parms(): no params data found
[   63.301329][ T4768] loop0: detected capacity change from 0 to 2048
[   63.320599][ T4716] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.327736][ T4716] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.335155][ T4768] ext4: Unknown parameter 'obj_user'
[   63.338297][ T4716] bridge_slave_0: entered allmulticast mode
[   63.362687][ T4716] bridge_slave_0: entered promiscuous mode
[   63.411154][ T4716] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.418401][ T4716] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.426647][ T4716] bridge_slave_1: entered allmulticast mode
[   63.433236][ T4716] bridge_slave_1: entered promiscuous mode
[   63.471935][ T4778] loop3: detected capacity change from 0 to 512
[   63.474234][ T4716] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   63.480334][ T4778] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.484: casefold flag without casefold feature
[   63.501692][ T4778] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.484: couldn't read orphan inode 15 (err -117)
[   63.509061][ T4716] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   63.554570][ T4716] team0: Port device team_slave_0 added
[   63.561306][ T4716] team0: Port device team_slave_1 added
[   63.589452][ T4716] batman_adv: batadv0: Adding interface: batadv_slave_0
[   63.596565][ T4716] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   63.623183][ T4716] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   63.635042][ T4716] batman_adv: batadv0: Adding interface: batadv_slave_1
[   63.642051][ T4716] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   63.668012][ T4716] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   63.697415][ T4716] hsr_slave_0: entered promiscuous mode
[   63.704046][ T4716] hsr_slave_1: entered promiscuous mode
[   63.710005][ T4716] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   63.717686][ T4716] Cannot create hsr debugfs directory
[   64.161749][ T4716] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   64.176992][ T4716] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   64.212474][ T4716] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   64.223300][ T4716] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   64.364187][ T4716] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.413161][ T4716] 8021q: adding VLAN 0 to HW filter on device team0
[   64.424725][ T4802] syz.0.491[4802] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   64.424815][ T4802] syz.0.491[4802] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   64.441311][   T50] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.459714][   T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.486905][ T4802] loop0: detected capacity change from 0 to 764
[   64.494535][ T4802] iso9660: Unknown parameter ''
[   64.525412][ T4716] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   64.535845][ T4716] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   64.590909][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.598036][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.665646][ T4716] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.711775][ T4817] loop0: detected capacity change from 0 to 512
[   64.720795][ T4817] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.496: casefold flag without casefold feature
[   64.733914][ T4817] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.496: couldn't read orphan inode 15 (err -117)
[   64.757366][ T4716] veth0_vlan: entered promiscuous mode
[   64.783416][ T4716] veth1_vlan: entered promiscuous mode
[   64.819751][ T4716] veth0_macvtap: entered promiscuous mode
[   64.829262][ T4716] veth1_macvtap: entered promiscuous mode
[   64.842004][ T4716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   64.852679][ T4716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.862727][ T4716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   64.873347][ T4716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.883389][ T4716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   64.894111][ T4716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.903944][ T4716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   64.914361][ T4716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.929685][ T4716] batman_adv: batadv0: Interface activated: batadv_slave_0
[   64.938077][ T4716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   64.948571][ T4716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.958480][ T4716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   64.968973][ T4716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.978820][ T4716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   64.989259][ T4716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.999316][ T4716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   65.009819][ T4716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.024464][ T4716] batman_adv: batadv0: Interface activated: batadv_slave_1
[   65.050195][ T4716] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   65.059171][ T4716] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   65.068141][ T4716] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.077216][ T4716] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   65.150120][ T4835] loop4: detected capacity change from 0 to 2048
[   65.158722][ T4838] syz.3.502[4838] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   65.158845][ T4838] syz.3.502[4838] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   65.171978][ T4835] ext4: Unknown parameter 'obj_user'
[   65.294583][ T4841] syz.2.503[4841] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   65.294650][ T4841] syz.2.503[4841] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   65.317332][ T4841] loop2: detected capacity change from 0 to 764
[   65.335451][ T4841] iso9660: Unknown parameter ''
[   65.675446][ T4853] loop2: detected capacity change from 0 to 512
[   65.758685][ T4853] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.508: casefold flag without casefold feature
[   65.805096][ T4853] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.508: couldn't read orphan inode 15 (err -117)
[   66.434707][ T4868] loop3: detected capacity change from 0 to 8192
[   66.488233][ T4874] syz.1.516[4874] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.488361][ T4874] syz.1.516[4874] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.528908][ T4874] loop1: detected capacity change from 0 to 764
[   66.550959][ T4874] iso9660: Unknown parameter ''
[   66.585614][ T4886] loop4: detected capacity change from 0 to 512
[   66.599607][ T4886] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.522: casefold flag without casefold feature
[   66.613815][ T4886] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.522: couldn't read orphan inode 15 (err -117)
[   66.720723][ T4895] syz.0.525[4895] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.720797][ T4895] syz.0.525[4895] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.863897][ T4904] loop3: detected capacity change from 0 to 2048
[   66.882394][ T4904] ext4: Unknown parameter 'obj_user'
[   67.365914][   T29] kauditd_printk_skb: 375 callbacks suppressed
[   67.365933][   T29] audit: type=1326 audit(1860653008.390:5371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4903 comm="syz.3.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85719bdef9 code=0x7ffc0000
[   67.395795][   T29] audit: type=1326 audit(1860653008.390:5372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4903 comm="syz.3.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85719bdef9 code=0x7ffc0000
[   67.419303][   T29] audit: type=1326 audit(1860653008.390:5373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4903 comm="syz.3.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f85719bdef9 code=0x7ffc0000
[   67.442901][   T29] audit: type=1326 audit(1860653008.390:5374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4903 comm="syz.3.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85719bdef9 code=0x7ffc0000
[   67.466336][   T29] audit: type=1326 audit(1860653008.390:5375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4903 comm="syz.3.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85719bdef9 code=0x7ffc0000
[   67.489892][   T29] audit: type=1326 audit(1860653008.390:5376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4903 comm="syz.3.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f85719bdef9 code=0x7ffc0000
[   67.493583][ T4914] loop2: detected capacity change from 0 to 8192
[   67.513328][   T29] audit: type=1326 audit(1860653008.390:5377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4903 comm="syz.3.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85719bdef9 code=0x7ffc0000
[   67.513354][   T29] audit: type=1326 audit(1860653008.390:5378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4903 comm="syz.3.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f85719bdef9 code=0x7ffc0000
[   67.666253][   T29] audit: type=1326 audit(1860653008.690:5379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4924 comm="syz.2.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ac9dfdef9 code=0x7ffc0000
[   67.690061][   T29] audit: type=1326 audit(1860653008.690:5380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4924 comm="syz.2.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ac9dfdef9 code=0x7ffc0000
[   67.728398][ T4925] loop2: detected capacity change from 0 to 764
[   67.745698][ T4925] iso9660: Unknown parameter ''
[   67.819906][ T4937] loop4: detected capacity change from 0 to 512
[   67.829108][ T4937] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.542: casefold flag without casefold feature
[   67.842029][ T4937] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.542: couldn't read orphan inode 15 (err -117)
[   67.858620][ T4937] EXT4-fs mount: 22 callbacks suppressed
[   67.858638][ T4937] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.251552][ T3258] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.279362][ T4946] loop3: detected capacity change from 0 to 2048
[   68.286183][ T4946] ext4: Unknown parameter 'obj_user'
[   68.341972][ T4950] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   68.351711][ T4950] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   68.360887][ T4950] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   68.370596][ T4950] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   68.411705][ T4953] netlink: 140 bytes leftover after parsing attributes in process `syz.1.546'.
[   68.556194][ T4963] loop1: detected capacity change from 0 to 764
[   68.567086][ T4963] iso9660: Unknown parameter ''
[   68.625152][ T4970] loop0: detected capacity change from 0 to 512
[   68.633454][ T4970] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.555: casefold flag without casefold feature
[   68.647530][ T4970] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.555: couldn't read orphan inode 15 (err -117)
[   68.661797][ T4970] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.703796][ T4979] FAULT_INJECTION: forcing a failure.
[   68.703796][ T4979] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   68.716916][ T4979] CPU: 0 UID: 0 PID: 4979 Comm: syz.1.558 Not tainted 6.11.0-rc7-syzkaller-00151-gd42f7708e27c #0
[   68.727542][ T4979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   68.737600][ T4979] Call Trace:
[   68.740950][ T4979]  <TASK>
[   68.743891][ T4979]  dump_stack_lvl+0xf2/0x150
[   68.748495][ T4979]  dump_stack+0x15/0x20
[   68.752653][ T4979]  should_fail_ex+0x229/0x230
[   68.757346][ T4979]  should_fail+0xb/0x10
[   68.761587][ T4979]  should_fail_usercopy+0x1a/0x20
[   68.766748][ T4979]  _copy_from_iter+0xd3/0xb00
[   68.771503][ T4979]  ? __alloc_skb+0x1b5/0x310
[   68.776121][ T4979]  ? kmalloc_reserve+0x16e/0x190
[   68.781155][ T4979]  ? __build_skb_around+0x196/0x1f0
[   68.786370][ T4979]  ? __alloc_skb+0x21f/0x310
[   68.790987][ T4979]  ? __virt_addr_valid+0x1ed/0x250
[   68.796141][ T4979]  ? __check_object_size+0x35b/0x510
[   68.801452][ T4979]  netlink_sendmsg+0x460/0x6e0
[   68.806311][ T4979]  ? __pfx_netlink_sendmsg+0x10/0x10
[   68.811654][ T4979]  __sock_sendmsg+0x140/0x180
[   68.816450][ T4979]  ____sys_sendmsg+0x312/0x410
[   68.821261][ T4979]  __sys_sendmsg+0x1e9/0x280
[   68.825882][ T4979]  __x64_sys_sendmsg+0x46/0x50
[   68.830723][ T4979]  x64_sys_call+0x2689/0x2d60
[   68.835411][ T4979]  do_syscall_64+0xc9/0x1c0
[   68.839935][ T4979]  ? clear_bhb_loop+0x55/0xb0
[   68.844626][ T4979]  ? clear_bhb_loop+0x55/0xb0
[   68.849323][ T4979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.855305][ T4979] RIP: 0033:0x7f6cc486def9
[   68.859753][ T4979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.879510][ T4979] RSP: 002b:00007f6cc34e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   68.888088][ T4979] RAX: ffffffffffffffda RBX: 00007f6cc4a25f80 RCX: 00007f6cc486def9
[   68.896061][ T4979] RDX: 0000000000000000 RSI: 0000000020000600 RDI: 0000000000000003
[   68.904045][ T4979] RBP: 00007f6cc34e7090 R08: 0000000000000000 R09: 0000000000000000
[   68.912035][ T4979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.920007][ T4979] R13: 0000000000000000 R14: 00007f6cc4a25f80 R15: 00007fff6b122688
[   68.928005][ T4979]  </TASK>
[   68.996974][ T3259] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.133548][ T4999] loop2: detected capacity change from 0 to 764
[   69.153039][ T4999] iso9660: Unknown parameter ''
[   69.343953][ T5010] netlink: 20 bytes leftover after parsing attributes in process `syz.3.570'.
[   69.366970][ T5009] netlink: 24 bytes leftover after parsing attributes in process `syz.2.572'.
[   69.640383][ T5021] loop4: detected capacity change from 0 to 512
[   69.669102][ T5021] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.575: casefold flag without casefold feature
[   69.681891][ T5021] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.575: couldn't read orphan inode 15 (err -117)
[   69.695438][ T5021] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.777386][ T3258] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.794246][ T5036] bpf_get_probe_write_proto: 7 callbacks suppressed
[   69.794261][ T5036] syz.2.582[5036] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   69.801283][ T5036] syz.2.582[5036] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   69.838341][ T5038] loop4: detected capacity change from 0 to 2048
[   69.846927][ T5036] loop2: detected capacity change from 0 to 764
[   69.851318][ T5038] ext4: Unknown parameter 'obj_user'
[   69.860157][ T5036] iso9660: Unknown parameter ''
[   69.904996][ T5042] 9pnet_fd: Insufficient options for proto=fd
[   69.989987][ T5045] loop1: detected capacity change from 0 to 2048
[   70.033817][ T5045] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.045056][ T5058] loop0: detected capacity change from 0 to 512
[   70.054559][ T5055] FAULT_INJECTION: forcing a failure.
[   70.054559][ T5055] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   70.067989][ T5055] CPU: 1 UID: 0 PID: 5055 Comm: syz.3.591 Not tainted 6.11.0-rc7-syzkaller-00151-gd42f7708e27c #0
[   70.078604][ T5055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   70.088679][ T5055] Call Trace:
[   70.091977][ T5055]  <TASK>
[   70.094914][ T5055]  dump_stack_lvl+0xf2/0x150
[   70.099521][ T5055]  dump_stack+0x15/0x20
[   70.103720][ T5055]  should_fail_ex+0x229/0x230
[   70.108482][ T5055]  should_fail_alloc_page+0xfd/0x110
[   70.113930][ T5055]  __alloc_pages_noprof+0x109/0x360
[   70.119151][ T5055]  ___kmalloc_large_node+0x7a/0x120
[   70.124377][ T5055]  __kmalloc_large_node_noprof+0x17/0xa0
[   70.130149][ T5055]  ? io_alloc_hash_table+0x2c/0x80
[   70.135345][ T5055]  __kmalloc_noprof+0x236/0x370
[   70.140208][ T5055]  ? init_hash_table+0x10e/0x170
[   70.145159][ T5055]  io_alloc_hash_table+0x2c/0x80
[   70.150113][ T5055]  io_ring_ctx_alloc+0xcd/0xe10
[   70.154978][ T5055]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   70.160690][ T5055]  io_uring_create+0x1cf/0x920
[   70.165503][ T5055]  __se_sys_io_uring_setup+0x1d2/0x1e0
[   70.170987][ T5055]  __x64_sys_io_uring_setup+0x31/0x40
[   70.176406][ T5055]  x64_sys_call+0x1f7e/0x2d60
[   70.181097][ T5055]  do_syscall_64+0xc9/0x1c0
[   70.185633][ T5055]  ? clear_bhb_loop+0x55/0xb0
[   70.190315][ T5055]  ? clear_bhb_loop+0x55/0xb0
[   70.195041][ T5055]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.200955][ T5055] RIP: 0033:0x7f85719bdef9
[   70.205374][ T5055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.225070][ T5055] RSP: 002b:00007f8570636fc8 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[   70.233573][ T5055] RAX: ffffffffffffffda RBX: 00007f8571b75f80 RCX: 00007f85719bdef9
[   70.241651][ T5055] RDX: 00000000200004c0 RSI: 0000000020000400 RDI: 0000000000002c0c
[   70.249640][ T5055] RBP: 0000000020000400 R08: 0000000000000000 R09: 00000000200004c0
[   70.257651][ T5055] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[   70.265627][ T5055] R13: 0000000020000480 R14: 0000000000002c0c R15: 00000000200004c0
[   70.273682][ T5055]  </TASK>
[   70.283177][ T5058] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.590: bad orphan inode 17
[   70.295499][ T5058] ext4_test_bit(bit=16, block=4) = 1
[   70.300939][ T5058] is_bad_inode(inode)=0
[   70.305179][ T5058] NEXT_ORPHAN(inode)=0
[   70.309470][ T5058] max_ino=32
[   70.312731][ T5058] i_nlink=1
[   70.319775][ T5058] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.352746][ T5058] FAULT_INJECTION: forcing a failure.
[   70.352746][ T5058] name failslab, interval 1, probability 0, space 0, times 0
[   70.365597][ T5058] CPU: 0 UID: 0 PID: 5058 Comm: syz.0.590 Not tainted 6.11.0-rc7-syzkaller-00151-gd42f7708e27c #0
[   70.376269][ T5058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   70.386342][ T5058] Call Trace:
[   70.389632][ T5058]  <TASK>
[   70.392580][ T5058]  dump_stack_lvl+0xf2/0x150
[   70.397254][ T5058]  dump_stack+0x15/0x20
[   70.401459][ T5058]  should_fail_ex+0x229/0x230
[   70.406199][ T5058]  ? security_file_alloc+0x32/0xe0
[   70.411321][ T5058]  should_failslab+0x8f/0xb0
[   70.416028][ T5058]  kmem_cache_alloc_noprof+0x4c/0x290
[   70.421491][ T5058]  security_file_alloc+0x32/0xe0
[   70.426469][ T5058]  alloc_empty_file+0x121/0x310
[   70.431376][ T5058]  path_openat+0x6a/0x1f10
[   70.435797][ T5058]  ? _parse_integer_limit+0x167/0x180
[   70.441230][ T5058]  ? _parse_integer+0x27/0x30
[   70.445959][ T5058]  ? kstrtoull+0x110/0x140
[   70.450451][ T5058]  ? kstrtouint+0x77/0xc0
[   70.455025][ T5058]  do_filp_open+0xf7/0x200
[   70.459459][ T5058]  do_sys_openat2+0xab/0x120
[   70.464249][ T5058]  __x64_sys_open+0xe6/0x110
[   70.468927][ T5058]  x64_sys_call+0x1321/0x2d60
[   70.473666][ T5058]  do_syscall_64+0xc9/0x1c0
[   70.478264][ T5058]  ? clear_bhb_loop+0x55/0xb0
[   70.482964][ T5058]  ? clear_bhb_loop+0x55/0xb0
[   70.487697][ T5058]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.493605][ T5058] RIP: 0033:0x7fc41d0edef9
[   70.498099][ T5058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.517722][ T5058] RSP: 002b:00007fc41bd67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[   70.526152][ T5058] RAX: ffffffffffffffda RBX: 00007fc41d2a5f80 RCX: 00007fc41d0edef9
[   70.534131][ T5058] RDX: 0000000000000000 RSI: 0000000000147042 RDI: 0000000020000040
[   70.542103][ T5058] RBP: 00007fc41bd67090 R08: 0000000000000000 R09: 0000000000000000
[   70.550097][ T5058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   70.558075][ T5058] R13: 0000000000000000 R14: 00007fc41d2a5f80 R15: 00007ffdfdc45938
[   70.566066][ T5058]  </TASK>
[   70.596413][ T3259] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.614273][ T3935] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.628560][ T5068] syz.0.596[5068] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   70.628623][ T5068] syz.0.596[5068] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   70.663557][ T5071] loop1: detected capacity change from 0 to 512
[   70.690916][ T5062] loop2: detected capacity change from 0 to 512
[   70.706247][ T5071] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.594: casefold flag without casefold feature
[   70.725988][ T5071] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.594: couldn't read orphan inode 15 (err -117)
[   70.726343][ T5062] EXT4-fs (loop2): failed to initialize system zone (-117)
[   70.740141][ T5078] syz.0.599[5078] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   70.745096][ T5078] syz.0.599[5078] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   70.745393][ T5062] EXT4-fs (loop2): mount failed
[   70.779793][ T5071] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.813081][ T5078] loop0: detected capacity change from 0 to 764
[   70.827073][ T5078] iso9660: Unknown parameter ''
[   70.934424][ T5092] syz.2.614[5092] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   70.934481][ T5092] syz.2.614[5092] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   71.026626][ T3935] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.054818][ T5092] loop2: detected capacity change from 0 to 764
[   71.072317][ T5092] iso9660: Unknown parameter ''
[   71.493465][ T5115] loop1: detected capacity change from 0 to 2048
[   71.502101][ T5115] ext4: Unknown parameter 'obj_user'
[   71.604114][ T5125] loop2: detected capacity change from 0 to 512
[   71.604224][ T5123] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.617514][ T5123] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.624880][ T5123] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.632482][ T5123] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.650383][ T5125] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.619: casefold flag without casefold feature
[   71.657906][ T5123] bridge0: entered promiscuous mode
[   71.677995][ T5125] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.619: couldn't read orphan inode 15 (err -117)
[   71.699499][ T5125] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.745900][ T5130] syz.3.620[5130] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   71.745985][ T5130] syz.3.620[5130] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   71.798562][ T5130] loop3: detected capacity change from 0 to 764
[   71.868093][ T4716] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.918219][ T5139] loop4: detected capacity change from 0 to 2048
[   71.925081][ T5139] ext4: Unknown parameter 'obj_user'
[   72.050344][ T5144] loop0: detected capacity change from 0 to 164
[   72.066475][ T5144] Unable to read rock-ridge attributes
[   72.085725][ T5144] Unable to read rock-ridge attributes
[   72.112543][ T5144] iso9660: Corrupted directory entry in block 4 of inode 1792
[   72.140730][ T5130] iso9660: Unknown parameter ''
[   72.181760][ T5152] netlink: 24 bytes leftover after parsing attributes in process `syz.0.630'.
[   72.334950][ T5159] loop3: detected capacity change from 0 to 512
[   72.346534][ T5159] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.633: casefold flag without casefold feature
[   72.366977][ T5159] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.633: couldn't read orphan inode 15 (err -117)
[   72.385815][ T5159] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.461290][   T29] kauditd_printk_skb: 2888 callbacks suppressed
[   72.461306][   T29] audit: type=1400 audit(1860653013.490:8269): avc:  denied  { write } for  pid=5151 comm="syz.0.630" path="socket:[11243]" dev="sockfs" ino=11243 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   72.531770][ T3263] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.893805][   T29] audit: type=1326 audit(1860653013.920:8270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5178 comm="syz.4.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   73.117216][   T29] audit: type=1326 audit(1860653013.950:8271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5178 comm="syz.4.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   73.140655][   T29] audit: type=1326 audit(1860653013.950:8272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5178 comm="syz.4.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   73.164003][   T29] audit: type=1326 audit(1860653013.950:8273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5178 comm="syz.4.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   73.178530][ T5179] loop4: detected capacity change from 0 to 764
[   73.187327][   T29] audit: type=1326 audit(1860653013.950:8274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5178 comm="syz.4.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   73.197038][ T5179] iso9660: Unknown parameter ''
[   73.216919][   T29] audit: type=1326 audit(1860653013.950:8275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5178 comm="syz.4.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   73.245186][   T29] audit: type=1326 audit(1860653013.950:8276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5178 comm="syz.4.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   73.268651][   T29] audit: type=1326 audit(1860653013.950:8277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5178 comm="syz.4.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   73.298794][   T29] audit: type=1326 audit(1860653014.200:8278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5178 comm="syz.4.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   73.345774][ T5187] loop1: detected capacity change from 0 to 2048
[   73.349968][ T5189] loop2: detected capacity change from 0 to 1024
[   73.357725][ T5187] ext4: Unknown parameter 'obj_user'
[   73.367594][ T5191] loop4: detected capacity change from 0 to 512
[   73.662348][ T5196] loop3: detected capacity change from 0 to 512
[   73.683263][ T5189] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.707989][ T5191] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.645: casefold flag without casefold feature
[   73.735363][ T5196] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.646: casefold flag without casefold feature
[   73.762799][ T5191] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.645: couldn't read orphan inode 15 (err -117)
[   73.764001][ T5196] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.646: couldn't read orphan inode 15 (err -117)
[   73.789665][ T5196] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.804744][ T5191] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.945451][ T5203] loop0: detected capacity change from 0 to 512
[   73.959869][ T5203] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.647: casefold flag without casefold feature
[   73.973440][ T5203] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.647: couldn't read orphan inode 15 (err -117)
[   73.996130][ T5203] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.014191][ T3263] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.024378][ T4716] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.035215][ T3258] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.152813][ T3259] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.188446][ T5219] loop4: detected capacity change from 0 to 764
[   74.207134][ T5219] iso9660: Unknown parameter ''
[   74.263456][ T5222] loop0: detected capacity change from 0 to 256
[   74.296426][ T5222] FAT-fs (loop0): bogus number of FAT sectors
[   74.302672][ T5222] FAT-fs (loop0): Can't find a valid FAT filesystem
[   74.789403][ T5246] loop0: detected capacity change from 0 to 512
[   74.825696][ T5246] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.664: casefold flag without casefold feature
[   74.839289][ T5246] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.664: couldn't read orphan inode 15 (err -117)
[   74.852100][ T5246] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.909280][ T5256] bpf_get_probe_write_proto: 4 callbacks suppressed
[   74.909297][ T5256] syz.3.668[5256] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   74.920992][ T5254] loop4: detected capacity change from 0 to 2048
[   74.927424][ T5256] syz.3.668[5256] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   74.934021][ T5254] ext4: Unknown parameter 'obj_user'
[   74.956568][ T3259] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.995382][ T5256] loop3: detected capacity change from 0 to 764
[   75.008989][ T5256] iso9660: Unknown parameter ''
[   75.189136][ T5266] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.196263][ T5266] bridge0: port 2(bridge_slave_1) entered forwarding state
[   75.203845][ T5266] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.210946][ T5266] bridge0: port 1(bridge_slave_0) entered forwarding state
[   75.222653][ T5271] loop1: detected capacity change from 0 to 1024
[   75.232840][ T5271] EXT4-fs: Ignoring removed nomblk_io_submit option
[   75.247918][ T5271] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   75.257888][ T5266] bridge0: entered promiscuous mode
[   75.280940][ T5271] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.294585][ T5276] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.301809][ T5276] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.311621][ T5276] bridge0: left promiscuous mode
[   75.327164][ T5271] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[   75.340529][ T5284] loop0: detected capacity change from 0 to 512
[   75.354055][ T5271] netem: change failed
[   75.364318][ T5284] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.680: casefold flag without casefold feature
[   75.377356][ T5284] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.680: couldn't read orphan inode 15 (err -117)
[   75.389729][ T5284] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.410152][ T3935] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.419977][ T5276] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.427535][ T5276] bridge0: port 2(bridge_slave_1) entered forwarding state
[   75.434953][ T5276] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.442136][ T5276] bridge0: port 1(bridge_slave_0) entered forwarding state
[   75.449957][ T5276] bridge0: entered promiscuous mode
[   75.535942][ T3259] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.547852][ T5294] syz.1.683[5294] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.547960][ T5294] syz.1.683[5294] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.574176][ T5294] loop1: detected capacity change from 0 to 764
[   75.593748][ T5294] iso9660: Unknown parameter ''
[   75.680077][ T5307] loop3: detected capacity change from 0 to 2048
[   75.688184][ T5307] ext4: Unknown parameter 'obj_user'
[   76.174132][ T5323] loop0: detected capacity change from 0 to 2048
[   76.174215][ T5324] loop4: detected capacity change from 0 to 1024
[   76.187485][ T5324] EXT4-fs: Ignoring removed orlov option
[   76.193218][ T5324] EXT4-fs: Ignoring removed nomblk_io_submit option
[   76.208766][ T5323] EXT4-fs (loop0): failed to initialize system zone (-117)
[   76.210010][ T5324] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.216169][ T5323] EXT4-fs (loop0): mount failed
[   76.263210][ T5330] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.270528][ T5330] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.274697][ T5321] loop0: detected capacity change from 0 to 512
[   76.278444][ T5330] bridge0: entered allmulticast mode
[   76.285580][ T5321] journal_path: Lookup failure for './bus'
[   76.295291][ T5321] EXT4-fs: error: could not find journal device path
[   76.314439][ T5332] netlink: 28 bytes leftover after parsing attributes in process `syz.4.694'.
[   76.325314][ T5332] netlink: 28 bytes leftover after parsing attributes in process `syz.4.694'.
[   76.351277][ T5335] loop2: detected capacity change from 0 to 512
[   76.353080][ T5332] netlink: 28 bytes leftover after parsing attributes in process `syz.4.694'.
[   76.360004][ T5335] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.696: casefold flag without casefold feature
[   76.367486][ T5332] netlink: 28 bytes leftover after parsing attributes in process `syz.4.694'.
[   76.380538][ T5335] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.696: couldn't read orphan inode 15 (err -117)
[   76.400833][ T5335] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.420093][ T5332] netlink: 28 bytes leftover after parsing attributes in process `syz.4.694'.
[   76.430150][ T5332] netlink: 28 bytes leftover after parsing attributes in process `syz.4.694'.
[   76.505279][ T3258] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.515673][ T4716] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.569308][ T5348] loop0: detected capacity change from 0 to 2048
[   76.587081][ T5348] ext4: Unknown parameter 'obj_user'
[   76.598443][ T5350] syz.4.699[5350] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   76.598513][ T5350] syz.4.699[5350] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   76.641690][ T5350] loop4: detected capacity change from 0 to 764
[   76.647342][ T5358] loop1: detected capacity change from 0 to 256
[   76.667408][ T5350] iso9660: Unknown parameter ''
[   76.688192][ T5358] FAT-fs (loop1): Directory bread(block 64) failed
[   76.694868][ T5358] FAT-fs (loop1): Directory bread(block 65) failed
[   76.716551][ T5358] FAT-fs (loop1): Directory bread(block 66) failed
[   76.723122][ T5358] FAT-fs (loop1): Directory bread(block 67) failed
[   76.753489][ T5358] FAT-fs (loop1): Directory bread(block 68) failed
[   76.776627][ T5358] FAT-fs (loop1): Directory bread(block 69) failed
[   76.803585][ T5358] FAT-fs (loop1): Directory bread(block 70) failed
[   76.816556][ T5358] FAT-fs (loop1): Directory bread(block 71) failed
[   76.822980][ T5369] loop2: detected capacity change from 0 to 512
[   76.831268][ T5358] FAT-fs (loop1): Directory bread(block 72) failed
[   76.838177][ T5358] FAT-fs (loop1): Directory bread(block 73) failed
[   76.925419][ T5369] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.711: casefold flag without casefold feature
[   76.946307][ T5369] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.711: couldn't read orphan inode 15 (err -117)
[   76.958625][ T5369] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.150139][ T4716] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.205634][ T5358] +}[@: attempt to access beyond end of device
[   77.205634][ T5358] loop1: rw=2049, sector=1224, nr_sectors = 608 limit=256
[   77.250856][ T5358] +}[@: attempt to access beyond end of device
[   77.250856][ T5358] loop1: rw=2049, sector=1864, nr_sectors = 1444 limit=256
[   77.453459][ T5392] syz.1.719[5392] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   77.453563][ T5392] syz.1.719[5392] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   77.475342][   T29] kauditd_printk_skb: 774 callbacks suppressed
[   77.475360][   T29] audit: type=1326 audit(1860653018.500:9053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5391 comm="syz.1.719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cc486def9 code=0x7ffc0000
[   77.482330][ T5392] loop1: detected capacity change from 0 to 764
[   77.486851][   T29] audit: type=1326 audit(1860653018.500:9054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5391 comm="syz.1.719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6cc486def9 code=0x7ffc0000
[   77.495237][ T5392] iso9660: Unknown parameter ''
[   77.594490][ T5404] loop1: detected capacity change from 0 to 1024
[   77.601542][   T29] audit: type=1326 audit(1860653018.500:9055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5391 comm="syz.1.719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cc486def9 code=0x7ffc0000
[   77.624957][   T29] audit: type=1326 audit(1860653018.500:9056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5391 comm="syz.1.719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6cc486def9 code=0x7ffc0000
[   77.648231][   T29] audit: type=1326 audit(1860653018.500:9057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5391 comm="syz.1.719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cc486def9 code=0x7ffc0000
[   77.671566][   T29] audit: type=1326 audit(1860653018.500:9058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5391 comm="syz.1.719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cc486def9 code=0x7ffc0000
[   77.694922][   T29] audit: type=1326 audit(1860653018.500:9059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5391 comm="syz.1.719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6cc486def9 code=0x7ffc0000
[   77.701930][ T5408] loop0: detected capacity change from 0 to 2048
[   77.718313][   T29] audit: type=1326 audit(1860653018.500:9060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5391 comm="syz.1.719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cc486def9 code=0x7ffc0000
[   77.725258][ T5408] ext4: Unknown parameter 'obj_user'
[   77.747937][   T29] audit: type=1326 audit(1860653018.500:9061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5391 comm="syz.1.719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cc486def9 code=0x7ffc0000
[   77.777045][   T29] audit: type=1326 audit(1860653018.510:9062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5391 comm="syz.1.719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6cc486def9 code=0x7ffc0000
[   77.850591][ T5404] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.031783][ T5415] loop4: detected capacity change from 0 to 256
[   78.126076][ T5415] FAT-fs (loop4): Directory bread(block 64) failed
[   78.236690][ T5415] FAT-fs (loop4): Directory bread(block 65) failed
[   78.243283][ T5415] FAT-fs (loop4): Directory bread(block 66) failed
[   78.263024][ T5415] FAT-fs (loop4): Directory bread(block 67) failed
[   78.270208][ T5415] FAT-fs (loop4): Directory bread(block 68) failed
[   78.286560][ T5415] FAT-fs (loop4): Directory bread(block 69) failed
[   78.296557][ T5415] FAT-fs (loop4): Directory bread(block 70) failed
[   78.303160][ T5415] FAT-fs (loop4): Directory bread(block 71) failed
[   78.310040][ T5415] FAT-fs (loop4): Directory bread(block 72) failed
[   78.317751][ T5415] FAT-fs (loop4): Directory bread(block 73) failed
[   78.377361][ T5421] loop2: detected capacity change from 0 to 2048
[   78.384282][ T5421] ext4: Unknown parameter 'obj_user'
[   78.467007][ T3935] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.518855][ T5412] +}[@: attempt to access beyond end of device
[   78.518855][ T5412] loop4: rw=2049, sector=1224, nr_sectors = 608 limit=256
[   78.558138][ T5412] +}[@: attempt to access beyond end of device
[   78.558138][ T5412] loop4: rw=2049, sector=1864, nr_sectors = 1444 limit=256
[   78.649021][ T5441] loop1: detected capacity change from 0 to 512
[   78.662798][ T5441] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.739: casefold flag without casefold feature
[   78.675750][ T5441] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.739: couldn't read orphan inode 15 (err -117)
[   78.690648][ T5441] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.769525][ T5450] syz.4.741[5450] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   78.769626][ T5450] syz.4.741[5450] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   79.037895][ T3935] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.120224][ T5459] loop4: detected capacity change from 0 to 512
[   79.128501][ T5459] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.744: casefold flag without casefold feature
[   79.143907][ T5459] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.744: couldn't read orphan inode 15 (err -117)
[   79.156418][ T5459] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.215694][ T5462] loop1: detected capacity change from 0 to 512
[   79.229425][ T5462] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.754: casefold flag without casefold feature
[   79.253434][ T5462] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.754: couldn't read orphan inode 15 (err -117)
[   79.265978][ T5462] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.361858][ T3935] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.374186][ T3258] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.390642][ T5470] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.397890][ T5470] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.405771][ T5470] bridge0: left promiscuous mode
[   79.443537][ T5477] loop1: detected capacity change from 0 to 512
[   79.453673][ T5477] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.748: casefold flag without casefold feature
[   79.479622][ T5477] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.748: couldn't read orphan inode 15 (err -117)
[   79.755082][ T5477] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.769854][ T5488] loop3: detected capacity change from 0 to 256
[   79.780596][ T5488] vfat: Bad value for 'time_offset'
[   79.791968][ T5488] FAULT_INJECTION: forcing a failure.
[   79.791968][ T5488] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   79.805127][ T5488] CPU: 1 UID: 0 PID: 5488 Comm: syz.3.753 Not tainted 6.11.0-rc7-syzkaller-00151-gd42f7708e27c #0
[   79.815813][ T5488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   79.825886][ T5488] Call Trace:
[   79.829174][ T5488]  <TASK>
[   79.832122][ T5488]  dump_stack_lvl+0xf2/0x150
[   79.836813][ T5488]  dump_stack+0x15/0x20
[   79.840974][ T5488]  should_fail_ex+0x229/0x230
[   79.845663][ T5488]  should_fail+0xb/0x10
[   79.849838][ T5488]  should_fail_usercopy+0x1a/0x20
[   79.854874][ T5488]  _copy_from_user+0x1e/0xd0
[   79.859476][ T5488]  memdup_user+0x64/0xc0
[   79.863748][ T5488]  strndup_user+0x68/0xa0
[   79.868099][ T5488]  __se_sys_mount+0x4e/0x2d0
[   79.872704][ T5488]  ? __schedule+0x5fa/0x950
[   79.877306][ T5488]  __x64_sys_mount+0x67/0x80
[   79.882011][ T5488]  x64_sys_call+0x203e/0x2d60
[   79.886696][ T5488]  do_syscall_64+0xc9/0x1c0
[   79.891210][ T5488]  ? clear_bhb_loop+0x55/0xb0
[   79.895929][ T5488]  ? clear_bhb_loop+0x55/0xb0
[   79.900628][ T5488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.906588][ T5488] RIP: 0033:0x7f85719bdef9
[   79.911051][ T5488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.930728][ T5488] RSP: 002b:00007f8570637038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   79.939229][ T5488] RAX: ffffffffffffffda RBX: 00007f8571b75f80 RCX: 00007f85719bdef9
[   79.947231][ T5488] RDX: 000000002015bffc RSI: 0000000020000240 RDI: 0000000000000000
[   79.955205][ T5488] RBP: 00007f8570637090 R08: 0000000020000000 R09: 0000000000000000
[   79.963338][ T5488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   79.971316][ T5488] R13: 0000000000000000 R14: 00007f8571b75f80 R15: 00007ffdcb4375c8
[   79.979305][ T5488]  </TASK>
[   80.025682][ T5489] xt_CT: You must specify a L4 protocol and not use inversions on it
[   80.096526][ T5502] loop4: detected capacity change from 0 to 2048
[   80.130033][ T5502] ext4: Unknown parameter 'obj_user'
[   80.162855][ T3935] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.174060][ T5505] syz.0.761[5505] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   80.174191][ T5505] syz.0.761[5505] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   80.198300][ T5508] loop1: detected capacity change from 0 to 512
[   80.430480][ T5508] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.760: casefold flag without casefold feature
[   80.470137][ T5505] loop0: detected capacity change from 0 to 764
[   80.525744][ T5508] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.760: couldn't read orphan inode 15 (err -117)
[   80.542679][ T5515] netlink: 24 bytes leftover after parsing attributes in process `syz.2.763'.
[   80.557865][ T5505] iso9660: Unknown parameter ''
[   80.571937][ T5508] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.670876][ T3935] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.673714][ T5524] netlink: 24 bytes leftover after parsing attributes in process `syz.0.766'.
[   80.680668][ T5522] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   80.699091][ T5524] FAULT_INJECTION: forcing a failure.
[   80.699091][ T5524] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   80.699139][ T5522] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   80.712258][ T5524] CPU: 0 UID: 0 PID: 5524 Comm: syz.0.766 Not tainted 6.11.0-rc7-syzkaller-00151-gd42f7708e27c #0
[   80.730472][ T5524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   80.740544][ T5524] Call Trace:
[   80.743928][ T5524]  <TASK>
[   80.746933][ T5524]  dump_stack_lvl+0xf2/0x150
[   80.751574][ T5524]  dump_stack+0x15/0x20
[   80.755835][ T5524]  should_fail_ex+0x229/0x230
[   80.760658][ T5524]  should_fail+0xb/0x10
[   80.764912][ T5524]  should_fail_usercopy+0x1a/0x20
[   80.770064][ T5524]  _copy_from_iter+0xd3/0xb00
[   80.774840][ T5524]  ? kmalloc_reserve+0x16e/0x190
[   80.779792][ T5524]  ? __build_skb_around+0x196/0x1f0
[   80.785003][ T5524]  ? __alloc_skb+0x21f/0x310
[   80.789612][ T5524]  ? __virt_addr_valid+0x1ed/0x250
[   80.794797][ T5524]  ? __check_object_size+0x35b/0x510
[   80.800101][ T5524]  netlink_sendmsg+0x460/0x6e0
[   80.804920][ T5524]  ? __pfx_netlink_sendmsg+0x10/0x10
[   80.810345][ T5524]  __sock_sendmsg+0x140/0x180
[   80.815157][ T5524]  ____sys_sendmsg+0x312/0x410
[   80.820036][ T5524]  __sys_sendmsg+0x1e9/0x280
[   80.824714][ T5524]  __x64_sys_sendmsg+0x46/0x50
[   80.829491][ T5524]  x64_sys_call+0x2689/0x2d60
[   80.834300][ T5524]  do_syscall_64+0xc9/0x1c0
[   80.838827][ T5524]  ? clear_bhb_loop+0x55/0xb0
[   80.843506][ T5524]  ? clear_bhb_loop+0x55/0xb0
[   80.848247][ T5524]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.854168][ T5524] RIP: 0033:0x7fc41d0edef9
[   80.858588][ T5524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.878268][ T5524] RSP: 002b:00007fc41bd67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   80.886684][ T5524] RAX: ffffffffffffffda RBX: 00007fc41d2a5f80 RCX: 00007fc41d0edef9
[   80.894727][ T5524] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[   80.902712][ T5524] RBP: 00007fc41bd67090 R08: 0000000000000000 R09: 0000000000000000
[   80.910708][ T5524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.918750][ T5524] R13: 0000000000000000 R14: 00007fc41d2a5f80 R15: 00007ffdfdc45938
[   80.926895][ T5524]  </TASK>
[   80.936728][ T5522] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   80.986068][ T5522] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   80.997747][ T5522] FAULT_INJECTION: forcing a failure.
[   80.997747][ T5522] name failslab, interval 1, probability 0, space 0, times 0
[   81.010455][ T5522] CPU: 1 UID: 0 PID: 5522 Comm: syz.2.765 Not tainted 6.11.0-rc7-syzkaller-00151-gd42f7708e27c #0
[   81.021131][ T5522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   81.031354][ T5522] Call Trace:
[   81.034707][ T5522]  <TASK>
[   81.037656][ T5522]  dump_stack_lvl+0xf2/0x150
[   81.042255][ T5522]  dump_stack+0x15/0x20
[   81.046423][ T5522]  should_fail_ex+0x229/0x230
[   81.051207][ T5522]  ? bpf_test_init+0xc7/0x170
[   81.055892][ T5522]  should_failslab+0x8f/0xb0
[   81.060498][ T5522]  __kmalloc_noprof+0xa5/0x370
[   81.065278][ T5522]  ? _parse_integer+0x27/0x30
[   81.070077][ T5522]  bpf_test_init+0xc7/0x170
[   81.074585][ T5522]  bpf_prog_test_run_skb+0x151/0xba0
[   81.079896][ T5522]  ? __rcu_read_unlock+0x4e/0x70
[   81.084888][ T5522]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[   81.090716][ T5522]  bpf_prog_test_run+0x26d/0x3e0
[   81.095660][ T5522]  __sys_bpf+0x400/0x7a0
[   81.099916][ T5522]  __x64_sys_bpf+0x43/0x50
[   81.104355][ T5522]  x64_sys_call+0x2625/0x2d60
[   81.109045][ T5522]  do_syscall_64+0xc9/0x1c0
[   81.113563][ T5522]  ? clear_bhb_loop+0x55/0xb0
[   81.118295][ T5522]  ? clear_bhb_loop+0x55/0xb0
[   81.122989][ T5522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.128939][ T5522] RIP: 0033:0x7f3ac9dfdef9
[   81.133421][ T5522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.153078][ T5522] RSP: 002b:00007f3ac8a77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   81.161493][ T5522] RAX: ffffffffffffffda RBX: 00007f3ac9fb5f80 RCX: 00007f3ac9dfdef9
[   81.169553][ T5522] RDX: 0000000000000048 RSI: 0000000020000080 RDI: 000000000000000a
[   81.177528][ T5522] RBP: 00007f3ac8a77090 R08: 0000000000000000 R09: 0000000000000000
[   81.185568][ T5522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.193543][ T5522] R13: 0000000000000000 R14: 00007f3ac9fb5f80 R15: 00007ffeb086b058
[   81.201570][ T5522]  </TASK>
[   81.271331][ T5539] loop4: detected capacity change from 0 to 2048
[   81.289687][ T5539] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.335091][ T5546] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.341339][ T3258] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   81.342348][ T5546] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.343710][ T5546] bridge0: left promiscuous mode
[   81.382062][ T3258] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.420910][ T5555] loop4: detected capacity change from 0 to 512
[   81.429740][ T5555] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.777: casefold flag without casefold feature
[   81.442672][ T5548] netlink: 12 bytes leftover after parsing attributes in process `syz.1.776'.
[   81.444343][ T5555] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.777: couldn't read orphan inode 15 (err -117)
[   81.465485][ T5555] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.540882][ T3258] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.598089][ T5561] netlink: 'syz.4.780': attribute type 4 has an invalid length.
[   81.607725][ T5561] netlink: 'syz.4.780': attribute type 4 has an invalid length.
[   81.619783][ T5561] netlink: 'syz.4.780': attribute type 21 has an invalid length.
[   81.627883][ T5561] netlink: 132 bytes leftover after parsing attributes in process `syz.4.780'.
[   81.811794][ T5564] loop1: detected capacity change from 0 to 2048
[   81.832595][ T5564] ext4: Unknown parameter 'obj_user'
[   82.008040][ T5573] loop2: detected capacity change from 0 to 512
[   82.052363][ T5573] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.106708][ T5573] ext4 filesystem being mounted at /66/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.147692][ T5573] Process accounting resumed
[   82.153629][ T5573] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[   82.156740][ T5583] loop4: detected capacity change from 0 to 512
[   82.183422][ T4716] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.188269][ T5583] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.205710][ T5583] ext4 filesystem being mounted at /176/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.223385][ T5583] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #2: comm syz.4.787: corrupted inode contents
[   82.235758][ T5583] EXT4-fs (loop4): Remounting filesystem read-only
[   82.240050][ T5592] loop0: detected capacity change from 0 to 512
[   82.244387][ T5583] netlink: 256 bytes leftover after parsing attributes in process `syz.4.787'.
[   82.250762][ T5592] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.791: casefold flag without casefold feature
[   82.270951][ T5592] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.791: couldn't read orphan inode 15 (err -117)
[   82.283494][ T5592] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.307895][ T3258] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.329670][ T5597] netlink: 'syz.2.792': attribute type 21 has an invalid length.
[   82.338557][ T5597] netlink: 132 bytes leftover after parsing attributes in process `syz.2.792'.
[   82.350144][ T5597] FAULT_INJECTION: forcing a failure.
[   82.350144][ T5597] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   82.363364][ T5597] CPU: 0 UID: 0 PID: 5597 Comm: syz.2.792 Not tainted 6.11.0-rc7-syzkaller-00151-gd42f7708e27c #0
[   82.374096][ T5597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   82.384261][ T5597] Call Trace:
[   82.387650][ T5597]  <TASK>
[   82.390675][ T5597]  dump_stack_lvl+0xf2/0x150
[   82.395295][ T5597]  dump_stack+0x15/0x20
[   82.399512][ T5597]  should_fail_ex+0x229/0x230
[   82.404212][ T5597]  should_fail+0xb/0x10
[   82.408383][ T5597]  should_fail_usercopy+0x1a/0x20
[   82.413420][ T5597]  _copy_to_user+0x1e/0xa0
[   82.417846][ T5597]  simple_read_from_buffer+0xa0/0x110
[   82.423243][ T5597]  proc_fail_nth_read+0xff/0x140
[   82.428190][ T5597]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   82.433740][ T5597]  vfs_read+0x1a2/0x6e0
[   82.437905][ T5597]  ? __rcu_read_unlock+0x4e/0x70
[   82.442989][ T5597]  ? __fget_files+0x1da/0x210
[   82.447717][ T5597]  ksys_read+0xeb/0x1b0
[   82.451887][ T5597]  __x64_sys_read+0x42/0x50
[   82.456401][ T5597]  x64_sys_call+0x27d3/0x2d60
[   82.461149][ T5597]  do_syscall_64+0xc9/0x1c0
[   82.465661][ T5597]  ? clear_bhb_loop+0x55/0xb0
[   82.470347][ T5597]  ? clear_bhb_loop+0x55/0xb0
[   82.475117][ T5597]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.481034][ T5597] RIP: 0033:0x7f3ac9dfc93c
[   82.485453][ T5597] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[   82.505136][ T5597] RSP: 002b:00007f3ac8a77030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   82.513571][ T5597] RAX: ffffffffffffffda RBX: 00007f3ac9fb5f80 RCX: 00007f3ac9dfc93c
[   82.521550][ T5597] RDX: 000000000000000f RSI: 00007f3ac8a770a0 RDI: 0000000000000007
[   82.529613][ T5597] RBP: 00007f3ac8a77090 R08: 0000000000000000 R09: 0000000000000000
[   82.537591][ T5597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   82.545565][ T5597] R13: 0000000000000000 R14: 00007f3ac9fb5f80 R15: 00007ffeb086b058
[   82.553550][ T5597]  </TASK>
[   82.563959][   T29] kauditd_printk_skb: 360 callbacks suppressed
[   82.563974][   T29] audit: type=1326 audit(1860653023.590:9422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5605 comm="syz.4.794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   82.569911][ T5608] loop3: detected capacity change from 0 to 128
[   82.570319][   T29] audit: type=1326 audit(1860653023.590:9423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5603 comm="syz.4.794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0166859869 code=0x7ffc0000
[   82.624007][   T29] audit: type=1326 audit(1860653023.590:9424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5603 comm="syz.4.794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   82.648019][   T29] audit: type=1326 audit(1860653023.590:9425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5603 comm="syz.4.794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   82.705346][ T3259] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.768784][ T5624] loop0: detected capacity change from 0 to 128
[   82.784584][   T29] audit: type=1400 audit(1860653023.810:9426): avc:  denied  { create } for  pid=5625 comm="syz.3.803" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   82.806406][ T5624] FAULT_INJECTION: forcing a failure.
[   82.806406][ T5624] name failslab, interval 1, probability 0, space 0, times 0
[   82.808148][   T29] audit: type=1400 audit(1860653023.840:9427): avc:  denied  { connect } for  pid=5625 comm="syz.3.803" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   82.819162][ T5624] CPU: 1 UID: 0 PID: 5624 Comm: syz.0.802 Not tainted 6.11.0-rc7-syzkaller-00151-gd42f7708e27c #0
[   82.838715][   T29] audit: type=1400 audit(1860653023.840:9428): avc:  denied  { ioctl } for  pid=5625 comm="syz.3.803" path="socket:[13098]" dev="sockfs" ino=13098 ioctlcmd=0x89ed scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   82.849392][ T5624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   82.849409][ T5624] Call Trace:
[   82.849419][ T5624]  <TASK>
[   82.849428][ T5624]  dump_stack_lvl+0xf2/0x150
[   82.895292][ T5624]  dump_stack+0x15/0x20
[   82.899499][ T5624]  should_fail_ex+0x229/0x230
[   82.904189][ T5624]  ? io_submit_one+0xb7/0x1240
[   82.909042][ T5624]  should_failslab+0x8f/0xb0
[   82.913655][ T5624]  kmem_cache_alloc_noprof+0x4c/0x290
[   82.919056][ T5624]  io_submit_one+0xb7/0x1240
[   82.923663][ T5624]  ? __rcu_read_unlock+0x4e/0x70
[   82.928661][ T5624]  __se_sys_io_submit+0xf5/0x280
[   82.933609][ T5624]  __x64_sys_io_submit+0x43/0x50
[   82.938561][ T5624]  x64_sys_call+0x1ebc/0x2d60
[   82.943249][ T5624]  do_syscall_64+0xc9/0x1c0
[   82.947846][ T5624]  ? clear_bhb_loop+0x55/0xb0
[   82.952540][ T5624]  ? clear_bhb_loop+0x55/0xb0
[   82.957231][ T5624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.963266][ T5624] RIP: 0033:0x7fc41d0edef9
[   82.967821][ T5624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.987474][ T5624] RSP: 002b:00007fc41bd67038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[   82.995894][ T5624] RAX: ffffffffffffffda RBX: 00007fc41d2a5f80 RCX: 00007fc41d0edef9
[   83.003872][ T5624] RDX: 0000000020000040 RSI: 0000000000000001 RDI: 00007fc41d27f000
[   83.011860][ T5624] RBP: 00007fc41bd67090 R08: 0000000000000000 R09: 0000000000000000
[   83.019833][ T5624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.027867][ T5624] R13: 0000000000000000 R14: 00007fc41d2a5f80 R15: 00007ffdfdc45938
[   83.035851][ T5624]  </TASK>
[   83.091435][ T5629] netlink: 'syz.3.804': attribute type 4 has an invalid length.
[   83.099254][ T5629] netlink: 164 bytes leftover after parsing attributes in process `syz.3.804'.
[   83.167068][ T5642] loop1: detected capacity change from 0 to 512
[   83.189904][ T5645] loop3: detected capacity change from 0 to 512
[   83.207024][ T5642] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.220109][ T5649] loop4: detected capacity change from 0 to 2048
[   83.220931][   T29] audit: type=1326 audit(1860653024.230:9429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5646 comm="syz.4.810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   83.235056][ T5649] ext4: Unknown parameter 'obj_user'
[   83.250049][   T29] audit: type=1326 audit(1860653024.230:9430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5646 comm="syz.4.810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   83.278808][   T29] audit: type=1326 audit(1860653024.240:9431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5646 comm="syz.4.810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7f01668bdef9 code=0x7ffc0000
[   83.287180][ T5642] ext4 filesystem being mounted at /91/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.442254][ T5645] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.808: casefold flag without casefold feature
[   83.460961][ T5645] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.808: couldn't read orphan inode 15 (err -117)
[   83.569010][ T5645] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.698672][ T5642] sctp: [Deprecated]: syz.1.807 (pid 5642) Use of int in max_burst socket option deprecated.
[   83.698672][ T5642] Use struct sctp_assoc_value instead
[   83.731931][ T3263] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.765979][ T5642] Process accounting resumed
[   83.771609][ T5669] xt_SECMARK: invalid security context 'unconfined'
[   83.781178][ T5669] netlink: 24 bytes leftover after parsing attributes in process `syz.0.816'.
[   83.791513][ T5642] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[   83.832279][ T3935] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.844296][ T5673] SELinux:  Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[   83.845697][ T5673] netlink: 4 bytes leftover after parsing attributes in process `syz.3.819'.
[   83.942285][ T5675] syz.0.820[5675] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   83.946861][ T5675] syz.0.820[5675] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   84.059216][ T5692] loop0: detected capacity change from 0 to 512
[   84.128438][ T5700] tap0: tun_chr_ioctl cmd 1074025677
[   84.134035][ T5700] tap0: linktype set to 804
[   84.148945][ T5692] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.825: casefold flag without casefold feature
[   84.171741][ T5692] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.825: couldn't read orphan inode 15 (err -117)
[   84.186163][ T5703] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.193534][ T5703] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.203918][ T5703] bridge0: entered allmulticast mode
[   84.222984][ T5692] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.273794][ T5704] loop2: detected capacity change from 0 to 128
[   84.365496][ T3259] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.579978][ T5714] loop3: detected capacity change from 0 to 256
[   84.893839][ T5714] FAT-fs (loop3): Directory bread(block 64) failed
[   84.912436][ T5714] FAT-fs (loop3): Directory bread(block 65) failed
[   84.926415][ T5714] FAT-fs (loop3): Directory bread(block 66) failed
[   85.194129][ T5714] FAT-fs (loop3): Directory bread(block 67) failed
[   85.215966][ T5721] loop2: detected capacity change from 0 to 2048
[   85.236571][ T5714] FAT-fs (loop3): Directory bread(block 68) failed
[   85.244564][ T5721] EXT4-fs: Ignoring removed orlov option
[   85.244637][ T5729] netlink: 40 bytes leftover after parsing attributes in process `syz.0.839'.
[   85.259318][ T5714] FAT-fs (loop3): Directory bread(block 69) failed
[   85.265873][ T5714] FAT-fs (loop3): Directory bread(block 70) failed
[   85.274252][ T5714] FAT-fs (loop3): Directory bread(block 71) failed
[   85.287491][ T5714] FAT-fs (loop3): Directory bread(block 72) failed
[   85.299533][ T5714] FAT-fs (loop3): Directory bread(block 73) failed
[   85.335710][ T5738] loop4: detected capacity change from 0 to 2048
[   85.345683][ T5738] ext4: Unknown parameter 'obj_user'
[   85.348892][ T5740] loop1: detected capacity change from 0 to 512
[   85.374261][   T36] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   85.391245][ T5740] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.843: casefold flag without casefold feature
[   85.432282][   T36] EXT4-fs (loop2): Remounting filesystem read-only
[   85.470017][ T5740] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.843: couldn't read orphan inode 15 (err -117)
[   85.509198][ T5714] +}[@: attempt to access beyond end of device
[   85.509198][ T5714] loop3: rw=2049, sector=1224, nr_sectors = 608 limit=256
[   85.540967][ T5714] +}[@: attempt to access beyond end of device
[   85.540967][ T5714] loop3: rw=2049, sector=1864, nr_sectors = 1444 limit=256
[   85.544790][ T5745] loop0: detected capacity change from 0 to 512
[   85.562124][ T5745] EXT4-fs: Ignoring removed i_version option
[   85.568454][ T5745] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   85.585581][ T5745] EXT4-fs (loop0): 1 truncate cleaned up
[   85.721983][ T5762] netlink: 40 bytes leftover after parsing attributes in process `syz.1.852'.
[   86.326348][ T5769] loop3: detected capacity change from 0 to 1024
[   86.387140][ T5769] EXT4-fs: Ignoring removed orlov option
[   86.392868][ T5769] EXT4-fs: Ignoring removed nomblk_io_submit option
[   86.502112][ T5777] loop4: detected capacity change from 0 to 2048
[   86.512197][ T5777] EXT4-fs: Ignoring removed orlov option
[   86.517860][ T5779] loop0: detected capacity change from 0 to 512
[   86.528475][ T5779] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.859: casefold flag without casefold feature
[   86.541374][ T5779] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.859: couldn't read orphan inode 15 (err -117)
[   86.634396][   T28] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   86.659918][   T28] EXT4-fs (loop4): Remounting filesystem read-only
[   86.698522][ T5801] loop3: detected capacity change from 0 to 2048
[   86.715499][ T5808] netlink: 40 bytes leftover after parsing attributes in process `syz.0.866'.
[   86.716935][ T5805] loop4: detected capacity change from 0 to 256
[   86.726198][ T5801] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   86.735443][ T5804] loop1: detected capacity change from 0 to 2048
[   86.752945][ T5804] ext4: Unknown parameter 'obj_user'
[   86.758517][ T5805] FAT-fs (loop4): Directory bread(block 64) failed
[   86.768248][ T5805] FAT-fs (loop4): Directory bread(block 65) failed
[   86.775150][ T5805] FAT-fs (loop4): Directory bread(block 66) failed
[   86.781721][ T5805] FAT-fs (loop4): Directory bread(block 67) failed
[   86.788520][ T5805] FAT-fs (loop4): Directory bread(block 68) failed
[   86.795095][ T5805] FAT-fs (loop4): Directory bread(block 69) failed
[   86.802417][ T5805] FAT-fs (loop4): Directory bread(block 70) failed
[   86.809166][ T5805] FAT-fs (loop4): Directory bread(block 71) failed
[   86.820385][ T5812] loop0: detected capacity change from 0 to 512
[   86.826607][ T5805] FAT-fs (loop4): Directory bread(block 72) failed
[   86.826719][ T5805] FAT-fs (loop4): Directory bread(block 73) failed
[   86.843757][ T5812] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   86.936450][ T5805] +}[@: attempt to access beyond end of device
[   86.936450][ T5805] loop4: rw=2049, sector=1224, nr_sectors = 608 limit=256
[   86.952980][ T5805] +}[@: attempt to access beyond end of device
[   86.952980][ T5805] loop4: rw=2049, sector=1864, nr_sectors = 1444 limit=256
[   86.966095][ T5812] EXT4-fs (loop0): 1 truncate cleaned up
[   87.134495][ T5825] netlink: 'syz.4.873': attribute type 10 has an invalid length.
[   87.142295][ T5825] bridge0: left allmulticast mode
[   87.149135][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.156262][ T5825] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.163750][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.170845][ T5825] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.181640][ T5825] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   87.192302][ T5832] FAULT_INJECTION: forcing a failure.
[   87.192302][ T5832] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   87.205500][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: syz.0.876 Not tainted 6.11.0-rc7-syzkaller-00151-gd42f7708e27c #0
[   87.216141][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   87.226206][ T5832] Call Trace:
[   87.229508][ T5832]  <TASK>
[   87.232469][ T5832]  dump_stack_lvl+0xf2/0x150
[   87.232508][ T5832]  dump_stack+0x15/0x20
[   87.232532][ T5832]  should_fail_ex+0x229/0x230
[   87.232589][ T5832]  should_fail+0xb/0x10
[   87.232615][ T5832]  should_fail_usercopy+0x1a/0x20
[   87.232649][ T5832]  _copy_from_user+0x1e/0xd0
[   87.232745][ T5832]  kstrtouint_from_user+0x76/0xe0
[   87.232783][ T5832]  proc_fail_nth_write+0x4f/0x160
[   87.232808][ T5832]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   87.232836][ T5832]  vfs_write+0x28b/0x900
[   87.232895][ T5832]  ? __fget_files+0x1da/0x210
[   87.232930][ T5832]  ksys_write+0xeb/0x1b0
[   87.233011][ T5832]  __x64_sys_write+0x42/0x50
[   87.233041][ T5832]  x64_sys_call+0x27dd/0x2d60
[   87.233076][ T5832]  do_syscall_64+0xc9/0x1c0
[   87.233164][ T5832]  ? clear_bhb_loop+0x55/0xb0
[   87.233228][ T5832]  ? clear_bhb_loop+0x55/0xb0
[   87.233253][ T5832]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.233295][ T5832] RIP: 0033:0x7fc41d0ec9df
[   87.233311][ T5832] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[   87.233336][ T5832] RSP: 002b:00007fc41bd67030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   87.233386][ T5832] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc41d0ec9df
[   87.233403][ T5832] RDX: 0000000000000001 RSI: 00007fc41bd670a0 RDI: 0000000000000006
[   87.233419][ T5832] RBP: 00007fc41bd67090 R08: 0000000000000000 R09: 0000000000000000
[   87.233435][ T5832] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[   87.233456][ T5832] R13: 0000000000000000 R14: 00007fc41d2a5f80 R15: 00007ffdfdc45938
[   87.233482][ T5832]  </TASK>
[   87.234334][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.234404][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.242917][ T5830] bond0: (slave bridge0): Releasing backup interface
[   87.252938][ T5834] loop0: detected capacity change from 0 to 512
[   87.442736][ T5834] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.877: casefold flag without casefold feature
[   87.455680][ T5834] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.877: couldn't read orphan inode 15 (err -117)
[   87.514407][ T5843] netlink: 20 bytes leftover after parsing attributes in process `syz.4.881'.
[   87.548616][ T5845] loop4: detected capacity change from 0 to 256
[   87.565769][ T5845] FAT-fs (loop4): Directory bread(block 64) failed
[   87.575671][ T5845] FAT-fs (loop4): Directory bread(block 65) failed
[   87.597765][   T29] kauditd_printk_skb: 257 callbacks suppressed
[   87.597782][   T29] audit: type=1400 audit(1860653028.620:9689): avc:  denied  { execute } for  pid=5846 comm="syz.3.882" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=14675 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[   87.637201][ T5845] FAT-fs (loop4): Directory bread(block 66) failed
[   87.649412][ T5845] FAT-fs (loop4): Directory bread(block 67) failed
[   87.666215][ T5845] FAT-fs (loop4): Directory bread(block 68) failed
[   87.736665][ T5845] FAT-fs (loop4): Directory bread(block 69) failed
[   87.747214][ T5845] FAT-fs (loop4): Directory bread(block 70) failed
[   87.753843][ T5845] FAT-fs (loop4): Directory bread(block 71) failed
[   87.767495][   T29] audit: type=1400 audit(1860653028.800:9690): avc:  denied  { write } for  pid=5862 comm="syz.1.892" path="socket:[13845]" dev="sockfs" ino=13845 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   87.771207][ T5864] syzkaller0: entered allmulticast mode
[   87.794892][ T5861] loop3: detected capacity change from 0 to 128
[   87.798006][ T5845] FAT-fs (loop4): Directory bread(block 72) failed
[   87.811067][ T5845] FAT-fs (loop4): Directory bread(block 73) failed
[   87.847722][   T29] audit: type=1400 audit(1860653028.870:9691): avc:  denied  { ioctl } for  pid=5867 comm="syz.0.893" path="/dev/ppp" dev="devtmpfs" ino=116 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   87.899607][ T5864] syzkaller0 (unregistering): left allmulticast mode
[   87.966853][ T5845] syz.4.883: attempt to access beyond end of device
[   87.966853][ T5845] loop4: rw=2049, sector=1224, nr_sectors = 608 limit=256
[   87.983320][ T5845] syz.4.883: attempt to access beyond end of device
[   87.983320][ T5845] loop4: rw=2049, sector=1864, nr_sectors = 1444 limit=256
[   88.135290][ T5874] netlink: 20 bytes leftover after parsing attributes in process `syz.4.894'.
[   88.158689][ T5876] loop0: detected capacity change from 0 to 512
[   88.253611][ T5876] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.895: casefold flag without casefold feature
[   88.384814][ T5886] loop4: detected capacity change from 0 to 512
[   88.393601][ T5886] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.899: casefold flag without casefold feature
[   88.407601][ T5886] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.899: couldn't read orphan inode 15 (err -117)
[   88.442641][ T5876] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.895: couldn't read orphan inode 15 (err -117)
[   88.938653][ T5908] netlink: 20 bytes leftover after parsing attributes in process `syz.2.908'.
[   88.989772][ T5906] FAULT_INJECTION: forcing a failure.
[   88.989772][ T5906] name failslab, interval 1, probability 0, space 0, times 0
[   89.002533][ T5906] CPU: 0 UID: 0 PID: 5906 Comm: syz.3.907 Not tainted 6.11.0-rc7-syzkaller-00151-gd42f7708e27c #0
[   89.012675][ T5915] loop2: detected capacity change from 0 to 512
[   89.013214][ T5906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   89.029593][ T5906] Call Trace:
[   89.032909][ T5906]  <TASK>
[   89.035857][ T5906]  dump_stack_lvl+0xf2/0x150
[   89.040542][ T5906]  dump_stack+0x15/0x20
[   89.044727][ T5906]  should_fail_ex+0x229/0x230
[   89.049445][ T5906]  ? rds_cong_from_addr+0x34/0x2a0
[   89.054586][ T5906]  should_failslab+0x8f/0xb0
[   89.059235][ T5906]  __kmalloc_cache_noprof+0x4b/0x2a0
[   89.064620][ T5906]  rds_cong_from_addr+0x34/0x2a0
[   89.069648][ T5906]  rds_cong_get_maps+0x36/0x70
[   89.074501][ T5906]  __rds_conn_create+0x53a/0xfb0
[   89.079455][ T5906]  rds_conn_create_outgoing+0x43/0x60
[   89.085275][ T5906]  rds_sendmsg+0xba7/0x1400
[   89.089806][ T5906]  ? __pfx_rds_sendmsg+0x10/0x10
[   89.094849][ T5906]  __sock_sendmsg+0x140/0x180
[   89.099597][ T5906]  ____sys_sendmsg+0x312/0x410
[   89.104466][ T5906]  __sys_sendmsg+0x1e9/0x280
[   89.109114][ T5906]  __x64_sys_sendmsg+0x46/0x50
[   89.113958][ T5906]  x64_sys_call+0x2689/0x2d60
[   89.118676][ T5906]  do_syscall_64+0xc9/0x1c0
[   89.123227][ T5906]  ? clear_bhb_loop+0x55/0xb0
[   89.127918][ T5906]  ? clear_bhb_loop+0x55/0xb0
[   89.132768][ T5906]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.138681][ T5906] RIP: 0033:0x7f85719bdef9
[   89.143104][ T5906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.162891][ T5906] RSP: 002b:00007f8570637038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   89.171417][ T5906] RAX: ffffffffffffffda RBX: 00007f8571b75f80 RCX: 00007f85719bdef9
[   89.179394][ T5906] RDX: 0000000000000000 RSI: 0000000020002180 RDI: 0000000000000008
[   89.187390][ T5906] RBP: 00007f8570637090 R08: 0000000000000000 R09: 0000000000000000
[   89.195369][ T5906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   89.203348][ T5906] R13: 0000000000000000 R14: 00007f8571b75f80 R15: 00007ffdcb4375c8
[   89.211362][ T5906]  </TASK>
[   89.229125][ T5915] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.911: iget: bad extended attribute block 1
[   89.319879][   T29] audit: type=1400 audit(1860653030.320:9692): avc:  denied  { ioctl } for  pid=5919 comm="syz.1.912" path="socket:[13993]" dev="sockfs" ino=13993 ioctlcmd=0x6722 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   89.357898][ T5915] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.911: couldn't read orphan inode 15 (err -117)
[   89.375250][   T29] audit: type=1400 audit(1860653030.390:9693): avc:  denied  { unmount } for  pid=3935 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   89.395927][ T5922] loop4: detected capacity change from 0 to 512
[   89.407992][ T5922] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.913: casefold flag without casefold feature
[   89.426832][ T5922] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.913: couldn't read orphan inode 15 (err -117)
[   89.465790][ T5915] dccp_invalid_packet: P.type (CLOSE) not Data || [Data]Ack, while P.X == 0
[   89.492527][ T5937] loop1: detected capacity change from 0 to 2048
[   89.499359][ T5937] EXT4-fs: Ignoring removed orlov option
[   89.518408][ T5940] netlink: 8 bytes leftover after parsing attributes in process `syz.0.920'.
[   89.560710][   T28] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   89.572914][ T5948] loop0: detected capacity change from 0 to 256
[   89.591722][   T28] EXT4-fs (loop1): Remounting filesystem read-only
[   89.613131][ T5948] FAT-fs (loop0): Directory bread(block 64) failed
[   89.619915][ T5948] FAT-fs (loop0): Directory bread(block 65) failed
[   89.631657][ T5948] FAT-fs (loop0): Directory bread(block 66) failed
[   89.645124][ T5948] FAT-fs (loop0): Directory bread(block 67) failed
[   89.660826][ T5948] FAT-fs (loop0): Directory bread(block 68) failed
[   89.673124][ T5948] FAT-fs (loop0): Directory bread(block 69) failed
[   89.685325][ T5957] loop4: detected capacity change from 0 to 512
[   89.692985][ T5948] FAT-fs (loop0): Directory bread(block 70) failed
[   89.702567][ T5959] netlink: 8 bytes leftover after parsing attributes in process `syz.1.922'.
[   89.716757][   T29] audit: type=1326 audit(1860653030.740:9694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5955 comm="syz.1.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cc486def9 code=0x7ffc0000
[   89.723769][ T5948] FAT-fs (loop0): Directory bread(block 71) failed
[   89.740140][   T29] audit: type=1326 audit(1860653030.740:9695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5955 comm="syz.1.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7f6cc486def9 code=0x7ffc0000
[   89.766583][ T5948] FAT-fs (loop0): Directory bread(block 72) failed
[   89.769861][   T29] audit: type=1326 audit(1860653030.740:9696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5955 comm="syz.1.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cc486def9 code=0x7ffc0000
[   89.776360][ T5948] FAT-fs (loop0): Directory bread(block 73) failed
[   89.799647][   T29] audit: type=1326 audit(1860653030.740:9697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5955 comm="syz.1.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cc486def9 code=0x7ffc0000
[   89.872603][ T5957] ext4 filesystem being mounted at /204/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.898693][ T5957] EXT4-fs error (device loop4): ext4_find_dest_de:2067: inode #2: block 3: comm syz.4.927: bad entry in directory: rec_len is too small for name_len - offset=24, inode=11, rec_len=20, size=4096 fake=0
[   89.918404][   T29] audit: type=1400 audit(1860653030.930:9698): avc:  denied  { rename } for  pid=5956 comm="syz.4.927" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   89.977921][ T5974] loop1: detected capacity change from 0 to 512
[   89.998208][ T5976] loop2: detected capacity change from 0 to 2048
[   90.004961][ T5976] EXT4-fs: Ignoring removed orlov option
[   90.006392][ T5974] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.932: casefold flag without casefold feature
[   90.024146][ T5979] netlink: 8 bytes leftover after parsing attributes in process `syz.4.934'.
[   90.033233][ T5974] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.932: couldn't read orphan inode 15 (err -117)
[   90.056943][ T5948] syz.0.923: attempt to access beyond end of device
[   90.056943][ T5948] loop0: rw=2049, sector=1224, nr_sectors = 608 limit=256
[   90.072912][ T5982] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   90.074345][ T5948] syz.0.923: attempt to access beyond end of device
[   90.074345][ T5948] loop0: rw=2049, sector=1864, nr_sectors = 1444 limit=256
[   90.096111][ T5982] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   90.124764][   T36] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   90.143510][   T36] EXT4-fs (loop2): Remounting filesystem read-only
[   90.228505][ T5999] FAULT_INJECTION: forcing a failure.
[   90.228505][ T5999] name failslab, interval 1, probability 0, space 0, times 0
[   90.241356][ T5999] CPU: 0 UID: 0 PID: 5999 Comm: syz.1.941 Not tainted 6.11.0-rc7-syzkaller-00151-gd42f7708e27c #0
[   90.252101][ T5999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   90.262166][ T5999] Call Trace:
[   90.265447][ T5999]  <TASK>
[   90.268415][ T5999]  dump_stack_lvl+0xf2/0x150
[   90.273182][ T5999]  dump_stack+0x15/0x20
[   90.277365][ T5999]  should_fail_ex+0x229/0x230
[   90.282049][ T5999]  ? skb_clone+0x154/0x1f0
[   90.286546][ T5999]  should_failslab+0x8f/0xb0
[   90.291159][ T5999]  kmem_cache_alloc_noprof+0x4c/0x290
[   90.296554][ T5999]  skb_clone+0x154/0x1f0
[   90.300890][ T5999]  __netlink_deliver_tap+0x2bd/0x4c0
[   90.306194][ T5999]  netlink_unicast+0x64a/0x670
[   90.310967][ T5999]  netlink_sendmsg+0x5cc/0x6e0
[   90.315789][ T5999]  ? __pfx_netlink_sendmsg+0x10/0x10
[   90.321088][ T5999]  __sock_sendmsg+0x140/0x180
[   90.325876][ T5999]  sock_write_iter+0x164/0x1b0
[   90.330658][ T5999]  vfs_write+0x78f/0x900
[   90.334910][ T5999]  ? __pfx_sock_write_iter+0x10/0x10
[   90.340245][ T5999]  ksys_write+0xeb/0x1b0
[   90.344508][ T5999]  __x64_sys_write+0x42/0x50
[   90.349135][ T5999]  x64_sys_call+0x27dd/0x2d60
[   90.353827][ T5999]  do_syscall_64+0xc9/0x1c0
[   90.358410][ T5999]  ? clear_bhb_loop+0x55/0xb0
[   90.363107][ T5999]  ? clear_bhb_loop+0x55/0xb0
[   90.367787][ T5999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.373738][ T5999] RIP: 0033:0x7f6cc486def9
[   90.378303][ T5999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.397918][ T5999] RSP: 002b:00007f6cc34e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   90.406336][ T5999] RAX: ffffffffffffffda RBX: 00007f6cc4a25f80 RCX: 00007f6cc486def9
[   90.414380][ T5999] RDX: 000000000000fe33 RSI: 0000000020000000 RDI: 0000000000000003
[   90.422360][ T5999] RBP: 00007f6cc34e7090 R08: 0000000000000000 R09: 0000000000000000
[   90.430397][ T5999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   90.438386][ T5999] R13: 0000000000000000 R14: 00007f6cc4a25f80 R15: 00007fff6b122688
[   90.446382][ T5999]  </TASK>
[   90.456181][ T5999] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.941'.
[   90.512851][ T6004] ==================================================================
[   90.520990][ T6004] BUG: KCSAN: data-race in sg_common_write / sg_finish_rem_req
[   90.528580][ T6004] 
[   90.530924][ T6004] write to 0xffff88811308b31d of 1 bytes by task 35 on cpu 1:
[   90.534112][ T6008] netlink: 8 bytes leftover after parsing attributes in process `syz.3.945'.
[   90.538373][ T6004]  sg_finish_rem_req+0x117/0x270
[   90.538408][ T6004]  sg_rq_end_io_usercontext+0x36/0x1c0
[   90.538435][ T6004]  process_scheduled_works+0x483/0x9a0
[   90.538465][ T6004]  worker_thread+0x51d/0x6f0
[   90.567678][ T6004]  kthread+0x1d1/0x210
[   90.571749][ T6004]  ret_from_fork+0x4b/0x60
[   90.576186][ T6004]  ret_from_fork_asm+0x1a/0x30
[   90.581397][ T6004] 
[   90.583726][ T6004] read to 0xffff88811308b31d of 1 bytes by task 6004 on cpu 0:
[   90.591270][ T6004]  sg_common_write+0x659/0x8d0
[   90.596042][ T6004]  sg_new_write+0x82b/0x8e0
[   90.600550][ T6004]  sg_ioctl+0xe28/0x1870
[   90.604797][ T6004]  __se_sys_ioctl+0xd3/0x150
[   90.609445][ T6004]  __x64_sys_ioctl+0x43/0x50
[   90.614064][ T6004]  x64_sys_call+0x15cc/0x2d60
[   90.618763][ T6004]  do_syscall_64+0xc9/0x1c0
[   90.623313][ T6004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.629234][ T6004] 
[   90.631577][ T6004] value changed: 0x01 -> 0x00
[   90.636259][ T6004] 
[   90.638592][ T6004] Reported by Kernel Concurrency Sanitizer on:
[   90.644740][ T6004] CPU: 0 UID: 0 PID: 6004 Comm: syz.2.943 Not tainted 6.11.0-rc7-syzkaller-00151-gd42f7708e27c #0
[   90.655327][ T6004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   90.665379][ T6004] ==================================================================