last executing test programs:

16.390418524s ago: executing program 0 (id=1268):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000280)={0x4000, 0x2}, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000010c0)=ANY=[@ANYBLOB="180000001600010a00000000000000000a0000000c000080"], 0x20}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{0xffffffffffffffff, <r2=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20) (async)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x6, [@fwd={0xe}]}, {0x0, [0x2e, 0x30, 0x5f, 0x2e]}}, &(0x7f0000000340)=""/186, 0x2a, 0xba, 0x5, 0x0, 0x10000, @value}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0xb, 0x7, 0xae0, 0x1, 0x80, r2, 0x9, '\x00', 0x0, r3, 0x5, 0x2, 0x2, 0x0, @void, @value, @void, @value}, 0x50) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) (async, rerun: 64)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) (rerun: 64)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r5)

16.276884262s ago: executing program 0 (id=1270):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a000000"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f00000000c0)={0x3, &(0x7f00000001c0)=[{0x2, 0x6, 0x5, 0x9}, {0x4, 0xf, 0x6, 0xb}, {0x400, 0x5, 0x9, 0xa}]})

16.227179996s ago: executing program 0 (id=1274):
r0 = socket$inet(0x2, 0x4000000000000001, 0x100)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)

16.200104668s ago: executing program 0 (id=1275):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040)=0x7f78, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xb, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES64=r0], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000400)={r1, 0xffffffffffffffff, 0x20, 0x0, @val=@kprobe_multi=@addrs={0x1, 0x0, 0x0, 0x0, 0x1ff}}, 0x30)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg(r0, &(0x7f0000000080), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x82)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000300)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
r2 = epoll_create1(0x80000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000180)={0x30000014})
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x98dc11, 0x0)
recvmmsg(r0, &(0x7f0000000c80)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x45833af92e4b39ff, 0x0)

16.121750274s ago: executing program 0 (id=1276):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000002305e20000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
capset(&(0x7f0000000040)={0x20080522}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040), 0x106}}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x80044940, &(0x7f0000001980)={<r4=>0x0, ""/256, 0x0, <r5=>0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, <r6=>0x0, 0x0, <r7=>0x0})
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x41000, &(0x7f0000001b80)=ANY=[@ANYRES16=r7, @ANYRES64=r6, @ANYRESOCT=r1, @ANYRES32=0x0, @ANYRESDEC=r4, @ANYRESHEX=r5, @ANYRES8=r6, @ANYBLOB="9a7f40ad4c7145903a868b9020e1e8899ed5747db23004fc9d248900abcaa6b065cf0800930a71dcd8b8955d93c78b9d4e5e06d8d5c9ac9b75d177754d6eba23e6d2be546c0dfecdf61baf732950a5729c01fbdc11e36cb411be200a9135657acd97d21ee46aac313ebdddd9265af16558dd3e5ba4836659a6abfe08aad84276acf949bdaa34bdf7f7b2dfb2fe8b9d6d225dcecebeb6e15f649994728842bd99fc94897d24315ac2d17bf6c2acfbfa8464d80f36304f88b906b78ab359be3479db5b0e7555f04416807c2202d6551f2425440be741dbe053e0bfeb845623e722a9293843f1cf0a71119dcadf7e353af4da52aed3086d6e5a095774248be9a1b1418dec1c03a2cb0ece0840ebeaaf7b67867da45943b700e2d6dad775ae6f33e55aa86ca84c336c91e3b7d7224f7a9a10d5b45a6ce0769d875415bea136b5508e5e0a88290792da3b11b2284a3d757c301cec78b55d3fcfa073615ccb089f66c5b9a5c84f6c1bb78c3370c4687eab260711fa05525687c7709e15cddea061f70798cbf940ad929eb80f33ad8bb4fcd322dd0558f111d7d01351147976b425a27e573402490055054cf3d80bebde6a89f3086170633740f08780aac3a73f17eaeda8deb642c2887962596b4d78c0ffffb28d0e64073b0641f89cf83a69afaaea03ba6070838fdbdaccb81630a6fdaa77fc10146013b9fd79e965a320daf81c1a51f032a3f462f2740e579eb116cad80b4e233326bf94fea52184517accf608b1fbfb395942869841b9ca0f314beff6b2dc0a74d7599012274b24775f0382e72907c1f0c571b994f048c0266feb775d893fec84e5733cd66a96cd45b60f63743b17b05d99c427a2d00a27fef17cadf128059a2e227b80701755b0bc706f32255c8cd619fa995cc7649f28337361a62cff46669fa4cf095a2d148987a9fafa6e1fb9f59b5ac5ff10a4c62e0187a3c75a983f7f5211142c6c09170a13e29c2044e5568bda8055cee4722e445e83ea01307c42cbe63a5bc529e1200e5874f7500275abacd6cc0e3bf8fd38ab7bab39f54d180d60892e2e3a713a3e654c89b8e9ba4474909991844514c04b655c66ccd6f2a17e29ff69d343ebac7ac5e1510ad4ff52e6a932a97bb0d814259da6545022152dd63f06219a1d66ec2278b694876ed6195b0543b8c9289b8438e8ee57dd38bcdb045a6fc4cede28effaa0354afbd4190fcbccd9a0e91508e4399e0e30a0bfdedcc19454b6dd7c2785a6e4fe74a0ece1d683ad07d76eafec02fb0d88debfeacd3531413185da0ffa4fb9b5e6d5a916f7bb5d51efc8ab61e4953fc6b2d1e670769f3ca56d51b804ceb118278acc90422e1f51e448a27d2fe4f93c88cf7c6148474bf650902dd6dd96541044113d244cf938150ec426e7ed63e1f153bbe328f4232552b104c8dee60b0c4e4c25f2605e97cc6f4263d32e8340be2d167137682373ae4cd501fdc9c5359b40f52803a5e4c0e04a5de0412c5cbd4d05e6135a1209d4b2dff50d39e481f1d1b01ed71004fb0c18e736af8ab176f833a439a85c9132e6d2296f665771c6a284eadc08c94ffa520dcc37fd6426c152364699514b15d4df6732fff39834e8ba29688b19db27a970d9d7fbee973c76bee04fb6164963969ebde0f785606781d63726736d8b60a713d5f72207a23f6f00420fdf24d14c069f36a7e236620481cc7a63857cc1355bac8d4f9a3f32785ad4d9d81719077a816b33b98006c322ee473aa9f8f83fae86a4d421104b298a9e42357c44b773e3504b3f9eb5b29330411b776b78fdb6dd9713dd1aee0cc9c7ee8bd23a50d4c8babaf6d74bc25377009a8c57c941f80e58ac08c93a275656cbad3864df9e791305d66103ab30983b07553ede5b5d5b0aab157f805eb6c11c75dd7f297c2cc9110551131a797164dec422b13799f1c261464c765a62c201eb9c8686eee94642d59f429cd137cba0d1a8126dcdfc28ea5c201526c61164a86f480dfde0c60fdf6afd3cd64719de1d89b5a362e058054a9db73aaffac324b04e8903060e1f14ca4ac31c82183066e6d581685efbe3452a20a665166b03808220770d66051971b61d8114376e22a4511cae9fdf7bbed68bb9f45b57eee1c15775730ef1434731d7b82a7cbcd6155396263984edfcea62196189da0ba9908d7d5ef514d75a3e1d4ae42654365083873fc4ce969fa4fac51d640be8d948bb9464d1a7e494c8df98bd5a569ff7fe1aca542c34610148a8f1dc9d60ff0f761270577f286a362f32164184ffce3ad132637e9f0381e9ce76a11f296f9d1e835cdc44926104e1df4d0a282a84b9fbc23064bfcab0d221c6e3124ae8ba6022e62f170dcc2d655f73b40f83fd65f5c705bc1f9e8df13adeadff9e1fe4660a55be7dc969cfffaed607190162dcd09d0cd86a297b22142b88f0eb28dd1a45152a4f4f2dca0d96d39fa594349040f486cd486af619b7083236cf90324cddc6f1ed0f6a103c8d936d7f2f31d420ef50931838e66721bff7494617b6b4bc385f3e51b3f81cf5d6953ac7fddc0f3466682911b38bc7f082e0c18e3ae0badf7f3fd3e186ebc2bab71fa26f77bb14cd97e6761c93c8c25887c0ef1f3dc1d8d86ce0fb73190f66f4deca77977e8d6064bfeeac3fad2bc50488c144e2a1a82fcc1e1c12ac54bf3e2d468e8f53241e4a6ad9e466746a45b053452ded5caa20461881d78d8235e986ba8b77e83601655d2650bf1b64ce17c75314216b43bbd1101a2e12e57525bb7d3b136a70635bdac8af24367a24ce2fe2a72ef2b0e56ff8dc62a82946f86f9b6b1418a89b1971372dfe7d5ce2e6611befff721f04a19bce7f90b1551a4cdead136662c50513fdde6f9d4a199c3907ed8799f231f54dd8347c71d829ff8ddc5d96b5aac2fe58652c81ff7f54e2568119dff2763ef435aa420630dacc7e9414340ee8688f46c7a8ab96d860937641042b3cdf6857ff1d2d4e47cec1f23e65fe541f38cb96b132666f999002e89cd1896ca58c2e63b87382e1a6c1ee9afa56cf3ba923fa9c989e20bff313f37252632fdcff03fbdd2d334ee93baf75c1bdae30feaa81fb2ac1b63c42dda06f20ce8c9d003eb3efed7931def342fb874fce92763f6f477c7f589b75d2129419fc4cb7a8893a1d3f94533ed9fdf9f21fc254fd80aa74750833d390327a2107e761240928d35a36c5eaca61fd848116b8dd7ec8157928bc2dd87f7756aa517cf6a61d2009fd4ba0579ca3b3129cfd5403546f5ab6d0575799a008fc67da9658427636d8f806d9b8cad64aee438d0a9b45957f31a5afe3ed894add9acadfd347246099c6ff0b4ec6f19ac61557daf8739e528185ab1468ca72d6d72e4f026e371e540b774b6576df3014dcc9e91b2cd1f0403a4fcaa6627b22682bb54f92150c2917acaee1972b2b03bc2bd37fdb9e7352c654d94ef196b7229e4da5ee62b7d395ecdd5177f2563242ea49ff78151a4a816a94e89b03f41c7e6684f8be3e5802e9338e7cbd3b43f708c062f944a59f31b02ca9a177e6b681accee8785d2467d2d78636be4330febaa3f6907db07992a2de74e459f3ae8ee6adae20cbc75aabd2d5d3424de0ddcc3ddd981c3a4966c57f8fdb1c42db87395f0bc800ff8ddb4c228a7d793d8a997885494a8578f5433d3f82886ea573641bf16065efbc25718c88f7277ce04c94af560d8deb7968496f849d3fad78741272b08bf7aec3f3c777428d3b8b897333ae5afb6823af63cb7347601ee2e8d4e21b21a12e6d42f66a1aac26d296bc68a998d8ba179ed5f756c2efd8a7acc0e3f08093bb4a83d37f15b4fe07c90858058ad1ff0e21bb7bf4363079c5d452dba5972b21c8f41daf6f11a51d321d3c1d544190238036d907d965ff469ce4895eb7675f3e94a15f83b837b892a40390d87d76e9b15eda02366299d3dd93943466bceeb2f9e465adccc08e1a02c3ac01815931627ed327e0ffbe09563221a365b88c4f2449bd3634920d5bfbde7cdc92c4cb16a579f35f07dafc87ce6ce4de7bf9e8ff0e80b81cdab8f2164a25a0a6929679ce9ae0dc2ac7ed41a787446676f091597551dc2e8c054224bac6652bba5fb675c0b2c94d2faac160f11b7b96fc96415aca8a47fa03658b8afa24b6bd97f7dbeead9ae5f7ec1cb0d000055f41a5043c6c4c97212398b168b5cb9ee650726eabcc31b6712e815fdaae77885350884fb36d6d5444d5e5500a7d636d4eced14b9d411c765b36a4be06ca9be2965d6d6c06c3b6bcb38babeb2999ee71295d48926bf6e39363fabf74de5e57aa0b59f9dddeca142d0c50ab7ff198196c69c971e6ab591220f4e42d6525e2dbd99b6c57949c854e4ee0e4581f9e3e160b3f66b01f23f4d0472c0a1f307837ac8dac0a257d09ab82975148dcd764fe6359a5f21b9cbe2ae7b9b277489a8b3285b8289a84ff854508b4488ffcf68f47ec7a5c18a8c3d06e26b32f754ac74ea8e93a554147fd3b3daf1fbe924e2e389cac13a5f80f3a21dbd250d3917f7b5acfc739a63f2b3d6b3f099efb4be7a842215c89fc87bd8550d11ba2a4af0f111ab124503b26feeae3be3ee24168dd4553a226b9168edb11c3e61bc850adf995b4d6f1aace6db0b91f805c3d1789a3e6b470e5470968f429d5b05c8f76ca2981e37f5bde4ad00a09755c76774ead7d93f3f41255b1d56152e3699b133b2e0b277427c992323d1b4d8c438434e9e901ddd43788f80cb9a975e9dd1671ce16be5ff8033d5da824f00fd78b540edbcd69a2e9aff03e31af9afefb809434f52b4a1239fdd241ed3a268258addde19d1724155a1a4c877bd59b0659b7a786886f6ffcb5999d1f9c007d615020926f7165a9ddd4aaa3c7b631d30cc951e328131d99282ac06a18f88373092320ea5308f06c376e711aecda4cd1c2b639d9ea7a2613d4e9eaa9a0ef72774fdec622f7d131b45135d577897bf686b460a371083070139ea544bda15012251d6c8e7163c25412841faefba76765648ca7cd1b423403a654b6b5754588ae6c309621477db20f7c9236af1e422ebd3fb6d6a712e7a6d00d58416b7d65a53a2514bf51bedfe9207f16a4d79418600389b98ea8b9e06b8da708a86f191e567925af39a09ac9fd7902e8f8e77567baf1b75c05ba1eb7089b424801405afc982a8d79c80fada184a1ab3bab526a3b0a5e20d2dc6bcdd2c5cb7c49f735f3e8f4d36a388ca805876ae08f0e3acca5dd864c1fa1552068bf799095221480374fd2dcaeddb74be93470eff4fe278e190f0a131f32340ada9cca518af769f42943875f4c5707beee2179771da21cd66405b9973648bd047a516d1cf902fa1f0fcdcbc3f4c1f20fc22f9a7e9f4c3a52576399604c46f83ede44f542d06d54e6e8a1e693a2cfcbb16c178d1bace976133e72cc4533bd02b1c4ec2cc22097435aff5a682ca7227414895450831560fa682493f4814ce8fbdb190f8ce2b533ed9582638511bda93aeae5d0690f745b788db622864ba3fb60952f119427fbe66754c5c038c5fb2cb87c326d65862e353c14950bd1fa7c70e36323e9cf90c81f6275e59c7926acac1560a0b6bbc7a850817f2effa19d485315a219d49e293f871278294d02765cf72caa2f438de3337ed205bf68ff6ddaaa5e4b80de5fba022dfcf9cf074a319678df11eb77b3ef66e512b67ba5182265a60eaf457691e973d23cbaf6000537f886695074ebb616f9cdad9de7c6fe9ecfbd13d537d64c34a7c90ca56b50e60d6a7067e391e63561793edf6ed3c2eeb8555909a59ce73da1f096d41fb42de44494128324a9", @ANYRES8, @ANYRESOCT], 0x0, 0x0, &(0x7f0000000000))
getdents64(r1, &(0x7f0000000280)=""/158, 0x9e)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0100000005000000e27f000001"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r9}, 0x10)
openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0, 0x0, 0x5}, 0x18)
r10 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r11 = dup(r10)
write$UHID_INPUT(r11, &(0x7f0000002080)={0xc, {"a2e3ad21ed0d52f91b5d340887f70e06d038e7ff7fc6e5539b3272298b089b07081b4d090890e0878f0e1ac6e7049b3365959bfc9a240d2567f3988f7ef31952013fffe8d178708c523c921b1b9b39070d075d0936cd3b78130d9b61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c9000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c198045651cf4778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdc80c47ee4f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78ff95b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af0000807e0000000002d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b4051db55e0510a6e4114a53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a6d8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

15.870814413s ago: executing program 0 (id=1283):
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_procfs(0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
rseq(&(0x7f0000000400)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x69, 0x7ffc0005}]})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
rseq(0x0, 0x0, 0x0, 0x0)
connect$inet(r0, 0x0, 0x0)

15.870634663s ago: executing program 32 (id=1283):
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_procfs(0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
rseq(&(0x7f0000000400)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x69, 0x7ffc0005}]})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
rseq(0x0, 0x0, 0x0, 0x0)
connect$inet(r0, 0x0, 0x0)

1.255869135s ago: executing program 5 (id=1588):
socket$nl_route(0x10, 0x3, 0x0) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r1}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000600)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000600)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000040)=ANY=[@ANYBLOB="2c0000002000010400000000000000000a0000000000000000000000080017"], 0x2c}}, 0x80) (async)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000040)=ANY=[@ANYBLOB="2c0000002000010400000000000000000a0000000000000000000000080017"], 0x2c}}, 0x80)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x3, 0x10004, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
close(r3) (async)
close(r3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0a000000010000000900000008"], 0x50) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0a000000010000000900000008"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000380)='kfree\x00', r5}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
futex(0x0, 0x3, 0x0, &(0x7f0000fd7ff0)={0x77359400}, 0x0, 0xfffffffd)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000002d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r6}, 0x10)

1.182445311s ago: executing program 5 (id=1590):
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8)
pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = dup(r0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x3c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0}, 0x0, 0x2000003, 0xffff, 0x0, 0x0, 0xfffffffa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$inet_smc(0x2b, 0x1, 0x0)
socket$key(0xf, 0x3, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x6, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x2, 0x800000000003}, 0x1320, 0xffffffff, 0x3, 0x5, 0x4, 0x1088f109, 0xfffb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002380)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$rds(0x15, 0x5, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r4}, 0x10)
getrlimit(0x1, &(0x7f0000000400))
socket$vsock_stream(0x28, 0x1, 0x0)
close(0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
execveat(r1, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000580)={[&(0x7f0000000300)='(\\%\\\x00', &(0x7f0000000340)='syzkaller\x00', &(0x7f0000000380)='syzkaller\x00', &(0x7f0000000440)='\x00', &(0x7f0000000480)='ethtool\x00', &(0x7f00000004c0)='ethtool\x00']}, &(0x7f0000000600)={[&(0x7f00000005c0)='sys_enter\x00']}, 0x400)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800080000fcffff08000900fcfc0000080011000000000008000e00800000000800", @ANYRES64=r5], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

1.016664073s ago: executing program 5 (id=1591):
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)=@o_path={&(0x7f00000000c0)='./file0\x00', 0x0, 0x10}, 0x14)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000090c00"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b00010067726574617000000cf7018008000700ac1e00010a0001"], 0x48}}, 0x0)

976.629946ms ago: executing program 5 (id=1592):
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000040)={[0x7fffffffffffffff]}, 0x8, 0x0)
r4 = getpgrp(0xffffffffffffffff)
fcntl$lock(r3, 0x24, &(0x7f0000000080)={0x0, 0x2, 0x1, 0x5, r4})
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000300)={0x5, &(0x7f00000002c0)=[{0x7ff, 0x0, 0x7, 0x9}, {0x800, 0x3, 0xd, 0x3}, {0x2, 0x9, 0xf, 0x9}, {0x7, 0xa2, 0x5, 0x5}, {0xa, 0x6, 0x80, 0x8}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f0000000300)={0xfffffffb, 0x0, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r5, 0x408c5333, &(0x7f0000000580)={0x0, 0x1f000000, 0x0, 'queue0\x00'})

586.156736ms ago: executing program 3 (id=1596):
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0xec40, 0x12)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000300)=ANY=[], 0x15)
r1 = dup(r0)
write$P9_RLERRORu(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001440)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[])
umount2(&(0x7f0000000000)='./file0\x00', 0x0)

583.846586ms ago: executing program 4 (id=1597):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x50a82, 0x120)
accept$inet6(r0, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), r0)
sendmsg$NL80211_CMD_GET_STATION(r0, &(0x7f0000000800)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x9010}, 0xc, &(0x7f00000007c0)={&(0x7f0000000600)={0xc4, r2, 0x2, 0x70bd29, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x6, 0x47}}}}, [@NL80211_ATTR_STA_EXT_CAPABILITY={0x63, 0xac, "7a409ce4bf1de7a2818dfc2f1a292206488fbf7e4195352fec85fe87236e90b95b4f3c654bceaa2998dc570eb69a1375b09003d417cbcc604703f06a70784eadb560fd678f30fc9dd10995d5a98976296fd3d881d9e66b051d1ff5570615b1"}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_WME={0x1c, 0x81, [@NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x2}, @NL80211_STA_WME_MAX_SP={0x5}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0xf5}]}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x62d}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0x10, 0xbd, [0x8, 0x40, 0x7, 0x4, 0x3, 0x10]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x22000045}, 0x4048014)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f00000000c0))
pwritev(r3, &(0x7f0000000080)=[{&(0x7f00000002c0)='\x00!', 0x2}], 0xa, 0x0, 0x0)

545.044819ms ago: executing program 3 (id=1599):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x50a82, 0x120)
accept$inet6(r0, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), r0)
sendmsg$NL80211_CMD_GET_STATION(r0, &(0x7f0000000800)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x9010}, 0xc, &(0x7f00000007c0)={&(0x7f0000000600)={0xc4, r2, 0x2, 0x70bd29, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x6, 0x47}}}}, [@NL80211_ATTR_STA_EXT_CAPABILITY={0x63, 0xac, "7a409ce4bf1de7a2818dfc2f1a292206488fbf7e4195352fec85fe87236e90b95b4f3c654bceaa2998dc570eb69a1375b09003d417cbcc604703f06a70784eadb560fd678f30fc9dd10995d5a98976296fd3d881d9e66b051d1ff5570615b1"}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_WME={0x1c, 0x81, [@NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x2}, @NL80211_STA_WME_MAX_SP={0x5}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0xf5}]}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x62d}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0x10, 0xbd, [0x8, 0x40, 0x7, 0x4, 0x3, 0x10]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x22000045}, 0x4048014)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000005c0)='sys_enter\x00', r3}, 0xe)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f00000000c0))
pwritev(r4, &(0x7f0000000080)=[{&(0x7f00000002c0)='\x00!', 0x2}], 0xa, 0x0, 0x0)

510.665782ms ago: executing program 4 (id=1601):
open(&(0x7f0000000140)='./file0\x00', 0xec40, 0x12)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
umount2(&(0x7f0000000000)='./file0\x00', 0x0)

507.368992ms ago: executing program 1 (id=1602):
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)=@o_path={&(0x7f00000000c0)='./file0\x00', 0x0, 0x10}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000090c00"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b00010067726574617000000cf7018008000700ac1e00010a0001"], 0x48}}, 0x0)

469.796055ms ago: executing program 1 (id=1603):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r1, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @time={0x9e, 0xbdaf}, {}, {}, @raw32}, {0x3, 0xf7, 0x0, 0x0, @tick=0x7, {}, {}, @raw32={[0xef8, 0x8]}}], 0x38)

433.955627ms ago: executing program 1 (id=1605):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYRES64=r0], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb=0x23, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000ac0)=ANY=[@ANYRES32=r2, @ANYRES32=<r3=>r1, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000048c0)={r2, &(0x7f00000047c0), &(0x7f0000004880)=@udp=r0}, 0x20)
recvmmsg(r1, &(0x7f00000002c0)=[{{0x0, 0x0, &(0x7f0000001c80)=[{&(0x7f0000000a00)=""/157, 0x9d}], 0x1}}], 0x1, 0x2, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000080), 0x4)
r4 = socket$inet6(0xa, 0x3, 0x3c)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r5}, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={r1, 0xe0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, &(0x7f0000000240)=[0x0], &(0x7f0000000280)=[0x0, 0x0], <r6=>0x0, 0xf7, &(0x7f0000000300)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x16, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYRES8=r3], &(0x7f0000000d40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xc, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='xen_mmu_alloc_ptpage\x00', r7}, 0x18)
r8 = syz_io_uring_setup(0xfb, &(0x7f00000003c0)={0x0, 0x0, 0x10100}, &(0x7f00000000c0)=<r9=>0x0, &(0x7f0000000100)=<r10=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
syz_io_uring_submit(r9, r10, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r12, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x40000103})
io_uring_enter(r8, 0x46f6, 0x0, 0x0, 0x0, 0x0)
write(r11, &(0x7f0000000140)="ad", 0x1)
setsockopt$inet6_IPV6_RTHDR(r4, 0x29, 0x39, &(0x7f0000000f00)=ANY=[@ANYRES8=r4], 0x18)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', &(0x7f0000000640)={0x10d400, 0x8, 0x4}, 0x18)
socket$inet6_udp(0xa, 0x2, 0x0)

428.331008ms ago: executing program 3 (id=1606):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r1, 0x0, 0x5, &(0x7f0000000240)={@local, @multicast2, 0xfffe, "66c5aff8a7eb3af1f6cec2e7420000008c84aea31700", 0x3, 0x0, 0x7e, 0x4f04}, 0x3c)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x10, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_WIPHY(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="598465000000000000000100000008002b01"], 0x1c}, 0x1, 0x0, 0x0, 0x400c080}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
kexec_load(0x300, 0x1, &(0x7f0000000480)=[{0x0, 0x0, 0x0, 0x1000000}], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000009c0)={{r2}, &(0x7f0000000940), &(0x7f0000000980)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000c80)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x2e0, 0x940c, 0x3002, 0x2e0, 0x2c0, 0x3f0, 0x3d8, 0x3d8, 0x3f0, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x298, 0x2e0, 0x4001, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x4001, 0x1, 0x3, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x2, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x1, 0xbe, {0x565159d7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x565)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1")
setsockopt$MRT_INIT(r1, 0x0, 0xc8, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000001300)=ANY=[@ANYBLOB="180000000000000000000000feffffff1811000062442b5eb7e4e7483b31554f53b1f51fbf77a355f108cd6d21f7d149cb66354b3a787813c547301d1b7a8469b1eb66575b8f8b763a6e18e24f4877269695", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000011c0)=ANY=[@ANYBLOB="160000000000000004000000010000000000", @ANYRES32=0x1, @ANYBLOB="00000000641e0020000000002030cf9dd18b21dcf5080f0b5e10d0e318a229f4e8506ee1b01309043837a2a3173ae24c44682d62c83e79a68d13cfd8351463472b56c14d6776c4b815d5d637d747d3f7ae7aac68bd8d605cf0012775208b7220dc85c67deb0d9294634eeab342d142496700002c391d9d95ab0f36dc47016500dcc9eae57e9cf26108101bafe1eee53a4b428b80a823128a67116f81935434ea44e0047ba4c929a011d26ef8481d06992c9e187f23f923b1aa8ceaf721e12f1ce0b855b9c95a1ae6ee", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c00)=ANY=[@ANYBLOB="500100001000130700000000fbdbdf2520010000000000000000000000000001200100000000000000000000000000004e23000002000000000000003b000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="7f000001000000000000000000000000000000fe32000000ac1e000100000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000000000000000000000000000000000000000000000004000df11000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000400000000000000000060001200726663343130362867636d28616573292900"/215], 0x150}, 0x1, 0x0, 0x0, 0x880}, 0x0)
rt_sigtimedwait(&(0x7f0000000080)={[0x101]}, &(0x7f0000000180), &(0x7f0000000280), 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={0x0}, 0x18)

382.511291ms ago: executing program 1 (id=1608):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb86dd603e0234ea003300fe8000000000000000000000000000bbff020000000000000000000000000001"], 0x0)

378.126152ms ago: executing program 4 (id=1609):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r1, 0x0, 0x5, &(0x7f0000000240)={@local, @multicast2, 0xfffe, "66c5aff8a7eb3af1f6cec2e7420000008c84aea31700", 0x3, 0x0, 0x7e, 0x4f04}, 0x3c)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x10, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_WIPHY(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="598465000000000000000100000008002b01"], 0x1c}, 0x1, 0x0, 0x0, 0x400c080}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
kexec_load(0x300, 0x1, &(0x7f0000000480)=[{0x0, 0x0, 0x0, 0x1000000}], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000009c0)={{r2}, &(0x7f0000000940), &(0x7f0000000980)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000c80)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x2e0, 0x940c, 0x3002, 0x2e0, 0x2c0, 0x3f0, 0x3d8, 0x3d8, 0x3f0, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x298, 0x2e0, 0x4001, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x4001, 0x1, 0x3, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x2, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x1, 0xbe, {0x565159d7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x565)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1")
setsockopt$MRT_INIT(r1, 0x0, 0xc8, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000001300)=ANY=[@ANYBLOB="180000000000000000000000feffffff1811000062442b5eb7e4e7483b31554f53b1f51fbf77a355f108cd6d21f7d149cb66354b3a787813c547301d1b7a8469b1eb66575b8f8b763a6e18e24f4877269695", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000011c0)=ANY=[@ANYBLOB="160000000000000004000000010000000000", @ANYRES32=0x1, @ANYBLOB="00000000641e0020000000002030cf9dd18b21dcf5080f0b5e10d0e318a229f4e8506ee1b01309043837a2a3173ae24c44682d62c83e79a68d13cfd8351463472b56c14d6776c4b815d5d637d747d3f7ae7aac68bd8d605cf0012775208b7220dc85c67deb0d9294634eeab342d142496700002c391d9d95ab0f36dc47016500dcc9eae57e9cf26108101bafe1eee53a4b428b80a823128a67116f81935434ea44e0047ba4c929a011d26ef8481d06992c9e187f23f923b1aa8ceaf721e12f1ce0b855b9c95a1ae6ee", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c00)=ANY=[@ANYBLOB="500100001000130700000000fbdbdf2520010000000000000000000000000001200100000000000000000000000000004e23000002000000000000003b000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="7f000001000000000000000000000000000000fe32000000ac1e000100000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000000000000000000000000000000000000000000000004000df11000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000400000000000000000060001200726663343130362867636d28616573292900"/215], 0x150}, 0x1, 0x0, 0x0, 0x880}, 0x0)
rt_sigtimedwait(&(0x7f0000000080)={[0x101]}, &(0x7f0000000180), &(0x7f0000000280), 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={0x0}, 0x18)

354.696443ms ago: executing program 1 (id=1610):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
getsockopt$inet6_mreq(r1, 0x29, 0x15, &(0x7f00000004c0)={@private0, <r2=>0x0}, &(0x7f0000000500)=0x14)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r1, &(0x7f0000000600)={&(0x7f0000000400), 0xc, &(0x7f00000005c0)={&(0x7f0000000540)={0x60, 0x0, 0x100, 0x70bd29, 0x25dfdbfb, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x42}, 0x810)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r1, 0xc0189378, &(0x7f00000006c0)={{0x1, 0x1, 0x18, r1, {<r3=>r0}}, './file0\x00'})
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r3, 0x84009422, &(0x7f0000000c00)={0x0, 0x0, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r4 = openat$full(0xffffffffffffff9c, &(0x7f00000007c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r4, 0xc0189373, &(0x7f0000000380)={{0x1, 0x1, 0x18, <r5=>r0, {0x800}}, './file0\x00'})
epoll_pwait2(r5, &(0x7f0000000400), 0x0, &(0x7f0000000440)={0x0, 0x989680}, &(0x7f0000000480)={[0x7]}, 0x8)
read$rfkill(r4, &(0x7f0000000080), 0xffffff1c)

266.56332ms ago: executing program 2 (id=1611):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x10, &(0x7f0000000340)={[{@errors_remount}, {@dioread_lock}, {}]}, 0xfe, 0x44f, &(0x7f0000000d80)="$eJzs3MtvG0UYAPBvnTh9URJKefQFgYKoeCRN+qAHLkUgcQAJCQ5FnEyaVqVug5og0aqCwiEcUSXuiCMSfwEXygUBJySucEdIEcqFwslo7d3UOLYTJ05c4t9PWnXGO+7Mt7sTj2d2HUDfGo2IAxFxT0T8GhHDEZE0Fhit/XN78frU34vXp5KoVN74M6mW+2vx+lReNH/frlqmMtCm3vm3I0rl8vSVLD8+d+m98dmr1567cKl0fvr89OXJU6eOHzs0dHLyRFfi3J22df+HMwf3vfLWzdemztx858evkyzuaIijW0arR625J7tdWY/trksngz1sCB1J+2h6uorV/j8cA7Fjad9wvPxJTxsHbKhKpVDZ1nr3jQqwhaWjeaAf5R/06ffffNukocddYeF0LM1j3M622p7BKGRlihtY/2hEnLnxzxfpFhs0DwEAUO/W6Yh4ttn4rxAP1pW7N1sbGomI+yJiT0TcHxF7I+KBiGrZhyLi4Q7rb1whWT7+qQyvKbBVSsd/L2RrW/8d/+WjvxgZyHK7q/EXk3MXytNHs2NyJIrb0vxEmzq+e+mXz1rtqx//pVtafz4WzNrxx2DDBN3ZUrG0npjrLXxcWwBYHn8S+TJOOj7eFxH7O/y/8+8YF57+6mCrMivH30YX1pkqX0Y8VTv/N6Ih/lzScn1y4vmTkyfGt0d5+uh4flUs99PP86+3qn9d8XfBwq1K7Gx6/S/FP5Jsj5i9eu1idb12tvM65n/7tOV3mrVd/3OloeTNanooe+2D0tzclYmIoeTV5a9P3nlvns/Lp9f/kcPN+/+euHMkDkREehEfiohHIuLRrO2PRcTjEXG4Tfw/vPjEu53H32ZWvovS+M+udP6j/vx3nhi4+P03ncefS8//8WrqSPZKev5Ximu1DVzPsQMAAID/i0L1HvikMLaULhTGxmr38O+NnYXyzOzcM+dm3r98tnav/EgUC/lM13DdfOhENjec5ycb8seyeePPB3ZU82NTM+VO5xOB7trVov+nfm/3AA+wNXheC/qX/g/9S/+H/qX/Q//S/6F/Nev/H/WgHcDmW+Hzf8dmtQPYfMb/0L/0f+hf+j/0pZbPxhfW9ci/RI8S3w6t77caVp+Iwl0S8pZJFKPprsFV/5jFGhJJRGxruqvXf5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC6498AAAD//9di55E=")
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=r5, @ANYBLOB="000000000000000028001280090001007665746800000000180002801400010000000000", @ANYRES32=r5], 0x48}}, 0x0)

248.544251ms ago: executing program 3 (id=1612):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="17000000000000000400"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
fcntl$notify(r0, 0x402, 0x26)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)

223.583213ms ago: executing program 4 (id=1613):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x50a82, 0x120)
accept$inet6(r0, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), r0)
sendmsg$NL80211_CMD_GET_STATION(r0, &(0x7f0000000800)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x9010}, 0xc, &(0x7f00000007c0)={&(0x7f0000000600)={0xc4, r2, 0x2, 0x70bd29, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x6, 0x47}}}}, [@NL80211_ATTR_STA_EXT_CAPABILITY={0x63, 0xac, "7a409ce4bf1de7a2818dfc2f1a292206488fbf7e4195352fec85fe87236e90b95b4f3c654bceaa2998dc570eb69a1375b09003d417cbcc604703f06a70784eadb560fd678f30fc9dd10995d5a98976296fd3d881d9e66b051d1ff5570615b1"}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_WME={0x1c, 0x81, [@NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x2}, @NL80211_STA_WME_MAX_SP={0x5}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0xf5}]}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x62d}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0x10, 0xbd, [0x8, 0x40, 0x7, 0x4, 0x3, 0x10]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x22000045}, 0x4048014)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f00000000c0))
pwritev(r3, &(0x7f0000000080)=[{&(0x7f00000002c0)='\x00!', 0x2}], 0xa, 0x0, 0x0)

216.988503ms ago: executing program 3 (id=1614):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000090c00"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b00010067726574617000000cf7018008000700ac1e00010a0001"], 0x48}}, 0x0)

181.828456ms ago: executing program 2 (id=1615):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r2 = fcntl$dupfd(r1, 0x0, r1)
write$sndseq(r2, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @time={0x9e, 0xbdaf}, {}, {}, @raw32}, {0x3, 0xf7, 0x0, 0x0, @tick=0x7, {}, {}, @raw32={[0xef8, 0x8]}}], 0x38)

178.664117ms ago: executing program 3 (id=1616):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000002c0)='kmem_cache_free\x00', r0}, 0x18)
pipe(&(0x7f0000000580)={<r1=>0xffffffffffffffff})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
splice(r1, 0x0, r2, 0x0, 0x2100, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r2, 0x18, &(0x7f0000000000)={0x7b, r0, 0x3d, {0xffff}, 0x1}, 0x1)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0x5}, 0x10)
sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
recvmmsg$unix(r3, &(0x7f00000043c0)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000002c0)=""/240, 0xf0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000640)=""/187, 0xbb}], 0x1}}, {{0x0, 0x0, &(0x7f0000002d00)=[{&(0x7f0000000900)=""/174, 0xae}], 0x1}}], 0x3, 0x0, 0x0)

146.545499ms ago: executing program 2 (id=1617):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000002305e20000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080))
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x80044940, &(0x7f0000001980)={<r4=>0x0, ""/256, 0x0, <r5=>0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, <r6=>0x0, 0x0, <r7=>0x0})
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x41000, &(0x7f0000001b80)=ANY=[@ANYRES16=r7, @ANYRES64=r6, @ANYRESOCT=r1, @ANYRES32=0x0, @ANYRESDEC=r4, @ANYRESHEX=r5, @ANYRES8=r6, @ANYBLOB="9a7f40ad4c7145903a868b9020e1e8899ed5747db23004fc9d248900abcaa6b065cf0800930a71dcd8b8955d93c78b9d4e5e06d8d5c9ac9b75d177754d6eba23e6d2be546c0dfecdf61baf732950a5729c01fbdc11e36cb411be200a9135657acd97d21ee46aac313ebdddd9265af16558dd3e5ba4836659a6abfe08aad84276acf949bdaa34bdf7f7b2dfb2fe8b9d6d225dcecebeb6e15f649994728842bd99fc94897d24315ac2d17bf6c2acfbfa8464d80f36304f88b906b78ab359be3479db5b0e7555f04416807c2202d6551f2425440be741dbe053e0bfeb845623e722a9293843f1cf0a71119dcadf7e353af4da52aed3086d6e5a095774248be9a1b1418dec1c03a2cb0ece0840ebeaaf7b67867da45943b700e2d6dad775ae6f33e55aa86ca84c336c91e3b7d7224f7a9a10d5b45a6ce0769d875415bea136b5508e5e0a88290792da3b11b2284a3d757c301cec78b55d3fcfa073615ccb089f66c5b9a5c84f6c1bb78c3370c4687eab260711fa05525687c7709e15cddea061f70798cbf940ad929eb80f33ad8bb4fcd322dd0558f111d7d01351147976b425a27e573402490055054cf3d80bebde6a89f3086170633740f08780aac3a73f17eaeda8deb642c2887962596b4d78c0ffffb28d0e64073b0641f89cf83a69afaaea03ba6070838fdbdaccb81630a6fdaa77fc10146013b9fd79e965a320daf81c1a51f032a3f462f2740e579eb116cad80b4e233326bf94fea52184517accf608b1fbfb395942869841b9ca0f314beff6b2dc0a74d7599012274b24775f0382e72907c1f0c571b994f048c0266feb775d893fec84e5733cd66a96cd45b60f63743b17b05d99c427a2d00a27fef17cadf128059a2e227b80701755b0bc706f32255c8cd619fa995cc7649f28337361a62cff46669fa4cf095a2d148987a9fafa6e1fb9f59b5ac5ff10a4c62e0187a3c75a983f7f5211142c6c09170a13e29c2044e5568bda8055cee4722e445e83ea01307c42cbe63a5bc529e1200e5874f7500275abacd6cc0e3bf8fd38ab7bab39f54d180d60892e2e3a713a3e654c89b8e9ba4474909991844514c04b655c66ccd6f2a17e29ff69d343ebac7ac5e1510ad4ff52e6a932a97bb0d814259da6545022152dd63f06219a1d66ec2278b694876ed6195b0543b8c9289b8438e8ee57dd38bcdb045a6fc4cede28effaa0354afbd4190fcbccd9a0e91508e4399e0e30a0bfdedcc19454b6dd7c2785a6e4fe74a0ece1d683ad07d76eafec02fb0d88debfeacd3531413185da0ffa4fb9b5e6d5a916f7bb5d51efc8ab61e4953fc6b2d1e670769f3ca56d51b804ceb118278acc90422e1f51e448a27d2fe4f93c88cf7c6148474bf650902dd6dd96541044113d244cf938150ec426e7ed63e1f153bbe328f4232552b104c8dee60b0c4e4c25f2605e97cc6f4263d32e8340be2d167137682373ae4cd501fdc9c5359b40f52803a5e4c0e04a5de0412c5cbd4d05e6135a1209d4b2dff50d39e481f1d1b01ed71004fb0c18e736af8ab176f833a439a85c9132e6d2296f665771c6a284eadc08c94ffa520dcc37fd6426c152364699514b15d4df6732fff39834e8ba29688b19db27a970d9d7fbee973c76bee04fb6164963969ebde0f785606781d63726736d8b60a713d5f72207a23f6f00420fdf24d14c069f36a7e236620481cc7a63857cc1355bac8d4f9a3f32785ad4d9d81719077a816b33b98006c322ee473aa9f8f83fae86a4d421104b298a9e42357c44b773e3504b3f9eb5b29330411b776b78fdb6dd9713dd1aee0cc9c7ee8bd23a50d4c8babaf6d74bc25377009a8c57c941f80e58ac08c93a275656cbad3864df9e791305d66103ab30983b07553ede5b5d5b0aab157f805eb6c11c75dd7f297c2cc9110551131a797164dec422b13799f1c261464c765a62c201eb9c8686eee94642d59f429cd137cba0d1a8126dcdfc28ea5c201526c61164a86f480dfde0c60fdf6afd3cd64719de1d89b5a362e058054a9db73aaffac324b04e8903060e1f14ca4ac31c82183066e6d581685efbe3452a20a665166b03808220770d66051971b61d8114376e22a4511cae9fdf7bbed68bb9f45b57eee1c15775730ef1434731d7b82a7cbcd6155396263984edfcea62196189da0ba9908d7d5ef514d75a3e1d4ae42654365083873fc4ce969fa4fac51d640be8d948bb9464d1a7e494c8df98bd5a569ff7fe1aca542c34610148a8f1dc9d60ff0f761270577f286a362f32164184ffce3ad132637e9f0381e9ce76a11f296f9d1e835cdc44926104e1df4d0a282a84b9fbc23064bfcab0d221c6e3124ae8ba6022e62f170dcc2d655f73b40f83fd65f5c705bc1f9e8df13adeadff9e1fe4660a55be7dc969cfffaed607190162dcd09d0cd86a297b22142b88f0eb28dd1a45152a4f4f2dca0d96d39fa594349040f486cd486af619b7083236cf90324cddc6f1ed0f6a103c8d936d7f2f31d420ef50931838e66721bff7494617b6b4bc385f3e51b3f81cf5d6953ac7fddc0f3466682911b38bc7f082e0c18e3ae0badf7f3fd3e186ebc2bab71fa26f77bb14cd97e6761c93c8c25887c0ef1f3dc1d8d86ce0fb73190f66f4deca77977e8d6064bfeeac3fad2bc50488c144e2a1a82fcc1e1c12ac54bf3e2d468e8f53241e4a6ad9e466746a45b053452ded5caa20461881d78d8235e986ba8b77e83601655d2650bf1b64ce17c75314216b43bbd1101a2e12e57525bb7d3b136a70635bdac8af24367a24ce2fe2a72ef2b0e56ff8dc62a82946f86f9b6b1418a89b1971372dfe7d5ce2e6611befff721f04a19bce7f90b1551a4cdead136662c50513fdde6f9d4a199c3907ed8799f231f54dd8347c71d829ff8ddc5d96b5aac2fe58652c81ff7f54e2568119dff2763ef435aa420630dacc7e9414340ee8688f46c7a8ab96d860937641042b3cdf6857ff1d2d4e47cec1f23e65fe541f38cb96b132666f999002e89cd1896ca58c2e63b87382e1a6c1ee9afa56cf3ba923fa9c989e20bff313f37252632fdcff03fbdd2d334ee93baf75c1bdae30feaa81fb2ac1b63c42dda06f20ce8c9d003eb3efed7931def342fb874fce92763f6f477c7f589b75d2129419fc4cb7a8893a1d3f94533ed9fdf9f21fc254fd80aa74750833d390327a2107e761240928d35a36c5eaca61fd848116b8dd7ec8157928bc2dd87f7756aa517cf6a61d2009fd4ba0579ca3b3129cfd5403546f5ab6d0575799a008fc67da9658427636d8f806d9b8cad64aee438d0a9b45957f31a5afe3ed894add9acadfd347246099c6ff0b4ec6f19ac61557daf8739e528185ab1468ca72d6d72e4f026e371e540b774b6576df3014dcc9e91b2cd1f0403a4fcaa6627b22682bb54f92150c2917acaee1972b2b03bc2bd37fdb9e7352c654d94ef196b7229e4da5ee62b7d395ecdd5177f2563242ea49ff78151a4a816a94e89b03f41c7e6684f8be3e5802e9338e7cbd3b43f708c062f944a59f31b02ca9a177e6b681accee8785d2467d2d78636be4330febaa3f6907db07992a2de74e459f3ae8ee6adae20cbc75aabd2d5d3424de0ddcc3ddd981c3a4966c57f8fdb1c42db87395f0bc800ff8ddb4c228a7d793d8a997885494a8578f5433d3f82886ea573641bf16065efbc25718c88f7277ce04c94af560d8deb7968496f849d3fad78741272b08bf7aec3f3c777428d3b8b897333ae5afb6823af63cb7347601ee2e8d4e21b21a12e6d42f66a1aac26d296bc68a998d8ba179ed5f756c2efd8a7acc0e3f08093bb4a83d37f15b4fe07c90858058ad1ff0e21bb7bf4363079c5d452dba5972b21c8f41daf6f11a51d321d3c1d544190238036d907d965ff469ce4895eb7675f3e94a15f83b837b892a40390d87d76e9b15eda02366299d3dd93943466bceeb2f9e465adccc08e1a02c3ac01815931627ed327e0ffbe09563221a365b88c4f2449bd3634920d5bfbde7cdc92c4cb16a579f35f07dafc87ce6ce4de7bf9e8ff0e80b81cdab8f2164a25a0a6929679ce9ae0dc2ac7ed41a787446676f091597551dc2e8c054224bac6652bba5fb675c0b2c94d2faac160f11b7b96fc96415aca8a47fa03658b8afa24b6bd97f7dbeead9ae5f7ec1cb0d000055f41a5043c6c4c97212398b168b5cb9ee650726eabcc31b6712e815fdaae77885350884fb36d6d5444d5e5500a7d636d4eced14b9d411c765b36a4be06ca9be2965d6d6c06c3b6bcb38babeb2999ee71295d48926bf6e39363fabf74de5e57aa0b59f9dddeca142d0c50ab7ff198196c69c971e6ab591220f4e42d6525e2dbd99b6c57949c854e4ee0e4581f9e3e160b3f66b01f23f4d0472c0a1f307837ac8dac0a257d09ab82975148dcd764fe6359a5f21b9cbe2ae7b9b277489a8b3285b8289a84ff854508b4488ffcf68f47ec7a5c18a8c3d06e26b32f754ac74ea8e93a554147fd3b3daf1fbe924e2e389cac13a5f80f3a21dbd250d3917f7b5acfc739a63f2b3d6b3f099efb4be7a842215c89fc87bd8550d11ba2a4af0f111ab124503b26feeae3be3ee24168dd4553a226b9168edb11c3e61bc850adf995b4d6f1aace6db0b91f805c3d1789a3e6b470e5470968f429d5b05c8f76ca2981e37f5bde4ad00a09755c76774ead7d93f3f41255b1d56152e3699b133b2e0b277427c992323d1b4d8c438434e9e901ddd43788f80cb9a975e9dd1671ce16be5ff8033d5da824f00fd78b540edbcd69a2e9aff03e31af9afefb809434f52b4a1239fdd241ed3a268258addde19d1724155a1a4c877bd59b0659b7a786886f6ffcb5999d1f9c007d615020926f7165a9ddd4aaa3c7b631d30cc951e328131d99282ac06a18f88373092320ea5308f06c376e711aecda4cd1c2b639d9ea7a2613d4e9eaa9a0ef72774fdec622f7d131b45135d577897bf686b460a371083070139ea544bda15012251d6c8e7163c25412841faefba76765648ca7cd1b423403a654b6b5754588ae6c309621477db20f7c9236af1e422ebd3fb6d6a712e7a6d00d58416b7d65a53a2514bf51bedfe9207f16a4d79418600389b98ea8b9e06b8da708a86f191e567925af39a09ac9fd7902e8f8e77567baf1b75c05ba1eb7089b424801405afc982a8d79c80fada184a1ab3bab526a3b0a5e20d2dc6bcdd2c5cb7c49f735f3e8f4d36a388ca805876ae08f0e3acca5dd864c1fa1552068bf799095221480374fd2dcaeddb74be93470eff4fe278e190f0a131f32340ada9cca518af769f42943875f4c5707beee2179771da21cd66405b9973648bd047a516d1cf902fa1f0fcdcbc3f4c1f20fc22f9a7e9f4c3a52576399604c46f83ede44f542d06d54e6e8a1e693a2cfcbb16c178d1bace976133e72cc4533bd02b1c4ec2cc22097435aff5a682ca7227414895450831560fa682493f4814ce8fbdb190f8ce2b533ed9582638511bda93aeae5d0690f745b788db622864ba3fb60952f119427fbe66754c5c038c5fb2cb87c326d65862e353c14950bd1fa7c70e36323e9cf90c81f6275e59c7926acac1560a0b6bbc7a850817f2effa19d485315a219d49e293f871278294d02765cf72caa2f438de3337ed205bf68ff6ddaaa5e4b80de5fba022dfcf9cf074a319678df11eb77b3ef66e512b67ba5182265a60eaf457691e973d23cbaf6000537f886695074ebb616f9cdad9de7c6fe9ecfbd13d537d64c34a7c90ca56b50e60d6a7067e391e63561793edf6ed3c2eeb8555909a59ce73da1f096d41fb42de44494128324a9", @ANYRES8, @ANYRESOCT], 0x0, 0x0, &(0x7f0000000000))
getdents64(r1, &(0x7f0000000280)=""/158, 0x9e)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0100000005000000e27f000001"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r9}, 0x10)
openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0, 0x0, 0x5}, 0x18)
r10 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r11 = dup(r10)
write$UHID_INPUT(r11, &(0x7f0000002080)={0xc, {"a2e3ad21ed0d52f91b5d340887f70e06d038e7ff7fc6e5539b3272298b089b07081b4d090890e0878f0e1ac6e7049b3365959bfc9a240d2567f3988f7ef31952013fffe8d178708c523c921b1b9b39070d075d0936cd3b78130d9b61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c9000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c198045651cf4778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdc80c47ee4f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78ff95b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af0000807e0000000002d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b4051db55e0510a6e4114a53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a6d8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

124.904741ms ago: executing program 5 (id=1618):
r0 = socket$tipc(0x1e, 0x5, 0x0)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r0, 0x84009422, &(0x7f00000001c0)={0x0, 0x0, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, <r1=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
ioctl$BTRFS_IOC_RESIZE(r0, 0x50009403, &(0x7f00000000c0)=ANY=[@ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00', @ANYRESDEC=r1, @ANYBLOB="3a30300000000000002b29b700001330303030303036"])
bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x3, 0x4}}, 0xffffffffffffff4e)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x1, 0x3}, 0x2}}, 0x10)
bind$tipc(r0, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10)
socket$tipc(0x1e, 0x2, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010400000000000000000100000008000240000000020900010073797a300000000014000000110001"], 0x50}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000009006000000000000000000000a44000000090a050600000000000000000100000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000001405000d404600000014000000110001"], 0x6c}}, 0x0)
r3 = syz_open_dev$loop(&(0x7f0000000040), 0x9, 0x8100)
ioctl$BLKSECTGET(r3, 0x1267, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000200)='.\x00', 0x400)
inotify_init()
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fgetxattr(r4, &(0x7f00000005c0)=@random={'trusted.', '\'\\^(\x00'}, &(0x7f0000000600)=""/225, 0xe1)
socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080))
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="7fff0000000000002800128009000100766c616e000000001800028006000100340200000c0002001f0000001e00000008000500", @ANYRES32=r6], 0x50}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)

111.817061ms ago: executing program 4 (id=1619):
open(&(0x7f0000000140)='./file0\x00', 0xec40, 0x12)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
umount2(&(0x7f0000000000)='./file0\x00', 0x0)

74.709944ms ago: executing program 2 (id=1620):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb86dd603e0234ea003300fe8000000000000000000000000000bbff020000000000000000000000000001"], 0x0)

56.009416ms ago: executing program 5 (id=1621):
r0 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='xfrm0\x00', 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @private=0xa010100}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0x0)

55.716846ms ago: executing program 2 (id=1622):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
finit_module(0xffffffffffffffff, 0x0, 0x3)

11.278879ms ago: executing program 2 (id=1623):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f00000000c0)={0x1, &(0x7f00000001c0)=[{0x2, 0x6, 0x5, 0x9}]})

10.847049ms ago: executing program 1 (id=1624):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="17000000000000000400"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
fcntl$notify(r0, 0x402, 0x26)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)

0s ago: executing program 4 (id=1625):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) (async)
r2 = syz_open_dev$sg(&(0x7f0000000040), 0x1, 0x8000)
ioctl$BLKTRACESTOP(r2, 0x1275, 0x0) (async, rerun: 64)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
shutdown(r4, 0x1) (async)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32], 0x48}}, 0x0)

kernel console output (not intermixed with test programs):

 comm: syz.1.845, bytes: 4503599627366400 not enough memory for the allocation
[   76.955388][ T5755] netlink: 36 bytes leftover after parsing attributes in process `syz.1.845'.
[   77.051668][   T29] audit: type=1326 audit(1739427454.962:2430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5769 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a15a9cde9 code=0x7ffc0000
[   77.082188][   T29] audit: type=1326 audit(1739427454.962:2431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5769 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a15a9cde9 code=0x7ffc0000
[   77.146582][ T5776] SELinux:  policydb version 16416 does not match my version range 15-34
[   77.155248][ T5776] SELinux: failed to load policy
[   77.155321][ T5774] loop4: detected capacity change from 0 to 2048
[   77.172342][ T5774] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.194749][ T5781] FAULT_INJECTION: forcing a failure.
[   77.194749][ T5781] name failslab, interval 1, probability 0, space 0, times 0
[   77.207426][ T5781] CPU: 1 UID: 0 PID: 5781 Comm: syz.3.858 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   77.207450][ T5781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   77.207481][ T5781] Call Trace:
[   77.207488][ T5781]  <TASK>
[   77.207497][ T5781]  dump_stack_lvl+0xf2/0x150
[   77.207523][ T5781]  dump_stack+0x15/0x1a
[   77.207623][ T5781]  should_fail_ex+0x24a/0x260
[   77.207720][ T5781]  should_failslab+0x8f/0xb0
[   77.207745][ T5781]  __kmalloc_cache_node_noprof+0x56/0x320
[   77.207787][ T5781]  ? __get_vm_area_node+0xfb/0x1c0
[   77.207819][ T5781]  __get_vm_area_node+0xfb/0x1c0
[   77.207884][ T5781]  __vmalloc_node_range_noprof+0x280/0xe70
[   77.207932][ T5781]  ? copy_process+0x3a9/0x1fb0
[   77.207964][ T5781]  ? mod_objcg_state+0x3a7/0x4f0
[   77.208073][ T5781]  ? __memcg_slab_post_alloc_hook+0x510/0x660
[   77.208121][ T5781]  ? kmem_cache_alloc_node_noprof+0x22e/0x320
[   77.208165][ T5781]  dup_task_struct+0x4a2/0x710
[   77.208201][ T5781]  ? copy_process+0x3a9/0x1fb0
[   77.208233][ T5781]  copy_process+0x3a9/0x1fb0
[   77.208257][ T5781]  ? __rcu_read_unlock+0x4e/0x70
[   77.208297][ T5781]  ? __pfx_io_sq_thread+0x10/0x10
[   77.208402][ T5781]  create_io_thread+0x9e/0xd0
[   77.208437][ T5781]  ? __pfx_io_sq_thread+0x10/0x10
[   77.208479][ T5781]  io_sq_offload_create+0x668/0x940
[   77.208571][ T5781]  io_uring_create+0x4c0/0x6d0
[   77.208604][ T5781]  __se_sys_io_uring_setup+0x1d2/0x1e0
[   77.208634][ T5781]  __x64_sys_io_uring_setup+0x31/0x40
[   77.208677][ T5781]  x64_sys_call+0x270c/0x2dc0
[   77.208766][ T5781]  do_syscall_64+0xc9/0x1c0
[   77.208792][ T5781]  ? clear_bhb_loop+0x55/0xb0
[   77.208818][ T5781]  ? clear_bhb_loop+0x55/0xb0
[   77.208918][ T5781]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.208950][ T5781] RIP: 0033:0x7f7a15a9cde9
[   77.208965][ T5781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.208982][ T5781] RSP: 002b:00007f7a14106fc8 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[   77.209003][ T5781] RAX: ffffffffffffffda RBX: 00007f7a15cb5fa0 RCX: 00007f7a15a9cde9
[   77.209015][ T5781] RDX: 0000000000000000 RSI: 0000400000000580 RDI: 0000000000005c26
[   77.209099][ T5781] RBP: 0000400000000580 R08: 0000000000000000 R09: 0000000000000000
[   77.209113][ T5781] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[   77.209128][ T5781] R13: 0000000000000000 R14: 0000000000005c26 R15: 0000000000000000
[   77.209150][ T5781]  </TASK>
[   77.209160][ T5781] syz.3.858: vmalloc error: size 16384, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[   77.466932][ T5781] CPU: 1 UID: 0 PID: 5781 Comm: syz.3.858 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   77.466990][ T5781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   77.467003][ T5781] Call Trace:
[   77.467036][ T5781]  <TASK>
[   77.467043][ T5781]  dump_stack_lvl+0xf2/0x150
[   77.467071][ T5781]  dump_stack+0x15/0x1a
[   77.467163][ T5781]  warn_alloc+0x145/0x1b0
[   77.467185][ T5781]  ? __get_vm_area_node+0xfb/0x1c0
[   77.467212][ T5781]  __vmalloc_node_range_noprof+0x2a5/0xe70
[   77.467236][ T5781]  ? mod_objcg_state+0x3a7/0x4f0
[   77.467272][ T5781]  ? __memcg_slab_post_alloc_hook+0x510/0x660
[   77.467332][ T5781]  ? kmem_cache_alloc_node_noprof+0x22e/0x320
[   77.467388][ T5781]  dup_task_struct+0x4a2/0x710
[   77.467414][ T5781]  ? copy_process+0x3a9/0x1fb0
[   77.467445][ T5781]  copy_process+0x3a9/0x1fb0
[   77.467469][ T5781]  ? __rcu_read_unlock+0x4e/0x70
[   77.467544][ T5781]  ? __pfx_io_sq_thread+0x10/0x10
[   77.467607][ T5781]  create_io_thread+0x9e/0xd0
[   77.467638][ T5781]  ? __pfx_io_sq_thread+0x10/0x10
[   77.467672][ T5781]  io_sq_offload_create+0x668/0x940
[   77.467720][ T5781]  io_uring_create+0x4c0/0x6d0
[   77.467752][ T5781]  __se_sys_io_uring_setup+0x1d2/0x1e0
[   77.467782][ T5781]  __x64_sys_io_uring_setup+0x31/0x40
[   77.467863][ T5781]  x64_sys_call+0x270c/0x2dc0
[   77.467889][ T5781]  do_syscall_64+0xc9/0x1c0
[   77.467913][ T5781]  ? clear_bhb_loop+0x55/0xb0
[   77.467947][ T5781]  ? clear_bhb_loop+0x55/0xb0
[   77.468036][ T5781]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.468082][ T5781] RIP: 0033:0x7f7a15a9cde9
[   77.468096][ T5781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.468114][ T5781] RSP: 002b:00007f7a14106fc8 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[   77.468132][ T5781] RAX: ffffffffffffffda RBX: 00007f7a15cb5fa0 RCX: 00007f7a15a9cde9
[   77.468143][ T5781] RDX: 0000000000000000 RSI: 0000400000000580 RDI: 0000000000005c26
[   77.468155][ T5781] RBP: 0000400000000580 R08: 0000000000000000 R09: 0000000000000000
[   77.468185][ T5781] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[   77.468196][ T5781] R13: 0000000000000000 R14: 0000000000005c26 R15: 0000000000000000
[   77.468213][ T5781]  </TASK>
[   77.468221][ T5781] Mem-Info:
[   77.694906][ T5781] active_anon:3794 inactive_anon:11 isolated_anon:0
[   77.694906][ T5781]  active_file:4065 inactive_file:18187 isolated_file:0
[   77.694906][ T5781]  unevictable:0 dirty:479 writeback:0
[   77.694906][ T5781]  slab_reclaimable:2909 slab_unreclaimable:15665
[   77.694906][ T5781]  mapped:28461 shmem:472 pagetables:991
[   77.694906][ T5781]  sec_pagetables:0 bounce:0
[   77.694906][ T5781]  kernel_misc_reclaimable:0
[   77.694906][ T5781]  free:1890289 free_pcp:3605 free_cma:0
[   77.739853][ T5781] Node 0 active_anon:15176kB inactive_anon:44kB active_file:16260kB inactive_file:72748kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:113844kB dirty:1916kB writeback:0kB shmem:1888kB writeback_tmp:0kB kernel_stack:3264kB pagetables:3964kB sec_pagetables:0kB all_unreclaimable? no
[   77.767785][ T5781] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   77.794660][ T5781] lowmem_reserve[]: 0 2885 7863 0
[   77.799771][ T5781] Node 0 DMA32 free:2950960kB boost:0kB min:4136kB low:7068kB high:10000kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2954492kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:0kB free_cma:0kB
[   77.828282][ T5781] lowmem_reserve[]: 0 0 4978 0
[   77.833170][ T5781] Node 0 Normal free:4594836kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:15176kB inactive_anon:44kB active_file:16260kB inactive_file:72748kB unevictable:0kB writepending:1916kB present:5242880kB managed:5098208kB mlocked:0kB bounce:0kB free_pcp:10888kB local_pcp:6616kB free_cma:0kB
[   77.863581][ T5781] lowmem_reserve[]: 0 0 0 0
[   77.868295][ T5781] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   77.881070][ T5781] Node 0 DMA32: 4*4kB (M) 0*8kB 4*16kB (M) 3*32kB (M) 4*64kB (M) 3*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 2*2048kB (M) 718*4096kB (M) = 2950960kB
[   77.897145][ T5781] Node 0 Normal: 5*4kB (UME) 10*8kB (UME) 329*16kB (UME) 331*32kB (UME) 231*64kB (UME) 147*128kB (UME) 49*256kB (UME) 37*512kB (UME) 38*1024kB (UME) 27*2048kB (UME) 1079*4096kB (UM) = 4594836kB
[   77.916677][ T5781] Node 0 hugepages_total=6 hugepages_free=6 hugepages_surp=2 hugepages_size=2048kB
[   77.926024][ T5781] 22726 total pagecache pages
[   77.930880][ T5781] 3 pages in swap cache
[   77.935331][ T5781] Free swap  = 124808kB
[   77.939547][ T5781] Total swap = 124996kB
[   77.943808][ T5781] 2097051 pages RAM
[   77.947617][ T5781] 0 pages HighMem/MovableOnly
[   77.952338][ T5781] 80036 pages reserved
[   77.969047][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.001358][ T5797] netlink: 'syz.4.859': attribute type 1 has an invalid length.
[   78.015286][ T5797] 8021q: adding VLAN 0 to HW filter on device bond1
[   78.024876][ T5797] netlink: 32 bytes leftover after parsing attributes in process `syz.4.859'.
[   78.042527][ T5800] FAULT_INJECTION: forcing a failure.
[   78.042527][ T5800] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   78.055913][ T5800] CPU: 1 UID: 0 PID: 5800 Comm: syz.1.867 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   78.055988][ T5800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   78.056003][ T5800] Call Trace:
[   78.056012][ T5800]  <TASK>
[   78.056020][ T5800]  dump_stack_lvl+0xf2/0x150
[   78.056053][ T5800]  dump_stack+0x15/0x1a
[   78.056079][ T5800]  should_fail_ex+0x24a/0x260
[   78.056155][ T5800]  should_fail_alloc_page+0xfd/0x110
[   78.056196][ T5800]  __alloc_frozen_pages_noprof+0x109/0x340
[   78.056232][ T5800]  alloc_pages_mpol+0xb4/0x260
[   78.056272][ T5800]  vma_alloc_folio_noprof+0x1a0/0x310
[   78.056349][ T5800]  handle_mm_fault+0xdd7/0x2ac0
[   78.056408][ T5800]  exc_page_fault+0x3b9/0x650
[   78.056453][ T5800]  asm_exc_page_fault+0x26/0x30
[   78.056478][ T5800] RIP: 0033:0x7f8579f2fc50
[   78.056493][ T5800] Code: 39 4f 08 72 4c 8d 4d ff 85 ed 74 33 66 0f 1f 44 00 00 48 39 f0 72 1b 4d 8b 07 49 89 c1 49 29 f1 47 0f b6 0c 08 45 84 c9 74 08 <45> 88 0c 00 49 8b 47 10 48 83 c0 01 49 89 47 10 83 e9 01 73 d3 41
[   78.056514][ T5800] RSP: 002b:00007f85786d64a0 EFLAGS: 00010286
[   78.056532][ T5800] RAX: 0000000000001000 RBX: 00007f85786d6540 RCX: 0000000000000001
[   78.056617][ T5800] RDX: 0000000000000049 RSI: 0000000000000001 RDI: 00007f85786d65e0
[   78.056632][ T5800] RBP: 00000000000000f1 R08: 00007f85702b7000 R09: 00000000000000ff
[   78.056666][ T5800] R10: 0000000000000000 R11: 00007f85786d6550 R12: 0000000000000001
[   78.056678][ T5800] R13: 00007f857a1093e0 R14: 0000000000000000 R15: 00007f85786d65e0
[   78.056697][ T5800]  </TASK>
[   78.056718][ T5800] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   78.241629][ T5812] bond0: (slave bond_slave_0): Releasing backup interface
[   78.252512][ T5812] bond0: (slave bond_slave_1): Releasing backup interface
[   78.264993][ T5812] team0: Port device team_slave_0 removed
[   78.275247][ T5812] team0: Port device team_slave_1 removed
[   78.418775][ T5838] FAULT_INJECTION: forcing a failure.
[   78.418775][ T5838] name failslab, interval 1, probability 0, space 0, times 0
[   78.431584][ T5838] CPU: 0 UID: 0 PID: 5838 Comm: syz.1.881 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   78.431662][ T5838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   78.431676][ T5838] Call Trace:
[   78.431681][ T5838]  <TASK>
[   78.431687][ T5838]  dump_stack_lvl+0xf2/0x150
[   78.431787][ T5838]  dump_stack+0x15/0x1a
[   78.431813][ T5838]  should_fail_ex+0x24a/0x260
[   78.431853][ T5838]  should_failslab+0x8f/0xb0
[   78.431884][ T5838]  kmem_cache_alloc_noprof+0x52/0x320
[   78.431995][ T5838]  ? getname_kernel+0x3d/0x1e0
[   78.432028][ T5838]  getname_kernel+0x3d/0x1e0
[   78.432134][ T5838]  kern_path+0x21/0x120
[   78.432230][ T5838]  lookup_bdev+0x62/0x140
[   78.432254][ T5838]  __se_sys_quotactl+0x1b3/0x660
[   78.432302][ T5838]  __x64_sys_quotactl+0x55/0x70
[   78.432351][ T5838]  x64_sys_call+0x826/0x2dc0
[   78.432383][ T5838]  do_syscall_64+0xc9/0x1c0
[   78.432413][ T5838]  ? clear_bhb_loop+0x55/0xb0
[   78.432521][ T5838]  ? clear_bhb_loop+0x55/0xb0
[   78.432554][ T5838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.432635][ T5838] RIP: 0033:0x7f857a06cde9
[   78.432653][ T5838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.432675][ T5838] RSP: 002b:00007f85786d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[   78.432697][ T5838] RAX: ffffffffffffffda RBX: 00007f857a285fa0 RCX: 00007f857a06cde9
[   78.432769][ T5838] RDX: 000000000000ee00 RSI: 0000400000000040 RDI: ffffffff80000701
[   78.432784][ T5838] RBP: 00007f85786d7090 R08: 0000000000000000 R09: 0000000000000000
[   78.432799][ T5838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   78.432813][ T5838] R13: 0000000000000000 R14: 00007f857a285fa0 R15: 00007ffd4b94c478
[   78.432836][ T5838]  </TASK>
[   78.673193][ T5855] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in;
[   78.673193][ T5855]    program syz.0.887 not setting count and/or reply_len properly
[   78.799382][ T5877] FAULT_INJECTION: forcing a failure.
[   78.799382][ T5877] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   78.801924][ T5876] loop2: detected capacity change from 0 to 512
[   78.812458][ T5877] CPU: 1 UID: 0 PID: 5877 Comm: syz.0.896 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   78.812491][ T5877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   78.812506][ T5877] Call Trace:
[   78.812514][ T5877]  <TASK>
[   78.812523][ T5877]  dump_stack_lvl+0xf2/0x150
[   78.812556][ T5877]  dump_stack+0x15/0x1a
[   78.812583][ T5877]  should_fail_ex+0x24a/0x260
[   78.812695][ T5877]  should_fail+0xb/0x10
[   78.812729][ T5877]  should_fail_usercopy+0x1a/0x20
[   78.812753][ T5877]  strncpy_from_user+0x25/0x210
[   78.812788][ T5877]  strncpy_from_user_nofault+0x66/0xe0
[   78.812832][ T5877]  bpf_probe_read_user_str+0x2a/0x70
[   78.813085][ T5877]  bpf_prog_bc7c5c6b9645592f+0x3e/0x40
[   78.813117][ T5877]  bpf_trace_run4+0x114/0x1e0
[   78.813144][ T5877]  ? update_load_avg+0x1f7/0x7c0
[   78.813190][ T5877]  __traceiter_sched_switch+0x3b/0x60
[   78.813231][ T5877]  __schedule+0x877/0x990
[   78.813281][ T5877]  ? listening_get_first+0x23f/0x290
[   78.813370][ T5877]  __cond_resched+0x28/0x50
[   78.813407][ T5877]  established_get_first+0xe5/0x310
[   78.813518][ T5877]  tcp_seq_next+0x10b/0x110
[   78.813549][ T5877]  traverse+0x1e3/0x3c0
[   78.813624][ T5877]  seq_read_iter+0x854/0x930
[   78.813668][ T5877]  ? _parse_integer+0x27/0x30
[   78.813705][ T5877]  seq_read+0x1ed/0x230
[   78.813752][ T5877]  ? __pfx_seq_read+0x10/0x10
[   78.813811][ T5877]  proc_reg_read+0x13f/0x1d0
[   78.813850][ T5877]  vfs_readv+0x3e2/0x660
[   78.813887][ T5877]  ? __pfx_proc_reg_read+0x10/0x10
[   78.813934][ T5877]  __x64_sys_preadv+0xf4/0x1c0
[   78.813994][ T5877]  x64_sys_call+0x2680/0x2dc0
[   78.814027][ T5877]  do_syscall_64+0xc9/0x1c0
[   78.814057][ T5877]  ? clear_bhb_loop+0x55/0xb0
[   78.814100][ T5877]  ? clear_bhb_loop+0x55/0xb0
[   78.814134][ T5877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.814168][ T5877] RIP: 0033:0x7effe3adcde9
[   78.814188][ T5877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.814212][ T5877] RSP: 002b:00007effe2147038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[   78.814236][ T5877] RAX: ffffffffffffffda RBX: 00007effe3cf5fa0 RCX: 00007effe3adcde9
[   78.814307][ T5877] RDX: 0000000000000001 RSI: 0000400000000280 RDI: 0000000000000003
[   78.814322][ T5877] RBP: 00007effe2147090 R08: 0000000000000000 R09: 0000000000000000
[   78.814337][ T5877] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000001
[   78.814351][ T5877] R13: 0000000000000000 R14: 00007effe3cf5fa0 R15: 00007ffe57ad3db8
[   78.814388][ T5877]  </TASK>
[   78.973988][ T5882] lo speed is unknown, defaulting to 1000
[   78.977095][ T5876] EXT4-fs: Ignoring removed i_version option
[   79.093980][ T5876] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.107167][ T5876] ext4 filesystem being mounted at /167/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.118309][ T5876] FAULT_INJECTION: forcing a failure.
[   79.118309][ T5876] name failslab, interval 1, probability 0, space 0, times 0
[   79.131022][ T5876] CPU: 0 UID: 0 PID: 5876 Comm: syz.2.897 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   79.131091][ T5876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   79.131105][ T5876] Call Trace:
[   79.131110][ T5876]  <TASK>
[   79.131117][ T5876]  dump_stack_lvl+0xf2/0x150
[   79.131146][ T5876]  dump_stack+0x15/0x1a
[   79.131173][ T5876]  should_fail_ex+0x24a/0x260
[   79.131290][ T5876]  should_failslab+0x8f/0xb0
[   79.131316][ T5876]  kmem_cache_alloc_noprof+0x52/0x320
[   79.131364][ T5876]  ? __es_insert_extent+0x563/0xed0
[   79.131396][ T5876]  __es_insert_extent+0x563/0xed0
[   79.131422][ T5876]  ? kernelmode_fixup_or_oops+0x58/0xb0
[   79.131457][ T5876]  ? uuid_string+0x418/0x4a0
[   79.131498][ T5876]  ext4_es_cache_extent+0x294/0x3a0
[   79.131530][ T5876]  ext4_find_extent+0x34f/0x7c0
[   79.131565][ T5876]  ext4_ext_map_blocks+0x11f/0x35c0
[   79.131605][ T5876]  ? xas_load+0x3ae/0x3d0
[   79.131687][ T5876]  ? xas_load+0x3ae/0x3d0
[   79.131731][ T5876]  ? down_read+0x171/0x4b0
[   79.131757][ T5876]  ext4_map_query_blocks+0x71/0x180
[   79.131786][ T5876]  ext4_map_blocks+0x23c/0xd20
[   79.131864][ T5876]  ? xas_load+0x3ae/0x3d0
[   79.131891][ T5876]  ? xas_load+0x3ae/0x3d0
[   79.131956][ T5876]  ? xa_load+0xb9/0xe0
[   79.132040][ T5876]  ext4_getblk+0x11f/0x530
[   79.132067][ T5876]  ext4_bread_batch+0x5b/0x360
[   79.132091][ T5876]  __ext4_find_entry+0xa71/0x1260
[   79.132169][ T5876]  ? d_alloc_parallel+0xbe4/0xc80
[   79.132197][ T5876]  ext4_lookup+0xba/0x390
[   79.132231][ T5876]  __lookup_slow+0x18a/0x250
[   79.132339][ T5876]  lookup_slow+0x3c/0x60
[   79.132374][ T5876]  walk_component+0x1f5/0x230
[   79.132402][ T5876]  ? path_lookupat+0xfd/0x2b0
[   79.132504][ T5876]  path_lookupat+0x10a/0x2b0
[   79.132552][ T5876]  filename_lookup+0x150/0x340
[   79.132603][ T5876]  path_listxattrat+0xcf/0x2a0
[   79.132633][ T5876]  ? ksys_write+0x176/0x1b0
[   79.132655][ T5876]  __x64_sys_llistxattr+0x4d/0x60
[   79.132703][ T5876]  x64_sys_call+0x204f/0x2dc0
[   79.132728][ T5876]  do_syscall_64+0xc9/0x1c0
[   79.132754][ T5876]  ? clear_bhb_loop+0x55/0xb0
[   79.132787][ T5876]  ? clear_bhb_loop+0x55/0xb0
[   79.132969][ T5876]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.133003][ T5876] RIP: 0033:0x7fbc5761cde9
[   79.133021][ T5876] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.133040][ T5876] RSP: 002b:00007fbc55c81038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c3
[   79.133060][ T5876] RAX: ffffffffffffffda RBX: 00007fbc57835fa0 RCX: 00007fbc5761cde9
[   79.133112][ T5876] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000400000000400
[   79.133127][ T5876] RBP: 00007fbc55c81090 R08: 0000000000000000 R09: 0000000000000000
[   79.133141][ T5876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   79.133155][ T5876] R13: 0000000000000000 R14: 00007fbc57835fa0 R15: 00007ffe145bd5b8
[   79.133178][ T5876]  </TASK>
[   79.434483][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.471824][ T5892] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in;
[   79.471824][ T5892]    program syz.2.901 not setting count and/or reply_len properly
[   79.632152][ T5915] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5915 comm=syz.3.913
[   79.711703][ T5915] loop3: detected capacity change from 0 to 512
[   79.728642][ T5915] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   79.741804][ T5915] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   79.786920][ T5915] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[   79.795075][ T5915] System zones: 1-12
[   79.800993][ T5932] FAULT_INJECTION: forcing a failure.
[   79.800993][ T5932] name failslab, interval 1, probability 0, space 0, times 0
[   79.813674][ T5932] CPU: 0 UID: 0 PID: 5932 Comm: syz.1.920 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   79.813705][ T5932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   79.813721][ T5932] Call Trace:
[   79.813728][ T5932]  <TASK>
[   79.813738][ T5932]  dump_stack_lvl+0xf2/0x150
[   79.813780][ T5932]  dump_stack+0x15/0x1a
[   79.813805][ T5932]  should_fail_ex+0x24a/0x260
[   79.813846][ T5932]  should_failslab+0x8f/0xb0
[   79.813877][ T5932]  __kmalloc_noprof+0xab/0x3f0
[   79.813937][ T5932]  ? process_vm_rw+0x2ca/0x890
[   79.813976][ T5932]  process_vm_rw+0x2ca/0x890
[   79.814017][ T5932]  ? kstrtouint_from_user+0xb0/0xe0
[   79.814071][ T5932]  ? ksys_write+0x176/0x1b0
[   79.814095][ T5932]  __x64_sys_process_vm_readv+0x7a/0x90
[   79.814203][ T5932]  x64_sys_call+0xb24/0x2dc0
[   79.814234][ T5932]  do_syscall_64+0xc9/0x1c0
[   79.814262][ T5932]  ? clear_bhb_loop+0x55/0xb0
[   79.814292][ T5932]  ? clear_bhb_loop+0x55/0xb0
[   79.814386][ T5932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.814448][ T5932] RIP: 0033:0x7f857a06cde9
[   79.814465][ T5932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.814500][ T5932] RSP: 002b:00007f85786d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[   79.814518][ T5932] RAX: ffffffffffffffda RBX: 00007f857a285fa0 RCX: 00007f857a06cde9
[   79.814530][ T5932] RDX: 0000000000000002 RSI: 0000400000008400 RDI: 0000000000000205
[   79.814542][ T5932] RBP: 00007f85786d7090 R08: 0000000000000286 R09: 0000000000000000
[   79.814553][ T5932] R10: 0000400000008640 R11: 0000000000000246 R12: 0000000000000001
[   79.814564][ T5932] R13: 0000000000000000 R14: 00007f857a285fa0 R15: 00007ffd4b94c478
[   79.814586][ T5932]  </TASK>
[   79.996008][ T5915] EXT4-fs (loop3): 1 truncate cleaned up
[   80.002248][ T5915] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.096303][ T5947] FAULT_INJECTION: forcing a failure.
[   80.096303][ T5947] name failslab, interval 1, probability 0, space 0, times 0
[   80.109085][ T5947] CPU: 1 UID: 0 PID: 5947 Comm: syz.4.926 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   80.109116][ T5947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   80.109129][ T5947] Call Trace:
[   80.109135][ T5947]  <TASK>
[   80.109142][ T5947]  dump_stack_lvl+0xf2/0x150
[   80.109186][ T5947]  dump_stack+0x15/0x1a
[   80.109208][ T5947]  should_fail_ex+0x24a/0x260
[   80.109249][ T5947]  ? selinux_netlbl_sock_genattr+0x84/0x260
[   80.109291][ T5947]  should_failslab+0x8f/0xb0
[   80.109372][ T5947]  __kmalloc_cache_noprof+0x4e/0x320
[   80.109415][ T5947]  selinux_netlbl_sock_genattr+0x84/0x260
[   80.109455][ T5947]  selinux_netlbl_socket_post_create+0x69/0x100
[   80.109570][ T5947]  selinux_socket_post_create+0x20c/0x2a0
[   80.109609][ T5947]  security_socket_post_create+0x5b/0xa0
[   80.109649][ T5947]  __sock_create+0x35b/0x5a0
[   80.109674][ T5947]  __sys_socket+0xae/0x240
[   80.109748][ T5947]  __x64_sys_socket+0x3f/0x50
[   80.109775][ T5947]  x64_sys_call+0x2cf2/0x2dc0
[   80.109814][ T5947]  do_syscall_64+0xc9/0x1c0
[   80.109928][ T5947]  ? clear_bhb_loop+0x55/0xb0
[   80.109961][ T5947]  ? clear_bhb_loop+0x55/0xb0
[   80.109995][ T5947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.110121][ T5947] RIP: 0033:0x7fbec59dcde9
[   80.110138][ T5947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.110160][ T5947] RSP: 002b:00007fbec4026038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[   80.110179][ T5947] RAX: ffffffffffffffda RBX: 00007fbec5bf6080 RCX: 00007fbec59dcde9
[   80.110191][ T5947] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000000a
[   80.110204][ T5947] RBP: 00007fbec4026090 R08: 0000000000000000 R09: 0000000000000000
[   80.110219][ T5947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.110235][ T5947] R13: 0000000000000000 R14: 00007fbec5bf6080 R15: 00007ffcf43396d8
[   80.110257][ T5947]  </TASK>
[   80.351374][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.478633][ T5971] loop4: detected capacity change from 0 to 512
[   80.485656][ T5971] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   80.502627][ T5971] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.520920][ T5971] ext4 filesystem being mounted at /179/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.568968][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.624200][ T5981] loop2: detected capacity change from 0 to 1024
[   80.649944][ T5987] netlink: 28 bytes leftover after parsing attributes in process `syz.1.943'.
[   80.658943][ T5987] netlink: 'syz.1.943': attribute type 7 has an invalid length.
[   80.667060][ T5987] netlink: 20 bytes leftover after parsing attributes in process `syz.1.943'.
[   80.684446][ T5981] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.713442][ T5981] ext4 filesystem being mounted at /173/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.728662][ T5981] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[   80.767010][ T5981] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 1 with error 28
[   80.779646][ T5981] EXT4-fs (loop2): This should not happen!! Data will be lost
[   80.779646][ T5981] 
[   80.789617][ T5981] EXT4-fs (loop2): Total free blocks count 0
[   80.795650][ T5981] EXT4-fs (loop2): Free/Dirty block details
[   80.801579][ T5981] EXT4-fs (loop2): free_blocks=4293918720
[   80.807313][ T5981] EXT4-fs (loop2): dirty_blocks=16
[   80.812522][ T5981] EXT4-fs (loop2): Block reservation details
[   80.818516][ T5981] EXT4-fs (loop2): i_reserved_data_blocks=1
[   80.841278][ T5999] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 28
[   80.886324][ T6005] netlink: 8 bytes leftover after parsing attributes in process `syz.4.948'.
[   81.030085][ T6027] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.070332][ T6030] SELinux: security_context_str_to_sid ({ÿ) failed with errno=-22
[   81.091571][ T6030] loop2: detected capacity change from 0 to 512
[   81.101079][ T6030] EXT4-fs: Ignoring removed i_version option
[   81.127644][ T6030] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.148529][ T6027] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.160428][ T6030] ext4 filesystem being mounted at /175/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.215105][ T6027] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.264736][ T6027] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.305521][   T29] kauditd_printk_skb: 185 callbacks suppressed
[   81.305535][   T29] audit: type=1400 audit(1739427459.212:2617): avc:  denied  { prog_load } for  pid=6036 comm="syz.3.963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   81.330820][   T29] audit: type=1400 audit(1739427459.212:2618): avc:  denied  { bpf } for  pid=6036 comm="syz.3.963" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   81.351481][   T29] audit: type=1400 audit(1739427459.212:2619): avc:  denied  { perfmon } for  pid=6036 comm="syz.3.963" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   81.363953][ T6037] x_tables: (null)_tables: SNAT.2 target: invalid size 48 (kernel) != (user) 56
[   81.407188][ T6027] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.415676][   T29] audit: type=1400 audit(1739427459.262:2620): avc:  denied  { prog_run } for  pid=6036 comm="syz.3.963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   81.434693][   T29] audit: type=1400 audit(1739427459.262:2621): avc:  denied  { create } for  pid=6036 comm="syz.3.963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   81.455420][   T29] audit: type=1400 audit(1739427459.262:2622): avc:  denied  { write } for  pid=6036 comm="syz.3.963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   81.479493][ T6027] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.491168][ T6027] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.499503][ T6037] netlink: 28 bytes leftover after parsing attributes in process `syz.3.963'.
[   81.500735][   T29] audit: type=1400 audit(1739427459.392:2623): avc:  denied  { node_bind } for  pid=6036 comm="syz.3.963" saddr=2001::2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   81.529422][   T29] audit: type=1400 audit(1739427459.392:2624): avc:  denied  { create } for  pid=6036 comm="syz.3.963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   81.549880][   T29] audit: type=1400 audit(1739427459.392:2625): avc:  denied  { write } for  pid=6036 comm="syz.3.963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   81.570260][   T29] audit: type=1400 audit(1739427459.392:2626): avc:  denied  { read } for  pid=6036 comm="syz.3.963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   81.593406][ T6027] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.603771][ T6037] lo speed is unknown, defaulting to 1000
[   81.656051][ T6040] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[   81.668147][ T6040] bond0: (slave lo): Error: Device can not be enslaved while up
[   81.888516][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.992465][ T6058] loop2: detected capacity change from 0 to 512
[   82.022718][ T6058] EXT4-fs (loop2): too many log groups per flexible block group
[   82.030517][ T6058] EXT4-fs (loop2): failed to initialize mballoc (-12)
[   82.040826][ T6058] EXT4-fs (loop2): mount failed
[   82.054165][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.061645][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.069042][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.079460][ T6065] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6065 comm=syz.4.974
[   82.095089][ T6065] loop4: detected capacity change from 0 to 512
[   82.105024][ T6065] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   82.117078][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.124536][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.131616][ T6065] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[   82.132016][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.139915][ T6065] System zones: 
[   82.147223][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.147252][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.150818][ T6065] 1-12
[   82.158182][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.165551][ T6065] 
[   82.168261][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.176280][ T6065] EXT4-fs (loop4): 1 truncate cleaned up
[   82.178140][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.186211][ T6065] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.191252][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.218782][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.226256][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.233978][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.241467][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.248951][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.256467][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.264011][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.271526][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.279042][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.286566][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.294154][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.301595][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.306593][ T6072] loop2: detected capacity change from 0 to 1024
[   82.308991][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.316010][ T6072] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   82.322744][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.338963][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.346463][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.353910][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.361342][ T3378] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[   82.369548][ T6069] bond0: (slave bond_slave_0): Releasing backup interface
[   82.379424][ T6069] bond0: (slave bond_slave_1): Releasing backup interface
[   82.395878][ T6072] loop2: detected capacity change from 0 to 512
[   82.403544][ T6072] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   82.404270][ T6069] team0: Port device team_slave_0 removed
[   82.414390][ T3378] hid-generic 0000:0000:0000.0022: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   82.429948][ T6069] team0: Port device team_slave_1 removed
[   82.468511][ T6075] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in;
[   82.468511][ T6075]    program syz.3.977 not setting count and/or reply_len properly
[   82.497285][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.577006][ T6088] netlink: 'syz.0.983': attribute type 13 has an invalid length.
[   82.589360][ T6088] gretap0: refused to change device tx_queue_len
[   82.597940][ T6088] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   82.636779][ T6092] loop4: detected capacity change from 0 to 1024
[   82.653344][ T6095] netlink: 16 bytes leftover after parsing attributes in process `syz.3.986'.
[   82.674284][ T6092] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.690370][ T6092] ext4 filesystem being mounted at /188/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.737351][ T6107] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.990'.
[   82.772281][ T6107] netlink: 4 bytes leftover after parsing attributes in process `syz.1.990'.
[   82.799667][ T6107] netlink: 4 bytes leftover after parsing attributes in process `syz.1.990'.
[   82.813564][ T6113] loop3: detected capacity change from 0 to 1024
[   82.830945][ T6107] netlink: 36 bytes leftover after parsing attributes in process `syz.1.990'.
[   82.841800][ T6113] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.858488][ T6107] netlink: 'syz.1.990': attribute type 3 has an invalid length.
[   82.866237][ T6107] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.990'.
[   82.891328][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.900615][ T6113] ext4 filesystem being mounted at /143/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.921181][ T6113] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #15: comm syz.3.992: corrupted xattr block 128: overlapping e_value 
[   82.936098][ T6113] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[   82.945392][ T6113] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #15: comm syz.3.992: corrupted xattr block 128: overlapping e_value 
[   82.959498][ T6113] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[   82.969148][ T6113] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.992: bg 0: block 409: padding at end of block bitmap is not set
[   82.989939][ T6119] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in;
[   82.989939][ T6119]    program syz.2.996 not setting count and/or reply_len properly
[   83.096237][ T6127] FAULT_INJECTION: forcing a failure.
[   83.096237][ T6127] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   83.109490][ T6127] CPU: 0 UID: 0 PID: 6127 Comm: syz.1.1000 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   83.109526][ T6127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   83.109541][ T6127] Call Trace:
[   83.109549][ T6127]  <TASK>
[   83.109558][ T6127]  dump_stack_lvl+0xf2/0x150
[   83.109587][ T6127]  dump_stack+0x15/0x1a
[   83.109613][ T6127]  should_fail_ex+0x24a/0x260
[   83.109654][ T6127]  should_fail+0xb/0x10
[   83.109759][ T6127]  should_fail_usercopy+0x1a/0x20
[   83.109784][ T6127]  strncpy_from_user+0x25/0x210
[   83.109810][ T6127]  ? kmem_cache_alloc_noprof+0x18e/0x320
[   83.109893][ T6127]  ? getname_flags+0x81/0x3b0
[   83.109944][ T6127]  getname_flags+0xb0/0x3b0
[   83.109973][ T6127]  user_path_at+0x26/0x120
[   83.109990][ T6127]  do_faccessat+0x35b/0x680
[   83.110051][ T6127]  ? ksys_write+0x176/0x1b0
[   83.110077][ T6127]  __x64_sys_faccessat2+0x51/0x60
[   83.110108][ T6127]  x64_sys_call+0x15bc/0x2dc0
[   83.110197][ T6127]  do_syscall_64+0xc9/0x1c0
[   83.110226][ T6127]  ? clear_bhb_loop+0x55/0xb0
[   83.110255][ T6127]  ? clear_bhb_loop+0x55/0xb0
[   83.110323][ T6127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.110349][ T6127] RIP: 0033:0x7f857a06cde9
[   83.110363][ T6127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.110382][ T6127] RSP: 002b:00007f85786d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b7
[   83.110404][ T6127] RAX: ffffffffffffffda RBX: 00007f857a285fa0 RCX: 00007f857a06cde9
[   83.110418][ T6127] RDX: 0000000000000005 RSI: 0000400000000040 RDI: ffffffffffffff9c
[   83.110512][ T6127] RBP: 00007f85786d7090 R08: 0000000000000000 R09: 0000000000000000
[   83.110590][ T6127] R10: 0000000000001300 R11: 0000000000000246 R12: 0000000000000001
[   83.110602][ T6127] R13: 0000000000000001 R14: 00007f857a285fa0 R15: 00007ffd4b94c478
[   83.110638][ T6127]  </TASK>
[   83.317381][ T6125] loop2: detected capacity change from 0 to 512
[   83.350932][ T6125] EXT4-fs (loop2): too many log groups per flexible block group
[   83.358651][ T6125] EXT4-fs (loop2): failed to initialize mballoc (-12)
[   83.370950][ T6125] EXT4-fs (loop2): mount failed
[   83.425645][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.434952][ T6142] loop2: detected capacity change from 0 to 1024
[   83.454551][ T6142] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.470792][ T6142] ext4 filesystem being mounted at /186/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.485205][ T6150] FAULT_INJECTION: forcing a failure.
[   83.485205][ T6150] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   83.487305][ T6152] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in;
[   83.487305][ T6152]    program syz.3.1008 not setting count and/or reply_len properly
[   83.498319][ T6150] CPU: 0 UID: 0 PID: 6150 Comm: syz.1.1007 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   83.498351][ T6150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   83.498368][ T6150] Call Trace:
[   83.498377][ T6150]  <TASK>
[   83.498403][ T6150]  dump_stack_lvl+0xf2/0x150
[   83.498471][ T6150]  dump_stack+0x15/0x1a
[   83.498497][ T6150]  should_fail_ex+0x24a/0x260
[   83.498541][ T6150]  should_fail+0xb/0x10
[   83.498620][ T6150]  should_fail_usercopy+0x1a/0x20
[   83.498645][ T6150]  _copy_from_user+0x1c/0xa0
[   83.498677][ T6150]  do_ip6t_set_ctl+0x42c/0x8c0
[   83.498712][ T6150]  ? kstrtouint+0x77/0xc0
[   83.498754][ T6150]  nf_setsockopt+0x195/0x1b0
[   83.498870][ T6150]  ipv6_setsockopt+0x10f/0x130
[   83.498905][ T6150]  tcp_setsockopt+0x93/0xb0
[   83.498996][ T6150]  sock_common_setsockopt+0x64/0x80
[   83.499025][ T6150]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   83.499054][ T6150]  __sys_setsockopt+0x187/0x200
[   83.499126][ T6150]  __x64_sys_setsockopt+0x66/0x80
[   83.499162][ T6150]  x64_sys_call+0x282e/0x2dc0
[   83.499195][ T6150]  do_syscall_64+0xc9/0x1c0
[   83.499276][ T6150]  ? clear_bhb_loop+0x55/0xb0
[   83.499327][ T6150]  ? clear_bhb_loop+0x55/0xb0
[   83.499441][ T6150]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.499474][ T6150] RIP: 0033:0x7f857a06cde9
[   83.499494][ T6150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.499576][ T6150] RSP: 002b:00007f85786d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   83.499595][ T6150] RAX: ffffffffffffffda RBX: 00007f857a285fa0 RCX: 00007f857a06cde9
[   83.499610][ T6150] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[   83.499625][ T6150] RBP: 00007f85786d7090 R08: 0000000000000500 R09: 0000000000000000
[   83.499640][ T6150] R10: 0000400000000c80 R11: 0000000000000246 R12: 0000000000000001
[   83.499661][ T6150] R13: 0000000000000000 R14: 00007f857a285fa0 R15: 00007ffd4b94c478
[   83.499684][ T6150]  </TASK>
[   83.728584][ T6157] lo speed is unknown, defaulting to 1000
[   83.850355][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.978662][ T6178] netlink: 'syz.3.1015': attribute type 13 has an invalid length.
[   83.988855][ T6178] gretap0: refused to change device tx_queue_len
[   83.995912][ T6178] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   84.011664][ T6161] netem: unknown loss type 0
[   84.016326][ T6161] netem: change failed
[   84.114598][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.122096][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.129583][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.138598][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.146081][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.153668][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.161151][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.168566][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.176092][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.183880][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.191062][ T6193] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in;
[   84.191062][ T6193]    program syz.3.1022 not setting count and/or reply_len properly
[   84.191366][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.215545][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.223006][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.230542][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.241157][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.248584][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.256054][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.263544][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.270958][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.278404][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.285921][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.293451][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.300972][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.308381][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.315820][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.323307][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.330757][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.338169][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.345651][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.353103][ T3378] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[   84.361751][ T3378] hid-generic 0000:0000:0000.0023: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   84.380934][ T6200] @: renamed from vlan0 (while UP)
[   84.416942][ T6204] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6204 comm=syz.2.1025
[   84.443425][ T6204] loop2: detected capacity change from 0 to 512
[   84.450724][ T6204] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   84.471362][ T6204] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[   84.479626][ T6204] System zones: 1-12
[   84.495703][ T6204] EXT4-fs (loop2): 1 truncate cleaned up
[   84.512517][ T6204] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.547101][ T6206] loop3: detected capacity change from 0 to 1024
[   84.585432][ T6206] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.624891][ T6206] ext4 filesystem being mounted at /152/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   84.684419][ T6215] netlink: 'syz.4.1028': attribute type 13 has an invalid length.
[   84.712795][ T6215] gretap0: refused to change device tx_queue_len
[   84.722697][ T6215] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   84.738406][ T3438] lo speed is unknown, defaulting to 1000
[   84.772768][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.796006][ T6226] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in;
[   84.796006][ T6226]    program syz.0.1034 not setting count and/or reply_len properly
[   84.881875][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   84.889441][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   84.897098][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   84.920812][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   84.929247][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   84.936765][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   84.944196][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   84.951636][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   84.959115][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   84.966564][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   84.974017][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   84.981502][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   84.988968][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   84.996404][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   85.005218][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.037160][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   85.044734][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   85.052212][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   85.055802][ T6234] syz_tun: entered allmulticast mode
[   85.059603][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   85.075404][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   85.083148][ T6234] syz_tun: left allmulticast mode
[   85.083104][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   85.095759][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   85.103193][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   85.110612][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   85.118038][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   85.125479][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   85.132920][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   85.140586][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   85.148101][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   85.155542][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   85.162959][ T3378] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[   85.181764][ T3378] hid-generic 0000:0000:0000.0024: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   85.225871][ T6257] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1042'.
[   85.235018][ T6257] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1042'.
[   85.251233][ T6253] loop2: detected capacity change from 0 to 1024
[   85.261886][ T6259] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6259 comm=syz.0.1043
[   85.286305][ T6253] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.303149][ T6253] ext4 filesystem being mounted at /193/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.560364][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.573782][ T6271] netlink: 'syz.0.1047': attribute type 13 has an invalid length.
[   85.586199][ T6271] gretap0: refused to change device tx_queue_len
[   85.593273][ T6271] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   85.618756][ T6274] capability: warning: `syz.2.1048' uses 32-bit capabilities (legacy support in use)
[   85.697176][ T6291] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6291 comm=syz.2.1055
[   85.712489][ T6291] loop2: detected capacity change from 0 to 512
[   85.719354][ T6291] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   85.730430][ T6291] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[   85.738569][ T6291] System zones: 1-12
[   85.743547][ T6291] EXT4-fs (loop2): 1 truncate cleaned up
[   85.749698][ T6291] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.860464][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.965553][ T6304] netlink: 'syz.2.1060': attribute type 13 has an invalid length.
[   85.977349][ T6304] gretap0: refused to change device tx_queue_len
[   85.984416][ T6304] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   86.023983][ T6310] loop2: detected capacity change from 0 to 256
[   86.320147][ T6339] __nla_validate_parse: 2 callbacks suppressed
[   86.320171][ T6339] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1074'.
[   86.337405][ T6337] netlink: 'syz.1.1073': attribute type 13 has an invalid length.
[   86.353670][ T6337] gretap0: refused to change device tx_queue_len
[   86.367595][ T6337] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   86.398819][   T29] kauditd_printk_skb: 165 callbacks suppressed
[   86.398834][   T29] audit: type=1326 audit(1739427464.302:2792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6342 comm="syz.2.1076" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbc5761cde9 code=0x0
[   86.444085][   T29] audit: type=1400 audit(1739427464.352:2793): avc:  denied  { sqpoll } for  pid=6346 comm="syz.1.1078" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   86.481722][   T29] audit: type=1400 audit(1739427464.352:2794): avc:  denied  { write } for  pid=6346 comm="syz.1.1078" name="ip_tables_targets" dev="proc" ino=4026532942 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   86.538617][   T29] audit: type=1400 audit(1739427464.392:2795): avc:  denied  { create } for  pid=6352 comm="syz.3.1080" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   86.703326][ T6372] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[   86.715377][ T6372] bond0: (slave lo): Error: Device can not be enslaved while up
[   86.729349][   T29] audit: type=1400 audit(1739427464.632:2796): avc:  denied  { create } for  pid=6373 comm="syz.4.1088" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   86.823558][   T29] audit: type=1400 audit(1739427464.722:2797): avc:  denied  { write } for  pid=6386 comm="syz.4.1093" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[   86.847314][ T6383] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.860731][   T29] audit: type=1400 audit(1739427464.752:2798): avc:  denied  { create } for  pid=6394 comm="syz.4.1094" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[   86.881632][   T29] audit: type=1400 audit(1739427464.752:2799): avc:  denied  { bind } for  pid=6382 comm="syz.3.1092" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   86.902031][   T29] audit: type=1400 audit(1739427464.752:2800): avc:  denied  { setopt } for  pid=6382 comm="syz.3.1092" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   86.922805][   T29] audit: type=1400 audit(1739427464.772:2801): avc:  denied  { write } for  pid=6394 comm="syz.4.1094" path="socket:[13704]" dev="sockfs" ino=13704 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[   87.012726][ T6383] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.062638][ T6383] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.134382][ T6406] nfs: Unknown parameter ''
[   87.152751][ T6407] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1099'.
[   87.173246][ T6383] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.229302][ T6383] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   87.242091][ T6383] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   87.251875][ T6417] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6417 comm=syz.2.1104
[   87.254240][ T6383] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   87.273834][ T6417] loop2: detected capacity change from 0 to 512
[   87.277053][ T6383] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   87.282111][ T6417] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   87.310016][ T6417] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[   87.318007][ T6417] System zones: 1-12
[   87.323066][ T6417] EXT4-fs (loop2): 1 truncate cleaned up
[   87.329256][ T6417] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.420373][ T6422] ip6t_rpfilter: unknown options
[   87.473422][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.644020][ T6430] loop2: detected capacity change from 0 to 1024
[   87.663167][ T6430] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.690818][ T6430] ext4 filesystem being mounted at /207/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.889747][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.163475][ T6468] loop4: detected capacity change from 0 to 1024
[   88.214685][ T6468] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.237216][ T6468] ext4 filesystem being mounted at /212/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.391581][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.901449][ T6466] loop3: detected capacity change from 0 to 512
[   88.961345][ T6466] EXT4-fs: Ignoring removed i_version option
[   88.968327][ T6466] EXT4-fs: Ignoring removed mblk_io_submit option
[   89.024013][ T6448] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[   89.036037][ T6448] bond0: (slave lo): Error: Device can not be enslaved while up
[   89.045282][ T6491] SET target dimension over the limit!
[   89.059245][ T6466] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   89.083694][ T6491] sg_write: data in/out 122/14 bytes for SCSI command 0x5-- guessing data in;
[   89.083694][ T6491]    program syz.0.1130 not setting count and/or reply_len properly
[   89.170829][ T6466] EXT4-fs (loop3): 1 truncate cleaned up
[   89.214909][ T6466] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.315805][ T6502] loop4: detected capacity change from 0 to 512
[   89.348996][ T6502] EXT4-fs (loop4): 1 orphan inode deleted
[   89.355341][ T6502] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.369763][ T5680] EXT4-fs error (device loop4): ext4_release_dquot:6950: comm kworker/u8:31: Failed to release dquot type 1
[   89.401648][ T6502] ext4 filesystem being mounted at /215/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.413855][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.423619][ T6504] loop2: detected capacity change from 0 to 1024
[   89.460124][ T6504] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.491067][ T6504] ext4 filesystem being mounted at /211/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.505417][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.546572][ T6520] @: renamed from vlan0 (while UP)
[   89.576112][ T6524] FAULT_INJECTION: forcing a failure.
[   89.576112][ T6524] name failslab, interval 1, probability 0, space 0, times 0
[   89.588962][ T6524] CPU: 1 UID: 0 PID: 6524 Comm: syz.0.1143 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   89.588993][ T6524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   89.589008][ T6524] Call Trace:
[   89.589016][ T6524]  <TASK>
[   89.589024][ T6524]  dump_stack_lvl+0xf2/0x150
[   89.589094][ T6524]  dump_stack+0x15/0x1a
[   89.589119][ T6524]  should_fail_ex+0x24a/0x260
[   89.589160][ T6524]  should_failslab+0x8f/0xb0
[   89.589190][ T6524]  __kmalloc_noprof+0xab/0x3f0
[   89.589227][ T6524]  ? bpf_test_init+0xc7/0x170
[   89.589285][ T6524]  bpf_test_init+0xc7/0x170
[   89.589342][ T6524]  bpf_prog_test_run_xdp+0x321/0x8b0
[   89.589380][ T6524]  ? __rcu_read_unlock+0x4e/0x70
[   89.589407][ T6524]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   89.589444][ T6524]  bpf_prog_test_run+0x20f/0x3a0
[   89.589526][ T6524]  __sys_bpf+0x400/0x7a0
[   89.589566][ T6524]  __x64_sys_bpf+0x43/0x50
[   89.589592][ T6524]  x64_sys_call+0x2914/0x2dc0
[   89.589624][ T6524]  do_syscall_64+0xc9/0x1c0
[   89.589653][ T6524]  ? clear_bhb_loop+0x55/0xb0
[   89.589735][ T6524]  ? clear_bhb_loop+0x55/0xb0
[   89.589768][ T6524]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.589798][ T6524] RIP: 0033:0x7effe3adcde9
[   89.589816][ T6524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.589838][ T6524] RSP: 002b:00007effe2147038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   89.589959][ T6524] RAX: ffffffffffffffda RBX: 00007effe3cf5fa0 RCX: 00007effe3adcde9
[   89.589973][ T6524] RDX: 0000000000000048 RSI: 0000400000000600 RDI: 000000000000000a
[   89.589984][ T6524] RBP: 00007effe2147090 R08: 0000000000000000 R09: 0000000000000000
[   89.589996][ T6524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   89.590007][ T6524] R13: 0000000000000000 R14: 00007effe3cf5fa0 R15: 00007ffe57ad3db8
[   89.590028][ T6524]  </TASK>
[   89.800506][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.833276][ T6534] loop2: detected capacity change from 0 to 1024
[   89.840366][ T6534] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   89.851387][ T6534] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[   89.866996][ T6537] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1146'.
[   89.877037][ T6534] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   89.888088][ T6534] EXT4-fs (loop2): invalid journal inode
[   90.123024][ T6545] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[   90.135053][ T6545] bond0: (slave lo): Error: Device can not be enslaved while up
[   90.298693][ T6554] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1154'.
[   90.330436][ T6554] loop4: detected capacity change from 0 to 2048
[   90.362932][ T6554] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   90.379937][ T6554] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   90.486903][ T6558] loop3: detected capacity change from 0 to 1024
[   90.502548][ T6558] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   90.515268][ T6558] ext4 filesystem being mounted at /174/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   90.655541][ T6564] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1157'.
[   90.778525][ T6575] loop3: detected capacity change from 0 to 512
[   90.938191][ T6577] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1162'.
[   91.280119][ T6597] lo speed is unknown, defaulting to 1000
[   91.411907][ T6602] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1169'.
[   91.461259][   T29] kauditd_printk_skb: 76 callbacks suppressed
[   91.461289][   T29] audit: type=1400 audit(1739427469.372:2877): avc:  denied  { setopt } for  pid=6591 comm="syz.1.1169" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   91.492897][ T6606] @: renamed from vlan0 (while UP)
[   91.591252][   T29] audit: type=1400 audit(1739427469.392:2878): avc:  denied  { read } for  pid=6591 comm="syz.1.1169" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   91.890795][   T29] audit: type=1400 audit(1739427469.732:2879): avc:  denied  { getopt } for  pid=6613 comm="syz.3.1177" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   92.039675][   T29] audit: type=1400 audit(1739427469.942:2880): avc:  denied  { read write } for  pid=6620 comm="syz.3.1180" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   92.064412][   T29] audit: type=1400 audit(1739427469.942:2881): avc:  denied  { open } for  pid=6620 comm="syz.3.1180" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   92.210742][   T29] audit: type=1400 audit(1739427470.102:2882): avc:  denied  { watch } for  pid=6634 comm="syz.0.1188" path="/279" dev="tmpfs" ino=1485 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   92.250524][   T29] audit: type=1326 audit(1739427470.142:2883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6632 comm="syz.4.1186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbec59dcde9 code=0x7ffc0000
[   92.250637][ T6642] loop3: detected capacity change from 0 to 128
[   92.250596][   T29] audit: type=1326 audit(1739427470.142:2884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6632 comm="syz.4.1186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbec59dcde9 code=0x7ffc0000
[   92.250840][   T29] audit: type=1326 audit(1739427470.142:2885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6632 comm="syz.4.1186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbec59dcde9 code=0x7ffc0000
[   92.250867][   T29] audit: type=1326 audit(1739427470.142:2886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6632 comm="syz.4.1186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbec59dcde9 code=0x7ffc0000
[   92.261872][ T6642] netlink: 'syz.3.1191': attribute type 4 has an invalid length.
[   92.279971][ T6645] netlink: 700 bytes leftover after parsing attributes in process `syz.1.1189'.
[   92.414508][ T6663] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1195'.
[   92.435157][ T6642] netlink: 'syz.3.1191': attribute type 4 has an invalid length.
[   92.502323][ T6676] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1200'.
[   92.522127][ T6681] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in;
[   92.522127][ T6681]    program syz.2.1198 not setting count and/or reply_len properly
[   92.546122][ T6680] loop3: detected capacity change from 0 to 1024
[   92.575337][ T6680] ext4 filesystem being mounted at /187/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.638525][ T6693] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1206'.
[   92.679488][ T6702] @: renamed from vlan0 (while UP)
[   92.719185][ T6707] hub 9-0:1.0: USB hub found
[   92.723891][ T6707] hub 9-0:1.0: 8 ports detected
[   92.764256][ T6712] loop2: detected capacity change from 0 to 128
[   92.771981][ T6714] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1213'.
[   92.783604][ T6712] ext4 filesystem being mounted at /224/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   92.838487][ T6719] loop3: detected capacity change from 0 to 512
[   92.847200][ T6719] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1216: bg 0: block 35: padding at end of block bitmap is not set
[   92.849744][ T6712] Invalid ELF header magic: != ELF
[   92.861919][ T6719] EXT4-fs (loop3): Remounting filesystem read-only
[   92.873503][ T6719] EXT4-fs (loop3): 1 truncate cleaned up
[   92.879614][ T6719] SELinux: (dev loop3, type ext4) getxattr errno 5
[   92.978753][ T6729] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1220'.
[   93.023356][ T6737] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[   93.041237][ T6731] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1221'.
[   93.078135][ T6733] loop2: detected capacity change from 0 to 1024
[   93.090479][ T6741] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1226'.
[   93.116434][ T6733] ext4 filesystem being mounted at /226/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.210077][ T6755] loop3: detected capacity change from 0 to 2048
[   93.220360][ T6758] @: renamed from vlan0 (while UP)
[   93.302142][ T6766] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1235'.
[   93.382300][ T6763] loop2: detected capacity change from 0 to 512
[   93.651320][ T6763] EXT4-fs (loop2): too many log groups per flexible block group
[   93.659144][ T6763] EXT4-fs (loop2): failed to initialize mballoc (-12)
[   93.680843][ T6763] EXT4-fs (loop2): mount failed
[   93.777605][ T6778] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in;
[   93.777605][ T6778]    program syz.2.1237 not setting count and/or reply_len properly
[   94.149238][ T6806] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in;
[   94.149238][ T6806]    program syz.3.1249 not setting count and/or reply_len properly
[   94.199762][ T6809] loop3: detected capacity change from 0 to 128
[   94.342725][ T6824] lo speed is unknown, defaulting to 1000
[   94.433293][ T6829] lo speed is unknown, defaulting to 1000
[   94.502409][ T6838] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in;
[   94.502409][ T6838]    program syz.0.1263 not setting count and/or reply_len properly
[   94.707864][ T6849] loop3: detected capacity change from 0 to 128
[   94.863014][ T6858] loop3: detected capacity change from 0 to 1024
[   94.884992][ T6858] ext4 filesystem being mounted at /202/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.964252][ T6871] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in;
[   94.964252][ T6871]    program syz.2.1277 not setting count and/or reply_len properly
[   95.152212][ T6884] loop3: detected capacity change from 0 to 128
[   95.162515][ T5714] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.213614][ T5714] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.268147][ T5714] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.297576][ T6895] FAULT_INJECTION: forcing a failure.
[   95.297576][ T6895] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   95.310835][ T6895] CPU: 1 UID: 0 PID: 6895 Comm: syz.3.1285 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   95.310861][ T6895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   95.310875][ T6895] Call Trace:
[   95.310881][ T6895]  <TASK>
[   95.310888][ T6895]  dump_stack_lvl+0xf2/0x150
[   95.310919][ T6895]  dump_stack+0x15/0x1a
[   95.310941][ T6895]  should_fail_ex+0x24a/0x260
[   95.311060][ T6895]  should_fail+0xb/0x10
[   95.311093][ T6895]  should_fail_usercopy+0x1a/0x20
[   95.311114][ T6895]  _copy_to_user+0x20/0xa0
[   95.311140][ T6895]  simple_read_from_buffer+0xa0/0x110
[   95.311167][ T6895]  proc_fail_nth_read+0xf9/0x140
[   95.311205][ T6895]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   95.311228][ T6895]  vfs_read+0x19b/0x6f0
[   95.311253][ T6895]  ? __cond_resched+0x28/0x50
[   95.311285][ T6895]  ksys_read+0xe8/0x1b0
[   95.311380][ T6895]  __x64_sys_read+0x42/0x50
[   95.311402][ T6895]  x64_sys_call+0x2874/0x2dc0
[   95.311432][ T6895]  do_syscall_64+0xc9/0x1c0
[   95.311533][ T6895]  ? clear_bhb_loop+0x55/0xb0
[   95.311566][ T6895]  ? clear_bhb_loop+0x55/0xb0
[   95.311637][ T6895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.311689][ T6895] RIP: 0033:0x7f7a15a9b7fc
[   95.311788][ T6895] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   95.311872][ T6895] RSP: 002b:00007f7a140e6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   95.311895][ T6895] RAX: ffffffffffffffda RBX: 00007f7a15cb6080 RCX: 00007f7a15a9b7fc
[   95.311910][ T6895] RDX: 000000000000000f RSI: 00007f7a140e60a0 RDI: 0000000000000004
[   95.311925][ T6895] RBP: 00007f7a140e6090 R08: 0000000000000000 R09: 0000000000000000
[   95.311940][ T6895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   95.311954][ T6895] R13: 0000000000000000 R14: 00007f7a15cb6080 R15: 00007ffea240bb48
[   95.311976][ T6895]  </TASK>
[   95.513484][ T6888] lo speed is unknown, defaulting to 1000
[   95.531207][ T6894] netlink: 'syz.2.1286': attribute type 13 has an invalid length.
[   95.559410][ T6894] gretap0: refused to change device tx_queue_len
[   95.592085][ T6894] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   95.623744][ T5714] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.705491][ T6911] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in;
[   95.705491][ T6911]    program syz.3.1289 not setting count and/or reply_len properly
[   95.843097][ T5714] bond0 (unregistering): Released all slaves
[   95.873270][ T6888] chnl_net:caif_netlink_parms(): no params data found
[   95.918875][ T6930] Invalid ELF header magic: != ELF
[   96.065606][ T6927] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   96.074273][ T6927] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   96.082907][ T6927] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   96.091431][ T6927] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   96.107201][ T6924] lo speed is unknown, defaulting to 1000
[   96.120866][ T5714] hsr_slave_0: left promiscuous mode
[   96.132174][ T5714] hsr_slave_1: left promiscuous mode
[   96.143087][ T5714] veth1_macvtap: left promiscuous mode
[   96.151111][ T5714] veth0_macvtap: left promiscuous mode
[   96.156712][ T5714] veth1_vlan: left promiscuous mode
[   96.169226][ T5714] veth0_vlan: left promiscuous mode
[   96.198935][ T6934] netlink: 'syz.3.1300': attribute type 13 has an invalid length.
[   96.360867][ T6934] gretap0: refused to change device tx_queue_len
[   96.375225][ T6934] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   96.455742][ T6888] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.462952][ T6888] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.470284][ T6888] bridge_slave_0: entered allmulticast mode
[   96.481402][ T6888] bridge_slave_0: entered promiscuous mode
[   96.489575][ T6949] Invalid ELF header magic: != ELF
[   96.492008][ T6888] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.502042][ T6888] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.502387][   T29] kauditd_printk_skb: 175 callbacks suppressed
[   96.502402][   T29] audit: type=1400 audit(1739427474.422:3062): avc:  denied  { name_bind } for  pid=6948 comm="syz.4.1306" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[   96.519596][ T6888] bridge_slave_1: entered allmulticast mode
[   96.536535][   T29] audit: type=1400 audit(1739427474.422:3063): avc:  denied  { node_bind } for  pid=6948 comm="syz.4.1306" saddr=::1 src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   96.567964][ T6888] bridge_slave_1: entered promiscuous mode
[   96.579131][   T29] audit: type=1400 audit(1739427474.472:3064): avc:  denied  { ioctl } for  pid=6951 comm="syz.2.1307" path="/dev/sg0" dev="devtmpfs" ino=135 ioctlcmd=0x6619 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   96.613148][ T6950] __nla_validate_parse: 5 callbacks suppressed
[   96.613170][ T6950] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1306'.
[   96.628441][ T6950] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1306'.
[   96.652599][ T6888] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   96.664078][   T29] audit: type=1400 audit(1739427474.542:3065): avc:  denied  { read write } for  pid=6946 comm="syz.3.1304" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   96.688772][   T29] audit: type=1400 audit(1739427474.542:3066): avc:  denied  { open } for  pid=6946 comm="syz.3.1304" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   96.712237][ T6963] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1312'.
[   96.722426][ T6963] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1312'.
[   96.740003][   T29] audit: type=1400 audit(1739427474.642:3067): avc:  denied  { create } for  pid=6958 comm="syz.2.1311" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   96.777159][ T6888] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   96.814105][   T29] audit: type=1400 audit(1739427474.722:3068): avc:  denied  { ioctl } for  pid=6958 comm="syz.2.1311" path="socket:[16878]" dev="sockfs" ino=16878 ioctlcmd=0x89a2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   96.848027][ T6888] team0: Port device team_slave_0 added
[   96.855003][ T6888] team0: Port device team_slave_1 added
[   96.887134][ T6888] batman_adv: batadv0: Adding interface: batadv_slave_0
[   96.894191][ T6888] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.920336][ T6888] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   96.932452][ T6977] loop4: detected capacity change from 0 to 128
[   96.956163][   T29] audit: type=1326 audit(1739427474.852:3069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6980 comm="syz.1.1317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f857a06cde9 code=0x7ffc0000
[   96.979676][   T29] audit: type=1326 audit(1739427474.852:3070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6980 comm="syz.1.1317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f857a06cde9 code=0x7ffc0000
[   97.003252][   T29] audit: type=1326 audit(1739427474.862:3071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6982 comm="syz.1.1317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f857a09f6a5 code=0x7ffc0000
[   97.028880][ T6888] batman_adv: batadv0: Adding interface: batadv_slave_1
[   97.035920][ T6888] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   97.039530][ T6985] loop3: detected capacity change from 0 to 128
[   97.062015][ T6888] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   97.080538][ T6985] FAT-fs (loop3): bogus number of reserved sectors
[   97.087282][ T6985] FAT-fs (loop3): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[   97.096693][ T6985] FAT-fs (loop3): Can't find a valid FAT filesystem
[   97.104229][ T6977] ext4 filesystem being mounted at /238/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   97.157991][ T6977] Invalid ELF header magic: != ELF
[   97.182002][ T6888] hsr_slave_0: entered promiscuous mode
[   97.188951][ T6888] hsr_slave_1: entered promiscuous mode
[   97.196217][ T6988] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6988 comm=syz.2.1320
[   97.396464][ T6993] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[   97.405026][ T6993] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[   97.413689][ T7003] netlink: 'syz.1.1325': attribute type 13 has an invalid length.
[   97.469005][ T7003] gretap0: refused to change device tx_queue_len
[   97.480173][ T7003] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   97.507949][ T6888] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   97.537411][ T6888] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   97.564767][ T6888] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   97.572641][ T7015] loop4: detected capacity change from 0 to 128
[   97.599906][ T7015] ext4 filesystem being mounted at /241/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   97.604046][ T7016] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1329'.
[   97.641660][ T7016] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1329'.
[   97.652847][ T6888] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   97.689636][ T6888] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.697478][ T7016] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1329'.
[   97.723628][ T6888] 8021q: adding VLAN 0 to HW filter on device team0
[   97.737563][ T5714] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.744683][ T5714] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.759743][ T7021] Invalid ELF header magic: != ELF
[   97.768029][ T5714] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.775136][ T5714] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.860531][ T7026] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7026 comm=syz.3.1332
[   97.904895][ T3300] EXT4-fs unmount: 17 callbacks suppressed
[   97.904910][ T3300] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   97.949048][ T6888] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.025528][ T7041] loop4: detected capacity change from 0 to 256
[   98.098534][ T7045] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1337'.
[   98.146978][ T7058] netlink: 'syz.3.1339': attribute type 13 has an invalid length.
[   98.174743][ T7058] gretap0: refused to change device tx_queue_len
[   98.183929][ T7058] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   98.202801][ T6888] veth0_vlan: entered promiscuous mode
[   98.213414][ T6888] veth1_vlan: entered promiscuous mode
[   98.248730][ T6888] veth0_macvtap: entered promiscuous mode
[   98.257407][ T6888] veth1_macvtap: entered promiscuous mode
[   98.269549][ T6888] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.287772][ T6888] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.306150][ T6888] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.314954][ T6888] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.323698][ T6888] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.332468][ T6888] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.514991][ T7078] loop5: detected capacity change from 0 to 512
[   98.567834][ T7078] EXT4-fs (loop5): too many log groups per flexible block group
[   98.575656][ T7078] EXT4-fs (loop5): failed to initialize mballoc (-12)
[   98.612923][ T7078] EXT4-fs (loop5): mount failed
[   98.743180][ T7098] @: renamed from vlan0 (while UP)
[   98.956446][ T7104] rdma_op ffff888102246180 conn xmit_rdma 0000000000000000
[   99.092240][ T7114] program syz.2.1356 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   99.453520][ T7141] loop4: detected capacity change from 0 to 512
[   99.466308][ T7141] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1370: bg 0: block 35: padding at end of block bitmap is not set
[   99.503395][ T7141] EXT4-fs (loop4): Remounting filesystem read-only
[   99.526747][ T7141] EXT4-fs (loop4): 1 truncate cleaned up
[   99.544468][ T7149] loop5: detected capacity change from 0 to 1024
[   99.551658][ T7141] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.565760][ T7141] SELinux: (dev loop4, type ext4) getxattr errno 5
[   99.573588][ T7141] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.580852][ T7149] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.594845][ T7149] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   99.609908][ T7149] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[   99.625553][ T7149] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 1 with error 28
[   99.637973][ T7149] EXT4-fs (loop5): This should not happen!! Data will be lost
[   99.637973][ T7149] 
[   99.647930][ T7149] EXT4-fs (loop5): Total free blocks count 0
[   99.654019][ T7149] EXT4-fs (loop5): Free/Dirty block details
[   99.660058][ T7149] EXT4-fs (loop5): free_blocks=4293918720
[   99.665911][ T7149] EXT4-fs (loop5): dirty_blocks=16
[   99.671804][ T7149] EXT4-fs (loop5): Block reservation details
[   99.677971][ T7149] EXT4-fs (loop5): i_reserved_data_blocks=1
[   99.686384][ T7156] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 28
[   99.804265][ T7164] block device autoloading is deprecated and will be removed.
[   99.812008][ T7164] syz.5.1378: attempt to access beyond end of device
[   99.812008][ T7164] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   99.826408][ T7164] syz.5.1378: attempt to access beyond end of device
[   99.826408][ T7164] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   99.840748][ T7164] syz.5.1378: attempt to access beyond end of device
[   99.840748][ T7164] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   99.854658][ T7164] syz.5.1378: attempt to access beyond end of device
[   99.854658][ T7164] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   99.868244][ T7164] syz.5.1378: attempt to access beyond end of device
[   99.868244][ T7164] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   99.881824][ T7164] syz.5.1378: attempt to access beyond end of device
[   99.881824][ T7164] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   99.895312][ T7164] syz.5.1378: attempt to access beyond end of device
[   99.895312][ T7164] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   99.909207][ T7164] syz.5.1378: attempt to access beyond end of device
[   99.909207][ T7164] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   99.922639][ T7172] loop4: detected capacity change from 0 to 1024
[   99.923390][ T7164] syz.5.1378: attempt to access beyond end of device
[   99.923390][ T7164] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   99.944797][ T7164] syz.5.1378: attempt to access beyond end of device
[   99.944797][ T7164] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   99.973807][ T7172] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.986578][ T7172] ext4 filesystem being mounted at /259/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.151468][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.175666][ T7192] loop4: detected capacity change from 0 to 1024
[  100.183224][ T7192] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  100.194706][ T7192] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[  100.204606][ T7192] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  100.215663][ T7192] EXT4-fs (loop4): invalid journal inode
[  100.221464][ T7192] EXT4-fs (loop4): can't get journal size
[  100.227567][ T7192] EXT4-fs error (device loop4): ext4_protect_reserved_inode:182: inode #3: comm syz.4.1389: blocks 2-2 from inode overlap system zone
[  100.242180][ T7192] EXT4-fs (loop4): failed to initialize system zone (-117)
[  100.249760][ T7192] EXT4-fs (loop4): mount failed
[  100.383105][ T7213] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7213 comm=syz.2.1398
[  100.423715][ T7217] netlink: 'syz.4.1400': attribute type 13 has an invalid length.
[  100.435066][ T7217] gretap0: refused to change device tx_queue_len
[  100.442190][ T7217] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  100.521539][ T7221] loop4: detected capacity change from 0 to 512
[  100.532137][ T7221] EXT4-fs (loop4): too many log groups per flexible block group
[  100.539958][ T7221] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  100.547407][ T7221] EXT4-fs (loop4): mount failed
[  100.595787][ T7235] loop4: detected capacity change from 0 to 512
[  100.614919][ T7235] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.640060][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.676874][ T7241] netlink: 'syz.2.1411': attribute type 13 has an invalid length.
[  100.679982][ T7243] loop4: detected capacity change from 0 to 1024
[  100.691414][ T7241] gretap0: refused to change device tx_queue_len
[  100.692398][ T7243] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  100.698418][ T7241] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  100.708672][ T7243] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[  100.709056][ T7243] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  100.745666][ T7243] EXT4-fs (loop4): invalid journal inode
[  100.761188][ T7245] pim6reg1: entered promiscuous mode
[  100.766585][ T7245] pim6reg1: entered allmulticast mode
[  100.859509][ T7247] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7247 comm=syz.2.1413
[  100.905069][ T7251] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in;
[  100.905069][ T7251]    program syz.5.1415 not setting count and/or reply_len properly
[  100.949171][ T7253] loop4: detected capacity change from 0 to 512
[  100.993835][ T7262] loop5: detected capacity change from 0 to 512
[  101.002991][ T7253] EXT4-fs (loop4): too many log groups per flexible block group
[  101.010860][ T7253] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  101.017829][ T7253] EXT4-fs (loop4): mount failed
[  101.027011][ T7264] loop5: detected capacity change from 0 to 1764
[  101.034366][ T7264] iso9660: Bad value for 'session'
[  101.052392][ T7264] loop5: detected capacity change from 0 to 1764
[  101.054922][ T7269] netlink: 'syz.1.1422': attribute type 13 has an invalid length.
[  101.059099][ T7264] iso9660: Bad value for 'session'
[  101.072929][ T7269] gretap0: refused to change device tx_queue_len
[  101.103968][ T7264] loop5: detected capacity change from 0 to 1764
[  101.110824][ T7269] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  101.127401][ T7264] iso9660: Bad value for 'session'
[  101.133279][ T7274] FAULT_INJECTION: forcing a failure.
[  101.133279][ T7274] name failslab, interval 1, probability 0, space 0, times 0
[  101.146068][ T7274] CPU: 0 UID: 0 PID: 7274 Comm: syz.2.1424 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[  101.146163][ T7274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  101.146175][ T7274] Call Trace:
[  101.146180][ T7274]  <TASK>
[  101.146187][ T7274]  dump_stack_lvl+0xf2/0x150
[  101.146215][ T7274]  dump_stack+0x15/0x1a
[  101.146259][ T7274]  should_fail_ex+0x24a/0x260
[  101.146384][ T7274]  should_failslab+0x8f/0xb0
[  101.146421][ T7274]  kmem_cache_alloc_noprof+0x52/0x320
[  101.146456][ T7274]  ? getname_flags+0x81/0x3b0
[  101.146554][ T7274]  getname_flags+0x81/0x3b0
[  101.146582][ T7274]  getname+0x17/0x20
[  101.146648][ T7274]  path_removexattrat+0xf0/0x4b0
[  101.146686][ T7274]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  101.146728][ T7274]  __x64_sys_removexattr+0x38/0x50
[  101.146830][ T7274]  x64_sys_call+0x3ea/0x2dc0
[  101.146856][ T7274]  do_syscall_64+0xc9/0x1c0
[  101.146882][ T7274]  ? clear_bhb_loop+0x55/0xb0
[  101.146984][ T7274]  ? clear_bhb_loop+0x55/0xb0
[  101.147014][ T7274]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.147103][ T7274] RIP: 0033:0x7fbc5761cde9
[  101.147134][ T7274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.147154][ T7274] RSP: 002b:00007fbc55c81038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c5
[  101.147176][ T7274] RAX: ffffffffffffffda RBX: 00007fbc57835fa0 RCX: 00007fbc5761cde9
[  101.147190][ T7274] RDX: 0000000000000000 RSI: 0000400000000080 RDI: 0000400000000040
[  101.147204][ T7274] RBP: 00007fbc55c81090 R08: 0000000000000000 R09: 0000000000000000
[  101.147217][ T7274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.147231][ T7274] R13: 0000000000000000 R14: 00007fbc57835fa0 R15: 00007ffe145bd5b8
[  101.147319][ T7274]  </TASK>
[  101.330368][ T7264] loop5: detected capacity change from 0 to 1764
[  101.337048][ T7264] iso9660: Bad value for 'session'
[  101.366731][ T7264] loop5: detected capacity change from 0 to 1764
[  101.376106][ T7282] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in;
[  101.376106][ T7282]    program syz.1.1427 not setting count and/or reply_len properly
[  101.377779][ T7264] iso9660: Bad value for 'session'
[  101.410104][ T7264] loop5: detected capacity change from 0 to 1764
[  101.416904][ T7264] iso9660: Bad value for 'session'
[  101.432484][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.439936][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.440516][ T7264] loop5: detected capacity change from 0 to 1764
[  101.447411][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.454850][ T7264] iso9660: Bad value for 'session'
[  101.462117][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.473986][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.481638][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.489117][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.493466][ T7264] loop5: detected capacity change from 0 to 1764
[  101.496598][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.503512][ T7264] iso9660: Bad value for 'session'
[  101.510259][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.515993][   T29] kauditd_printk_skb: 857 callbacks suppressed
[  101.516005][   T29] audit: type=1326 audit(1739427479.432:3929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7091 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7a15a93da7 code=0x7ffc0000
[  101.523004][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.529176][   T29] audit: type=1326 audit(1739427479.432:3930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7091 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a15a38fb9 code=0x7ffc0000
[  101.529205][   T29] audit: type=1326 audit(1739427479.432:3931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7091 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a15a9cde9 code=0x7ffc0000
[  101.552619][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.590103][ T7287] Invalid ELF header magic: != ELF
[  101.606997][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.607094][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.625446][ T7264] loop5: detected capacity change from 0 to 1764
[  101.627199][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.634666][   T29] audit: type=1326 audit(1739427479.492:3932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7091 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7a15a93da7 code=0x7ffc0000
[  101.640866][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.648136][   T29] audit: type=1326 audit(1739427479.492:3933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7091 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a15a38fb9 code=0x7ffc0000
[  101.671449][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.671477][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.678890][   T29] audit: type=1326 audit(1739427479.492:3934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7091 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a15a9cde9 code=0x7ffc0000
[  101.702147][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.702173][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.702199][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.709546][   T29] audit: type=1326 audit(1739427479.492:3935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7091 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7a15a93da7 code=0x7ffc0000
[  101.716930][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.740308][   T29] audit: type=1326 audit(1739427479.492:3936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7091 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a15a38fb9 code=0x7ffc0000
[  101.747726][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.755145][   T29] audit: type=1326 audit(1739427479.492:3937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7091 comm="syz.3.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a15a9cde9 code=0x7ffc0000
[  101.762513][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.793790][ T7264] iso9660: Bad value for 'session'
[  101.816807][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.836434][ T7264] loop5: detected capacity change from 0 to 1764
[  101.847711][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.847739][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.855722][ T7264] iso9660: Bad value for 'session'
[  101.860224][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.879962][ T7264] loop5: detected capacity change from 0 to 1764
[  101.881476][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.881503][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.889259][ T7264] iso9660: Bad value for 'session'
[  101.893977][   T35] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  101.902003][   T35] hid-generic 0000:0000:0000.0025: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  101.948880][ T7291] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7291 comm=syz.1.1431
[  102.006763][   T29] audit: type=1400 audit(1739427479.882:3938): avc:  denied  { watch_reads } for  pid=7260 comm="syz.5.1420" path="/17" dev="tmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  102.036398][ T7294] loop4: detected capacity change from 0 to 512
[  102.062319][ T7294] EXT4-fs (loop4): too many log groups per flexible block group
[  102.070188][ T7294] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  102.078104][ T7294] EXT4-fs (loop4): mount failed
[  102.120306][ T7313] __nla_validate_parse: 6 callbacks suppressed
[  102.120322][ T7313] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1439'.
[  102.161809][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.169360][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.176805][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.179728][ T7315] loop5: detected capacity change from 0 to 512
[  102.200907][ T7319] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in;
[  102.200907][ T7319]    program syz.3.1440 not setting count and/or reply_len properly
[  102.205341][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.225383][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.232943][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.240475][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.247948][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.255434][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.262981][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.270424][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.277897][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.285566][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.293114][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.300793][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.308267][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.315730][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.323324][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.330859][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.338292][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.346567][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.354118][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.361538][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.368968][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.376444][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.383875][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.391304][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.398762][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.406204][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.413649][ T3360] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  102.421941][ T3360] hid-generic 0000:0000:0000.0026: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  102.422308][ T7315] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1438: bg 0: block 35: padding at end of block bitmap is not set
[  102.475072][ T7315] EXT4-fs (loop5): Remounting filesystem read-only
[  102.490050][ T7315] EXT4-fs (loop5): 1 truncate cleaned up
[  102.502758][ T7315] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.523771][ T7335] atomic_op ffff888117173d28 conn xmit_atomic 0000000000000000
[  102.540181][ T7315] SELinux: (dev loop5, type ext4) getxattr errno 5
[  102.553870][ T7315] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.564162][ T7333] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  102.576379][ T7333] bond0: (slave lo): Error: Device can not be enslaved while up
[  103.084145][ T7350] unsupported nla_type 52263
[  103.140138][ T7354] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7354 comm=syz.1.1452
[  103.205210][ T7362] loop5: detected capacity change from 0 to 512
[  103.213802][ T7362] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1456: bg 0: block 35: padding at end of block bitmap is not set
[  103.234186][ T7362] EXT4-fs (loop5): Remounting filesystem read-only
[  103.241300][ T7362] EXT4-fs (loop5): 1 truncate cleaned up
[  103.247635][ T7362] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.260287][ T7362] SELinux: (dev loop5, type ext4) getxattr errno 5
[  103.267345][ T7362] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.310392][ T7367] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  103.710359][ T7390] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7390 comm=syz.5.1468
[  103.725581][ T7390] loop5: detected capacity change from 0 to 512
[  103.732693][ T7390] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  103.743726][ T7390] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  103.751702][ T7390] System zones: 1-12
[  103.756409][ T7390] EXT4-fs (loop5): 1 truncate cleaned up
[  103.762519][ T7390] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.855131][ T6888] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.281815][ T7406] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  104.293921][ T7406] bond0: (slave lo): Error: Device can not be enslaved while up
[  104.348679][ T7414] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1476'.
[  104.435333][ T7421] loop3: detected capacity change from 0 to 1024
[  104.453295][ T7421] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.469913][ T7421] ext4 filesystem being mounted at /231/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  104.493159][ T7421] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  104.547553][ T7421] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 1 with error 28
[  104.560091][ T7421] EXT4-fs (loop3): This should not happen!! Data will be lost
[  104.560091][ T7421] 
[  104.569939][ T7421] EXT4-fs (loop3): Total free blocks count 0
[  104.575969][ T7421] EXT4-fs (loop3): Free/Dirty block details
[  104.581975][ T7421] EXT4-fs (loop3): free_blocks=4293918720
[  104.587840][ T7421] EXT4-fs (loop3): dirty_blocks=16
[  104.593018][ T7421] EXT4-fs (loop3): Block reservation details
[  104.599063][ T7421] EXT4-fs (loop3): i_reserved_data_blocks=1
[  104.617339][ T7425] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 28
[  104.637612][ T7429] loop5: detected capacity change from 0 to 512
[  104.651859][ T7429] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1480: bg 0: block 35: padding at end of block bitmap is not set
[  104.666412][ T7427] loop4: detected capacity change from 0 to 512
[  104.674129][ T7429] EXT4-fs (loop5): Remounting filesystem read-only
[  104.680867][ T7429] EXT4-fs (loop5): 1 truncate cleaned up
[  104.687357][ T7429] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.709205][ T7427] EXT4-fs (loop4): too many log groups per flexible block group
[  104.713995][ T7429] SELinux: (dev loop5, type ext4) getxattr errno 5
[  104.717010][ T7427] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  104.723837][ T7429] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.738219][ T7427] EXT4-fs (loop4): mount failed
[  104.782297][ T7436] FAULT_INJECTION: forcing a failure.
[  104.782297][ T7436] name failslab, interval 1, probability 0, space 0, times 0
[  104.795120][ T7436] CPU: 0 UID: 0 PID: 7436 Comm: syz.3.1481 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[  104.795150][ T7436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  104.795165][ T7436] Call Trace:
[  104.795174][ T7436]  <TASK>
[  104.795183][ T7436]  dump_stack_lvl+0xf2/0x150
[  104.795215][ T7436]  dump_stack+0x15/0x1a
[  104.795241][ T7436]  should_fail_ex+0x24a/0x260
[  104.795326][ T7436]  should_failslab+0x8f/0xb0
[  104.795358][ T7436]  kmem_cache_alloc_node_noprof+0x59/0x320
[  104.795400][ T7436]  ? __alloc_skb+0x10b/0x310
[  104.795488][ T7436]  __alloc_skb+0x10b/0x310
[  104.795514][ T7436]  ? audit_log_start+0x34c/0x6b0
[  104.795553][ T7436]  audit_log_start+0x368/0x6b0
[  104.795595][ T7436]  audit_seccomp+0x4b/0x130
[  104.795684][ T7436]  __seccomp_filter+0x6fa/0x1180
[  104.795711][ T7436]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  104.795777][ T7436]  ? vfs_write+0x644/0x920
[  104.795803][ T7436]  __secure_computing+0x9f/0x1c0
[  104.795829][ T7436]  syscall_trace_enter+0xd1/0x1f0
[  104.795883][ T7436]  ? fpregs_assert_state_consistent+0x83/0xa0
[  104.795923][ T7436]  do_syscall_64+0xaa/0x1c0
[  104.795954][ T7436]  ? clear_bhb_loop+0x55/0xb0
[  104.795987][ T7436]  ? clear_bhb_loop+0x55/0xb0
[  104.796085][ T7436]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.796114][ T7436] RIP: 0033:0x7f7a15a9cde9
[  104.796132][ T7436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.796232][ T7436] RSP: 002b:00007f7a14107038 EFLAGS: 00000246 ORIG_RAX: 000000000000002b
[  104.796256][ T7436] RAX: ffffffffffffffda RBX: 00007f7a15cb5fa0 RCX: 00007f7a15a9cde9
[  104.796271][ T7436] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
[  104.796284][ T7436] RBP: 00007f7a14107090 R08: 0000000000000000 R09: 0000000000000000
[  104.796298][ T7436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.796312][ T7436] R13: 0000000000000000 R14: 00007f7a15cb5fa0 R15: 00007ffea240bb48
[  104.796335][ T7436]  </TASK>
[  105.048191][ T7448] Invalid ELF header magic: != ELF
[  105.163725][ T7452] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1489'.
[  105.427973][ T7468] loop3: detected capacity change from 0 to 2048
[  105.442990][ T7468] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.520641][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.540485][ T7474] Invalid ELF header magic: != ELF
[  105.633291][ T7481] 9pnet_fd: Insufficient options for proto=fd
[  105.698989][ T7487] loop5: detected capacity change from 0 to 1024
[  105.706163][ T7487] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  105.717106][ T7487] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[  105.726755][ T7487] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  105.737818][ T7487] EXT4-fs (loop5): invalid journal inode
[  105.767635][ T7489] loop4: detected capacity change from 0 to 512
[  105.801920][ T7489] EXT4-fs (loop4): too many log groups per flexible block group
[  105.809806][ T7489] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  105.816685][ T7489] EXT4-fs (loop4): mount failed
[  105.831763][ T7497] loop5: detected capacity change from 0 to 512
[  105.842099][ T7497] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.1508: Failed to acquire dquot type 1
[  105.854000][ T7497] EXT4-fs (loop5): 1 truncate cleaned up
[  105.860019][ T7497] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.872669][ T7497] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.884115][ T7497] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.928029][ T7504] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1510'.
[  106.213882][ T7508] lo speed is unknown, defaulting to 1000
[  106.395220][ T7511] Invalid ELF header magic: != ELF
[  106.710482][   T29] kauditd_printk_skb: 211 callbacks suppressed
[  106.710500][   T29] audit: type=1400 audit(1739427484.612:4146): avc:  denied  { create } for  pid=7520 comm="syz.4.1516" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  106.804298][ T7532] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1521'.
[  106.835778][ T7535] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1523'.
[  106.858151][ T7538] Invalid ELF header magic: != ELF
[  106.881990][ T7536] loop3: detected capacity change from 0 to 2048
[  106.902384][ T7536] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.031756][   T29] audit: type=1400 audit(1739427484.932:4147): avc:  denied  { bind } for  pid=7562 comm="syz.4.1532" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  107.056892][ T7563] wireguard0: entered promiscuous mode
[  107.062462][ T7563] wireguard0: entered allmulticast mode
[  107.080517][ T7567] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1534'.
[  107.095333][ T7570] loop4: detected capacity change from 0 to 512
[  107.106145][   T29] audit: type=1400 audit(1739427485.012:4148): avc:  denied  { mounton } for  pid=7562 comm="syz.4.1532" path="/295/bus" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  107.106280][ T7570] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  107.193510][   T29] audit: type=1400 audit(1739427485.102:4149): avc:  denied  { write } for  pid=7568 comm="syz.2.1535" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  107.237047][ T7570] EXT4-fs (loop4): 1 truncate cleaned up
[  107.243545][   T29] audit: type=1400 audit(1739427485.122:4150): avc:  denied  { bind } for  pid=7572 comm="syz.5.1536" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  107.264039][   T29] audit: type=1400 audit(1739427485.122:4151): avc:  denied  { setopt } for  pid=7572 comm="syz.5.1536" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  107.329049][ T7570] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.346318][ T7570] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.377352][   T29] audit: type=1400 audit(1739427485.282:4152): avc:  denied  { unmount } for  pid=3300 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  107.405603][ T7580] Invalid ELF header magic: != ELF
[  107.786656][ T7589] netlink: 'syz.1.1541': attribute type 13 has an invalid length.
[  107.847153][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.867967][ T7589] gretap0: refused to change device tx_queue_len
[  107.903218][ T7589] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  107.990524][   T29] audit: type=1326 audit(1739427485.512:4153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7585 comm="syz.4.1540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbec59dcde9 code=0x7ffc0000
[  108.013994][   T29] audit: type=1326 audit(1739427485.512:4154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7585 comm="syz.4.1540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbec59dcde9 code=0x7ffc0000
[  108.037479][   T29] audit: type=1326 audit(1739427485.512:4155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7585 comm="syz.4.1540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fbec59dcde9 code=0x7ffc0000
[  108.103512][ T7600] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1546'.
[  108.197659][ T7609] Invalid ELF header magic: != ELF
[  108.209439][ T7611] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1551'.
[  108.247011][ T7618] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  108.276970][ T7619] netlink: 'syz.5.1553': attribute type 13 has an invalid length.
[  108.281781][ T7621] netlink: 'syz.3.1555': attribute type 13 has an invalid length.
[  108.293377][ T7619] gretap0: refused to change device tx_queue_len
[  108.300544][ T7619] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  108.319640][ T7621] gretap0: refused to change device tx_queue_len
[  108.329079][ T7623] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in;
[  108.329079][ T7623]    program syz.1.1556 not setting count and/or reply_len properly
[  108.330904][ T7621] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  108.416296][ T7630] loop5: detected capacity change from 0 to 2048
[  108.441830][ T7630] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.454789][ T7616] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  108.463447][ T7634] loop3: detected capacity change from 0 to 2048
[  108.471160][ T7616] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  108.543939][ T7644] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1565'.
[  108.563977][ T7634] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.977082][ T7669] netlink: 'syz.2.1572': attribute type 13 has an invalid length.
[  109.066786][ T7669] gretap0: refused to change device tx_queue_len
[  109.074449][ T7669] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  109.107744][ T7670] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  109.127192][ T7670] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[  109.240839][ T7616] Set syz1 is full, maxelem 65536 reached
[  109.279302][ T6888] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.329992][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.357146][ T7680] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1577'.
[  109.363039][ T7682] 9pnet: Could not find request transport: t
[  109.374792][ T7685] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1576'.
[  109.429393][ T7692] loop3: detected capacity change from 0 to 512
[  109.447668][ T7692] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1581: bg 0: block 35: padding at end of block bitmap is not set
[  109.462256][ T7692] EXT4-fs (loop3): Remounting filesystem read-only
[  109.468979][ T7692] EXT4-fs (loop3): 1 truncate cleaned up
[  109.495205][ T7692] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.509676][ T7692] SELinux: (dev loop3, type ext4) getxattr errno 5
[  109.519246][ T7692] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.524958][ T7697] netlink: 'syz.1.1583': attribute type 13 has an invalid length.
[  109.540374][ T7697] gretap0: refused to change device tx_queue_len
[  109.547786][ T7697] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  109.580479][ T7699] loop5: detected capacity change from 0 to 1024
[  109.592444][ T7699] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.604702][ T7699] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  109.619233][ T7699] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  109.634460][ T7699] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 1 with error 28
[  109.646790][ T7699] EXT4-fs (loop5): This should not happen!! Data will be lost
[  109.646790][ T7699] 
[  109.656495][ T7699] EXT4-fs (loop5): Total free blocks count 0
[  109.662639][ T7699] EXT4-fs (loop5): Free/Dirty block details
[  109.668603][ T7699] EXT4-fs (loop5): free_blocks=4293918720
[  109.674388][ T7699] EXT4-fs (loop5): dirty_blocks=16
[  109.679531][ T7699] EXT4-fs (loop5): Block reservation details
[  109.685554][ T7699] EXT4-fs (loop5): i_reserved_data_blocks=1
[  109.692993][ T7706] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 28
[  109.814406][ T7712] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1588'.
[  109.824100][ T7711] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1588'.
[  110.022996][ T7714] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  110.053909][ T7719] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1591'.
[  110.564457][ T7742] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1602'.
[  110.573502][ T7744] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in;
[  110.573502][ T7744]    program syz.2.1600 not setting count and/or reply_len properly
[  110.598635][ T7746] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in;
[  110.598635][ T7746]    program syz.1.1603 not setting count and/or reply_len properly
[  110.697989][ T7755] loop3: detected capacity change from 0 to 512
[  110.724855][ T7755] EXT4-fs (loop3): too many log groups per flexible block group
[  110.732718][ T7755] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  110.751296][ T7761] loop4: detected capacity change from 0 to 512
[  110.758079][ T7755] EXT4-fs (loop3): mount failed
[  110.775477][ T7761] EXT4-fs (loop4): too many log groups per flexible block group
[  110.783253][ T7761] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  110.792292][ T7761] EXT4-fs (loop4): mount failed
[  110.851970][ T7774] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1614'.
[  110.885899][ T7778] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in;
[  110.885899][ T7778]    program syz.2.1615 not setting count and/or reply_len properly
[  110.950822][ T7784] tipc: Can't bind to reserved service type 1
[  110.970114][ T7784] vlan0: entered promiscuous mode
[  110.975419][ T7784] vlan0: entered allmulticast mode
[  110.980558][ T7784] hsr_slave_1: entered allmulticast mode
[  111.067696][ T7800] ==================================================================
[  111.075837][ T7800] BUG: KCSAN: data-race in mas_wr_store_entry / mtree_range_walk
[  111.083625][ T7800] 
[  111.085960][ T7800] write to 0xffff8881043bcf10 of 8 bytes by task 7797 on cpu 1:
[  111.093614][ T7800]  mas_wr_store_entry+0x162b/0x2e80
[  111.098850][ T7800]  mas_store_prealloc+0x6bf/0x960
[  111.103914][ T7800]  commit_merge+0x441/0x740
[  111.108447][ T7800]  vma_expand+0x211/0x360
[  111.112802][ T7800]  vma_merge_new_range+0x2da/0x340
[  111.117936][ T7800]  mmap_region+0x7e0/0x1620
[  111.122469][ T7800]  do_mmap+0x98a/0xc30
[  111.126572][ T7800]  vm_mmap_pgoff+0x16d/0x2d0
[  111.131178][ T7800]  ksys_mmap_pgoff+0xd0/0x330
[  111.135876][ T7800]  x64_sys_call+0x1940/0x2dc0
[  111.140577][ T7800]  do_syscall_64+0xc9/0x1c0
[  111.145122][ T7800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.151048][ T7800] 
[  111.153396][ T7800] read to 0xffff8881043bcf10 of 8 bytes by task 7800 on cpu 0:
[  111.161013][ T7800]  mtree_range_walk+0x1b4/0x460
[  111.165894][ T7800]  mas_walk+0x16e/0x320
[  111.170090][ T7800]  lock_vma_under_rcu+0x95/0x270
[  111.175056][ T7800]  exc_page_fault+0x150/0x650
[  111.179750][ T7800]  asm_exc_page_fault+0x26/0x30
[  111.184627][ T7800] 
[  111.186963][ T7800] value changed: 0x00007fbec4005fff -> 0xffffffff8551ca00
[  111.194072][ T7800] 
[  111.196391][ T7800] Reported by Kernel Concurrency Sanitizer on:
[  111.202628][ T7800] CPU: 0 UID: 0 PID: 7800 Comm: syz.4.1625 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[  111.213305][ T7800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  111.223376][ T7800] ==================================================================