last executing test programs:

4.317645719s ago: executing program 3 (id=599):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$inet(r0, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
close(r1)

4.244964268s ago: executing program 3 (id=601):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000300)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f00000003c0)={0xfc, 0x0, 0x100, 0x70bd25, 0x25dfdbfb, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @DEVLINK_ATTR_RATE_TX_MAX={0xc}, @DEVLINK_ATTR_RATE_NODE_NAME={0x7a, 0xa8, @random="23f12f6e0d4b88daefed2b4bf2a8b78d158abbcf70ced189e32e71f2e5ac92957c3b8e530f836bf7988516fbfc591c366f382c01460506b3a4fe7fb1cdb00df8b748ec18567da3eda7ce7f448e6ca5f8b84b2bd522837b9f1df0b9ed2e78749e6e06183e10b951d350909c1861c0dc95ef5762695a89"}, @DEVLINK_ATTR_RATE_NODE_NAME={0x4f, 0xa8, @random="d1dedce7b5432115f7fe5976776bc773b84f260a993eed0b10a1089cd99aa662307d5d5dc6ac499bc2929fd5833b8f87dd918bb5a1fb4d460083ef3125160049d93bf280af1e9955e3b5c1"}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0xfc}, 0x1, 0x0, 0x0, 0x4000080}, 0x44000)
sendmsg$DEVLINK_CMD_RATE_DEL(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0100000000000000000054"], 0x14}}, 0x0)

4.216102888s ago: executing program 3 (id=602):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000080), 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x200c8004, &(0x7f0000000280)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001d00010000000000000000000a00100003"], 0x1c}}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000300)='kfree\x00', r2}, 0x18)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/exec\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
writev(r3, &(0x7f0000000000)=[{&(0x7f00000002c0)='\n', 0x1}], 0x1)
r4 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000080)={0x41}, 0x10)
r5 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x88002, 0x0)
pwritev(r5, &(0x7f00000000c0)=[{0x0, 0x4f}, {&(0x7f0000000140)="de", 0x1}], 0x2, 0x72, 0x0)
bind$tipc(r4, 0x0, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r6, 0xffffffffffffffff, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0xc001, 0x0, 0x0)

3.353830504s ago: executing program 3 (id=632):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000080)=0x5, 0x4)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x10, &(0x7f0000000600), 0x1, 0x58a, &(0x7f0000000b40)="$eJzs3V1rHFUcB+D/2d2kL2lNKoLWXhgo2IKaNGlFEcEW650XvhS8KhiTtJRu29BEsLViC/Ub6AcQvBNEvCwiRb3x1jvBDyDFIm1uvFuZzUy6bXfTvGw6tfM8sM2cORnOmSy/npmzM7MBVNZo9k8tYndEzKWI4Y66RuSVo0u/d/vWpenFW5emU7Ra7/+TIuXrit9P+c+hfOOtEfH7zymerN/f7vyFi6enms3Z83l5fOHM3Pj8hYsvnTozdXL25OzZyYlXJl4+dHDy0IG+7OfOiPh17Gjj6ok393w//c2uz3/89lqKw7Ejr+/cj34ZjdHlv0mn7O/6ar8bK0k935/Otzg1SuwQa1K8fwMR8XQMRz3uvHnD8cW7pXYO2FStFNECKirJP1RUcRyQnf8Wr3KPSICH5eaRpQmA22lpbm9xOf+NpbnB2NqeG9i+mKJzWidFRD9m5rI25p5Pw9krNmkeDuju8pWIeKbb+J/a2Rxpz+Jn+a/dlf9aRLyT/8zWv7fO9kfvKcs/PDwbyf+HHfn/aJ3tyz8AAAAAAAD0z/UjEfFit8//asvX/0SX63+GIuJwH9p/8Od/tRt9aAbo4uaRiNcjorj2b7Ej/7mRel7a2b4eYCCdONWcPRART0TE/hjYkpUnVmhjdM9vAz3rOq7/y15Z+8W1gHk/bjS23L3NzNTC1Eb2GVhy80rEs41u+U/L43/qMv5nY//cKttoHX3jl151D84/sFlaX0fs6zr+33lyRVr5+Rzj7eOB8eKo4H6fHr/2Q6/25R/Kk43/21fO/0jqfF7P/Nrb+OzvPzeQ/+7H/4PpWPuRM4P5uk+mFhbOT0QMprfvXz+59j7D46jIQ5GXLP/793Y//1/p+H9bRFxeZZvHfnrraq864z+UJ8v/zJrG/7Uv7P3gq397tb+68f9Qe0zfn68x/wcrW21Ay+4nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwf1SJiR6Ta2PJyrTY2FjEUEU/F9lrz3PzCCyfOfXx2Jqtrf/9/rfim3+Glciq+/3+kozx5T/lgROyKiC/r29rlselzzZmydx4AAAAAAAAAAAAAAAAAAAAeEUM97v/P/FUvu3fApmuU3QGgNPIP1SX/UF3yD9Ul/1Bd8g/VJf9QXfIP1SX/UF311nfHy+4DAAAAAADQN7ueu/5HiojLr21rvzKDed1AqT0DNtvhsjsAlMYjfqC6XPoH1eUcH0gPqN+67i0BAAAAAAAAAAAAgH7Zt9v9/1BVtbI7AJSm9/3/ngwAjzv3/0N1OccH3P8PAAAAAAAAAAAAAI+++QsXT081m7Pn17uwZWObW7BQnYVIfUjcQ1oo+38mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg8F8AAAD//8rF+L8=")
r2 = openat(r1, 0x0, 0x11b002, 0x42)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000640)=ANY=[], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1ba3000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000005424caada275ee6414ec7ab3540c875ee5106c9145c3f3d6265a1aa03632749581dfe6cd2d34470aa823fe66fb2832e5e2b7fcf691dcefd9a7dece246105a9964695c84720b78625ffbd1fa3bddbe9705d10b5065fbca517322213dad74db5a85ae3338aae267d5de7bc9aaea35b1b46e0661ca1f2324d59ba1854f91cd2c4ab942135c537b7d34902ff35eff5d2f5b9e6d8b09e8f333d2dbb0b7dc23b42c08f62abadd84b4a97bf9049d0754b69d689443f8301a58fe20856fd023eb860d045c4850d4abfe1b62ed5ec714aabe334dee34f9714ec60a3009e"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0xe)
unshare(0x22020400)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x24, 0x1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xe, 0x10, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}, [@snprintf={{0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x8, 0xfe00}, {0x7, 0x0, 0x8}, {}, {0x5}, {0x7, 0x0, 0x0, 0x0}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x1a}}]}, &(0x7f0000000ac0)='syzkaller\x00', 0xf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
close(0xffffffffffffffff)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB], 0xfdef)
r6 = getpid()
syz_pidfd_open(r6, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
umount2(&(0x7f0000000540)='.\x00', 0x2)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
recvmmsg(r0, &(0x7f0000000280)=[{{0x0, 0x0, 0x0}, 0x4000009}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=""/218, 0xda}, 0xf}], 0x2, 0x2040, 0x0)

2.868344822s ago: executing program 3 (id=644):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_io_uring_setup(0xd3f, &(0x7f00000003c0)={0x0, 0x8000000, 0x100, 0x0, 0x220}, &(0x7f0000000700)=<r0=>0x0, &(0x7f00000002c0)=<r1=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r0, r1, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x19, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_service_time\x00', 0x26e1, 0x0)
close(r2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
close(r4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=0x0, @ANYRESHEX], 0x20)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r5, &(0x7f0000000200), 0x20000000}, 0x20)
recvmsg$unix(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000a00)=""/245, 0xf5}], 0x1}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x2000000}, [@NFT_MSG_NEWSET={0x28, 0x12, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}], {0x14}}, 0x50}}, 0x0)
sendmsg$inet(r3, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0)

2.787746152s ago: executing program 1 (id=645):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000540)={{r0}, &(0x7f00000004c0), &(0x7f0000000500)='%-5lx  \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r1}, 0x10)
fsopen(&(0x7f0000000200)='devtmpfs\x00', 0x0)
select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x77359400})

2.452136111s ago: executing program 4 (id=653):
epoll_pwait2(0xffffffffffffffff, &(0x7f0000000280)=[{}, {}, {}], 0x3, &(0x7f00000002c0)={0x77359400}, &(0x7f0000000380)={[0x9]}, 0x8)
socket$packet(0x11, 0x3, 0x300)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000140), 0x121880, 0x0)
r2 = syz_io_uring_setup(0x3bc1, &(0x7f0000000440)={0x0, 0x942e, 0x10100, 0x0, 0x2da}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4007, @fd=r1, 0x0, &(0x7f0000000900)=[{&(0x7f0000000000)=""/4, 0x4}], 0x1})
io_uring_enter(r2, 0x567, 0x0, 0x0, 0x0, 0x0)

2.43710015s ago: executing program 3 (id=654):
r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x40, r0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x40}}, 0x0)
sendmsg$SMC_PNETID_DEL(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x40030000000000}, 0x0)

2.436141861s ago: executing program 0 (id=655):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000010000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
set_mempolicy(0x4005, &(0x7f0000000040)=0x10000000005, 0x4)

2.41596886s ago: executing program 0 (id=656):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000001280)={0x2, &(0x7f00000012c0)=[{0x9, 0xe0, 0x4, 0xb}, {0x4, 0x80, 0x82, 0xb2}]}, 0x10)
bind$inet6(r0, &(0x7f0000000200)={0xa, 0x4e23, 0x9, @loopback, 0x6}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000000)={0x1, 0x4, 0x5, 0x80000000}, &(0x7f0000000080)=0x10)
gettid()
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000002cc0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103383)
r3 = memfd_create(&(0x7f0000001e00)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xefE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xd1\xa7@\xa1_B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7<\x7f\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xb0\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcd\x90\x95\xdd\x8a\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\fe\x84\x7f\x10Y,\xe6\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xab>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1d<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4M\xc7\xfa\f\b\x8f\xc4\xbe\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaa\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00w\xa8wW\xb7\a\xda\xe1\xe0\x9b\xcd\x1dM\t\x86.\xc5\x06A\x17\xd3\xb7\xd7\xe8\xf5\xf4\xa48\xa1\x8cp\x89\x95y\x14\xa5k/\xceu\xad\x7f\x04Q\x96[@\xfb\xe4\x11\x88\xda}\xcd\xe8!\xb8\x92\xa14c\x85b\xd9\f\xbf\x95J\xa1cU\xf9\xa3\x11\xad\xaa\x00vZ]An\xba3\xde}G\x95qZ\xff\x1e\x9d\xd8\x86\x9a\xf8\xca\x1dMiJ\x0f\xed\xbb\x1a\xf5\xf2\x90j\x13\xdc^!\xe2Z\':\xb6\x19js|\xb5\xdf\xe7\xe3\xff\x17+\x96\xae\t\xb7\xcd#s5VTT\x93hD\xe9`\xfbl\xc4\xf9\xe7_\xb4\xc4[%B\x85\x91\x0f\xef\x15)je\xc9.\xec\xb7@\a\xa1\x83\xe3/\x04bw\x00\x00\x00\x00\x00\x00\x00\x00\x00\xda\xca\x1fM\x15\x9c\xe0}\x86,\xef=s(\xc0\x03\xf1H\xa0\xa9\xfblV\x81\xd1\xe3KQlR\xbc\xc9\'O}+e\xc3\xabr?v\x9dMS\xa9<\fq3\xe8\xe2I\x9f\x9b\x11\xa4\xc0\xbdV;\x83Y\x86$\r\a%\x1aV\x00\x00\x00\x00\x8f:R9\xe3HU_\xebJ\xc4C\v)\x87[\xa0\xc0\x90\xb0\x9f\x8f\xae |m\x85m\xe6\xa3~\xa4', 0x3)
ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0x9, 0xa, 0x16, 0x1d, "4b8b3ea46929dfed0b2f34380d308f95a023d009855a94a9fe9549918ae7fd1f0ece5bc61375b108403362cfe0f4fccffb1b6a2115354d4df15d017a3f00", "2363f18d9acc6c25af21ca2af6d2e80e4caadd6d126cfb80c92dc817d44dcdec", [0x1, 0x80000200000007]})
rt_sigprocmask(0x0, &(0x7f0000000040)={[0xfffffffffffffffb]}, 0x0, 0x8)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x2d)
r4 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r4, 0xc004743e, 0x20001400)
ioctl$TUNSETOFFLOAD(r4, 0x8004745a, 0x2000000c)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa1000000000000070100"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r6, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = openat$cgroup_procs(r7, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r8, &(0x7f00000001c0), 0x74)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x4)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)

2.37593591s ago: executing program 32 (id=654):
r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x40, r0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x40}}, 0x0)
sendmsg$SMC_PNETID_DEL(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x40030000000000}, 0x0)

2.36997497s ago: executing program 4 (id=659):
syz_read_part_table(0x5d2, &(0x7f0000000000)="$eJzs27+LI2UYB/DvTJKZBE7zH3iBayyEa21WD+Ruue4ae1sbCztB2QRFQdBGCxsLS6/Zf0DbZbG0WgRZC0E7sbLRfWVmMtksNkJc5ODzIZn3B8/7PO+QN+Ubnm1lOZn37VUppZ+pu29dzbYBy7+y6NrZ3qJXXhrGrz99+Ojx6knVbOerVMlv6yFHkmn3aJIXhl5ntW2/meaTp8cfffr5u03WWV+eJPkyWSelHbeWLOohwej7XaFcp+T/8+KN0az/YTIfx6/uBveTTJI2kyGkHzYfHlz/9Ohs01VJqVJ6u/ydB0MzbqjOyb1xp79fZVavtmcp+zted53N3mSbupTy9fP9kezStM0252xc3R3G859OsmmG/8nFt+PiPlt+XAwxu2L1wa8OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAtKL2PX55vx1/1z+kXqfaCpv0nrzXTpJwPqxallKwPrn96dLZ8/4O367xz9ObFW+/9fPzrvCs9yf3jO6Vtk/xZurg30jY3NlRfTaqDqyelXbV9Z5bkbhmnV9nku3s/3K0nacryOnxWDZG9Tf6LHQAAAAAAAAAAAAAAAAAAAEDy8NHj1ZN6keESfOpseyXzfwaXP0opD7qAano9u0iaXPZ34X9JGa/El262y/dcF9CbZ3dhvk/+2Z1bfDH+lb8DAAD//5wGYLU=")
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0x40305839, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\b\x00'/19])
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_timeval(r0, 0x1, 0x2, 0x0, 0x0)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x4, &(0x7f0000000000)=""/152, &(0x7f00000000c0)=0x98)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000061d8500000007000000a50000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000640)='mm_page_free\x00', r1}, 0x18)
setrlimit(0x9, &(0x7f0000000000)={0xfffffffffff7fffd})
io_setup(0x2004, &(0x7f0000000680))
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES16=0x0], 0x48)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
r5 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
listen(r5, 0x101)
r6 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r6, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
close(r4)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x66)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000600)={<r8=>0x0, @empty, @remote}, &(0x7f00000006c0)=0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', r8, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
unshare(0x28000600)
r9 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGSID(r9, 0x5429, 0x0)

2.31005854s ago: executing program 0 (id=660):
openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000380)='./file1\x00', 0xc10c04, &(0x7f0000000340), 0x4, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="5800000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="02200000c04471d7300012800b000100697036746e6c00002000028005000900290000001400020000000000000000000000000000000001080004"], 0x58}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1de65d36d833aac5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r1}, 0x10)
r2 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r2, 0x5, &(0x7f00000005c0)='dE\x00', 0x0, r2)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000001800)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf1<e\a\xa5\x8f\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\xd3K\xfa\xc8\x8d#\xce)\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^\x97\b\x14\xc5\xad\t\f\xdeg\x8d\x16wW\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fBy\x15\x83\xec(B4/#W\xc5\x05\x9d\xd6\x02\fU!a\xdc|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sa\xad\xa6\xb6P\xa3\xf7\xc3\x93\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^\v\xfbO\xf3\xff\x1bf\xedC\xbd\xd1\xf1#\xb3\xe5\t\x9a\xddk\x95\xd5N\xf3\x98\x1a\xa3\xca%N\xf8\xc6\xbcJw\xd8\x99f\xf1\xb5\x93^x|\x05\x00\x00\x00o*\xd3\xab\x05$<\xa3KQm\x00\xd3M\xb2\xd0,\xeeP\x1a\xd0 yI!\x17\x9b\xe7\xef\t\xba\xa0]\xf4\xb7\x00_g/\r\xd2\x06\xc5\x15\x1d\xcc\x0eB\x87\xe9 \x81P\"\xea\xd5#\xa4\xe5\xa1\x19Wp\x83\xf8tC\x10\xbe\xe3\xa9H\xc7\x89\x0eN\xd3\xc1\xd7\x99\xd8\x88\x1dZ\x91\r\xd1\x1c\xac\xe26b\x04\xecB[\xf3Lp\xfcQ\xf8\xec\xa0\x87\xd3\xde\x8bo\xd2\xbb~;\x8d\xc2\xf1\tP\xdfB\"VD\v\x90\xfb`\x8b\xfbr\x87B\xc3\x1c\x99\xe1ft\xd1\xdb\x0e\x86\xa3\xfc;y\x9d\xe6\xe25\x9f9\nj\x8a\xba\xb5\xc7\x92`\xed\x89\xf4\xbd\xc3\xe7l\xa9\xda\xde\xe0\xcf\xeaM\xb2~\x159\x92\xf60\x0e\xa0\xc2\x17\x8aC\xa5\xcf\xcd\x16\xdb\x83v\xe8\xf1\x82\xe2\xa5\xf0\xc7K\xe4?|\xc9\xdfx\xf0\xb1', &(0x7f0000001600)='\xb8\x8b\xadTd\xdcJ\x03\xf7\n\x11x\xf5\x93Q#\xfe\xb4\xeb\xd9/\x90\xad\xc5\xd0\a\xef\x06$*\xf0\v7>\xa8`\xf1)\xec\xba\xb7\x85\a\x92I\xbb\xfe2\xa0\xc1\xb3\x13p\xa2l', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r2, 0x2, &(0x7f0000000580)='\xa3\x04\x00', &(0x7f00000003c0)="c5", 0x1)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000000)='}.&,[\'.\x00', &(0x7f0000000200)='\xb8\x8b\xadTd\xdcJ\x03\xf7\n\x11x\xf5\x93Q#\xfe\xb4\xeb\xd9/\x90\xad\xc5\xd0\a\xef\x06$*\xf0\v7>\xa8`\xf1)\xec\xba\xb7\x85\a\x92I\xbb\xfe2\xa0\xc1\xb3\x13p\xa2l', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r2, 0x2, &(0x7f0000000040), &(0x7f0000000140)="8d", 0x1)
close(r2)
r3 = open(&(0x7f0000000100)='./bus\x00', 0x40542, 0x0)
ftruncate(r3, 0xd)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
sendfile(0xffffffffffffffff, r3, 0x0, 0x8000fffffffe)

2.18674844s ago: executing program 0 (id=662):
r0 = creat(0x0, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000000), 0x1, 0x0)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000480)={r0, 0x0, {0x2a00, 0x80010000, 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x0, 0x3, 0x18, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea80000000000000000000000deff0000000000000000000000000000000800", "2809e8dbe108038948224ad54afac11d875397bdb22d0000b420a1a93c7540f4767f9e01177d3dd40600000061ac00", "90be8b1c55f96400"}})

2.110099079s ago: executing program 0 (id=663):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000040)={'filter\x00', 0x7, 0x4, 0x3d0, 0x110, 0x200, 0x110, 0x2e8, 0x2e8, 0x2e8, 0x4, &(0x7f0000000000), {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @multicast2, @dev={0xac, 0x14, 0x14, 0x3b}, 0x4}}}, {{@uncond, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0xca, 0x2, 0x0, 0x2}}}, {{@arp={@remote, @private=0xa010100, 0xff000000, 0xff000000, 0xf, 0x6, {@mac=@local, {[0xff, 0xff, 0xff, 0x0, 0xff, 0xff]}}, {@mac=@local, {[0x0, 0xff, 0xff, 0xff, 0xf3ed4ab57dcf5325, 0xff]}}, 0x200, 0x9, 0x6, 0xc, 0x81, 0x5, 'bond0\x00', 'veth0_to_bridge\x00', {0xff}, {0xff}, 0x0, 0x4}, 0xc0, 0xe8}, @unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x420)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000480)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x4}}, './file0\x00'})
connect$pppl2tp(r1, &(0x7f00000004c0)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x4e24, @remote}, 0x2, 0x1, 0x4, 0x2}}, 0x2e)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000500)='\x00', &(0x7f0000000540)='+\x00', 0x0)
r2 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0)
ioctl$SG_GET_VERSION_NUM(r2, 0x2282, &(0x7f00000005c0))
syz_genetlink_get_family_id$team(&(0x7f0000000600), r1)
ioctl$BTRFS_IOC_SNAP_CREATE(r0, 0x50009401, &(0x7f0000000640)={{r1}, "fb56375e2eebe8ced20f1a74f8254c9ca5064001d531441ae46c9cf1b014bde23680c0ea98eca39743fa6af1f7c46a0753238cfda11f5485d7021b1712b507ee9d882643e2769c60d7f2a7b8a203b3674e1b70b8ca7056d6dab2f4a35c41bf5035bfc2819c25930d37266c640a154525780b071444e41426199b270fcbc75d290007f49237c5445c4bed82b07336422187e5f47881a27f8e1d23fda16e8710eebbc5f626197481ca011a7464633dcc386670400d8c9ec7281c92fc76f5ea0012782fd9b38c100420d59128a98d79657badaf49a75988c50bb14197d1d3d42399b4268b9cd0071c0b2276d2e3d803abca3c22295e824ba22b9a1cf3b0cef976e9bc1fab92120ed0641cd9d85b19f5f83241fa75988aae581094adca261b0e0ae813014277bbf4657694603652793560b1dd56c8c792c1ca412bfb754a5068d6fc6ebb076a4ea090032658815eea12f58dbf047f9f64a7a5cee580d4bcb31fbaf3435b1ab5c2cde3a2ddcbda2b5d4dbdb74d39a46cc9ed32bcd9479400370c1b295cca289e85707f506c6572ae2ea27e8fb5a76ac5cef7b5439bfab907a63b23aefb3b21c2aeb91364449a89c501944c44f2ed04a31ceafb3f8ddc4a926e44a41c805b6d6ff026be48cdc47d16f4cfc15d52cb49ee2af53b623e56db7f200adf293978ea106564eabb3ddbf029a1d329ad565189a8cd008488b7622d2cf9df75ef60c0211cdc09f5dd56d4d9e6a7d4f493fe0736042edbef2e72cc422fb241915a6cc497d63d903b88b7158210efd2c0bc0a777f0f72d0b0ad16c3e6429c5628c57fc1d643bbaaa80eec7e06cfc26f1d2ca0546fc6fd57398f0d00006db1d346f1e3f663ad8b4d7578de00f5cce2ffbb5ffa835df0e606e8c70f79bd8a3f1b30f3380d233d596c8475b644398cc4a2136f4ce8c8cabedaf65752877c846436911c18dcea4c3b6b588d3642b35c0a59a371c96cf3eb32058fee16383de606c1e58104b46fa1c8b0f73366f94055a8b46a1d278870b153054dd8e3f4d448dd51f8c164465d81b46e528650c1064fb5622b670f2ef16cb2e5f208de3a7d5fb0b2c2e4734d78a31c4ecb86a22cc7916ac617db60a0cdadbaa4311270534bcfd0a7e66cc2d8bac21532fbc5bf9a76d0a917bd3f09b56bf15f029becc94ee655e4136c74e3951450178fdcd223e9a7bf46472165e7a820588e5ed6432ae02ed4c83958d94b4ce781d4cdbb5669e65c1962a90688eb598eed5ce35d0925a92711dbece8cf613cfa19e44c7d7c2845cc36bfa0cc0e4900d5b6fe24aeb0712c8e89f49a9f812a5352166a4fde1cb0d4e6679759c35021977b4ff3e03a3e0e0aff667bc44de6cde321b6b916a76cb9f0639b34c37832baa920388efa6cd17bfaf97861c3ddc6e85027f622d356b93e56a303eb5ce1ae69cf0b2c7869b2ed8009c8ac8ad81027a330f0a025c64936a268ff7ef3fdf7b4d278f0948d188e5862ecbe35d50ee29837cd0fbed479ecffd7ee693f9e910538370cc6e5b850953a1b9a1996db8841f7b8f4c5d1554abed9c8ba7788290ec1c3c66c3de1509b1793355115a19ebc37812509c5fc62843c2d1704c6d6a9bccc57e08250155dc4fb2d23ab150e5bf404724c832fcb7e976c151ea8b917e49ba9f247e14c6dea94f993400f88698de8654bcf20449061a7329a2e78fb51f811c63fd69919506ea4deeb1db041973bdd4aa7478445069d6958183e03d6e2663724476a2bd308bda1deb6e6777ba3b664b7b040dee679a413702315b486bd1a753229aeb01be5d0192aa841bbda07397c78f98a541c4697d0f7e8303365d2062e4ada93961c22a5b5b45f6fe04f0640d87ffb694119b844854bf452a34266ea3f2c0a20a87f63c32252d0f3ac36469196526a7f958d7b530bd6e5fb22e9cff906f05025a96077b647529d144519283aecf334103e105a2f1b22b9bffce37f67b6979721f3b77fa19396ad8162d3967e90298e2f9b4565485889bac8997cbf2518340d27b8748fce1984356305fe9e2a50108c885b3163fdc6671d7ce7ceceb0ae4e4df4f078d3ef38ea5c7a5d4cc38a51ea128bbd1bee1d29fa47d179caa44141653600d672a1eafb727ec16614b1ce4f0685846544b8543a1d06fcb3ad3a44837200b11595e59d52c3e14fa43e7b58b9f75c7d01c78534ae35db7d27227161fdcd9a9106a41027d10f05f2309ae197531418bdb44dd6394d216e50d37b83c9b80a3aa48a79a7b3b056c6ee4b1ca429c706145a479fa13619dc902697af21a37344bc398ac106e405f957eec3ce74a70a2d93811549863eff7ef40613c40c2531a0c5ac01d39d72be7485a67e32b88e494fcf6431b18cf98d936d9beaa2712783c9619af680feb5dd92a455e22f5748670fec02ec89cad98cf34df0db8e27aceb14d6f9c63d82ff145a9c6f92896d8ae72f7456b9edda572b6602604034f68056a8cb95dcd378b319571df3e787259845b4b2ba30a1f039571091267b7df84d77424d66d0d32e4c4ecd5e15841c3a23a9cf4221f5a6f68cd0edf2594af5378c1ff9cdf59751352a139a528cbebe5d4faca4141ed60d417980ea4e08c9120118bb9b7f4391bd0a77170408e5cb7631e781684b198b041ebb24d36b7b750937195cf1b4c4752d6fba61c21d4b009ee99e1c6ccf1056d158d6dcee298b5496d5a2f2e4c02a9e37ef3bf35fedd5551904e5a42d0a06c5b91722beb2c629e8e41cf8ba536f77e39575ae4b5e8619d13133077aee48f62871d4098cc38ec63eb1285e38b73495636440112c2907930903c8139f1f251509206d9e21cd19985212f023227f51670e398e6eeed8e76433d7b286a9e5d766da411bd03cd420b770a6ad3dcd53dc6a2fbf700abd8c7397251aa7495d04caa99734d0f5b36b4a46e352cde971f7c33299c8952e762d6750a60e80887732848b10866e5f255b6ccb5663009fb5e3a4ea9078f73cecfeacb41d7be1501f401fe588491244951d00bb9305bab45a821a60ae70a2707e052310b9f062f110b86fb58bfb621ef03c3f446e7200e66bb6fdd5b466f82ae6e1e15925352d28b70aa2757774713d5c62afc050d8e3bdf0dfd194806d6dc87984a012458c0ee4fecfaeb71785cb8e8adc841dc9f3d4a64c3627d2b82e56da02e3b25195b258338bcc3949dfe9a33f90212f1b571629fab465cc26e8a7922b12a77497ca0ba13a73f1e383199a331c015b73d106a5fe364f0a80cee7d8f6f963e02902e6c8ee144db955c9f3f999fcfd0b7d4f254cc6935e33fe90e61933e54f4fdbddcf51ddb518e54e7d1f7420c094798ea8849c8fd63042c7605e893987b7424f54527cfc4654679dd48c80b14e4c7e25283116c859936da6f0b8b7966011f33385d7ce2964839ca30f06a4fc725e715f6e05f17c81eadeae0606c02576b942c8fe03cbc1ac8b80d4d4e2f6e0781434eaaa6c274ee9c4374e343382eb884165487a3781c064263bf85c989e28919ce500151c7da66ad5b39323e587402c51a82885bcb292f0131b477ea4110532c82b6e06e86a554b174cf6d781cf24979f7ef684355cfbce27bf6b91e0ffca50ddd9d05d7ce7035b8de369c7188e487f7a887545033aac79249701a83fbce283bcf1a767b30f2627cc814fb92d330bc626059e8653ed6066b3834807b153b855b369e82defbf75ff346a4d5cb7aee20e987cddc17f372339bc08a9a2a27a59755cd7fabffb00bac99930d1cc94fc8a6fdbc0154a42d95f255d5e163e2489ac4acc5c3917d7a5b79b5b47cf3cd89bd3739fc6c2067c8579f3b46f6abf8d75204ad1260e1f61046b778f2f6a654dda32cd77c1e807264d776e29e41cd67d45c681a64221db80f2361ae6409ba6cd3a0ea697bff5ba057e6eb72345691f1f48a5306990ec96f8bc99fda611f0fbe59c3beb13a985943c16930d56bac26e4bf20c81f94e3f465d1919ecadf953ebfe4dc843d57eeb16e98acb022a3b9a804ce41cd35bffa63f38d7e1f9b04c6ab9d79696e4666e423c1a0c43b2f305ca2fa2d1739be75620f69d7ce815cb7fa931af437ecafc2701b33890f9e8f118ed66f6ebcae46a0c4de4677e6e72443cd7917b9973bc5685d9e188e9140782eff9c5c52ef9887a580f3a97086cbe595beefd58586efc9aa7390968b55ad081a9c5efb1f85b68ec2d6e46a30c5caa367bd0c948c7fdd78d217a619b5d4abfde2d04f7e6fe297f4b9ce91a1eeea60bdbd0d4d58e14a6d874dac7f8a9a957bab78a4fa14bc9ac6c18f72dfbab82005895d14c70df44be5f73328ff062ba69247e7be5d2f2c615501ffe54f1bb8aff5744a4eef6f1377a4ee641c876c81d7d3f27a656eb8926df6428d59308938ff4a1b6be5f80078d116e7b838462f2cac8f514f8cb0ecadcc85f10d5752ba770575affeadc4bffc668121adddb5552994b0fd437118a3179935ca4cd847d9a3cec87cb5bdf06f53f6a446ce051501f13f8930a45e5164d5d1c2fadfeed8df0ae11e088d2a827f9d0f4208d19df6228f76f2041a2639f5110ad226582d429c9ddb48e3ace067d9d9406f4e4caefee7ec64519b3df1e7243a23c59ae87e175615527e3f0b0fa99f4706e054060e72bf37e140369f20ff95e3b5e7234aef19e9e6145b20286c6283d1f3d4c33dafdaa812576b4c70091d9e5008f90858151f1f5cd31f854e8e032ad24938c1107067a3e33f8293c607b6b3bb7b82190071c4969ff38647fc34c232698cd76231d8f9986014717e61fdd7ec8adbd7afe681a7c1e8bc86f0604f3b0ab06c8dc099669b1413a7dad14c259283e0b4861615924386e6c85f909282310d7f9bc69da90e36e07663e17c366dc2cea1212c643121f8a28010da9df74ffbdade342839ef03a079a336105e553014bf86d6cdb76ad0f7cdf100d3aa0ebd312e3cfdbaa4967360dbac3c5a6a72835fc686778710132ae566ded3989568a70990bb75e93de8868695f765caad3e975bfc8eef9e95d509a7e34603c6e5f58ef6752cd37f81a6eb75a54f831c65cc77577209988297aa121a1b6decfac3098c9d9a0e3d71cb100e3ed4f3f8d0f2659e0c631d6a4df29fa222469e43ed4f911350980e18f2dfb5700c6f2c0baefeecf6597ecd305e66d51183b1c875adce9338fbdc3860d30ad8e597c3788b046eaebd7e676c057e7da5d87253c4092c25203b84a5fb95a2fa32ad0ed56ecacac9f5f14ac37b65de43e6e9876fefc08f4d623e6e4bafb808d4ac8751155f1f621a1aa83ca9975435258131ce278f28e60efc29f0012618086b9510361152b20e272b175048c772b8078cee4d149a74a9101872e2b3cd2abe5515283ce6a658043cf3ba1bdf728e60c91cb1659187056e57c7b116f90bc0e86023db3c376a3817d10c2f8407800ef9d7bef97803808876c956345130b278e6df46990a067fbf7838b4e0a0d7cdd3c86a49275444376237dbf20f3d437a0dbe53f102615a27ee8a7c7080b9445de54c4dbedf69e283773bc76b5f7a2b72a1f38c06bfb9a60923c22dd7a0c75bd521693b2fe804e496880052fcb1e840a0a4d68efe0d8c6583569ce22ce6ff30118daea36c07339ec8e512c70ec823a45052d8002ce071f784514ef14b3a2ae9277767ff66445949d1d60fc26955b2fd162524ce8c1c45d1df6a0a32249eadd0c5ac3e1e0dd8a72ce9a25290a95c24dfe48e006105b3cec3788bf0ef7deb4193d4e99eff770ddaccf770f5fb8cef94ea139ab85fdccd3b08d79753c387ec70adcfd98843411ba93d383de2169e4d5db1054aa3904b1fc"})
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000001640), 0x24a00, 0x0)
ioctl$KDSKBLED(r3, 0x4b65, 0x2)
r4 = socket(0x2c, 0x6, 0x6217)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x5, 0x4000010, r2, 0x4d58a000)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
write(r4, &(0x7f0000001680)="970963e058d7efd59145d641378666faa67e40fbd5846f0d4beb9ad21b0923a6d222fd22a47165349fa8230d4fe07c1c4e644be8fd7bd2f028492daa70e7019dafb8f2a6db934a976689660bb0cae05f7a47c5881e42f9045b2d1f74a9d23be93f7d9531ddc26e15bddce3b76d82329dc699b00a3c9992c4e48b039819ae4ca21cda65ffd87fd96b5c8351d63773cfbff36650d2dee961523cd42307e98245f98e8fb1b5c3f59b802669e9", 0xab)
getsockopt$WPAN_SECURITY(r1, 0x0, 0x1, &(0x7f0000001740), &(0x7f0000001780)=0x4)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000001840)={'syztnl2\x00', &(0x7f00000017c0)={'ip_vti0\x00', <r6=>0x0, 0x80, 0x8, 0x7, 0x5, {{0xa, 0x4, 0x0, 0x1e, 0x28, 0x64, 0x0, 0x80, 0x4, 0x0, @rand_addr=0x64010101, @rand_addr=0x64010102, {[@noop, @noop, @noop, @timestamp={0x44, 0xc, 0xf4, 0x0, 0x8, [0x0, 0x7]}, @ra={0x94, 0x4}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000001900)={'ip6gre0\x00', &(0x7f0000001880)={'syztnl0\x00', r6, 0x4, 0xf7, 0xfa, 0x3, 0x1c, @private0, @empty, 0x8, 0x1, 0x9, 0x70000}})
socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000001940)=<r7=>0x0)
fcntl$lock(r0, 0x7, &(0x7f0000001980)={0x0, 0x3, 0xf370, 0x7fffffff, r7})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r1, 0x402c5342, &(0x7f00000019c0)={0x5, 0x0, 0x1, {0x4, 0xffffff7f}, 0x100, 0x6})
r8 = epoll_create1(0x80000)
ioctl$FICLONERANGE(r5, 0x4020940d, &(0x7f0000001a40)={{r8}, 0x3, 0x4, 0x9})
socket$rds(0x15, 0x5, 0x0)
r9 = accept$packet(r1, &(0x7f0000001ac0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000001b00)=0x14)
getsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000001b40)={@mcast1, <r10=>0x0}, &(0x7f0000001b80)=0x14)
bind$packet(r9, &(0x7f0000001bc0)={0x11, 0xf6, r10, 0x1, 0x1, 0x6, @local}, 0x14)

2.032078529s ago: executing program 0 (id=664):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000004cc0)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000380)="a1", 0x1}], 0x1, &(0x7f0000000a40)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r1], 0x30, 0x40400d1}}], 0x1, 0x10)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r0, 0x0, r2, 0x0, 0x400000, 0x0)

1.998478549s ago: executing program 4 (id=665):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_io_uring_setup(0xd3f, &(0x7f00000003c0)={0x0, 0x8000000, 0x100, 0x0, 0x220}, &(0x7f0000000700)=<r0=>0x0, &(0x7f00000002c0)=<r1=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r0, r1, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x19, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_service_time\x00', 0x26e1, 0x0)
close(r2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
close(r4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=0x0, @ANYRESHEX], 0x20)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r5, &(0x7f0000000200), 0x20000000}, 0x20)
recvmsg$unix(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000a00)=""/245, 0xf5}], 0x1}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x2000000}, [@NFT_MSG_NEWSET={0x28, 0x12, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}], {0x14}}, 0x50}}, 0x0)
sendmsg$inet(r3, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0)

1.905334928s ago: executing program 4 (id=666):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$netlink(0x10, 0x3, 0xf)
r0 = socket$isdn_base(0x22, 0x3, 0x0)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r0, 0x8982, &(0x7f0000000200)={0x3, 'veth1_virt_wifi\x00', {0xc86}, 0x6})
r1 = socket$netlink(0x10, 0x3, 0xf)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xfb, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES8=0x0, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap$xdp(&(0x7f000071c000/0x1000)=nil, 0x1000, 0xe, 0x42032, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syz_read_part_table(0x5d7, &(0x7f0000000600)="$eJzs3L+rHFUUB/DvzO7sD4g+KyvBhRQGBZ9g62Is9JkuiHaCthZPJFYWsruoWKh/QHotjEKItYWCBDGdlQgPLUTsLUxhvPLmx+4DtdqgCJ9PsXPuufeec4eZdjb8v5WDpFTJrbPJcd0HPyfvNMnmpaeSaZdq+qkqyQvXnn7m0uJyNd3mTrPrfna6KzgZCmfRR5+P88G1o3fbeJ0qq/Rhmk8nGbdH6/Zd/euhb1dtLf5zF74o3YOY5Nt8luS4GrUPP9nko+S+zNrBYZJR+p91Mj+NJvv3v768uXmyj+fp37SmG63yUHmsn2tSSil1VueHnaPkgScOr/xd0aY7/lmllObcsLdO/ujD4zuT4T18/OsfV9k8uK3ediylG5/Mk9dOnnu0rVV1NZr9bx8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLvswusPf1kPg4vtb7WNn/049W7pOvl9iBezu9T/+vLmwVtvX6nzxvKV715986ejX/JrklEOj84l0+26l7vLjffay7jP3j/ft//xnXryyYdf7er0pavkm/Pf3y6jPn2yXbA7U5b1vu0BAAAAAAAAAAAAAAAAAACgdSOXFpfrPJ9UeTG7z/1LZklVDcNZUkopv5XW8PH/5Oq9fXTrh1Snm1Kqs9UvJgf3JGX6/iPt3wp0G0sp47ZF9e/cI//szwAAAP//HfdkCg==")
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000240)={[{@grpquota}, {@auto_da_alloc}, {@minixdf}]}, 0x1, 0x50c, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLEaGVEHsEqRsSN4pix1HsLJvQQ3rmikQlTvTIH8C5Jw7cuCC4cSkHJH5EoAaJg9GMJ6mb2o3VJHYUfz7SaObNm/r7fXH8Xuc59gtgZF2PiP2ImIiITyNiNjufy7b4qL0l1z05uLdyeHBvJRet1if/zKX1ybno+DeJa9ljFiPihw8jfpJ7Pm5jd29juVqtbGfl+WZta76xu3drvba8VlmrbJbLS4tLCx/cfr98bm19qzaRHX318R/2v/WzJK2Z7ExnO85Tu+mF4ziJ8Yj4/kUEG4KxrD0Tw06El5KPiNcj4u309T8bY+mzCQBcZa3WbLRmO8sAwFWXT+fAcvlSNhcwE/l8qdSew3sjpvPVeqN58259Z3O1PVc2F4X83fVqZSGbK5yLQi4pL6bHT8vlE+XbEfFaRPxiciotl1bq1dVh/scHAEbYtRPj/38m2+M/AHDFFYedAAAwcD3G//1B5wEADI77fwAYPcZ/ABg97fF/athpAAAD5P4fAEaP8R8ARsoPPv442VqH2fdfr362u7NR/+zWaqWxUartrJRW6ttbpbV6fS39zp7aaY9Xrde3Ft+Lnc/nvr3VaM43dvfu1Oo7m8076fd636kU0qt8sgAAhum1tx79OZeMyB9OpVt0rOVQGGpmwEXLDzsBYGjGhp0AMDRW+4LRdYZ7fNMDcEV0WaL3GcVuHxBqtVqti0sJuGA3vmT+H0ZVx/y/vwKGEWP+H0aX+X8YXa1Wrt81/6PfCwGAy80cP9Dj/f/Xs/1vsjcHfrx68ooHF5kVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXG5H6/+WsrXAZyKfL5UiXomIuSjk7q5XKwsR8WpE/GmyMJmUF4ecMwBwVvm/5bL1v27MvjvzTNWb144PJyLip7/65JefLzeb23+MmMj9a/LofPNBdr48+OwBgNMdjdPpvuNG/snBvZWjbZD5/P27EVFsxz88mIjD4/jjMZ7ui1GIiOl/57JyW65j7uIs9u9HxBe7tT8XM+kcSHvl05Pxk9ivDDR+/pn4+bSuvU9+Fl84h1xg1DxK+p+Pur3+8nE93Xd//RfTHurssv4veaiVw7QPfBr/qP8b69H/Xe83xnu/+177aOr5uvsRXx6POIp92NH/HMXP9Yj/bp/x//KVN9/uVdf6dcSN6B6/M9Z8s7Y139jdu7VeW16rrFU2y+WlxaWFD26/X55P56jne48G//jw5qu96pL2T/eIXzyl/V/vs/0P//fpj772gvjffKdb/Hy88YL4yZj4jT7jL0//ttirLom/2qP9pz3/N/uM//ive88tGw4ADE9jd29juVqtbI/kQfR38e+zH9alyHmkD5Jn4RKk0fXgO4OKNRHdq37+TvvXdDKi8xe71XqpWL16jPOYdQMug+MXfUT8d9jJAAAAAAAAAAAAAAAAXQ3iE0vDbiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABX1/8DAAD//9RMyv0=")
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00', r7}, 0x10)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000000f8c0000000c0a01080000000000000000010000000900020073797a3200000000600003805c000080080003400000000250000b80200001800a00010071756f7461000000100002800c0001400000000000000000140001800c000100636f756e74657200000000000000058011e70000666c6f775f6f66666c6f6164000000000900010073797a30"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x28, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x21, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x101800, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)

1.900192808s ago: executing program 1 (id=667):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_io_uring_setup(0xd3f, &(0x7f00000003c0)={0x0, 0x8000000, 0x100, 0x0, 0x220}, &(0x7f0000000700)=<r2=>0x0, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000080000000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_service_time\x00', 0x26e1, 0x0)
close(r3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
close(r5)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x20)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r6, &(0x7f0000000200), 0x20000000}, 0x20)
recvmsg$unix(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000a00)=""/245, 0xf5}], 0x1}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x2000000}, [@NFT_MSG_NEWSET={0x28, 0x12, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}], {0x14}}, 0x50}}, 0x0)
sendmsg$inet(r4, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0)
io_uring_enter(r1, 0x4ac9, 0x1800, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000080), 0x4100)
madvise(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000004c0)='kmem_cache_free\x00', r0}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000240)={0x2, <r8=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xd, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000005c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.760718258s ago: executing program 1 (id=668):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x10, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000030000000000000000000400b70800000000000919e02bd9de83ea007b8af8ff00000000b708000000000000678af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000ed9d21e118230000a244f6694b28a45418ae17b2c00ed1d3b0a2dc139dc7da091b6e30aa46ffff156a9d89e571e7220746badb32df1432e4a5eda9662c25be55484a2f4d04cae28d343d3c874627c8089b04c640922c16d7301667aa0acbc9a85d3d", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) (async, rerun: 32)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x20321, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) (async)
syz_io_uring_submit(0x0, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
io_setup(0xff, &(0x7f0000000000)) (async)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_LOOPBACK(r4, 0x65, 0x3, 0x0, &(0x7f00000002c0))
connect$tipc(0xffffffffffffffff, &(0x7f0000000040)=@id, 0x10) (async, rerun: 32)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1) (async, rerun: 32)
r5 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f88)
ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f0000000000)={'\x00', 0x8, 0x2, 0x80400, 0x2004, 0x800})

1.429863356s ago: executing program 4 (id=671):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYRESDEC=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x200005)
r1 = socket(0xa, 0x1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x8, &(0x7f0000001dc0)=ANY=[], &(0x7f0000000700)='GPL\x00', 0xffffff80, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x6}, 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000a40)=ANY=[@ANYBLOB="bc0001000000002c167e600020010000000000000000000000000000ff010000000000000000000000000100000000000010000a00000000cf5e", @ANYRES64=r1, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000000000000000000000000000000000000401050064010101000000000000000000000000000000003c00000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000fe8000000000000000000000000000bb000000003300000000000000fe80000000000000000000000000000000000000000000000000000000000000000000007f000001000000000000000000000000000000006c00000000000000ac1414aa000000000000000000000000000000000000000000000000000000000000000020010000000000000000000000000000000000002b0000000000000000000000000000000000000000000000000000000400"/372], 0x1bc}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00', 0x19, 0x2, 0x208, [0x400000007ff, 0x8, 0x0, 0x20000630, 0x20000660], 0x0, 0x0, &(0x7f0000000780)=ANY=[@ANYRES32=r1, @ANYRESDEC=r2, @ANYRESDEC=r3, @ANYRES64=0x0, @ANYRESHEX=0x0, @ANYRESOCT, @ANYRES16]}, 0xd7)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000880)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x2, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000021000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000400000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff020000000300000000000000ffff0000000000000000000000000000000062726983676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000d8010000d801000010020000636f6d6d656e7400000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073746174697374696300000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e3000e575dd73000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a8000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff00"]}, 0x3bd)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000000)={<r4=>0x0, @in={{0x2, 0x4e22, @broadcast}}, 0x800, 0x2, 0x7c78, 0x10, 0x7}, &(0x7f0000000100)=0x98)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000140)={r4, 0xff, 0xb, 0x4, 0x81, 0xfffffffb}, 0x14)
r5 = add_key$keyring(&(0x7f0000000180), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$link(0x8, r5, r5)
add_key(&(0x7f0000000300)='id_resolver\x00', &(0x7f0000000380)={'syz', 0x1}, &(0x7f00000003c0)="fa4b156d0b0a199b0f18b10f3c941b5d032b28bfd80448258f52bd2f8738a5cfedbae119a0d44d52183e53e6e0ce13d99a2c7a66f093dbab8ca3ef8836c0036d4f0243", 0x43, 0xfffffffffffffffa)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x127081)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000008c0)='sys_enter\x00'}, 0x10)
recvmsg(0xffffffffffffffff, 0x0, 0x141fd)

1.230204685s ago: executing program 1 (id=673):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x3c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0}, 0x0, 0x3, 0xffff, 0x0, 0x0, 0xfffffffa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x808003, &(0x7f0000000000), 0x3, 0x4ed, &(0x7f00000005c0)="$eJzs3d9rW28ZAPDnpM1st8526sUcuBVRtqFL2tVtxYttgujVQJ33XW3TUpo2pUm3tQzp8FoEERW90StvBP8AQfYniDDQ+yGiDNnmhRdq5CQnW79d0nYsafZtPx94+77nR87zvAk5yXvOaU4Ax9Z4RNyOiIGIuBwRo9n8XFZiu1nS9V6+eDSXliTq9bv/TCLJ5rW2lWT1qexhQxHxnW9GfC9JmjN2qG5uLc+Wy6X1bLpYW1krVje3riytzC6WFkurU1OT16dvTF+bnuhaX29+/W8//dFvvnHzD19+8GzmH5e+n+Y7ki3b2Y9uaj4n+cZz0TIYEeu9CNYHA1l/8gdZOel9PgAA7C39jv+piPh8RLz6Rb+zAQAAAHqhfmsk/pNE1AEAAIAjK9e4BjbJFbJrAUYilysUmtfwfiZuRblSrX1pobKxOt+8VnYs8rmFpXJpIrtWeCzySTo92Wi/mb66a3oqIs5ExE9GhxvThblKeb7fBz8AAADgmEjH+SO5Zjut/jXaHP8DAAAAR8xYvxMAAAAAes74HwAAAI6+t8f/480qGTz8ZAAAAIBu+9adO2mpt+5/PX9/c2O5cv/KfKm6XFjZmCvMVdbXCouVymLjN/tW9tteuVJZ+0qsbjws1krVWrG6uTWzUtlYrc007us9UzrQfaIBAACArjpz4clfkojY/upwo6ROZMuM1eFoy73b6kmv8gAO30C/EwD6xgW+cHwZ4wP7DeyHDikPAACgdy5+9vX5/+HYcf7/9DPHBuCoe8fz/8AR4vw/HF+7zv//ql95AIfPGB/Y7zhAx/P/f+x+LgAAQG+MNEqSK2RjgJHI5QqFiNON2wLkk4WlcmkiIj4ZEX8ezX8inZ7sd9IAAAAAAAAAAAAAAAAAAAAAAAAA8DFTrydRBwAAAI60iNzfk4hIYihi9Asju48PnEj+PdqoI+LBL+/+7OFsLSLupbNez6/9vDG/tn61DwcwAAAAgLe0xumN2o38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiyly8ezbXKYcZ9/rWIGGsXfzCGGvVQ5CPi5KskBnc8LomIgS7E334cEWfbxU/StGIsy2J3/FxEDPc5/qkuxIfj7Em6/7nd7v2Xi/FG3f79N5iV9/V8vNP+L/d6/zfQYf93ep9tn8jqc09/V+wY/3HEucH2+59W/OQ997/3vru11WlZ/dcRF9t+/iQfiVWsrawVq5tbV5ZWZhdLi6XVqanJ69M3pq9NTxQXlsql7G/bGD/+3O//t1f/T3aIP9ap/0kzp3q9/TYv7Jr+79OHLz7dbsUk4vkPs3ab1/9sp/jZc//F7HMgXX6x1d5utnc6/9s/nd+r//Md+r/f63+p00Z3ufztH/y12cof8BEAQC9VN7eWZ8vl0vpBG+mg98ArH2Ij7cwHkEYXG+MfRhoax7PR7z0TAADQbW++9Pc7EwAAAAAAAAAAAAAAAAAAADi+Wv//3/ot5178nNjOeEOtRpIcel8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPby/wAAAP//nXrOGw==")
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000240)={{0x1, 0x1, 0x18, <r2=>r1}, './file0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x1, 0xe, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1e920000}, [@exit, @map_idx={0x18, 0xa}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8001}}]}, &(0x7f0000000140)='GPL\x00', 0x4, 0xb, &(0x7f0000000180)=""/11, 0x41000, 0x1, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x0, 0x4}, 0x8, 0x10, &(0x7f0000000200)={0x3, 0xd, 0x1, 0x3}, 0x10, 0x0, r2, 0x1, &(0x7f0000000280)=[0x1, r0, r0], &(0x7f0000000300)=[{0x2, 0x3, 0xe, 0xc}], 0x10, 0x9, @void, @value}, 0x94)
r3 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)
keyctl$set_reqkey_keyring(0x5, 0xffffffffffffffff)
request_key(&(0x7f00000000c0)='logon\x00', &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0)
r4 = socket$xdp(0x2c, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x400000000000004)
setsockopt$XDP_RX_RING(r4, 0x11b, 0x2, &(0x7f0000000040)=0x1000000, 0x4)
writev(r5, &(0x7f0000000100)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80ffe0090f000000000000a2bc5603ca00000f7f89000000200000004a2471083ec6991778581acb6c0101ff0000000309", 0x48}], 0x1)
setsockopt$XDP_UMEM_COMPLETION_RING(r4, 0x11b, 0x6, &(0x7f0000000000), 0x4)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000c80)={r2, 0x20, &(0x7f0000000c40)={&(0x7f0000000bc0)=""/10, 0xa, <r6=>0x0, &(0x7f0000000c00)=""/61, 0x3d}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fsconfig$FSCONFIG_SET_PATH(r3, 0x3, &(0x7f0000000440)='sys_enter\x00', &(0x7f0000000b80)='./file0\x00', r2)
r7 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000400)={0x41, 0x4}, 0x10)
r8 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r8, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10)
sendmsg$tipc(r8, &(0x7f0000000480)={&(0x7f0000000100)=@name={0x1e, 0x2, 0x3, {{0x41, 0x4}, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x200040c0}, 0x20000001)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
syz_io_uring_setup(0x107540, &(0x7f0000000080)={0x0, 0x0, 0x100, 0x0, 0x8000000}, &(0x7f0000000100), &(0x7f0000000000))
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r2, 0xc0189372, &(0x7f0000000480)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xc}}, './file0\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r9}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0x8000000000005]}, 0x0, 0x8)
ioctl$TIOCL_GETKMSGREDIRECT(r2, 0x541c, &(0x7f0000000cc0))

817.633513ms ago: executing program 2 (id=675):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f00000013c0)=0x1, 0x4)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
r2 = socket$kcm(0x10, 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, 0x0)
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r3, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
sendmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
sendto$inet6(r1, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x0)
sendto$inet6(r1, &(0x7f00000003c0)="a7", 0x1, 0x0, 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup3(r5, r1, 0x0)
stat(&(0x7f00000003c0)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x8a, &(0x7f0000000540)={[{@jqfmt_vfsold}, {@usrjquota}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@noload}, {@resgid}, {@usrjquota, 0x22}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@init_itable_val={'init_itable', 0x3d, 0x101}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}]}, 0xfe, 0x451, &(0x7f00000016c0)="$eJzs3M9PHFUcAPDv7rK0tEWw/iy2ilYj8QcU+sMevNRo4kETEz3UeEKgDXZbTMHENkTRAx5NE+/Go4l/gRfrxagnE696NybEcLF6WjO7M3SBXVhgYWv380kG3tv3Nu99Z+btvn2zswF0rMHkTy7iUET8FhF91ezqCoPVf7eW5yf+WZ6fyEW5/OZfuUq9v5fnJ7Kq2fMOVjPl8gbtLr4TMV4qTV1N8yNzl98fmb12/fnpy+MXpy5OXRk7e/bUyWPdZ8ZOtyTO3qSvAx/NHD3y6ts3Xp84f+Pdn75J+nsoLa+No1UGq3u3rqda3Vib9dakc11t7AhbUoiI5HAVK+O/LwrRs1LWF6982tbOAbuqXM6X9zUuXigDd7Fkog50ouyNPvn8m217NPW4Iyydi5V1jFvpVi3pinxap5h+RtoNgxFxfuHfL5MtdmkdAgCg1s1zEfFcvflfPh6sqXdPem2oPyLujYjDEXFfRNwfEQ9EVOo+FBEPb7H9tVdI1s9/yn3bCqxJyfzvxfTa1ur5Xzb7i/5CmuutxF/MXZguTZ1I98lQFPcl+dEN2vj+5V8/b1RWO/9LtqT9bC6Y9uPPrjULdJPjc+M7ibnW0icRA1314s+tzHmT+fGRiBjYZhvTz3x9tFFZ/6bxb6AFk/LyVxFPV4//QqyJP5NreH1y9IUzY6dH9kdp6sRIdlas9/Mvi280an/z47+7lm6W40Dd838l/v7c/ojZa9cvVa7Xzm69jcXfP2v4mWa753937q1Kujt97MPxubmroxHdudfWPz52+7lZPqufnP9Dx+uP/8Nxe088EhHJSXwsIh6NiMfSvj8eEU9ExPEN4v/xpSff23r8G6zKt1AS/+Rmxz9qj//WE4VLP3xbt/Fis8f/VCU1lD7SzOtfsx3c4e4DAACA/4V85TvwufzwSjqfHx6OWKis7R7Il2Zm5569MPPBlcnqd+X7o5jPVrr6atZDR9O1vCw/tiZ/Ml03/qLQU8kPT8yUJtsdPHS4g9n4L6we/4k/Cu3uHbDr3K8Fncv4h85l/EPnMv6hcxn/0Lnqjf+P29APYO9t8v7fs1f9APae+T90LuMfOpfxDx2p4b3x+R3d8i/RpsR33Tv7rYbmE5G/Q0K+axLFqFvU1fSPWWwzsa9uUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrjvwAAAP//gk3jgQ==")
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x42, 0x0, 0xff, 0x0, &(0x7f0000000000))
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000d40)={0xe, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000400000000dfffff1918120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r7}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000001100)='./file0\x00', 0x0, &(0x7f0000000c80)={[{@nombcache}, {@usrjquota}, {@errors_remount}, {@dioread_lock}, {@max_batch_time={'max_batch_time', 0x3d, 0x5}}, {@mblk_io_submit}, {@minixdf}, {@barrier_val}, {@min_batch_time={'min_batch_time', 0x3d, 0x2}}, {}]}, 0x45, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==")
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket(0x10, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1, 0x2000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

617.698873ms ago: executing program 1 (id=676):
r0 = socket(0x2, 0x3, 0xff)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, &(0x7f0000000000), &(0x7f0000000040)=0x30)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg$unix(r0, &(0x7f0000004840)=[{{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f00000008c0)="166da1949ba0ee9ee511f385427169498f9565a1c4099287", 0x18}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000ec0)=ANY=[@ANYBLOB="100ee8e10f20290cde0000f501000000"], 0x10}}], 0x2, 0x0)

575.596693ms ago: executing program 4 (id=677):
openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000ffff0000850000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c3"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$nl_route(0x10, 0x3, 0x0)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f00000003c0), 0x1, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = getpid()
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r2)
r3 = syz_pidfd_open(r1, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
syz_usb_connect(0x3, 0xb, &(0x7f0000000040)=ANY=[], 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4b6, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x3d8}, &(0x7f0000ff0000), 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)

483.117262ms ago: executing program 1 (id=678):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x67, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x4, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x2000c12, &(0x7f0000000200)=ANY=[@ANYBLOB="696f636861727365743d63703835352c757466382c757466382c646d6f64653d3078303030303030303030303030393063382c63727566742c6f76657272696465726f636b7065726d2c636865636b3d7374726963742c6d61703d6f66662c6d6f64653d3078303030303030303030303030303030312c6d61703d6f66662c6f76657272696465726f636b7065726d2c696f636861727365743d64656661756c742c00553459239cc27347a48417c0f93ac0ba095e7cffc5c4fddc72b0acbb858ade3fa8677c39e605a858f1fc03aa3bb441f12627176b75e5312fd7b76a313eafaed505a653df3f3e4755d83dbfae9108d0698e5c7dd588899b31e82cc76d03aa10466b2c8cf82a352e67b4942d149ea42a7612de672d0824c9e3534784c0dd0e80f86758ea33fe023501c9caf88b760bca5be74b221f9b42d23d812d3628e05751725edf05033ecf2aede9bc0000000000000000000000001932664a95e40c386b4e989f0e60bd9c00bc7d00"/375], 0x12, 0x9ef, &(0x7f0000000e40)="$eJzs3ctvXNd9B/Dv5UOiaUOSbdV1BdsayZVM2yxFUrVUwYtWIkcSXT4KkgIsdGG5FlUIYuvWbgHbKFAZKLqKkQAJskh2RlZZGfAm3gTeJbtklUWAwP+CkZWyYnDvDKkhOeSQMh+y/PkQM3Mfv3vO7859HM7MnTlhf914YrO5d9dNWTq8amxpqbo94Pi1n3+T1Pn2uzT+1aeffVLePr6bA+nOa8Uvkr4ktaQnybNJ79j47MxUh4LuJDeSfJkUSQ6m8bglN1J8Py2HwZcpflrWu6EDWy2ZTpb4Ttvv/Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5Gxdj48PBIcSAT09ferDUktXXGxmdniiwtrZ+zvEzDF1Wv38UXHetNivKWvr7lrr6fPXp/9jNJaifzXGPsuapD8vTlo8efOfL60z1dy8tvlM03cnDrxb7/4Ud33l5cXHhvVxJ5+F2pT0/MzUxMXbxSr03MzdQunDs3fObq5bna5YnJ+tz1ufn6VG1stn5xfma2NjD2cm3kwoWztfrQ9Zlr01fGhybryxPP/83o8PC52htD/1S/ODs3M33mjaG5sasTk5MT01eqmHJ2GXO+3BH/cWK+Nl+/OFWr3bq9uHB2TU7dWbP/lkEjndakDBrtFDQ6PDo6MjI6OvJxs/fslQnnXrvw2vnh4Z7hNbIuYpd2Wh4uj228mXf+JA4PqKvR/ieTmch0ruXN1Nr+jWU8s5nJ1Abzm5bb/1Nn6pvW29r+N1v5npbZx8q7k3mhOdq3Qfu/QS579/d+PsxHuZO3s5jFLOS9fc9ob/+upJ7pTGQuM5nIVC5WU2rNKbVcyLmcy3DeytUcz1xquZyJTKaeuVzPXOZTr/aoscymnouZz0xmU8tAxvJyahnJhVzI2dRSz1CuZybXMp0rGc/FqpRbuV0972c3yXElaGQrQaObBK1rzLfd/tfX/nPCd87On8ThAS012/8DnUMHxvYiIQAAAGDH/dWvc+joU7/6Q1Lk+ep9+csTk/Xh/U4LAAAA2EHV5XrPlQ+95dDzKbz+BwAAgEdNUX3HrkjSn+ONoeVvQnkTAAAAAB4R1ef/L6Q4fn+C1/8AAADwiOn8G/sdI4rB5Z//rd1sPN5sRjTGiv7LE5P1obGZyddHcrr6lYHqmwbrSutOit7q6wev5EQj6kR/47H/follnX1l1MjQ6yN5JSebKzLwYvnw4kCbyNFG5EuNyJdaI7uzKvJsGQkAj7qTm7THW23/X8lgI2LwWNXk9xxr0wYPa1kB4GGx0sfOn5pdmrVp/5sRL2zU/v/tJq//y4incut445KCobyTd7OYmxlM84qD4+1KXe6NoHEZwmCHdwP6m5cs/PZ8VwbXvR/Qt7KurbELGc1g23cEWsotlnM424jr3p1tAAB77eSm7fDW2v/BDq//+11SCAAPlZUe7HdxYL/XEQBYTSsNAAAAAAAAAAAAAAAAAAAAAAAAAAAAO29LP+D/m9PJ4uJCsgedBawM9G0nw80HurJHOe/7QHeS/ar977Ptpcpt/LA8dQZWD+zziQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA9USTd7aZ3JQeTDCc5s/dZ7Z67+53ATqk92GLFvdzLBzm00+kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHzXNX//vyuNx8cbk9LTlZxKciPJP+93jjvp3n4nsG/+rbpv+f3/rqQ3S0V6Gps9Re/Y+OzMVLn5i4Pl/K8+/eyT8ta57PW9KpQFlDWs6lyiWUPLlN7VSz1ZLdU/vvD+nf969z9q45eqHfPS/OXJ8akrs/9wP/CZ4vNGFwit3SAs5/s/p375g5bJB5qVf16uaXtr671c1Tu+vt6/bLf0BvVuwe3FhdGypvn6m/P//e+3P2iZ9VROJC8OJAOra/rX8rZBTSfWPp+rFV8X/18cyo9zo9r+5bNRLBXlJjpcrf9jt24vLgy98+7izZWc/ndVTkdyPMnNpG/rOR2vzidtVXtdV29Z63AVVN4d7VDeplpKHNngeX2y2mX6t7UOtY3XodLheW9mdLZtRj/8z6dzettb+nSHGtsqvi5+X1zN7/J/Lf1/dJXb/1TaHp1tiqgiW/aU1nmrDq+uRmS15qOtM95aW+aGRyW74Hv5l/zdyvbvajn/N7fV3pyPWmpsf1wk2z8ufnZ4XYtyX9UiHV3TIjXPPhst08zzaCNqgzz/Iq8mPce2dUZ5tcMZZbeO/58UA/lj7ur/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAePgVSXe76V3JqSRHkhwux2vJ0tqYuw9QX1d/8SBp7pgHyfnbp9hwRYt7uZcPcmivMwIAAAAAAABgd1wa/+rTzz4pb9Xn8d35667mnFrSk+RI8aPesfHZmakOBfUmN5Y/0u/bXg43yrsn7o9/WY4922Gh/b18AAC+1f4cAAD//7IYb70=")
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000340)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r1, &(0x7f0000000000)=0xfe8e, 0x12)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000380), &(0x7f00000007c0), 0xffffd6c0}, 0x38)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r2, 0x84009422, &(0x7f0000000500)={0x0, 0x0, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1000000004000000080000000500000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, &(0x7f0000000000), &(0x7f0000000040)=r5}, 0x20)

220.412561ms ago: executing program 2 (id=679):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000010000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
set_mempolicy(0x4005, &(0x7f0000000040)=0x10000000005, 0x4)

151.210541ms ago: executing program 2 (id=680):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001300)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r2, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}], 0x1}}, @rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000004c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1}}], 0x90}, 0x0)

108.03712ms ago: executing program 2 (id=681):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280))
r0 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560a067fbc45ff810500000000000058000b480400945f6400947e570028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010004081000418e00000a04", 0x56}], 0x1)
socket$inet6_sctp(0xa, 0x1, 0x84)

57.04105ms ago: executing program 2 (id=682):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x7, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0x7]}, 0x8)

0s ago: executing program 2 (id=683):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x18)
r2 = perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xe, 0x7, 0x40, 0x3, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0xfffffff9, 0x2, @perf_config_ext={0x2, 0xcfe}, 0x986, 0xfc, 0x40, 0x0, 0x7d, 0x2, 0x5, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x4, 0x12011, r2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="0500000000000000711139000000000085100000020000008500000005000000950000000000000095a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r4 = gettid()
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000003, 0x200000005c832, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40500000000000079106900000000000500000000000000950000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x22e, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
close(r7)
ioperm(0x0, 0x9, 0x20)
setreuid(0x0, 0xee01)
shmctl$IPC_STAT(0x0, 0x2, 0x0)
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
bind$netlink(r8, &(0x7f0000000180)={0x10, 0x0, 0x25dfdbfc, 0x40000000}, 0xc)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=ANY=[@ANYBLOB="020300020000010008000000000005000600000000000a00000000000000fc02000000000000000000000000000000000000000000000200010000000000000009000000000005000500000000000000000000000000000000000000000000000000000000000000100000000000db74bc9b5bb40d4b76"], 0x78}, 0x1, 0x7}, 0x0)

kernel console output (not intermixed with test programs):

nted at /14/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   37.210487][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.248559][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.260899][ T3687] loop3: detected capacity change from 0 to 2048
[   37.261630][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   37.277590][ T3687] EXT4-fs: Mount option(s) incompatible with ext3
[   37.307742][ T3691] bridge0: port 1(bond0) entered blocking state
[   37.314188][ T3691] bridge0: port 1(bond0) entered disabled state
[   37.321170][ T3691] bond0: entered allmulticast mode
[   37.327385][ T3691] bond0: entered promiscuous mode
[   37.396273][ T3699] loop3: detected capacity change from 0 to 1024
[   37.411887][ T3699] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.482352][ T3704] __nla_validate_parse: 13 callbacks suppressed
[   37.482370][ T3704] netlink: 8 bytes leftover after parsing attributes in process `syz.3.83'.
[   37.530311][ T3706] IPv6: NLM_F_CREATE should be specified when creating new route
[   37.530923][ T3704] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   37.781666][ T3712] loop0: detected capacity change from 0 to 2048
[   37.840017][ T3712]  loop0: p3 < > p4 < >
[   37.844222][ T3712] loop0: partition table partially beyond EOD, truncated
[   37.858148][ T3712] loop0: p3 start 4284289 is beyond EOD, truncated
[   37.916167][ T3712] bpf_get_probe_write_proto: 5 callbacks suppressed
[   37.916199][ T3712] syz.0.90[3712] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   37.937280][ T3716] syz.2.91 uses obsolete (PF_INET,SOCK_PACKET)
[   37.960983][ T3712] syz.0.90[3712] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   37.961057][ T3712] syz.0.90[3712] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   38.015899][ T3289] udevd[3289]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   38.049284][ T3712] netlink: 4 bytes leftover after parsing attributes in process `syz.0.90'.
[   38.058043][ T3712] netlink: 4 bytes leftover after parsing attributes in process `syz.0.90'.
[   38.068425][ T3712] netlink: 4 bytes leftover after parsing attributes in process `syz.0.90'.
[   38.134191][ T3720] loop4: detected capacity change from 0 to 512
[   38.193239][ T3720] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.250538][ T3720] ext4 filesystem being mounted at /19/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   38.505910][ T3746] loop1: detected capacity change from 0 to 128
[   38.772538][ T3761] mmap: syz.1.106 (3761) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   38.807772][ T3761] netlink: 'syz.1.106': attribute type 1 has an invalid length.
[   38.895040][ T3765] loop1: detected capacity change from 0 to 1764
[   38.903873][ T3765] iso9660: Corrupted directory entry in block 2 of inode 1920
[   38.954061][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.139221][ T3782] loop4: detected capacity change from 0 to 1024
[   39.146385][ T3782] EXT4-fs: Ignoring removed orlov option
[   39.162831][ T3782] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   39.187902][ T3782] smc: net device bond0 applied user defined pnetid SYZ0
[   39.195630][ T3782] smc: net device bond0 erased user defined pnetid SYZ0
[   39.222230][ T3786] loop1: detected capacity change from 0 to 128
[   39.261602][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.287953][ T3790] loop4: detected capacity change from 0 to 128
[   39.362523][ T3795] loop4: detected capacity change from 0 to 2048
[   39.409937][ T3795]  loop4: p1 p2 p3 < >
[   39.414116][ T3795] loop4: partition table partially beyond EOD, truncated
[   39.421475][ T3795] loop4: p1 size 33024 extends beyond EOD, truncated
[   39.429063][ T3795] loop4: p2 start 16908804 is beyond EOD, truncated
[   39.435726][ T3795] loop4: p3 start 4284289 is beyond EOD, truncated
[   39.491998][ T3805] FAULT_INJECTION: forcing a failure.
[   39.491998][ T3805] name failslab, interval 1, probability 0, space 0, times 0
[   39.504694][ T3805] CPU: 1 UID: 0 PID: 3805 Comm: syz.4.121 Not tainted 6.13.0-rc3-syzkaller #0
[   39.513569][ T3805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[   39.523659][ T3805] Call Trace:
[   39.527016][ T3805]  <TASK>
[   39.530109][ T3805]  dump_stack_lvl+0xf2/0x150
[   39.534765][ T3805]  dump_stack+0x15/0x1a
[   39.539010][ T3805]  should_fail_ex+0x223/0x230
[   39.543764][ T3805]  should_failslab+0x8f/0xb0
[   39.548382][ T3805]  __kmalloc_node_noprof+0xad/0x410
[   39.553593][ T3805]  ? __kvmalloc_node_noprof+0x72/0x170
[   39.559103][ T3805]  __kvmalloc_node_noprof+0x72/0x170
[   39.564414][ T3805]  fanout_add+0x5b3/0xac0
[   39.568800][ T3805]  packet_setsockopt+0x992/0xfd0
[   39.573804][ T3805]  ? __pfx_packet_setsockopt+0x10/0x10
[   39.579319][ T3805]  __sys_setsockopt+0x187/0x200
[   39.584230][ T3805]  __x64_sys_setsockopt+0x66/0x80
[   39.589339][ T3805]  x64_sys_call+0x282e/0x2dc0
[   39.594029][ T3805]  do_syscall_64+0xc9/0x1c0
[   39.598535][ T3805]  ? clear_bhb_loop+0x55/0xb0
[   39.603268][ T3805]  ? clear_bhb_loop+0x55/0xb0
[   39.607971][ T3805]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   39.613881][ T3805] RIP: 0033:0x7fdf74095d19
[   39.618329][ T3805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   39.638057][ T3805] RSP: 002b:00007fdf72707038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   39.646521][ T3805] RAX: ffffffffffffffda RBX: 00007fdf74285fa0 RCX: 00007fdf74095d19
[   39.654535][ T3805] RDX: 0000000000000012 RSI: 0000000000000107 RDI: 0000000000000006
[   39.662561][ T3805] RBP: 00007fdf72707090 R08: 0000000000000004 R09: 0000000000000000
[   39.670559][ T3805] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[   39.678590][ T3805] R13: 0000000000000000 R14: 00007fdf74285fa0 R15: 00007ffe79c90e58
[   39.686573][ T3805]  </TASK>
[   39.701042][ T3807] loop1: detected capacity change from 0 to 2048
[   39.711277][ T3807] EXT4-fs: Ignoring removed mblk_io_submit option
[   39.735522][ T3814] loop4: detected capacity change from 0 to 128
[   39.747925][ T3807] EXT4-fs warning (device loop1): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop1.
[   39.970439][ T3841] loop2: detected capacity change from 0 to 1764
[   39.991574][ T3841] iso9660: Corrupted directory entry in block 2 of inode 1920
[   40.028674][ T3843] loop4: detected capacity change from 0 to 1764
[   40.040489][ T3843] iso9660: Corrupted directory entry in block 2 of inode 1920
[   40.112872][ T3849] loop1: detected capacity change from 0 to 128
[   40.197913][ T3853] FAULT_INJECTION: forcing a failure.
[   40.197913][ T3853] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   40.211127][ T3853] CPU: 0 UID: 0 PID: 3853 Comm: +}[@ Not tainted 6.13.0-rc3-syzkaller #0
[   40.219616][ T3853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[   40.229709][ T3853] Call Trace:
[   40.233002][ T3853]  <TASK>
[   40.235965][ T3853]  dump_stack_lvl+0xf2/0x150
[   40.240726][ T3853]  dump_stack+0x15/0x1a
[   40.244924][ T3853]  should_fail_ex+0x223/0x230
[   40.249630][ T3853]  should_fail+0xb/0x10
[   40.253875][ T3853]  should_fail_usercopy+0x1a/0x20
[   40.258924][ T3853]  _copy_from_user+0x1e/0xb0
[   40.263575][ T3853]  copy_msghdr_from_user+0x54/0x2a0
[   40.268806][ T3853]  ? __fget_files+0x17c/0x1c0
[   40.273526][ T3853]  __sys_sendmsg+0x13e/0x230
[   40.278156][ T3853]  __x64_sys_sendmsg+0x46/0x50
[   40.282950][ T3853]  x64_sys_call+0x2734/0x2dc0
[   40.287689][ T3853]  do_syscall_64+0xc9/0x1c0
[   40.292210][ T3853]  ? clear_bhb_loop+0x55/0xb0
[   40.296940][ T3853]  ? clear_bhb_loop+0x55/0xb0
[   40.301648][ T3853]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   40.307632][ T3853] RIP: 0033:0x7f935d9a5d19
[   40.312128][ T3853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   40.331811][ T3853] RSP: 002b:00007f935c011038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   40.340309][ T3853] RAX: ffffffffffffffda RBX: 00007f935db95fa0 RCX: 00007f935d9a5d19
[   40.348299][ T3853] RDX: 0000000000000000 RSI: 0000000020000500 RDI: 0000000000000005
[   40.356320][ T3853] RBP: 00007f935c011090 R08: 0000000000000000 R09: 0000000000000000
[   40.364410][ T3853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   40.372400][ T3853] R13: 0000000000000000 R14: 00007f935db95fa0 R15: 00007ffd440445b8
[   40.380398][ T3853]  </TASK>
[   40.396049][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.591497][ T3866] FAULT_INJECTION: forcing a failure.
[   40.591497][ T3866] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   40.604646][ T3866] CPU: 1 UID: 0 PID: 3866 Comm: syz.4.145 Not tainted 6.13.0-rc3-syzkaller #0
[   40.613512][ T3866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[   40.623590][ T3866] Call Trace:
[   40.626915][ T3866]  <TASK>
[   40.629939][ T3866]  dump_stack_lvl+0xf2/0x150
[   40.634736][ T3866]  dump_stack+0x15/0x1a
[   40.638051][ T3859] loop3: detected capacity change from 0 to 8192
[   40.638913][ T3866]  should_fail_ex+0x223/0x230
[   40.649918][ T3866]  should_fail+0xb/0x10
[   40.654128][ T3866]  should_fail_usercopy+0x1a/0x20
[   40.659186][ T3866]  _copy_from_user+0x1e/0xb0
[   40.663845][ T3866]  copy_msghdr_from_user+0x54/0x2a0
[   40.669144][ T3866]  ? __fget_files+0x17c/0x1c0
[   40.673899][ T3866]  __sys_sendmsg+0x13e/0x230
[   40.678510][ T3866]  __x64_sys_sendmsg+0x46/0x50
[   40.683284][ T3866]  x64_sys_call+0x2734/0x2dc0
[   40.688022][ T3866]  do_syscall_64+0xc9/0x1c0
[   40.692550][ T3866]  ? clear_bhb_loop+0x55/0xb0
[   40.697356][ T3866]  ? clear_bhb_loop+0x55/0xb0
[   40.702039][ T3866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   40.707954][ T3866] RIP: 0033:0x7fdf74095d19
[   40.712372][ T3866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   40.732054][ T3866] RSP: 002b:00007fdf72707038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   40.740481][ T3866] RAX: ffffffffffffffda RBX: 00007fdf74285fa0 RCX: 00007fdf74095d19
[   40.748535][ T3866] RDX: 0000000004000054 RSI: 0000000020000480 RDI: 0000000000000008
[   40.756518][ T3866] RBP: 00007fdf72707090 R08: 0000000000000000 R09: 0000000000000000
[   40.764492][ T3866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   40.772550][ T3866] R13: 0000000000000000 R14: 00007fdf74285fa0 R15: 00007ffe79c90e58
[   40.780600][ T3866]  </TASK>
[   40.807242][ T3859] FAULT_INJECTION: forcing a failure.
[   40.807242][ T3859] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   40.820705][ T3859] CPU: 1 UID: 0 PID: 3859 Comm: syz.3.142 Not tainted 6.13.0-rc3-syzkaller #0
[   40.829588][ T3859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[   40.839748][ T3859] Call Trace:
[   40.843116][ T3859]  <TASK>
[   40.846053][ T3859]  dump_stack_lvl+0xf2/0x150
[   40.850744][ T3859]  dump_stack+0x15/0x1a
[   40.854923][ T3859]  should_fail_ex+0x223/0x230
[   40.859610][ T3859]  should_fail_alloc_page+0xfd/0x110
[   40.865041][ T3859]  __alloc_pages_noprof+0x109/0x340
[   40.870261][ T3859]  alloc_pages_mpol_noprof+0xb1/0x1e0
[   40.875660][ T3859]  folio_alloc_noprof+0xee/0x130
[   40.880608][ T3859]  filemap_alloc_folio_noprof+0x69/0x220
[   40.886326][ T3859]  __filemap_get_folio+0x298/0x5b0
[   40.891451][ T3859]  cont_write_begin+0x512/0x860
[   40.896352][ T3859]  fat_write_begin+0x51/0xe0
[   40.900985][ T3859]  ? __pfx_fat_get_block+0x10/0x10
[   40.906114][ T3859]  generic_perform_write+0x1a8/0x4a0
[   40.911418][ T3859]  __generic_file_write_iter+0xa1/0x120
[   40.917028][ T3859]  generic_file_write_iter+0x77/0x1c0
[   40.922456][ T3859]  vfs_write+0x77f/0x920
[   40.926711][ T3859]  ? __pfx_generic_file_write_iter+0x10/0x10
[   40.932742][ T3859]  ksys_write+0xe8/0x1b0
[   40.937137][ T3859]  __x64_sys_write+0x42/0x50
[   40.941738][ T3859]  x64_sys_call+0x287e/0x2dc0
[   40.946446][ T3859]  do_syscall_64+0xc9/0x1c0
[   40.951031][ T3859]  ? clear_bhb_loop+0x55/0xb0
[   40.955778][ T3859]  ? clear_bhb_loop+0x55/0xb0
[   40.960459][ T3859]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   40.966421][ T3859] RIP: 0033:0x7f57660c5d19
[   40.970844][ T3859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   40.990541][ T3859] RSP: 002b:00007f5764737038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   40.999041][ T3859] RAX: ffffffffffffffda RBX: 00007f57662b5fa0 RCX: 00007f57660c5d19
[   41.007028][ T3859] RDX: 00000000ffffff6a RSI: 0000000020000000 RDI: 0000000000000004
[   41.015035][ T3859] RBP: 00007f5764737090 R08: 0000000000000000 R09: 0000000000000000
[   41.023025][ T3859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   41.031111][ T3859] R13: 0000000000000000 R14: 00007f57662b5fa0 R15: 00007ffe06d5ca08
[   41.039130][ T3859]  </TASK>
[   41.126737][ T3877] bridge0: port 1(bond0) entered blocking state
[   41.133131][ T3877] bridge0: port 1(bond0) entered disabled state
[   41.139626][ T3877] bond0: entered allmulticast mode
[   41.146170][ T3877] bond0: entered promiscuous mode
[   41.171649][ T3879] loop0: detected capacity change from 0 to 128
[   41.213874][ T3881] loop0: detected capacity change from 0 to 2048
[   41.260464][ T3881]  loop0: p1 < > p2 p3 < p5 > p4
[   41.265461][ T3881] loop0: partition table partially beyond EOD, truncated
[   41.274077][ T3881] loop0: p1 start 4278190080 is beyond EOD, truncated
[   41.280918][ T3881] loop0: p2 start 16908800 is beyond EOD, truncated
[   41.288591][ T3881] loop0: p4 start 11326 is beyond EOD, truncated
[   41.291170][ T3883] loop3: detected capacity change from 0 to 512
[   41.295017][ T3881] loop0: p5 start 16908800 is beyond EOD, truncated
[   41.308880][ T3883] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   41.322062][ T3883] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   41.332068][   T29] kauditd_printk_skb: 490 callbacks suppressed
[   41.332082][   T29] audit: type=1326 audit(1734331128.004:1081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3880 comm="syz.0.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fde175d19 code=0x7ffc0000
[   41.361676][   T29] audit: type=1326 audit(1734331128.004:1082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3880 comm="syz.0.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0fde175d19 code=0x7ffc0000
[   41.385109][   T29] audit: type=1326 audit(1734331128.014:1083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3880 comm="syz.0.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fde175d19 code=0x7ffc0000
[   41.408435][   T29] audit: type=1326 audit(1734331128.014:1084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3880 comm="syz.0.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0fde175d19 code=0x7ffc0000
[   41.432073][   T29] audit: type=1326 audit(1734331128.014:1085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3880 comm="syz.0.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fde175d19 code=0x7ffc0000
[   41.432105][   T29] audit: type=1326 audit(1734331128.014:1086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3880 comm="syz.0.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0fde175d19 code=0x7ffc0000
[   41.432209][   T29] audit: type=1326 audit(1734331128.014:1087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3880 comm="syz.0.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fde175d19 code=0x7ffc0000
[   41.432980][   T29] audit: type=1326 audit(1734331128.014:1088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3880 comm="syz.0.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fde175d19 code=0x7ffc0000
[   41.433008][   T29] audit: type=1326 audit(1734331128.014:1089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3880 comm="syz.0.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0fde175d19 code=0x7ffc0000
[   41.433093][   T29] audit: type=1326 audit(1734331128.014:1090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3880 comm="syz.0.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fde175d19 code=0x7ffc0000
[   41.435230][ T3883] EXT4-fs error (device loop3): ext4_orphan_get:1415: comm syz.3.152: bad orphan inode 131083
[   41.436423][ T3883] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.589129][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.636411][ T3895] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   41.646873][ T3895] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   41.679450][ T3899] loop3: detected capacity change from 0 to 1024
[   41.690932][ T3899] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended
[   41.700437][ T3899] EXT4-fs warning (device loop3): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   41.715488][ T3899] EXT4-fs (loop3): mount failed
[   41.761761][ T3906] netlink: 32 bytes leftover after parsing attributes in process `syz.3.159'.
[   41.853526][ T3908] loop3: detected capacity change from 0 to 2048
[   41.900261][ T3908]  loop3: p1 < > p2 p3 < p5 > p4
[   41.905249][ T3908] loop3: partition table partially beyond EOD, truncated
[   41.912511][ T3908] loop3: p1 start 4278190080 is beyond EOD, truncated
[   41.919341][ T3908] loop3: p2 start 16908800 is beyond EOD, truncated
[   41.926573][ T3908] loop3: p4 start 11326 is beyond EOD, truncated
[   41.933073][ T3908] loop3: p5 start 16908800 is beyond EOD, truncated
[   42.054073][ T3910] loop3: detected capacity change from 0 to 128
[   42.234264][ T3919] loop3: detected capacity change from 0 to 256
[   42.565449][ T3931] netlink: 132 bytes leftover after parsing attributes in process `syz.3.170'.
[   42.745324][ T3936] loop2: detected capacity change from 0 to 128
[   42.818991][ T3938] loop2: detected capacity change from 0 to 2048
[   42.860442][ T3938]  loop2: p1 < > p4
[   42.866233][ T3938] loop2: p4 size 8388608 extends beyond EOD, truncated
[   42.911756][ T3289] udevd[3289]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   42.919649][ T3466] udevd[3466]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   42.988836][ T3922] syz.1.166 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), order=0, oom_score_adj=1000
[   43.003003][ T3922] CPU: 0 UID: 0 PID: 3922 Comm: syz.1.166 Not tainted 6.13.0-rc3-syzkaller #0
[   43.011952][ T3922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[   43.022009][ T3922] Call Trace:
[   43.025385][ T3922]  <TASK>
[   43.028368][ T3922]  dump_stack_lvl+0xf2/0x150
[   43.033004][ T3922]  dump_stack+0x15/0x1a
[   43.037239][ T3922]  dump_header+0x83/0x2d0
[   43.041572][ T3922]  oom_kill_process+0x341/0x4c0
[   43.046483][ T3922]  out_of_memory+0x9af/0xbe0
[   43.051087][ T3922]  ? css_next_descendant_pre+0x11c/0x140
[   43.056732][ T3922]  mem_cgroup_out_of_memory+0x13e/0x190
[   43.062384][ T3922]  try_charge_memcg+0x508/0x7f0
[   43.067263][ T3922]  obj_cgroup_charge_pages+0xbd/0x1a0
[   43.072664][ T3922]  __memcg_kmem_charge_page+0x9d/0x170
[   43.078127][ T3922]  __alloc_pages_noprof+0x1bc/0x340
[   43.083416][ T3922]  alloc_pages_mpol_noprof+0xb1/0x1e0
[   43.088864][ T3922]  alloc_pages_noprof+0xe1/0x100
[   43.093862][ T3922]  __vmalloc_node_range_noprof+0x6eb/0xe80
[   43.099728][ T3922]  __kvmalloc_node_noprof+0x121/0x170
[   43.105125][ T3922]  ? ip_set_alloc+0x1f/0x30
[   43.109645][ T3922]  ip_set_alloc+0x1f/0x30
[   43.114037][ T3922]  hash_netiface_create+0x273/0x730
[   43.119308][ T3922]  ? __nla_parse+0x40/0x60
[   43.123747][ T3922]  ? __pfx_hash_netiface_create+0x10/0x10
[   43.129578][ T3922]  ip_set_create+0x359/0x8a0
[   43.134276][ T3922]  ? memchr+0x1/0x50
[   43.138250][ T3922]  ? __nla_parse+0x40/0x60
[   43.142674][ T3922]  nfnetlink_rcv_msg+0x4a9/0x570
[   43.147651][ T3922]  netlink_rcv_skb+0x12c/0x230
[   43.152429][ T3922]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   43.157918][ T3922]  nfnetlink_rcv+0x16c/0x15d0
[   43.162690][ T3922]  ? kmem_cache_free+0xdc/0x2d0
[   43.167583][ T3922]  ? nlmon_xmit+0x51/0x60
[   43.171915][ T3922]  ? __kfree_skb+0x102/0x150
[   43.176526][ T3922]  ? consume_skb+0x49/0x160
[   43.181047][ T3922]  ? nlmon_xmit+0x51/0x60
[   43.185408][ T3922]  ? dev_hard_start_xmit+0x3c1/0x3f0
[   43.190707][ T3922]  ? __dev_queue_xmit+0xb6e/0x2090
[   43.195905][ T3922]  ? ref_tracker_free+0x3a5/0x410
[   43.200952][ T3922]  ? __dev_queue_xmit+0x186/0x2090
[   43.206184][ T3922]  ? __netlink_deliver_tap+0x4c6/0x4f0
[   43.211685][ T3922]  netlink_unicast+0x599/0x670
[   43.216533][ T3922]  netlink_sendmsg+0x5cc/0x6e0
[   43.221345][ T3922]  ? __pfx_netlink_sendmsg+0x10/0x10
[   43.226637][ T3922]  __sock_sendmsg+0x140/0x180
[   43.231497][ T3922]  ____sys_sendmsg+0x312/0x410
[   43.236361][ T3922]  __sys_sendmsg+0x19d/0x230
[   43.241079][ T3922]  __x64_sys_sendmsg+0x46/0x50
[   43.245856][ T3922]  x64_sys_call+0x2734/0x2dc0
[   43.250549][ T3922]  do_syscall_64+0xc9/0x1c0
[   43.255117][ T3922]  ? clear_bhb_loop+0x55/0xb0
[   43.259894][ T3922]  ? clear_bhb_loop+0x55/0xb0
[   43.264583][ T3922]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   43.270594][ T3922] RIP: 0033:0x7f935d9a5d19
[   43.275093][ T3922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   43.294760][ T3922] RSP: 002b:00007f935bfcf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   43.303178][ T3922] RAX: ffffffffffffffda RBX: 00007f935db96160 RCX: 00007f935d9a5d19
[   43.311211][ T3922] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[   43.319290][ T3922] RBP: 00007f935da21a20 R08: 0000000000000000 R09: 0000000000000000
[   43.327283][ T3922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   43.335314][ T3922] R13: 0000000000000001 R14: 00007f935db96160 R15: 00007ffd440445b8
[   43.343371][ T3922]  </TASK>
[   43.347934][ T3922] memory: usage 307200kB, limit 307200kB, failcnt 194
[   43.355338][ T3922] memory+swap: usage 307332kB, limit 9007199254740988kB, failcnt 0
[   43.363327][ T3922] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[   43.370661][ T3922] Memory cgroup stats for /syz1:
[   43.376476][ T3940] netlink: 'syz.2.174': attribute type 1 has an invalid length.
[   43.377771][ T3922] cache 4096
[   43.392346][ T3922] rss 8192
[   43.395538][ T3922] shmem 0
[   43.398614][ T3922] mapped_file 4096
[   43.402455][ T3922] dirty 0
[   43.405469][ T3922] writeback 0
[   43.408811][ T3922] workingset_refault_anon 27
[   43.413429][ T3922] workingset_refault_file 65
[   43.418031][ T3922] swap 135168
[   43.421341][ T3922] swapcached 8192
[   43.425035][ T3922] pgpgin 30177
[   43.428407][ T3922] pgpgout 30174
[   43.432000][ T3922] pgfault 13783
[   43.435462][ T3922] pgmajfault 31
[   43.438906][ T3922] inactive_anon 4096
[   43.442812][ T3922] active_anon 4096
[   43.446540][ T3922] inactive_file 4096
[   43.450480][ T3922] active_file 0
[   43.453939][ T3922] unevictable 0
[   43.457384][ T3922] hierarchical_memory_limit 314572800
[   43.462800][ T3922] hierarchical_memsw_limit 9223372036854771712
[   43.468955][ T3922] total_cache 4096
[   43.472705][ T3922] total_rss 8192
[   43.476300][ T3922] total_shmem 0
[   43.479791][ T3922] total_mapped_file 4096
[   43.484030][ T3922] total_dirty 0
[   43.487508][ T3922] total_writeback 0
[   43.491356][ T3922] total_workingset_refault_anon 27
[   43.496614][ T3922] total_workingset_refault_file 65
[   43.501826][ T3922] total_swap 135168
[   43.505630][ T3922] total_swapcached 8192
[   43.509818][ T3922] total_pgpgin 30177
[   43.513798][ T3922] total_pgpgout 30174
[   43.517782][ T3922] total_pgfault 13783
[   43.521920][ T3922] total_pgmajfault 31
[   43.525921][ T3922] total_inactive_anon 4096
[   43.530349][ T3922] total_active_anon 4096
[   43.534605][ T3922] total_inactive_file 4096
[   43.539023][ T3922] total_active_file 0
[   43.543091][ T3922] total_unevictable 0
[   43.547099][ T3922] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.166,pid=3918,uid=0
[   43.561901][ T3922] Memory cgroup out of memory: Killed process 3918 (syz.1.166) total-vm:89808kB, anon-rss:788kB, file-rss:21636kB, shmem-rss:0kB, UID:0 pgtables:108kB oom_score_adj:1000
[   43.593401][ T3920] syz.1.166 (3920) used greatest stack depth: 8832 bytes left
[   43.683089][ T3949] loop3: detected capacity change from 0 to 1764
[   43.695664][ T3949] iso9660: Corrupted directory entry in block 2 of inode 1920
[   43.730261][ T3945] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3945 comm=syz.4.177
[   43.856354][ T3951] bond0: left allmulticast mode
[   43.861292][ T3951] bond0: left promiscuous mode
[   43.866238][ T3951] bridge0: port 1(bond0) entered disabled state
[   43.910419][ T3922] syz.1.166 (3922) used greatest stack depth: 7360 bytes left
[   44.062868][ T3962] loop2: detected capacity change from 0 to 512
[   44.077264][ T3967] FAULT_INJECTION: forcing a failure.
[   44.077264][ T3967] name failslab, interval 1, probability 0, space 0, times 0
[   44.089941][ T3967] CPU: 1 UID: 0 PID: 3967 Comm: +}[@ Not tainted 6.13.0-rc3-syzkaller #0
[   44.098515][ T3967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[   44.108573][ T3967] Call Trace:
[   44.111850][ T3967]  <TASK>
[   44.114780][ T3967]  dump_stack_lvl+0xf2/0x150
[   44.119419][ T3967]  dump_stack+0x15/0x1a
[   44.123719][ T3967]  should_fail_ex+0x223/0x230
[   44.128405][ T3967]  should_failslab+0x8f/0xb0
[   44.133001][ T3967]  kmem_cache_alloc_noprof+0x52/0x320
[   44.138472][ T3967]  ? sctp_get_port_local+0x410/0xa90
[   44.143840][ T3967]  sctp_get_port_local+0x410/0xa90
[   44.149039][ T3967]  sctp_do_bind+0x3a1/0x4c0
[   44.153584][ T3967]  sctp_connect_new_asoc+0x15b/0x3b0
[   44.158993][ T3967]  sctp_sendmsg+0xf05/0x1920
[   44.163751][ T3967]  ? __pfx_sctp_sendmsg+0x10/0x10
[   44.168806][ T3967]  inet_sendmsg+0xc5/0xd0
[   44.173164][ T3967]  __sock_sendmsg+0x102/0x180
[   44.178003][ T3967]  __sys_sendto+0x1a8/0x230
[   44.182539][ T3967]  __x64_sys_sendto+0x78/0x90
[   44.187249][ T3967]  x64_sys_call+0x29fa/0x2dc0
[   44.191955][ T3967]  do_syscall_64+0xc9/0x1c0
[   44.196529][ T3967]  ? clear_bhb_loop+0x55/0xb0
[   44.197363][ T3969] bridge0: port 1(bond0) entered blocking state
[   44.201223][ T3967]  ? clear_bhb_loop+0x55/0xb0
[   44.201260][ T3967]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.207602][ T3969] bridge0: port 1(bond0) entered disabled state
[   44.212179][ T3967] RIP: 0033:0x7f57660c5d19
[   44.212203][ T3967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   44.221212][ T3969] bond0: entered allmulticast mode
[   44.224309][ T3967] RSP: 002b:00007f5764737038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   44.224334][ T3967] RAX: ffffffffffffffda RBX: 00007f57662b5fa0 RCX: 00007f57660c5d19
[   44.224348][ T3967] RDX: 0000000000020000 RSI: 0000000020847fff RDI: 0000000000000005
[   44.224361][ T3967] RBP: 00007f5764737090 R08: 000000002005ffe4 R09: 000000000000001c
[   44.230590][ T3969] bond0: entered promiscuous mode
[   44.248401][ T3967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   44.248420][ T3967] R13: 0000000000000000 R14: 00007f57662b5fa0 R15: 00007ffe06d5ca08
[   44.248494][ T3967]  </TASK>
[   44.340236][ T3962] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.356306][ T3962] ext4 filesystem being mounted at /41/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   44.385013][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.412047][ T3978] loop2: detected capacity change from 0 to 512
[   44.420225][ T3978] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   44.433069][ T3978] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   44.446594][ T3978] EXT4-fs (loop2): 1 truncate cleaned up
[   44.452752][ T3978] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.487557][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.516130][ T3982] bond0: left allmulticast mode
[   44.521115][ T3982] bond0: left promiscuous mode
[   44.525987][ T3982] bridge0: port 1(bond0) entered disabled state
[   44.543753][ T3986] loop2: detected capacity change from 0 to 128
[   44.686475][ T3996] loop1: detected capacity change from 0 to 1024
[   44.703428][ T3996] EXT4-fs: Ignoring removed orlov option
[   44.724956][ T4001] FAULT_INJECTION: forcing a failure.
[   44.724956][ T4001] name failslab, interval 1, probability 0, space 0, times 0
[   44.731710][ T3999] loop0: detected capacity change from 0 to 2048
[   44.737743][ T4001] CPU: 1 UID: 0 PID: 4001 Comm: syz.4.197 Not tainted 6.13.0-rc3-syzkaller #0
[   44.746139][ T3996] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.752809][ T4001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[   44.752826][ T4001] Call Trace:
[   44.778679][ T4001]  <TASK>
[   44.781623][ T4001]  dump_stack_lvl+0xf2/0x150
[   44.786255][ T4001]  dump_stack+0x15/0x1a
[   44.787016][ T4005] loop3: detected capacity change from 0 to 512
[   44.790436][ T4001]  should_fail_ex+0x223/0x230
[   44.790471][ T4001]  should_failslab+0x8f/0xb0
[   44.799373][ T4005] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   44.801395][ T4001]  kmem_cache_alloc_node_noprof+0x59/0x320
[   44.821806][ T4001]  ? __alloc_skb+0x10b/0x310
[   44.826469][ T4001]  __alloc_skb+0x10b/0x310
[   44.830888][ T4001]  netlink_alloc_large_skb+0xad/0xe0
[   44.836186][ T4001]  netlink_sendmsg+0x3b4/0x6e0
[   44.836520][ T4005] EXT4-fs (loop3): 1 truncate cleaned up
[   44.840957][ T4001]  ? __pfx_netlink_sendmsg+0x10/0x10
[   44.840991][ T4001]  __sock_sendmsg+0x140/0x180
[   44.841078][ T4001]  ____sys_sendmsg+0x312/0x410
[   44.841105][ T4001]  __sys_sendmsg+0x19d/0x230
[   44.847987][ T4005] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.852020][ T4001]  __x64_sys_sendmsg+0x46/0x50
[   44.883333][ T4001]  x64_sys_call+0x2734/0x2dc0
[   44.888022][ T4001]  do_syscall_64+0xc9/0x1c0
[   44.892533][ T4001]  ? clear_bhb_loop+0x55/0xb0
[   44.897221][ T4001]  ? clear_bhb_loop+0x55/0xb0
[   44.901907][ T4001]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.907850][ T4001] RIP: 0033:0x7fdf74095d19
[   44.912323][ T4001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   44.932037][ T4001] RSP: 002b:00007fdf72707038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   44.940563][ T4001] RAX: ffffffffffffffda RBX: 00007fdf74285fa0 RCX: 00007fdf74095d19
[   44.948624][ T4001] RDX: 0000000000000000 RSI: 0000000020001200 RDI: 0000000000000003
[   44.956659][ T4001] RBP: 00007fdf72707090 R08: 0000000000000000 R09: 0000000000000000
[   44.964636][ T4001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   44.972643][ T4001] R13: 0000000000000000 R14: 00007fdf74285fa0 R15: 00007ffe79c90e58
[   44.980628][ T4001]  </TASK>
[   44.991198][ T4011] syz.0.196[4011] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   44.991293][ T4011] syz.0.196[4011] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   45.016318][ T4011] syz.0.196[4011] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   45.022806][ T3999]  loop0: p3 < > p4 < >
[   45.043070][ T3999] loop0: partition table partially beyond EOD, truncated
[   45.055258][ T3999] loop0: p3 start 4284289 is beyond EOD, truncated
[   45.057972][ T3996] EXT4-fs: Ignoring removed orlov option
[   45.064275][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.077968][ T3996] EXT4-fs (loop1): can't enable nombcache during remount
[   45.085362][ T4014] netlink: 700 bytes leftover after parsing attributes in process `syz.4.199'.
[   45.090023][ T3996] smc: net device bond0 applied user defined pnetid SYZ0
[   45.117424][ T4014] veth3: entered promiscuous mode
[   45.148977][ T3999] netlink: 4 bytes leftover after parsing attributes in process `syz.0.196'.
[   45.157997][ T3999] netlink: 4 bytes leftover after parsing attributes in process `syz.0.196'.
[   45.175818][ T3999] netlink: 4 bytes leftover after parsing attributes in process `syz.0.196'.
[   45.212445][ T3374] hid-generic 0004:0008:0586.0001: hidraw0: <UNKNOWN> HID v8.b3 Device [syz0] on syz0
[   45.325700][ T4024] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4024 comm=syz.4.203
[   45.439958][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.484882][ T4031] FAULT_INJECTION: forcing a failure.
[   45.484882][ T4031] name failslab, interval 1, probability 0, space 0, times 0
[   45.497592][ T4031] CPU: 0 UID: 0 PID: 4031 Comm: syz.1.206 Not tainted 6.13.0-rc3-syzkaller #0
[   45.506469][ T4031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[   45.516539][ T4031] Call Trace:
[   45.519820][ T4031]  <TASK>
[   45.522826][ T4031]  dump_stack_lvl+0xf2/0x150
[   45.527441][ T4031]  dump_stack+0x15/0x1a
[   45.531698][ T4031]  should_fail_ex+0x223/0x230
[   45.536513][ T4031]  should_failslab+0x8f/0xb0
[   45.541119][ T4031]  kmem_cache_alloc_noprof+0x52/0x320
[   45.546499][ T4031]  ? alloc_empty_file+0xd0/0x200
[   45.551446][ T4031]  ? _raw_spin_unlock+0x26/0x50
[   45.556330][ T4031]  alloc_empty_file+0xd0/0x200
[   45.561132][ T4031]  alloc_file_pseudo+0xc3/0x140
[   45.565992][ T4031]  __shmem_file_setup+0x1bb/0x1f0
[   45.571031][ T4031]  shmem_kernel_file_setup+0x3e/0x50
[   45.576386][ T4031]  newseg+0x2ee/0x690
[   45.580407][ T4031]  ipcget+0x318/0x4c0
[   45.584400][ T4031]  ? __bpf_trace_sys_enter+0x10/0x30
[   45.589815][ T4031]  __x64_sys_shmget+0xa6/0xd0
[   45.594496][ T4031]  x64_sys_call+0x28ec/0x2dc0
[   45.599185][ T4031]  do_syscall_64+0xc9/0x1c0
[   45.603711][ T4031]  ? clear_bhb_loop+0x55/0xb0
[   45.608395][ T4031]  ? clear_bhb_loop+0x55/0xb0
[   45.613080][ T4031]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.618996][ T4031] RIP: 0033:0x7f935d9a5d19
[   45.623470][ T4031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.643082][ T4031] RSP: 002b:00007f935c011038 EFLAGS: 00000246 ORIG_RAX: 000000000000001d
[   45.651498][ T4031] RAX: ffffffffffffffda RBX: 00007f935db95fa0 RCX: 00007f935d9a5d19
[   45.659521][ T4031] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000000000000000
[   45.667500][ T4031] RBP: 00007f935c011090 R08: 0000000000000000 R09: 0000000000000000
[   45.675490][ T4031] R10: 0000000020ffa000 R11: 0000000000000246 R12: 0000000000000001
[   45.683523][ T4031] R13: 0000000000000000 R14: 00007f935db95fa0 R15: 00007ffd440445b8
[   45.691503][ T4031]  </TASK>
[   45.721530][ T4041] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   45.780933][ T4041] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   45.831176][ T4052] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4052 comm=syz.1.214
[   45.844531][ T4041] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   45.865506][ T4054] loop1: detected capacity change from 0 to 128
[   45.872261][ T4054] /dev/loop1: Can't open blockdev
[   45.892833][ T4041] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   45.973011][ T4041] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   45.992126][ T4041] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.004206][ T4041] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   46.017356][ T4041] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   46.128925][ T4069] loop4: detected capacity change from 0 to 1024
[   46.136290][ T4069] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   46.147218][ T4069] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   46.160361][ T4069] JBD2: no valid journal superblock found
[   46.166135][ T4069] EXT4-fs (loop4): Could not load journal inode
[   46.219662][ T4079] loop4: detected capacity change from 0 to 128
[   46.255556][ T4080] loop3: detected capacity change from 0 to 128
[   46.350652][ T4088] SELinux:  Context system_u:object_r:policy_config_t:s0 is not valid (left unmapped).
[   46.367631][   T29] kauditd_printk_skb: 513 callbacks suppressed
[   46.367685][   T29] audit: type=1400 audit(1734331133.043:1604): avc:  denied  { relabelto } for  pid=4087 comm="syz.3.229" name="file0" dev="tmpfs" ino=288 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:policy_config_t:s0"
[   46.400564][   T29] audit: type=1400 audit(1734331133.043:1605): avc:  denied  { associate } for  pid=4087 comm="syz.3.229" name="file0" dev="tmpfs" ino=288 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:policy_config_t:s0"
[   46.428592][   T29] audit: type=1400 audit(1734331133.043:1606): avc:  denied  { map } for  pid=4087 comm="syz.3.229" path="/49/file0" dev="tmpfs" ino=288 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:policy_config_t:s0"
[   46.448508][ T4093] bond1: entered promiscuous mode
[   46.455285][   T29] audit: type=1400 audit(1734331133.043:1607): avc:  denied  { read } for  pid=4087 comm="syz.3.229" path="/49/file0" dev="tmpfs" ino=288 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:policy_config_t:s0"
[   46.460095][ T4093] bond1: entered allmulticast mode
[   46.489027][   T29] audit: type=1400 audit(1734331133.113:1608): avc:  denied  { connect } for  pid=4087 comm="syz.3.229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   46.511685][   T29] audit: type=1400 audit(1734331133.113:1609): avc:  denied  { write } for  pid=4087 comm="syz.3.229" path="socket:[6720]" dev="sockfs" ino=6720 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   46.535121][   T29] audit: type=1326 audit(1734331133.123:1610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4084 comm="syz.2.228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6116b35d19 code=0x7ffc0000
[   46.558650][   T29] audit: type=1326 audit(1734331133.123:1611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4084 comm="syz.2.228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6116b35d19 code=0x7ffc0000
[   46.558740][ T4093] 8021q: adding VLAN 0 to HW filter on device bond1
[   46.582038][   T29] audit: type=1326 audit(1734331133.123:1612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4084 comm="syz.2.228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6116b35d19 code=0x7ffc0000
[   46.612321][   T29] audit: type=1326 audit(1734331133.123:1613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4084 comm="syz.2.228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6116b35d19 code=0x7ffc0000
[   46.651949][ T4093] bond1 (unregistering): Released all slaves
[   46.761366][ T4115] loop0: detected capacity change from 0 to 1764
[   46.774917][ T4115] iso9660: Corrupted directory entry in block 2 of inode 1920
[   46.887808][ T4120] loop3: detected capacity change from 0 to 1764
[   46.903319][ T4120] iso9660: Corrupted directory entry in block 2 of inode 1920
[   47.092005][ T4135] bridge0: port 1(bond0) entered blocking state
[   47.098418][ T4135] bridge0: port 1(bond0) entered disabled state
[   47.105364][ T4135] bond0: entered allmulticast mode
[   47.144043][ T4135] bond0: entered promiscuous mode
[   47.228957][ T4139] loop3: detected capacity change from 0 to 8192
[   47.246648][ T4139] FAULT_INJECTION: forcing a failure.
[   47.246648][ T4139] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   47.259838][ T4139] CPU: 0 UID: 0 PID: 4139 Comm: syz.3.246 Not tainted 6.13.0-rc3-syzkaller #0
[   47.259863][ T4139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[   47.259936][ T4139] Call Trace:
[   47.259944][ T4139]  <TASK>
[   47.259953][ T4139]  dump_stack_lvl+0xf2/0x150
[   47.259990][ T4139]  dump_stack+0x15/0x1a
[   47.260019][ T4139]  should_fail_ex+0x223/0x230
[   47.260047][ T4139]  should_fail+0xb/0x10
[   47.260140][ T4139]  should_fail_usercopy+0x1a/0x20
[   47.260177][ T4139]  _copy_from_user+0x1e/0xb0
[   47.260219][ T4139]  memdup_user+0x64/0xc0
[   47.260321][ T4139]  strndup_user+0x68/0xa0
[   47.260356][ T4139]  __se_sys_mount+0x4e/0x2d0
[   47.260387][ T4139]  ? fput+0x1c4/0x200
[   47.260407][ T4139]  ? ksys_write+0x176/0x1b0
[   47.260505][ T4139]  __x64_sys_mount+0x67/0x80
[   47.260542][ T4139]  x64_sys_call+0x2c84/0x2dc0
[   47.260568][ T4139]  do_syscall_64+0xc9/0x1c0
[   47.260592][ T4139]  ? clear_bhb_loop+0x55/0xb0
[   47.260612][ T4139]  ? clear_bhb_loop+0x55/0xb0
[   47.260653][ T4139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.260712][ T4139] RIP: 0033:0x7f57660c5d19
[   47.260727][ T4139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.260746][ T4139] RSP: 002b:00007f5764737038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   47.260770][ T4139] RAX: ffffffffffffffda RBX: 00007f57662b5fa0 RCX: 00007f57660c5d19
[   47.260845][ T4139] RDX: 00000000200002c0 RSI: 0000000020000080 RDI: 0000000000000000
[   47.260860][ T4139] RBP: 00007f5764737090 R08: 0000000020000400 R09: 0000000000000000
[   47.260876][ T4139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   47.260891][ T4139] R13: 0000000000000000 R14: 00007f57662b5fa0 R15: 00007ffe06d5ca08
[   47.436431][ T4139]  </TASK>
[   47.507077][ T4150] loop4: detected capacity change from 0 to 1024
[   47.523194][ T4148] netlink: 32 bytes leftover after parsing attributes in process `syz.3.250'.
[   47.525871][ T4152] loop0: detected capacity change from 0 to 1764
[   47.533839][ T4150] EXT4-fs: Ignoring removed orlov option
[   47.552442][ T4152] iso9660: Corrupted directory entry in block 2 of inode 1920
[   47.580573][ T4150] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.609636][ T4150] EXT4-fs: Ignoring removed orlov option
[   47.616357][ T4150] EXT4-fs (loop4): can't enable nombcache during remount
[   47.626408][ T4157] loop2: detected capacity change from 0 to 128
[   47.675613][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.703686][ T4162] FAULT_INJECTION: forcing a failure.
[   47.703686][ T4162] name failslab, interval 1, probability 0, space 0, times 0
[   47.716343][ T4162] CPU: 0 UID: 0 PID: 4162 Comm: syz.2.255 Not tainted 6.13.0-rc3-syzkaller #0
[   47.725222][ T4162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[   47.735316][ T4162] Call Trace:
[   47.738700][ T4162]  <TASK>
[   47.741664][ T4162]  dump_stack_lvl+0xf2/0x150
[   47.746301][ T4162]  dump_stack+0x15/0x1a
[   47.750536][ T4162]  should_fail_ex+0x223/0x230
[   47.755317][ T4162]  should_failslab+0x8f/0xb0
[   47.760028][ T4162]  kmem_cache_alloc_node_noprof+0x59/0x320
[   47.765858][ T4162]  ? perf_event_alloc+0x157/0x12e0
[   47.770997][ T4162]  perf_event_alloc+0x157/0x12e0
[   47.776168][ T4162]  ? __fget_files+0x17c/0x1c0
[   47.780941][ T4162]  __se_sys_perf_event_open+0x5ac/0x2230
[   47.786685][ T4162]  ? proc_fail_nth_write+0x12a/0x150
[   47.792128][ T4162]  ? vfs_write+0x4f1/0x920
[   47.794880][ T4166] loop4: detected capacity change from 0 to 1764
[   47.796686][ T4162]  __x64_sys_perf_event_open+0x67/0x80
[   47.808450][ T4162]  x64_sys_call+0x1deb/0x2dc0
[   47.808480][ T4162]  do_syscall_64+0xc9/0x1c0
[   47.808501][ T4162]  ? clear_bhb_loop+0x55/0xb0
[   47.808525][ T4162]  ? clear_bhb_loop+0x55/0xb0
[   47.827029][ T4162]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.827075][ T4162] RIP: 0033:0x7f6116b35d19
[   47.827091][ T4162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.841954][ T4166] iso9660: Corrupted directory entry in block 2 of inode 1920
[   47.857083][ T4162] RSP: 002b:00007f61151a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[   47.857111][ T4162] RAX: ffffffffffffffda RBX: 00007f6116d25fa0 RCX: 00007f6116b35d19
[   47.857168][ T4162] RDX: 0000000000000001 RSI: ffffffffffffffff RDI: 0000000020000400
[   47.857182][ T4162] RBP: 00007f61151a7090 R08: 0000000000000002 R09: 0000000000000000
[   47.857194][ T4162] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[   47.905077][ T4162] R13: 0000000000000000 R14: 00007f6116d25fa0 R15: 00007ffd1d1d6d98
[   47.913122][ T4162]  </TASK>
[   47.945048][ T4169] netlink: 32 bytes leftover after parsing attributes in process `syz.2.257'.
[   48.107744][ T4178] loop3: detected capacity change from 0 to 128
[   48.129243][ T4178] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   48.142181][ T4178] ext4 filesystem being mounted at /56/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   48.144017][ T4183] program syz.0.262 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   48.184468][ T4178] Invalid ELF header magic: != ELF
[   48.211137][ T4183] loop0: detected capacity change from 0 to 512
[   48.227953][ T3298] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   48.262381][ T4183] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[   48.284631][ T4183] System zones: 0-2, 18-18, 34-34
[   48.284870][ T4186] loop3: detected capacity change from 0 to 128
[   48.290927][ T4183] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.262: bg 0: block 248: padding at end of block bitmap is not set
[   48.303146][ T4192] loop1: detected capacity change from 0 to 128
[   48.329858][ T4183] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.262: Failed to acquire dquot type 1
[   48.349709][ T4183] EXT4-fs (loop0): 1 truncate cleaned up
[   48.364491][ T4196] loop2: detected capacity change from 0 to 1024
[   48.371396][ T4196] EXT4-fs: Ignoring removed nomblk_io_submit option
[   48.371549][ T4186] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   48.379758][ T4196] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   48.395405][ T4186] ext4 filesystem being mounted at /57/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   48.404016][ T4183] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.443021][ T4183] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   48.445723][ T4198] loop1: detected capacity change from 0 to 1024
[   48.465419][ T4183] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.465425][ T4198] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   48.465453][ T4198] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   48.497241][ T4198] JBD2: no valid journal superblock found
[   48.503116][ T4198] EXT4-fs (loop1): Could not load journal inode
[   48.510063][ T4196] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.535233][ T4202] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4202 comm=syz.4.268
[   48.548538][ T4186] netlink: 20 bytes leftover after parsing attributes in process `syz.3.263'.
[   48.568993][ T4204] program +}[@ is using a deprecated SCSI ioctl, please convert it to SG_IO
[   48.598725][ T4183] 9pnet_fd: Insufficient options for proto=fd
[   48.614886][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.623665][ T4206] loop1: detected capacity change from 0 to 1764
[   48.628653][ T4200] netlink: 20 bytes leftover after parsing attributes in process `syz.3.263'.
[   48.665438][ T4210] loop2: detected capacity change from 0 to 512
[   48.702093][ T4210] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   48.720832][ T4206] iso9660: Corrupted directory entry in block 2 of inode 1920
[   48.726264][ T4212] loop0: detected capacity change from 0 to 8192
[   48.729687][ T4210] EXT4-fs (loop2): 1 truncate cleaned up
[   48.758668][ T4210] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.771401][ T4212]  loop0: p1 p2 p3 p4[EZD]
[   48.780025][ T4212] loop0: p1 size 16128 extends beyond EOD, truncated
[   48.792535][ T4212] loop0: p3 start 458783 is beyond EOD, truncated
[   48.799003][ T4212] loop0: p4 size 65536 extends beyond EOD, truncated
[   48.814760][ T4210] EXT4-fs error (device loop2): ext4_xattr_inode_iget:440: comm syz.2.271: inode #1073372648: comm syz.2.271: iget: illegal inode #
[   48.846089][ T2999]  loop0: p1 p2 p3 p4[EZD]
[   48.851304][ T2999] loop0: p1 size 16128 extends beyond EOD, truncated
[   48.861379][ T4210] EXT4-fs error (device loop2): ext4_xattr_inode_iget:445: comm syz.2.271: error while reading EA inode 1073372648 err=-117
[   48.879022][ T2999] loop0: p3 start 458783 is beyond EOD, truncated
[   48.885560][ T2999] loop0: p4 size 65536 extends beyond EOD, truncated
[   48.895966][ T4210] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2977: inode #15: comm syz.2.271: corrupted xattr block 33: invalid header
[   48.904970][ T4212] vhci_hcd: default hub control req: a100 v0000 i0000 l0
[   48.940852][ T4210] EXT4-fs warning (device loop2): ext4_evict_inode:276: xattr delete (err -117)
[   49.011116][ T4223] loop4: detected capacity change from 0 to 8192
[   49.028677][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.062804][ T4228] process 'syz.0.276' launched './file1' with NULL argv: empty string added
[   49.116938][ T3298] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   49.151782][ T4236] loop2: detected capacity change from 0 to 128
[   49.283456][ T4246] can: request_module (can-proto-0) failed.
[   49.309872][ T4244] loop3: detected capacity change from 0 to 8192
[   49.345715][ T4252] loop2: detected capacity change from 0 to 1764
[   49.364418][ T4252] iso9660: Corrupted directory entry in block 2 of inode 1920
[   49.382839][ T4244] syzkaller0: entered allmulticast mode
[   49.403736][ T4244] syzkaller0 (unregistering): left allmulticast mode
[   49.434478][ T4258] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4258 comm=syz.4.289
[   49.481545][ T4256] bond0: left allmulticast mode
[   49.486468][ T4256] bond0: left promiscuous mode
[   49.491528][ T4256] bridge0: port 1(bond0) entered disabled state
[   49.522114][ T4264] FAULT_INJECTION: forcing a failure.
[   49.522114][ T4264] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   49.535288][ T4264] CPU: 0 UID: 0 PID: 4264 Comm: syz.0.291 Not tainted 6.13.0-rc3-syzkaller #0
[   49.544225][ T4264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[   49.554304][ T4264] Call Trace:
[   49.557604][ T4264]  <TASK>
[   49.560556][ T4264]  dump_stack_lvl+0xf2/0x150
[   49.565211][ T4264]  dump_stack+0x15/0x1a
[   49.569560][ T4264]  should_fail_ex+0x223/0x230
[   49.574297][ T4264]  should_fail+0xb/0x10
[   49.578485][ T4264]  should_fail_usercopy+0x1a/0x20
[   49.583540][ T4264]  _copy_from_user+0x1e/0xb0
[   49.588162][ T4264]  move_addr_to_kernel+0x82/0x120
[   49.593287][ T4264]  copy_msghdr_from_user+0x271/0x2a0
[   49.598613][ T4264]  __sys_sendmmsg+0x1e8/0x4b0
[   49.603372][ T4264]  __x64_sys_sendmmsg+0x57/0x70
[   49.608315][ T4264]  x64_sys_call+0x29aa/0x2dc0
[   49.613037][ T4264]  do_syscall_64+0xc9/0x1c0
[   49.617555][ T4264]  ? clear_bhb_loop+0x55/0xb0
[   49.622245][ T4264]  ? clear_bhb_loop+0x55/0xb0
[   49.626953][ T4264]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.632881][ T4264] RIP: 0033:0x7f0fde175d19
[   49.637349][ T4264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.657022][ T4264] RSP: 002b:00007f0fdc7e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   49.665503][ T4264] RAX: ffffffffffffffda RBX: 00007f0fde365fa0 RCX: 00007f0fde175d19
[   49.673481][ T4264] RDX: 0000000000000001 RSI: 00000000200032c0 RDI: 0000000000000003
[   49.681460][ T4264] RBP: 00007f0fdc7e1090 R08: 0000000000000000 R09: 0000000000000000
[   49.689436][ T4264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.697429][ T4264] R13: 0000000000000000 R14: 00007f0fde365fa0 R15: 00007ffcebf23d18
[   49.705562][ T4264]  </TASK>
[   49.859498][ T4273] loop3: detected capacity change from 0 to 512
[   49.869823][ T4273] SELinux: security_context_str_to_sid (root) failed with errno=-22
[   49.905278][ T4271] netlink: 'syz.1.293': attribute type 1 has an invalid length.
[   50.020919][ T4289] netlink: 32 bytes leftover after parsing attributes in process `syz.4.301'.
[   50.076201][ T4290] loop0: detected capacity change from 0 to 512
[   50.101765][ T4290] SELinux: security_context_str_to_sid (root) failed with errno=-22
[   50.101865][ T4292] loop4: detected capacity change from 0 to 1024
[   50.134018][ T4294] bond0: left allmulticast mode
[   50.138982][ T4294] bond0: left promiscuous mode
[   50.143941][ T4294] bridge0: port 1(bond0) entered disabled state
[   50.155603][ T4299] smc: net device bond0 erased user defined pnetid SYZ0
[   50.162917][ T4292] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.302: Failed to acquire dquot type 0
[   50.175261][ T4292] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[   50.189912][ T4292] EXT4-fs error (device loop4): ext4_do_update_inode:5153: inode #13: comm syz.4.302: corrupted inode contents
[   50.202976][ T4292] EXT4-fs error (device loop4): ext4_dirty_inode:6041: inode #13: comm syz.4.302: mark_inode_dirty error
[   50.214933][ T4292] EXT4-fs error (device loop4): ext4_do_update_inode:5153: inode #13: comm syz.4.302: corrupted inode contents
[   50.230508][ T4292] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #13: comm syz.4.302: mark_inode_dirty error
[   50.246383][ T4306] loop0: detected capacity change from 0 to 128
[   50.258004][ T4292] EXT4-fs error (device loop4): ext4_do_update_inode:5153: inode #13: comm syz.4.302: corrupted inode contents
[   50.284877][ T4292] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[   50.301244][ T4292] EXT4-fs error (device loop4): ext4_do_update_inode:5153: inode #13: comm syz.4.302: corrupted inode contents
[   50.324254][ T4292] EXT4-fs error (device loop4): ext4_truncate:4240: inode #13: comm syz.4.302: mark_inode_dirty error
[   50.365714][ T4292] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[   50.377161][ T4313] FAULT_INJECTION: forcing a failure.
[   50.377161][ T4313] name failslab, interval 1, probability 0, space 0, times 0
[   50.389930][ T4313] CPU: 1 UID: 0 PID: 4313 Comm: syz.3.311 Not tainted 6.13.0-rc3-syzkaller #0
[   50.391041][ T4292] EXT4-fs (loop4): 1 truncate cleaned up
[   50.398785][ T4313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[   50.412267][ T4292] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.414471][ T4313] Call Trace:
[   50.414480][ T4313]  <TASK>
[   50.433126][ T4313]  dump_stack_lvl+0xf2/0x150
[   50.437792][ T4313]  dump_stack+0x15/0x1a
[   50.442078][ T4313]  should_fail_ex+0x223/0x230
[   50.446844][ T4313]  should_failslab+0x8f/0xb0
[   50.451470][ T4313]  kmem_cache_alloc_noprof+0x52/0x320
[   50.456894][ T4313]  ? __inet_hash_connect+0xa05/0x1160
[   50.462296][ T4313]  __inet_hash_connect+0xa05/0x1160
[   50.467509][ T4313]  ? secure_ipv6_port_ephemeral+0xa4/0x130
[   50.473392][ T4313]  inet6_hash_connect+0x72/0x80
[   50.478258][ T4313]  tcp_v6_connect+0x9b0/0xc60
[   50.482991][ T4313]  __inet_stream_connect+0x162/0x790
[   50.488298][ T4313]  ? _raw_spin_unlock_bh+0x36/0x40
[   50.493421][ T4313]  ? release_sock+0x117/0x150
[   50.498173][ T4313]  ? _raw_spin_unlock_bh+0x36/0x40
[   50.503374][ T4313]  ? lock_sock_nested+0x10f/0x140
[   50.508457][ T4313]  ? selinux_netlbl_socket_connect+0x113/0x130
[   50.514730][ T4313]  inet_stream_connect+0x48/0x70
[   50.519685][ T4313]  ? __pfx_inet_stream_connect+0x10/0x10
[   50.525358][ T4313]  __sys_connect+0x18f/0x1b0
[   50.530003][ T4313]  __x64_sys_connect+0x41/0x50
[   50.534851][ T4313]  x64_sys_call+0x22a7/0x2dc0
[   50.539621][ T4313]  do_syscall_64+0xc9/0x1c0
[   50.544137][ T4313]  ? clear_bhb_loop+0x55/0xb0
[   50.548880][ T4313]  ? clear_bhb_loop+0x55/0xb0
[   50.553597][ T4313]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.559547][ T4313] RIP: 0033:0x7f57660c5d19
[   50.563991][ T4313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   50.583605][ T4313] RSP: 002b:00007f5764737038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[   50.592026][ T4313] RAX: ffffffffffffffda RBX: 00007f57662b5fa0 RCX: 00007f57660c5d19
[   50.600000][ T4313] RDX: 000000000000001c RSI: 0000000020000200 RDI: 0000000000000006
[   50.607974][ T4313] RBP: 00007f5764737090 R08: 0000000000000000 R09: 0000000000000000
[   50.615969][ T4313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   50.623977][ T4313] R13: 0000000000000000 R14: 00007f57662b5fa0 R15: 00007ffe06d5ca08
[   50.631959][ T4313]  </TASK>
[   50.661306][ T4318] netlink: 32 bytes leftover after parsing attributes in process `syz.0.313'.
[   50.678023][ T4320] bridge0: port 1(bond0) entered blocking state
[   50.683728][ T4316] loop1: detected capacity change from 0 to 2048
[   50.684400][ T4320] bridge0: port 1(bond0) entered disabled state
[   50.698724][ T4320] bond0: entered allmulticast mode
[   50.705287][ T4320] bond0: entered promiscuous mode
[   50.720049][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.732175][ T4316] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.761592][ T4325] loop2: detected capacity change from 0 to 1024
[   50.781376][ T4325] EXT4-fs: Ignoring removed orlov option
[   50.809275][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.816288][ T4332] loop4: detected capacity change from 0 to 1764
[   50.837322][ T4332] iso9660: Corrupted directory entry in block 2 of inode 1920
[   50.849608][ T4329] netlink: 'syz.3.318': attribute type 1 has an invalid length.
[   50.857763][ T4325] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.888869][ T4325] ext4: Unknown parameter '\jŒÚi*†ßB²p˜w;E‹J4¬—~½DPü!ÐBp?[ð0é5‡Šmœ€ªBRÔêk�bÿ +[Z'
[   50.911525][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.964302][ T4340] loop1: detected capacity change from 0 to 1764
[   50.979458][ T4345] loop3: detected capacity change from 0 to 512
[   50.997805][ T4339] iso9660: Corrupted directory entry in block 2 of inode 1920
[   51.018265][ T4345] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   51.056875][ T4345] EXT4-fs (loop3): 1 truncate cleaned up
[   51.079315][ T4345] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.107899][ T4349] ip6gre1: entered allmulticast mode
[   51.173015][ T4352] bond1: entered promiscuous mode
[   51.178089][ T4352] bond1: entered allmulticast mode
[   51.206533][ T4352] 8021q: adding VLAN 0 to HW filter on device bond1
[   51.233883][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.240049][ T4352] bond1 (unregistering): Released all slaves
[   51.269919][ T4356] FAULT_INJECTION: forcing a failure.
[   51.269919][ T4356] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   51.283028][ T4356] CPU: 1 UID: 0 PID: 4356 Comm: syz.2.325 Not tainted 6.13.0-rc3-syzkaller #0
[   51.291986][ T4356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[   51.302065][ T4356] Call Trace:
[   51.305359][ T4356]  <TASK>
[   51.308312][ T4356]  dump_stack_lvl+0xf2/0x150
[   51.312985][ T4356]  dump_stack+0x15/0x1a
[   51.317173][ T4356]  should_fail_ex+0x223/0x230
[   51.321863][ T4356]  should_fail+0xb/0x10
[   51.326042][ T4356]  should_fail_usercopy+0x1a/0x20
[   51.331082][ T4356]  _copy_from_iter+0xd5/0xd00
[   51.335800][ T4356]  ? selinux_file_open+0x34a/0x3b0
[   51.340935][ T4356]  ? skb_set_owner_w+0x164/0x1b0
[   51.345883][ T4356]  ? __virt_addr_valid+0x1ed/0x250
[   51.351063][ T4356]  ? __check_object_size+0x364/0x520
[   51.356360][ T4356]  skb_copy_datagram_from_iter+0xb3/0x460
[   51.362090][ T4356]  ? skb_put+0xba/0x100
[   51.366255][ T4356]  tun_get_user+0xb7c/0x25b0
[   51.370861][ T4356]  ? _parse_integer+0x27/0x30
[   51.375613][ T4356]  ? ref_tracker_alloc+0x1f5/0x2f0
[   51.380800][ T4356]  tun_chr_write_iter+0x188/0x240
[   51.385970][ T4356]  vfs_write+0x77f/0x920
[   51.390226][ T4356]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   51.395834][ T4356]  ksys_write+0xe8/0x1b0
[   51.400091][ T4356]  __x64_sys_write+0x42/0x50
[   51.404768][ T4356]  x64_sys_call+0x287e/0x2dc0
[   51.409454][ T4356]  do_syscall_64+0xc9/0x1c0
[   51.414038][ T4356]  ? clear_bhb_loop+0x55/0xb0
[   51.418718][ T4356]  ? clear_bhb_loop+0x55/0xb0
[   51.423449][ T4356]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.429501][ T4356] RIP: 0033:0x7f6116b347cf
[   51.433920][ T4356] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   51.453581][ T4356] RSP: 002b:00007f61151a7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   51.462001][ T4356] RAX: ffffffffffffffda RBX: 00007f6116d25fa0 RCX: 00007f6116b347cf
[   51.469980][ T4356] RDX: 0000000000000d81 RSI: 0000000020002c40 RDI: 00000000000000c8
[   51.477984][ T4356] RBP: 00007f61151a7090 R08: 0000000000000000 R09: 0000000000000000
[   51.485957][ T4356] R10: 0000000000000d81 R11: 0000000000000293 R12: 0000000000000001
[   51.493945][ T4356] R13: 0000000000000000 R14: 00007f6116d25fa0 R15: 00007ffd1d1d6d98
[   51.501975][ T4356]  </TASK>
[   51.590824][ T4367] loop1: detected capacity change from 0 to 2048
[   51.625274][ T4367] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.696732][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.717775][   T29] kauditd_printk_skb: 423 callbacks suppressed
[   51.717792][   T29] audit: type=1326 audit(1734331138.393:2033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fde175d19 code=0x7ffc0000
[   51.752082][   T29] audit: type=1326 audit(1734331138.433:2034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fde175d19 code=0x7ffc0000
[   51.779265][   T29] audit: type=1326 audit(1734331138.453:2035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f0fde175d19 code=0x7ffc0000
[   51.802670][   T29] audit: type=1326 audit(1734331138.453:2036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fde175d19 code=0x7ffc0000
[   51.826149][   T29] audit: type=1326 audit(1734331138.453:2037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f0fde175d19 code=0x7ffc0000
[   51.849391][   T29] audit: type=1326 audit(1734331138.453:2038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fde175d19 code=0x7ffc0000
[   51.872776][   T29] audit: type=1326 audit(1734331138.453:2039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f0fde175d19 code=0x7ffc0000
[   51.896164][   T29] audit: type=1326 audit(1734331138.453:2040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fde175d19 code=0x7ffc0000
[   51.919607][   T29] audit: type=1326 audit(1734331138.453:2041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fde175d19 code=0x7ffc0000
[   51.943056][   T29] audit: type=1326 audit(1734331138.453:2042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f0fde175d19 code=0x7ffc0000
[   51.985738][ T4380] netlink: 'syz.2.335': attribute type 1 has an invalid length.
[   52.012893][ T3373] IPVS: starting estimator thread 0...
[   52.073061][ T4388] loop2: detected capacity change from 0 to 8192
[   52.109583][ T4386] IPVS: using max 2400 ests per chain, 120000 per kthread
[   52.131449][ T4388]  loop2: p1
[   52.144529][ T4388] vlan2: entered promiscuous mode
[   52.171945][ T4400] loop1: detected capacity change from 0 to 2048
[   52.174176][ T4398] loop0: detected capacity change from 0 to 1024
[   52.185305][ T4398] EXT4-fs: Ignoring removed orlov option
[   52.191897][ T4400]  loop1: p1 < > p2 p3 < p5 > p4
[   52.196944][ T4400] loop1: partition table partially beyond EOD, truncated
[   52.205726][ T4400] loop1: p1 start 4278190080 is beyond EOD, truncated
[   52.212606][ T4400] loop1: p2 start 16908800 is beyond EOD, truncated
[   52.220369][ T4400] loop1: p4 start 11326 is beyond EOD, truncated
[   52.226749][ T4400] loop1: p5 start 16908800 is beyond EOD, truncated
[   52.250153][ T4398] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.269910][ T4398] ext4: Unknown parameter '\jŒÚi*†ßB²p˜w;E‹J4¬—~½DPü!ÐBp?[ð0é5‡Šmœ€ªBRÔêk�bÿ +[Z'
[   52.288696][ T4405] netlink: 40 bytes leftover after parsing attributes in process `syz.2.344'.
[   52.298050][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.324188][ T4408] loop0: detected capacity change from 0 to 512
[   52.346383][ T4408] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   52.375622][ T4408] EXT4-fs (loop0): 1 truncate cleaned up
[   52.381854][ T4408] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.455569][ T4419] bond1: entered promiscuous mode
[   52.460663][ T4419] bond1: entered allmulticast mode
[   52.466083][ T4419] 8021q: adding VLAN 0 to HW filter on device bond1
[   52.476060][ T4419] bond1 (unregistering): Released all slaves
[   52.530661][ T4425] loop4: detected capacity change from 0 to 128
[   52.575296][ T4427] FAULT_INJECTION: forcing a failure.
[   52.575296][ T4427] name failslab, interval 1, probability 0, space 0, times 0
[   52.579257][ T4429] loop2: detected capacity change from 0 to 128
[   52.587970][ T4427] CPU: 0 UID: 0 PID: 4427 Comm: syz.4.353 Not tainted 6.13.0-rc3-syzkaller #0
[   52.603052][ T4427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[   52.613111][ T4427] Call Trace:
[   52.616444][ T4427]  <TASK>
[   52.619377][ T4427]  dump_stack_lvl+0xf2/0x150
[   52.624036][ T4427]  dump_stack+0x15/0x1a
[   52.628209][ T4427]  should_fail_ex+0x223/0x230
[   52.632900][ T4427]  should_failslab+0x8f/0xb0
[   52.637545][ T4427]  kmem_cache_alloc_noprof+0x52/0x320
[   52.643017][ T4427]  ? alloc_empty_file+0xd0/0x200
[   52.648029][ T4427]  ? _raw_spin_unlock+0x26/0x50
[   52.652889][ T4427]  alloc_empty_file+0xd0/0x200
[   52.657697][ T4427]  alloc_file_pseudo+0xc3/0x140
[   52.662645][ T4427]  hugetlb_file_setup+0x290/0x3c0
[   52.667683][ T4427]  ksys_mmap_pgoff+0x172/0x330
[   52.672469][ T4427]  x64_sys_call+0x1940/0x2dc0
[   52.677185][ T4427]  do_syscall_64+0xc9/0x1c0
[   52.681694][ T4427]  ? clear_bhb_loop+0x55/0xb0
[   52.686397][ T4427]  ? clear_bhb_loop+0x55/0xb0
[   52.691079][ T4427]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.697061][ T4427] RIP: 0033:0x7fdf74095d19
[   52.701484][ T4427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.721195][ T4427] RSP: 002b:00007fdf72707038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   52.729623][ T4427] RAX: ffffffffffffffda RBX: 00007fdf74285fa0 RCX: 00007fdf74095d19
[   52.737611][ T4427] RDX: 000000000000000b RSI: 0000000000ff5000 RDI: 0000000020000000
[   52.745594][ T4427] RBP: 00007fdf72707090 R08: ffffffffffffffff R09: 0000000000200000
[   52.753570][ T4427] R10: 000200000005c832 R11: 0000000000000246 R12: 0000000000000001
[   52.761545][ T4427] R13: 0000000000000000 R14: 00007fdf74285fa0 R15: 00007ffe79c90e58
[   52.769529][ T4427]  </TASK>
[   52.833225][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.045555][ T4456] bond1: entered promiscuous mode
[   53.050674][ T4456] bond1: entered allmulticast mode
[   53.055976][ T4456] 8021q: adding VLAN 0 to HW filter on device bond1
[   53.065719][ T4462] loop4: detected capacity change from 0 to 512
[   53.066744][ T4456] bond1 (unregistering): Released all slaves
[   53.080008][ T4462] EXT4-fs error (device loop4): ext4_orphan_get:1389: inode #15: comm syz.4.366: casefold flag without casefold feature
[   53.093151][ T4462] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.366: couldn't read orphan inode 15 (err -117)
[   53.106171][ T4462] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.163918][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.293628][ T4475] loop4: detected capacity change from 0 to 512
[   53.305874][ T4477] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4477 comm=syz.1.371
[   53.331523][ T4475] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[   53.340147][ T4475] System zones: 0-2, 18-18, 34-34
[   53.346135][ T4475] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.370: bg 0: block 248: padding at end of block bitmap is not set
[   53.356282][ T4482] loop1: detected capacity change from 0 to 2048
[   53.364205][ T4475] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.370: Failed to acquire dquot type 1
[   53.378745][ T4475] EXT4-fs (loop4): 1 truncate cleaned up
[   53.384901][ T4482]  loop1: p1 < > p2 p3 < p5 > p4
[   53.384912][ T4475] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.389898][ T4482] loop1: partition table partially beyond EOD, truncated
[   53.406331][ T4475] ext4 filesystem being mounted at /75/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.411006][ T4482] loop1: p1 start 4278190080 is beyond EOD, truncated
[   53.426724][ T4482] loop1: p2 start 16908800 is beyond EOD, truncated
[   53.436401][ T4482] loop1: p4 start 11326 is beyond EOD, truncated
[   53.442791][ T4482] loop1: p5 start 16908800 is beyond EOD, truncated
[   53.542628][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.610929][ T4489] netlink: 32 bytes leftover after parsing attributes in process `syz.4.375'.
[   53.656451][ T4494] loop1: detected capacity change from 0 to 1024
[   53.663379][ T4494] EXT4-fs: Ignoring removed oldalloc option
[   53.671146][ T4494] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   53.692652][ T4494] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.733763][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.954273][ T4514] loop4: detected capacity change from 0 to 2048
[   53.990369][ T4514]  loop4: p3 < > p4 < >
[   53.994594][ T4514] loop4: partition table partially beyond EOD, truncated
[   54.001916][ T4514] loop4: p3 start 4284289 is beyond EOD, truncated
[   54.026403][ T4514] syz.4.383[4514] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.026468][ T4514] syz.4.383[4514] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.037899][ T4514] syz.4.383[4514] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.088037][ T4514] netlink: 4 bytes leftover after parsing attributes in process `syz.4.383'.
[   54.108149][ T4519] loop0: detected capacity change from 0 to 1764
[   54.108190][ T4514] netlink: 4 bytes leftover after parsing attributes in process `syz.4.383'.
[   54.115341][ T4521] syz.1.386[4521] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.123693][ T4521] syz.1.386[4521] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.130640][ T4514] netlink: 4 bytes leftover after parsing attributes in process `syz.4.383'.
[   54.148906][ T4521] syz.1.386[4521] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.245872][ T4519] iso9660: Corrupted directory entry in block 2 of inode 1920
[   54.380753][ T4528] x_tables: duplicate underflow at hook 1
[   54.442304][ T4532] syz.1.389[4532] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.442429][ T4532] syz.1.389[4532] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.460468][ T4532] syz.1.389[4532] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.501442][ T4536] FAULT_INJECTION: forcing a failure.
[   54.501442][ T4536] name failslab, interval 1, probability 0, space 0, times 0
[   54.504027][ T4538] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4538 comm=syz.4.392
[   54.512702][ T4536] CPU: 0 UID: 0 PID: 4536 Comm: syz.0.391 Not tainted 6.13.0-rc3-syzkaller #0
[   54.512730][ T4536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[   54.512745][ T4536] Call Trace:
[   54.512752][ T4536]  <TASK>
[   54.512769][ T4536]  dump_stack_lvl+0xf2/0x150
[   54.567514][ T4536]  dump_stack+0x15/0x1a
[   54.571692][ T4536]  should_fail_ex+0x223/0x230
[   54.576434][ T4536]  should_failslab+0x8f/0xb0
[   54.581045][ T4536]  kmem_cache_alloc_node_noprof+0x59/0x320
[   54.586923][ T4536]  ? __alloc_skb+0x10b/0x310
[   54.591518][ T4536]  __alloc_skb+0x10b/0x310
[   54.595937][ T4536]  ? audit_log_start+0x34c/0x6b0
[   54.600887][ T4536]  audit_log_start+0x368/0x6b0
[   54.605666][ T4536]  audit_seccomp+0x4b/0x130
[   54.610259][ T4536]  __seccomp_filter+0x6fa/0x1180
[   54.615340][ T4536]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   54.621119][ T4536]  ? vfs_write+0x596/0x920
[   54.625568][ T4536]  ? putname+0xcf/0xf0
[   54.629653][ T4536]  __secure_computing+0x9f/0x1c0
[   54.634645][ T4536]  syscall_trace_enter+0xd1/0x1f0
[   54.639788][ T4536]  ? fpregs_assert_state_consistent+0x83/0xa0
[   54.645870][ T4536]  do_syscall_64+0xaa/0x1c0
[   54.650479][ T4536]  ? clear_bhb_loop+0x55/0xb0
[   54.655170][ T4536]  ? clear_bhb_loop+0x55/0xb0
[   54.659852][ T4536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.665928][ T4536] RIP: 0033:0x7f0fde175d19
[   54.670350][ T4536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.689962][ T4536] RSP: 002b:00007f0fdc7e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[   54.698377][ T4536] RAX: ffffffffffffffda RBX: 00007f0fde365fa0 RCX: 00007f0fde175d19
[   54.706353][ T4536] RDX: 0000000000004000 RSI: 0000000000003000 RDI: 0000000020ff8000
[   54.714499][ T4536] RBP: 00007f0fdc7e1090 R08: 0000000020ffc000 R09: 0000000000000000
[   54.722552][ T4536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.730570][ T4536] R13: 0000000000000000 R14: 00007f0fde365fa0 R15: 00007ffcebf23d18
[   54.738637][ T4536]  </TASK>
[   54.839633][ T4549] loop4: detected capacity change from 0 to 1024
[   54.846425][ T4549] EXT4-fs: Ignoring removed orlov option
[   54.865000][ T4549] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.884742][ T4558] loop3: detected capacity change from 0 to 512
[   54.892150][ T4558] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   54.900629][ T4549] EXT4-fs: Ignoring removed orlov option
[   54.911504][ T4549] EXT4-fs (loop4): can't enable nombcache during remount
[   54.914644][ T4558] EXT4-fs (loop3): 1 truncate cleaned up
[   54.924591][ T4558] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.947671][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.957638][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.061566][ T4571] bond1: entered promiscuous mode
[   55.066640][ T4571] bond1: entered allmulticast mode
[   55.073397][ T4571] 8021q: adding VLAN 0 to HW filter on device bond1
[   55.088947][ T4571] bond1 (unregistering): Released all slaves
[   55.116129][ T4580] loop4: detected capacity change from 0 to 2048
[   55.161130][ T4580]  loop4: p3 < > p4 < >
[   55.165338][ T4580] loop4: partition table partially beyond EOD, truncated
[   55.172725][ T4580] loop4: p3 start 4284289 is beyond EOD, truncated
[   55.184517][ T4580] syz.4.405[4580] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   55.198124][ T4580] netlink: 4 bytes leftover after parsing attributes in process `syz.4.405'.
[   55.218242][ T4580] netlink: 4 bytes leftover after parsing attributes in process `syz.4.405'.
[   55.218457][ T3289] udevd[3289]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   55.228877][ T4580] netlink: 4 bytes leftover after parsing attributes in process `syz.4.405'.
[   55.393444][ T4589] loop4: detected capacity change from 0 to 2048
[   55.429811][ T4589]  loop4: p3 < > p4 < >
[   55.434017][ T4589] loop4: partition table partially beyond EOD, truncated
[   55.441162][ T4589] loop4: p3 start 4284289 is beyond EOD, truncated
[   55.471885][ T4589] netlink: 4 bytes leftover after parsing attributes in process `syz.4.408'.
[   55.480772][ T4589] netlink: 4 bytes leftover after parsing attributes in process `syz.4.408'.
[   55.489732][ T4589] netlink: 4 bytes leftover after parsing attributes in process `syz.4.408'.
[   55.647749][ T4594] loop4: detected capacity change from 0 to 128
[   55.803432][ T4611] bond1: entered promiscuous mode
[   55.808491][ T4611] bond1: entered allmulticast mode
[   55.813748][ T4611] 8021q: adding VLAN 0 to HW filter on device bond1
[   55.823465][ T4611] bond1 (unregistering): Released all slaves
[   55.869458][ T4615] loop3: detected capacity change from 0 to 128
[   55.928187][ T4621] loop3: detected capacity change from 0 to 128
[   55.959223][ T4623] loop3: detected capacity change from 0 to 512
[   55.965943][ T4623] ext4: Unknown parameter 'fowner<00000000000000000000'
[   55.982209][ T4623] loop3: detected capacity change from 0 to 1024
[   55.991297][ T4623] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.003683][ T4623] ext4 filesystem being mounted at /83/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.041814][ T4627] loop1: detected capacity change from 0 to 2048
[   56.073232][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.079915][ T4627]  loop1: p1 < > p2 p3 < p5 > p4
[   56.087217][ T4627] loop1: partition table partially beyond EOD, truncated
[   56.094441][ T4627] loop1: p1 start 4278190080 is beyond EOD, truncated
[   56.101282][ T4627] loop1: p2 start 16908800 is beyond EOD, truncated
[   56.108611][ T4627] loop1: p4 start 11326 is beyond EOD, truncated
[   56.115009][ T4627] loop1: p5 start 16908800 is beyond EOD, truncated
[   56.159365][ T4631] loop3: detected capacity change from 0 to 1764
[   56.168943][ T4631] iso9660: Corrupted directory entry in block 2 of inode 1920
[   56.382762][ T4646] bond1: entered promiscuous mode
[   56.387843][ T4646] bond1: entered allmulticast mode
[   56.393608][ T4646] 8021q: adding VLAN 0 to HW filter on device bond1
[   56.404148][ T4646] bond1 (unregistering): Released all slaves
[   56.489978][ T4655] loop1: detected capacity change from 0 to 512
[   56.497437][ T4655] EXT4-fs: Ignoring removed nobh option
[   56.508518][ T4653] netlink: 'syz.3.433': attribute type 1 has an invalid length.
[   56.519227][ T4655] EXT4-fs (loop1): mounted filesystem 00800000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.532116][ T4655] ext4 filesystem being mounted at /100/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.544307][ T4655] EXT4-fs error (device loop1): ext4_generic_delete_entry:2687: inode #2: block 3: comm syz.1.434: bad entry in directory: rec_len is too small for name_len - offset=24, inode=11, rec_len=20, size=4096 fake=0
[   56.564953][ T4655] EXT4-fs (loop1): Remounting filesystem read-only
[   56.591096][ T4659] bond0: left allmulticast mode
[   56.596053][ T4659] bond0: left promiscuous mode
[   56.601111][ T4659] bridge0: port 1(bond0) entered disabled state
[   56.735660][   T29] kauditd_printk_skb: 1184 callbacks suppressed
[   56.735675][   T29] audit: type=1400 audit(1734331143.413:3221): avc:  denied  { create } for  pid=4663 comm="syz.3.437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   56.739493][ T4664] loop3: detected capacity change from 0 to 256
[   56.742167][   T29] audit: type=1400 audit(1734331143.413:3222): avc:  denied  { getopt } for  pid=4663 comm="syz.3.437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   56.787140][   T29] audit: type=1400 audit(1734331143.413:3223): avc:  denied  { connect } for  pid=4663 comm="syz.3.437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   56.797444][ T4664] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 198)
[   56.806765][   T29] audit: type=1400 audit(1734331143.413:3224): avc:  denied  { name_connect } for  pid=4663 comm="syz.3.437" dest=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[   56.814730][ T4664] FAT-fs (loop3): Filesystem has been set read-only
[   56.843471][   T29] audit: type=1400 audit(1734331143.413:3225): avc:  denied  { create } for  pid=4663 comm="syz.3.437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   56.862875][   T29] audit: type=1400 audit(1734331143.413:3226): avc:  denied  { connect } for  pid=4663 comm="syz.3.437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   56.882343][   T29] audit: type=1400 audit(1734331143.413:3227): avc:  denied  { write } for  pid=4663 comm="syz.3.437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   56.901853][   T29] audit: type=1400 audit(1734331143.463:3228): avc:  denied  { mount } for  pid=4663 comm="syz.3.437" name="/" dev="loop3" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   56.923698][   T29] audit: type=1400 audit(1734331143.493:3229): avc:  denied  { read } for  pid=2981 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   56.945790][   T29] audit: type=1400 audit(1734331143.493:3230): avc:  denied  { search } for  pid=2981 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   57.030242][ T4670] loop3: detected capacity change from 0 to 128
[   57.202682][ T4684] loop2: detected capacity change from 0 to 2048
[   57.230132][ T4684]  loop2: p3 < > p4 < >
[   57.234409][ T4684] loop2: partition table partially beyond EOD, truncated
[   57.241635][ T4684] loop2: p3 start 4284289 is beyond EOD, truncated
[   57.332760][ T3297] EXT4-fs (loop1): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[   57.369219][ T4688] loop1: detected capacity change from 0 to 2048
[   57.384091][ T4688] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.431889][ T4694] loop2: detected capacity change from 0 to 1764
[   57.442945][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.447097][ T4694] iso9660: Corrupted directory entry in block 2 of inode 1920
[   57.678240][ T4701] loop2: detected capacity change from 0 to 2048
[   57.719846][ T4701]  loop2: p1 < > p2 p3 < p5 > p4
[   57.724800][ T4701] loop2: partition table partially beyond EOD, truncated
[   57.732184][ T4701] loop2: p1 start 4278190080 is beyond EOD, truncated
[   57.739002][ T4701] loop2: p2 start 16908800 is beyond EOD, truncated
[   57.746115][ T4701] loop2: p4 start 11326 is beyond EOD, truncated
[   57.752602][ T4701] loop2: p5 start 16908800 is beyond EOD, truncated
[   58.030388][ T4713] netlink: 'syz.2.455': attribute type 1 has an invalid length.
[   58.067944][ T4715] loop1: detected capacity change from 0 to 1024
[   58.074794][ T4715] EXT4-fs: Ignoring removed orlov option
[   58.113289][ T4715] EXT4-fs: Ignoring removed orlov option
[   58.119176][ T4715] EXT4-fs (loop1): can't enable nombcache during remount
[   58.145685][ T4718] loop2: detected capacity change from 0 to 2048
[   58.266809][ T4732] loop3: detected capacity change from 0 to 2048
[   58.277355][ T4734] loop1: detected capacity change from 0 to 1024
[   58.284335][ T4734] EXT4-fs: Ignoring removed oldalloc option
[   58.291483][ T4732]  loop3: p1 < > p2 p3 < p5 > p4
[   58.296448][ T4732] loop3: partition table partially beyond EOD, truncated
[   58.304021][ T4732] loop3: p1 start 4278190080 is beyond EOD, truncated
[   58.304812][ T4734] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   58.310817][ T4732] loop3: p2 start 16908800 is beyond EOD, truncated
[   58.327856][ T4732] loop3: p4 start 11326 is beyond EOD, truncated
[   58.334254][ T4732] loop3: p5 start 16908800 is beyond EOD, truncated
[   58.399191][ T4740] smc: net device bond0 applied user defined pnetid SYZ0
[   58.406476][ T4740] smc: net device bond0 erased user defined pnetid SYZ0
[   58.520334][ T4750] netlink: 'syz.3.468': attribute type 1 has an invalid length.
[   58.581539][ T4754] loop0: detected capacity change from 0 to 1024
[   58.588520][ T4754] EXT4-fs: Ignoring removed orlov option
[   58.609217][ T4754] EXT4-fs: Ignoring removed orlov option
[   58.615025][ T4754] EXT4-fs (loop0): can't enable nombcache during remount
[   58.822708][ T4764] __nla_validate_parse: 4 callbacks suppressed
[   58.822721][ T4764] netlink: 16 bytes leftover after parsing attributes in process `syz.0.474'.
[   58.929242][ T4774] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4774 comm=syz.2.477
[   58.977197][ T4780] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4780 comm=syz.2.480
[   59.041331][ T4786] loop2: detected capacity change from 0 to 256
[   59.048192][ T4782] netlink: 'syz.0.481': attribute type 1 has an invalid length.
[   59.065244][ T4786] FAT-fs (loop2): Directory bread(block 64) failed
[   59.075045][ T4786] FAT-fs (loop2): Directory bread(block 65) failed
[   59.080533][ T4788] bridge0: port 3(bond0) entered blocking state
[   59.081728][ T4786] FAT-fs (loop2): Directory bread(block 66) failed
[   59.087866][ T4788] bridge0: port 3(bond0) entered disabled state
[   59.088559][ T4788] bond0: entered allmulticast mode
[   59.095737][ T4786] FAT-fs (loop2): Directory bread(block 67) failed
[   59.100670][ T4788] bond_slave_0: entered allmulticast mode
[   59.106229][ T4786] FAT-fs (loop2): Directory bread(block 68) failed
[   59.112269][ T4788] bond_slave_1: entered allmulticast mode
[   59.115692][ T4788] bond0: entered promiscuous mode
[   59.118259][ T4786] FAT-fs (loop2): Directory bread(block 69) failed
[   59.124629][ T4788] bond_slave_0: entered promiscuous mode
[   59.130379][ T4786] FAT-fs (loop2): Directory bread(block 70) failed
[   59.135452][ T4788] bond_slave_1: entered promiscuous mode
[   59.142049][ T4786] FAT-fs (loop2): Directory bread(block 71) failed
[   59.147971][ T4788] bridge0: port 3(bond0) entered blocking state
[   59.154105][ T4786] FAT-fs (loop2): Directory bread(block 72) failed
[   59.159720][ T4788] bridge0: port 3(bond0) entered forwarding state
[   59.166236][ T4786] FAT-fs (loop2): Directory bread(block 73) failed
[   59.238948][ T4786] syz.2.483: attempt to access beyond end of device
[   59.238948][ T4786] loop2: rw=0, sector=1816, nr_sectors = 4 limit=256
[   59.252416][ T4786] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 326)
[   59.260669][ T4786] FAT-fs (loop2): Filesystem has been set read-only
[   59.269582][ T4786] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 326)
[   59.281898][ T3377] IPVS: starting estimator thread 0...
[   59.294529][ T4786] veth2: entered promiscuous mode
[   59.362542][ T4800] bond1: entered promiscuous mode
[   59.367618][ T4800] bond1: entered allmulticast mode
[   59.373279][ T4800] 8021q: adding VLAN 0 to HW filter on device bond1
[   59.383695][ T4800] bond1 (unregistering): Released all slaves
[   59.398171][ T4803] bond0: left allmulticast mode
[   59.403090][ T4803] bond0: left promiscuous mode
[   59.408076][ T4803] bridge0: port 1(bond0) entered disabled state
[   59.414661][ T4795] IPVS: using max 2496 ests per chain, 124800 per kthread
[   59.470542][ T4806] loop1: detected capacity change from 0 to 2048
[   59.512363][ T4812] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4812 comm=syz.3.493
[   59.591430][ T4818] loop3: detected capacity change from 0 to 128
[   59.616146][ T4820] loop0: detected capacity change from 0 to 1024
[   59.643418][ T4820] EXT4-fs: Ignoring removed oldalloc option
[   59.662239][ T4820] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   59.691068][ T4828] x_tables: duplicate underflow at hook 1
[   59.748068][ T4832] netlink: 'syz.3.501': attribute type 1 has an invalid length.
[   59.818731][ T4845] netlink: 4 bytes leftover after parsing attributes in process `syz.3.506'.
[   59.863951][ T4851] bpf_get_probe_write_proto: 17 callbacks suppressed
[   59.863967][ T4851] syz.1.502[4851] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   59.871929][ T4851] syz.1.502[4851] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   59.874186][ T4850] loop4: detected capacity change from 0 to 2048
[   59.883567][ T4851] syz.1.502[4851] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   59.935713][ T4854] loop0: detected capacity change from 0 to 1024
[   59.953958][ T4854] EXT4-fs: Ignoring removed oldalloc option
[   59.963176][ T4854] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   60.052648][ T4864] bond1: entered promiscuous mode
[   60.057800][ T4864] bond1: entered allmulticast mode
[   60.066247][ T4864] 8021q: adding VLAN 0 to HW filter on device bond1
[   60.074020][ T4870] x_tables: duplicate underflow at hook 1
[   60.082831][ T4868] loop2: detected capacity change from 0 to 2048
[   60.093668][ T4864] bond1 (unregistering): Released all slaves
[   60.121207][ T4868]  loop2: p1 < > p2 p3 < p5 > p4
[   60.126196][ T4868] loop2: partition table partially beyond EOD, truncated
[   60.133480][ T4868] loop2: p1 start 4278190080 is beyond EOD, truncated
[   60.140360][ T4868] loop2: p2 start 16908800 is beyond EOD, truncated
[   60.171016][ T4868] loop2: p4 start 11326 is beyond EOD, truncated
[   60.177401][ T4868] loop2: p5 start 16908800 is beyond EOD, truncated
[   60.214428][ T2999]  loop2: p1 < > p2 p3 < p5 > p4
[   60.219475][ T2999] loop2: partition table partially beyond EOD, truncated
[   60.228536][ T2999] loop2: p1 start 4278190080 is beyond EOD, truncated
[   60.235357][ T2999] loop2: p2 start 16908800 is beyond EOD, truncated
[   60.248137][ T2999] loop2: p4 start 11326 is beyond EOD, truncated
[   60.254530][ T2999] loop2: p5 start 16908800 is beyond EOD, truncated
[   60.281817][ T4883] loop3: detected capacity change from 0 to 128
[   60.320441][ T4881] netlink: 16 bytes leftover after parsing attributes in process `syz.1.518'.
[   60.436537][ T4893] syz.0.524[4893] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   60.436721][ T4893] syz.0.524[4893] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   60.474223][ T4893] syz.0.524[4893] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   60.487548][ T4896] loop2: detected capacity change from 0 to 1024
[   60.543776][ T4896] EXT4-fs: Ignoring removed oldalloc option
[   60.560292][ T4896] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   60.633253][ T4908] loop0: detected capacity change from 0 to 128
[   60.691858][ T4912] loop0: detected capacity change from 0 to 1764
[   60.705807][ T4881] dccp_close: ABORT with 52 bytes unread
[   60.712053][ T4912] iso9660: Corrupted directory entry in block 2 of inode 1920
[   60.773791][ T4915] x_tables: duplicate underflow at hook 1
[   60.886524][ T4921] loop2: detected capacity change from 0 to 2048
[   60.918014][ T4924] loop1: detected capacity change from 0 to 2048
[   60.931776][ T4921]  loop2: p1 < > p2 p3 < p5 > p4
[   60.936793][ T4921] loop2: partition table partially beyond EOD, truncated
[   60.948077][ T4921] loop2: p1 start 4278190080 is beyond EOD, truncated
[   60.955033][ T4921] loop2: p2 start 16908800 is beyond EOD, truncated
[   60.964917][ T4921] loop2: p4 start 11326 is beyond EOD, truncated
[   60.971368][ T4921] loop2: p5 start 16908800 is beyond EOD, truncated
[   61.001063][ T4929] syz.3.537[4929] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   61.001163][ T4929] syz.3.537[4929] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   61.012618][ T4929] syz.3.537[4929] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   61.132200][ T4933] loop1: detected capacity change from 0 to 1024
[   61.168659][ T4933] EXT4-fs: Ignoring removed oldalloc option
[   61.182806][ T4933] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   61.190290][ T4938] FAULT_INJECTION: forcing a failure.
[   61.190290][ T4938] name failslab, interval 1, probability 0, space 0, times 0
[   61.205160][ T4938] CPU: 0 UID: 0 PID: 4938 Comm: syz.0.539 Not tainted 6.13.0-rc3-syzkaller #0
[   61.214106][ T4938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[   61.224192][ T4938] Call Trace:
[   61.227488][ T4938]  <TASK>
[   61.230473][ T4938]  dump_stack_lvl+0xf2/0x150
[   61.235110][ T4938]  dump_stack+0x15/0x1a
[   61.239296][ T4938]  should_fail_ex+0x223/0x230
[   61.244062][ T4938]  should_failslab+0x8f/0xb0
[   61.248659][ T4938]  kmem_cache_alloc_noprof+0x52/0x320
[   61.254041][ T4938]  ? audit_log_start+0x34c/0x6b0
[   61.259033][ T4938]  audit_log_start+0x34c/0x6b0
[   61.263863][ T4938]  audit_seccomp+0x4b/0x130
[   61.268533][ T4938]  __seccomp_filter+0x6fa/0x1180
[   61.273484][ T4938]  ? poll_select_finish+0x15f/0x420
[   61.278808][ T4938]  __secure_computing+0x9f/0x1c0
[   61.283768][ T4938]  syscall_trace_enter+0xd1/0x1f0
[   61.288813][ T4938]  ? fpregs_assert_state_consistent+0x83/0xa0
[   61.295071][ T4938]  do_syscall_64+0xaa/0x1c0
[   61.299602][ T4938]  ? clear_bhb_loop+0x55/0xb0
[   61.304426][ T4938]  ? clear_bhb_loop+0x55/0xb0
[   61.309184][ T4938]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.315110][ T4938] RIP: 0033:0x7f0fde17472c
[   61.319542][ T4938] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   61.339322][ T4938] RSP: 002b:00007f0fdc7e1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   61.347777][ T4938] RAX: ffffffffffffffda RBX: 00007f0fde365fa0 RCX: 00007f0fde17472c
[   61.355764][ T4938] RDX: 000000000000000f RSI: 00007f0fdc7e10a0 RDI: 0000000000000005
[   61.363784][ T4938] RBP: 00007f0fdc7e1090 R08: 0000000000000000 R09: 0000000000000000
[   61.371815][ T4938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.379811][ T4938] R13: 0000000000000000 R14: 00007f0fde365fa0 R15: 00007ffcebf23d18
[   61.387799][ T4938]  </TASK>
[   61.499402][ T4952] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4952 comm=syz.1.545
[   61.526655][ T4956] loop4: detected capacity change from 0 to 1024
[   61.548559][ T4960] loop2: detected capacity change from 0 to 512
[   61.558570][ T4956] EXT4-fs: Ignoring removed orlov option
[   61.575948][ T4960] ext4 filesystem being mounted at /111/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   61.582701][ T4962] loop1: detected capacity change from 0 to 1764
[   61.598581][ T4956] EXT4-fs: Ignoring removed orlov option
[   61.606095][ T4962] iso9660: Corrupted directory entry in block 2 of inode 1920
[   61.614837][ T4956] EXT4-fs (loop4): can't enable nombcache during remount
[   61.631483][ T4967] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[   61.653751][ T4968] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[   61.738203][ T4970] loop0: detected capacity change from 0 to 1764
[   61.772688][ T4972] loop4: detected capacity change from 0 to 2048
[   61.793456][ T4975] sch_tbf: burst 1 is lower than device lo mtu (14) !
[   61.801482][ T4970] iso9660: Corrupted directory entry in block 2 of inode 1920
[   61.812565][ T4972]  loop4: p1 < > p2 p3 < p5 > p4
[   61.817517][ T4972] loop4: partition table partially beyond EOD, truncated
[   61.825051][ T4972] loop4: p1 start 4278190080 is beyond EOD, truncated
[   61.830224][   T29] kauditd_printk_skb: 2721 callbacks suppressed
[   61.830240][   T29] audit: type=1326 audit(1734331148.493:5948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4974 comm="syz.2.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6116b35d19 code=0x7ffc0000
[   61.831937][ T4972] loop4: p2 start 16908800 is beyond EOD, 
[   61.838128][   T29] audit: type=1326 audit(1734331148.493:5949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4974 comm="syz.2.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6116b35d19 code=0x7ffc0000
[   61.861436][ T4972] truncated
[   61.893749][   T29] audit: type=1326 audit(1734331148.493:5950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4974 comm="syz.2.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6116b35d19 code=0x7ffc0000
[   61.917160][   T29] audit: type=1326 audit(1734331148.493:5951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4974 comm="syz.2.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f6116b35d19 code=0x7ffc0000
[   61.941112][   T29] audit: type=1326 audit(1734331148.543:5952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4974 comm="syz.2.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6116b35d19 code=0x7ffc0000
[   61.964525][   T29] audit: type=1326 audit(1734331148.543:5953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4974 comm="syz.2.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6116b35d19 code=0x7ffc0000
[   61.974253][ T4975] netlink: 'syz.2.553': attribute type 21 has an invalid length.
[   61.987870][   T29] audit: type=1326 audit(1734331148.603:5954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4974 comm="syz.2.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6116b35d19 code=0x7ffc0000
[   62.018920][   T29] audit: type=1326 audit(1734331148.603:5955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4974 comm="syz.2.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6116b35d19 code=0x7ffc0000
[   62.042361][   T29] audit: type=1326 audit(1734331148.603:5956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4974 comm="syz.2.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f6116b35d19 code=0x7ffc0000
[   62.065716][   T29] audit: type=1326 audit(1734331148.643:5957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4974 comm="syz.2.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6116b35d19 code=0x7ffc0000
[   62.091118][ T4975] netlink: 144 bytes leftover after parsing attributes in process `syz.2.553'.
[   62.118624][ T4972] loop4: p4 start 11326 is beyond EOD, truncated
[   62.118679][ T4972] loop4: p5 start 16908800 is beyond EOD, truncated
[   62.152608][ T4984] netlink: 'syz.1.556': attribute type 1 has an invalid length.
[   62.264119][ T2999]  loop4: p1 < > p2 p3 < p5 > p4
[   62.269092][ T2999] loop4: partition table partially beyond EOD, truncated
[   62.283056][ T2999] loop4: p1 start 4278190080 is beyond EOD, truncated
[   62.289901][ T2999] loop4: p2 start 16908800 is beyond EOD, truncated
[   62.308167][ T2999] loop4: p4 start 11326 is beyond EOD, truncated
[   62.314641][ T2999] loop4: p5 start 16908800 is beyond EOD, truncated
[   62.460574][ T3289] udevd[3289]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[   62.517705][ T4995] devtmpfs: Bad value for 'mode'
[   62.558415][ T4998] kernel profiling enabled (shift: 17)
[   62.580153][ T4998] loop4: detected capacity change from 0 to 512
[   62.620264][ T4998] EXT4-fs: Ignoring removed nobh option
[   62.650499][ T4998] ext4 filesystem being mounted at /108/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.673240][ T4998] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.563: bg 0: block 224: padding at end of block bitmap is not set
[   62.687949][ T4998] EXT4-fs (loop4): Remounting filesystem read-only
[   62.695769][ T4998] EXT4-fs warning (device loop4): ext4_xattr_inode_lookup_create:1605: inode #18: comm syz.4.563: cleanup dec ref error -117
[   62.832885][ T5021] netlink: 'syz.4.571': attribute type 1 has an invalid length.
[   63.003291][ T5037] loop4: detected capacity change from 0 to 128
[   63.030327][ T5037] tmpfs: Invalid uid '0x00000000ffffffff'
[   63.115088][ T5044] x_tables: duplicate underflow at hook 1
[   63.201076][ T5052] smc: net device bond0 applied user defined pnetid SYZ0
[   63.218102][ T5054] loop0: detected capacity change from 0 to 1024
[   63.227091][ T5054] EXT4-fs: Ignoring removed oldalloc option
[   63.238246][ T5054] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   63.247975][ T5050] loop4: detected capacity change from 0 to 2048
[   63.332344][ T5069] loop1: detected capacity change from 0 to 512
[   63.343608][ T5069] EXT4-fs (loop1): orphan cleanup on readonly fs
[   63.363478][ T5069] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.587: bg 0: block 248: padding at end of block bitmap is not set
[   63.378862][ T5069] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.587: Failed to acquire dquot type 1
[   63.401830][ T5069] EXT4-fs (loop1): 1 truncate cleaned up
[   63.483331][ T5084] loop2: detected capacity change from 0 to 128
[   63.555999][ T5093] bond1: entered promiscuous mode
[   63.561220][ T5093] bond1: entered allmulticast mode
[   63.566647][ T5093] 8021q: adding VLAN 0 to HW filter on device bond1
[   63.576673][ T5093] bond1 (unregistering): Released all slaves
[   63.604257][ T5091] loop4: detected capacity change from 0 to 2048
[   63.604581][ T5098] FAULT_INJECTION: forcing a failure.
[   63.604581][ T5098] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   63.623699][ T5098] CPU: 0 UID: 0 PID: 5098 Comm: syz.1.595 Not tainted 6.13.0-rc3-syzkaller #0
[   63.632570][ T5098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[   63.642636][ T5098] Call Trace:
[   63.645951][ T5098]  <TASK>
[   63.648875][ T5098]  dump_stack_lvl+0xf2/0x150
[   63.653485][ T5098]  dump_stack+0x15/0x1a
[   63.657676][ T5098]  should_fail_ex+0x223/0x230
[   63.662415][ T5098]  should_fail+0xb/0x10
[   63.666578][ T5098]  should_fail_usercopy+0x1a/0x20
[   63.671635][ T5098]  _copy_to_user+0x20/0xa0
[   63.676060][ T5098]  simple_read_from_buffer+0xa0/0x110
[   63.681492][ T5098]  proc_fail_nth_read+0xf9/0x140
[   63.686442][ T5098]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   63.692131][ T5098]  vfs_read+0x1a2/0x700
[   63.696287][ T5098]  ? __se_sys_statx+0x1f1/0x270
[   63.701155][ T5098]  ? __rcu_read_unlock+0x4e/0x70
[   63.706171][ T5098]  ? __fget_files+0x17c/0x1c0
[   63.710903][ T5098]  ksys_read+0xe8/0x1b0
[   63.715122][ T5098]  __x64_sys_read+0x42/0x50
[   63.719783][ T5098]  x64_sys_call+0x2874/0x2dc0
[   63.724470][ T5098]  do_syscall_64+0xc9/0x1c0
[   63.728981][ T5098]  ? clear_bhb_loop+0x55/0xb0
[   63.733718][ T5098]  ? clear_bhb_loop+0x55/0xb0
[   63.738506][ T5098]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.744411][ T5098] RIP: 0033:0x7f935d9a472c
[   63.748823][ T5098] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   63.768429][ T5098] RSP: 002b:00007f935c011030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   63.776842][ T5098] RAX: ffffffffffffffda RBX: 00007f935db95fa0 RCX: 00007f935d9a472c
[   63.784807][ T5098] RDX: 000000000000000f RSI: 00007f935c0110a0 RDI: 0000000000000003
[   63.792845][ T5098] RBP: 00007f935c011090 R08: 0000000000000000 R09: 0000000000000000
[   63.800873][ T5098] R10: 0000000000000080 R11: 0000000000000246 R12: 0000000000000001
[   63.808839][ T5098] R13: 0000000000000001 R14: 00007f935db95fa0 R15: 00007ffd440445b8
[   63.816811][ T5098]  </TASK>
[   63.838265][ T5099] syz.4.592[5099] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   63.842601][ T5091]  loop4: p3 < > p4 < >
[   63.852618][ T5101] x_tables: duplicate underflow at hook 1
[   63.853885][ T5091] loop4: partition table partially beyond EOD, truncated
[   63.872761][ T5091] loop4: p3 start 4284289 is beyond EOD, truncated
[   63.899784][ T5091] netlink: 4 bytes leftover after parsing attributes in process `syz.4.592'.
[   63.908740][ T5091] netlink: 4 bytes leftover after parsing attributes in process `syz.4.592'.
[   63.919187][ T5105] capability: warning: `syz.1.598' uses deprecated v2 capabilities in a way that may be insecure
[   63.930600][ T5091] netlink: 4 bytes leftover after parsing attributes in process `syz.4.592'.
[   63.947692][ T3289] udevd[3289]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   64.120720][ T5119] loop4: detected capacity change from 0 to 128
[   64.362436][ T5139] netlink: 'syz.0.610': attribute type 1 has an invalid length.
[   64.412942][ T5141] serio: Serial port ptm0
[   64.466275][ T5149] Zero length message leads to an empty skb
[   64.466769][ T5150] netlink: 48 bytes leftover after parsing attributes in process `syz.4.611'.
[   64.688927][ T5167] bond1: entered promiscuous mode
[   64.694108][ T5167] bond1: entered allmulticast mode
[   64.699899][ T5167] 8021q: adding VLAN 0 to HW filter on device bond1
[   64.711697][ T5167] bond1 (unregistering): Released all slaves
[   64.897734][ T5186] netlink: 132 bytes leftover after parsing attributes in process `syz.1.630'.
[   64.916875][ T5188] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[   64.967264][ T5190] loop3: detected capacity change from 0 to 1024
[   64.981918][ T5192] loop1: detected capacity change from 0 to 512
[   64.998118][ T5190] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.632: Failed to acquire dquot type 0
[   65.025110][ T5192] EXT4-fs: Ignoring removed orlov option
[   65.038213][ T5190] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[   65.042038][ T5192] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   65.066328][ T5190] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #13: comm syz.3.632: corrupted inode contents
[   65.067678][ T5200] netlink: 32 bytes leftover after parsing attributes in process `syz.4.636'.
[   65.088820][ T5192] EXT4-fs (loop1): orphan cleanup on readonly fs
[   65.095857][ T5192] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.633: bg 0: block 248: padding at end of block bitmap is not set
[   65.110479][ T5192] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.633: Failed to acquire dquot type 1
[   65.112957][ T5190] EXT4-fs error (device loop3): ext4_dirty_inode:6041: inode #13: comm syz.3.632: mark_inode_dirty error
[   65.123629][ T5192] EXT4-fs (loop1): 1 truncate cleaned up
[   65.136972][ T5190] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #13: comm syz.3.632: corrupted inode contents
[   65.140420][ T5200] netlink: 8 bytes leftover after parsing attributes in process `syz.4.636'.
[   65.153328][ T5190] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #13: comm syz.3.632: mark_inode_dirty error
[   65.173083][ T5190] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #13: comm syz.3.632: corrupted inode contents
[   65.191877][ T5190] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[   65.200716][ T5190] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #13: comm syz.3.632: corrupted inode contents
[   65.213510][ T5190] EXT4-fs error (device loop3): ext4_truncate:4240: inode #13: comm syz.3.632: mark_inode_dirty error
[   65.225033][ T5190] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[   65.235270][ T5192] EXT4-fs: Ignoring removed orlov option
[   65.242531][ T5192] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   65.251686][ T5192] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[   65.263161][ T5208] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5208 comm=syz.4.638
[   65.264614][ T5190] EXT4-fs (loop3): 1 truncate cleaned up
[   65.282282][ T5192] EXT4-fs error (device loop1): __ext4_remount:6749: comm syz.1.633: Abort forced by user
[   65.293997][ T5192] EXT4-fs (loop1): Remounting filesystem read-only
[   65.301405][ T5192] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[   65.312922][ T5192] ext4 filesystem being remounted at /136/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   65.356782][ T5211] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5211 comm=syz.1.640
[   65.448822][ T3298] EXT4-fs error (device loop3): ext4_readdir:261: inode #11: block 74: comm syz-executor: path /121/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=768, inode=0, rec_len=0, size=1024 fake=0
[   65.476273][ T3298] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz-executor: Failed to acquire dquot type 0
[   65.602779][ T5226] bpf_get_probe_write_proto: 8 callbacks suppressed
[   65.602795][ T5226] syz.0.646[5226] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   65.609778][ T5226] syz.0.646[5226] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   65.623437][ T5226] syz.0.646[5226] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   65.646913][ T5226] netlink: 4 bytes leftover after parsing attributes in process `syz.0.646'.
[   65.667968][ T5226] netlink: 4 bytes leftover after parsing attributes in process `syz.0.646'.
[   65.677726][ T5226] netlink: 4 bytes leftover after parsing attributes in process `syz.0.646'.
[   65.696999][ T5232] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5232 comm=syz.2.649
[   65.728957][ T5234] bond1: entered promiscuous mode
[   65.734154][ T5234] bond1: entered allmulticast mode
[   65.739593][ T5234] 8021q: adding VLAN 0 to HW filter on device bond1
[   65.761857][ T5234] bond1 (unregistering): Released all slaves
[   65.876771][  T286] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.924214][ T5248] loop2: detected capacity change from 0 to 2048
[   65.958371][ T5253] loop4: detected capacity change from 0 to 2048
[   65.969029][  T286] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.030781][ T5253]  loop4: p1 < > p2 p3 < p5 > p4
[   66.035863][ T5253] loop4: partition table partially beyond EOD, truncated
[   66.045860][  T286] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.063554][ T5253] loop4: p1 start 4278190080 is beyond EOD, truncated
[   66.070415][ T5253] loop4: p2 start 16908800 is beyond EOD, truncated
[   66.092580][ T5253] loop4: p4 start 11326 is beyond EOD, truncated
[   66.098966][ T5253] loop4: p5 start 16908800 is beyond EOD, truncated
[   66.109194][  T286] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.138331][ T2999]  loop4: p1 < > p2 p3 < p5 > p4
[   66.143346][ T2999] loop4: partition table partially beyond EOD, truncated
[   66.156139][ T2999] loop4: p1 start 4278190080 is beyond EOD, truncated
[   66.159162][ T5272] loop2: detected capacity change from 0 to 1764
[   66.163713][ T2999] loop4: p2 start 16908800 is beyond EOD, truncated
[   66.178587][ T2999] loop4: p4 start 11326 is beyond EOD, truncated
[   66.184975][ T2999] loop4: p5 start 16908800 is beyond EOD, truncated
[   66.198801][ T5274] x_tables: duplicate underflow at hook 1
[   66.209217][ T5272] iso9660: Corrupted directory entry in block 2 of inode 1920
[   66.362244][  T286] bond0 (unregistering): Released all slaves
[   66.372569][ T5256] chnl_net:caif_netlink_parms(): no params data found
[   66.434231][ T5286] loop4: detected capacity change from 0 to 2048
[   66.450505][  T286] hsr_slave_0: left promiscuous mode
[   66.456574][  T286] hsr_slave_1: left promiscuous mode
[   66.465338][  T286] veth1_macvtap: left promiscuous mode
[   66.470956][  T286] veth0_macvtap: left promiscuous mode
[   66.476921][ T5286]  loop4: p3 < > p4 < >
[   66.481866][ T5286] loop4: partition table partially beyond EOD, truncated
[   66.489226][ T5286] loop4: p3 start 4284289 is beyond EOD, truncated
[   66.501618][ T5286] syz.4.666[5286] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.501723][ T5286] syz.4.666[5286] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.514040][ T5286] syz.4.666[5286] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.588662][ T3289] udevd[3289]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   66.749348][ T5256] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.756578][ T5256] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.779689][ T5256] bridge_slave_0: entered allmulticast mode
[   66.805388][ T5256] bridge_slave_0: entered promiscuous mode
[   66.814780][ T5256] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.821924][ T5256] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.831562][ T5256] bridge_slave_1: entered allmulticast mode
[   66.839055][ T5256] bridge_slave_1: entered promiscuous mode
[   66.848617][ T5317] loop2: detected capacity change from 0 to 2048
[   66.889599][ T5256] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   66.901934][ T5256] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   66.952365][ T3307] EXT4-fs unmount: 41 callbacks suppressed
[   66.952429][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.952725][ T5256] team0: Port device team_slave_0 added
[   66.988015][ T5256] team0: Port device team_slave_1 added
[   67.038408][ T5256] batman_adv: batadv0: Adding interface: batadv_slave_0
[   67.045505][ T5256] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   67.071871][ T5256] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   67.092536][ T5256] batman_adv: batadv0: Adding interface: batadv_slave_1
[   67.099675][ T5256] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   67.125789][ T5256] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   67.197234][ T5256] hsr_slave_0: entered promiscuous mode
[   67.204063][ T5256] hsr_slave_1: entered promiscuous mode
[   67.211836][ T5344] loop1: detected capacity change from 0 to 512
[   67.236647][ T5344] EXT4-fs (loop1): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   67.260836][ T5344] __quota_error: 812 callbacks suppressed
[   67.260852][ T5344] Quota error (device loop1): v2_read_file_info: Free block number 58381 out of range (1, 6).
[   67.277004][ T5344] EXT4-fs warning (device loop1): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   67.295215][   T29] audit: type=1400 audit(1734331153.973:6758): avc:  denied  { setopt } for  pid=5343 comm="syz.1.673" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   67.346285][ T5256] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   67.359673][   T29] audit: type=1400 audit(1734331154.033:6759): avc:  denied  { nlmsg_read } for  pid=5343 comm="syz.1.673" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   67.401410][ T5256] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   67.435816][ T5256] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   67.453845][ T5256] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   67.460681][   T29] audit: type=1400 audit(1734331154.133:6760): avc:  denied  { sys_chroot } for  pid=5367 comm="dhcpcd" capability=18  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[   67.482675][   T29] audit: type=1400 audit(1734331154.133:6761): avc:  denied  { setgid } for  pid=5367 comm="dhcpcd" capability=6  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[   67.503813][   T29] audit: type=1400 audit(1734331154.133:6762): avc:  denied  { setuid } for  pid=5367 comm="dhcpcd" capability=7  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[   67.525353][   T29] audit: type=1400 audit(1734331154.133:6763): avc:  denied  { setrlimit } for  pid=5367 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1
[   67.590127][ T5370] syz.2.675[5370] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   67.590228][ T5370] syz.2.675[5370] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   67.608284][ T5370] syz.2.675[5370] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   67.622512][ T5256] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.647444][ T5370] netlink: 'syz.2.675': attribute type 10 has an invalid length.
[   67.647623][ T5256] 8021q: adding VLAN 0 to HW filter on device team0
[   67.680267][ T5370] 8021q: adding VLAN 0 to HW filter on device batadv0
[   67.689173][ T3297] EXT4-fs (loop1): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[   67.713317][ T5372] loop2: detected capacity change from 0 to 512
[   67.748677][   T29] audit: type=1400 audit(1734331154.423:6764): avc:  denied  { read write } for  pid=5383 comm="syz.4.677" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   67.754655][ T5372] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[   67.772886][   T29] audit: type=1400 audit(1734331154.423:6765): avc:  denied  { open } for  pid=5383 comm="syz.4.677" path="/dev/raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   67.818258][ T5372] EXT4-fs (loop2): 1 truncate cleaned up
[   67.824678][ T1735] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.831865][ T1735] bridge0: port 1(bridge_slave_0) entered forwarding state
[   67.842884][ T1735] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.850050][ T1735] bridge0: port 2(bridge_slave_1) entered forwarding state
[   67.860009][ T5372] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.911480][ T5388] loop1: detected capacity change from 0 to 1764
[   67.941168][ T5388] iso9660: Corrupted directory entry in block 2 of inode 1920
[   67.955067][ T5256] 8021q: adding VLAN 0 to HW filter on device batadv0
[   67.963905][   T29] audit: type=1400 audit(1734331154.643:6766): avc:  denied  { create } for  pid=5368 comm="syz.2.675" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   67.963979][ T5370] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters
[   68.086480][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.253116][ T5256] veth0_vlan: entered promiscuous mode
[   68.269072][ T5256] veth1_vlan: entered promiscuous mode
[   68.298230][ T5256] veth0_macvtap: entered promiscuous mode
[   68.309346][ T5256] veth1_macvtap: entered promiscuous mode
[   68.331655][ T5256] batman_adv: batadv0: Interface activated: batadv_slave_0
[   68.343585][ T5256] batman_adv: batadv0: Interface activated: batadv_slave_1
[   68.352613][ T5256] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   68.361462][ T5256] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   68.370253][ T5256] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   68.379021][ T5256] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   68.414508][ T3377] ==================================================================
[   68.422631][ T3377] BUG: KCSAN: data-race in wg_index_hashtable_insert / wg_index_hashtable_lookup
[   68.431765][ T3377] 
[   68.434119][ T3377] write to 0xffff88811935b8bc of 4 bytes by task 3374 on cpu 1:
[   68.441751][ T3377]  wg_index_hashtable_insert+0xe2/0x2a0
[   68.447327][ T3377]  wg_noise_handshake_create_response+0x529/0x5d0
[   68.453758][ T3377]  wg_packet_send_handshake_response+0x6e/0x120
[   68.460005][ T3377]  wg_packet_handshake_receive_worker+0x3ed/0x5f0
[   68.466419][ T3377]  process_scheduled_works+0x483/0x9a0
[   68.471889][ T3377]  worker_thread+0x51d/0x6f0
[   68.476492][ T3377]  kthread+0x1d1/0x210
[   68.480563][ T3377]  ret_from_fork+0x4b/0x60
[   68.484980][ T3377]  ret_from_fork_asm+0x1a/0x30
[   68.489756][ T3377] 
[   68.492094][ T3377] read to 0xffff88811935b8bc of 4 bytes by task 3377 on cpu 0:
[   68.499636][ T3377]  wg_index_hashtable_lookup+0x5b/0x120
[   68.505186][ T3377]  wg_noise_handshake_consume_response+0x12c/0x720
[   68.511705][ T3377]  wg_packet_handshake_receive_worker+0x3fb/0x5f0
[   68.518129][ T3377]  process_scheduled_works+0x483/0x9a0
[   68.523598][ T3377]  worker_thread+0x51d/0x6f0
[   68.528198][ T3377]  kthread+0x1d1/0x210
[   68.532275][ T3377]  ret_from_fork+0x4b/0x60
[   68.536699][ T3377]  ret_from_fork_asm+0x1a/0x30
[   68.541467][ T3377] 
[   68.543787][ T3377] value changed: 0xbd6d8b50 -> 0xc1807031
[   68.549503][ T3377] 
[   68.551827][ T3377] Reported by Kernel Concurrency Sanitizer on:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[   68.557973][ T3377] CPU: 0 UID: 0 PID: 3377 Comm: kworker/0:3 Not tainted 6.13.0-rc3-syzkaller #0
[   68.566996][ T3377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[   68.577056][ T3377] Workqueue: wg-kex-wg0 wg_packet_handshake_receive_worker
[   68.584264][ T3377] ==================================================================
[   68.665809][ T5453] loop4: detected capacity change from 0 to 1024
[   68.674456][ T5453] EXT4-fs: Ignoring removed oldalloc option
[   68.739448][ T5453] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   68.788787][ T5453] EXT4-fs warning (device loop4): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop4.
[   68.912636][   T28] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.023324][   T28] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.083723][   T28] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.142087][   T28] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.311686][   T28] bond0 (unregistering): Released all slaves
[   69.385826][   T28] hsr_slave_0: left promiscuous mode
[   69.391629][   T28] hsr_slave_1: left promiscuous mode
[   69.399612][   T28] veth1_macvtap: left promiscuous mode
[   69.405163][   T28] veth0_macvtap: left promiscuous mode
[   69.411396][   T28] veth1_vlan: left promiscuous mode
[   69.416633][   T28] veth0_vlan: left promiscuous mode
[   69.752617][   T28] IPVS: stop unused estimator thread 0...
[   69.813830][   T28] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.861812][   T28] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.921084][   T28] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.982389][   T28] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.043916][   T28] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.112057][   T28] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.162058][   T28] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.212638][   T28] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.278210][   T28] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.322132][   T28] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.382149][   T28] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.432687][   T28] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.496699][   T28] bond0: left allmulticast mode
[   70.501606][   T28] bond_slave_0: left allmulticast mode
[   70.507134][   T28] bond_slave_1: left allmulticast mode
[   70.512663][   T28] bond0: left promiscuous mode
[   70.517455][   T28] bond_slave_0: left promiscuous mode
[   70.522997][   T28] bond_slave_1: left promiscuous mode
[   70.528613][   T28] bridge0: port 3(bond0) entered disabled state
[   70.538204][   T28] bridge_slave_1: left allmulticast mode
[   70.543972][   T28] bridge_slave_1: left promiscuous mode
[   70.549651][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.559713][   T28] bridge_slave_0: left allmulticast mode
[   70.565436][   T28] bridge_slave_0: left promiscuous mode
[   70.571131][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.851211][   T28] bond0 (unregistering): Released all slaves
[   70.860242][   T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   70.870710][   T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   70.880372][   T28] bond0 (unregistering): Released all slaves
[   70.888716][   T28] bond0 (unregistering): Released all slaves
[   70.938663][   T28] hsr_slave_0: left promiscuous mode
[   70.944556][   T28] hsr_slave_1: left promiscuous mode
[   70.952597][   T28] hsr_slave_0: left promiscuous mode
[   70.958372][   T28] hsr_slave_1: left promiscuous mode
[   70.965744][   T28] hsr_slave_0: left promiscuous mode
[   70.972451][   T28] hsr_slave_1: left promiscuous mode
[   70.983647][   T28] veth1_macvtap: left promiscuous mode
[   70.989154][   T28] veth0_macvtap: left promiscuous mode
[   70.994742][   T28] veth1_vlan: left promiscuous mode
[   71.000077][   T28] veth0_vlan: left promiscuous mode
[   71.006890][   T28] veth1_macvtap: left promiscuous mode
[   71.012465][   T28] veth0_macvtap: left promiscuous mode
[   71.018041][   T28] veth1_vlan: left promiscuous mode
[   71.023352][   T28] veth0_vlan: left promiscuous mode
[   71.030428][   T28] veth1_macvtap: left promiscuous mode
[   71.035920][   T28] veth0_macvtap: left promiscuous mode
[   71.041499][   T28] veth1_vlan: left promiscuous mode
[   71.046746][   T28] veth0_vlan: left promiscuous mode
[   71.208538][   T28] team0 (unregistering): Port device team_slave_1 removed
[   71.218104][   T28] team0 (unregistering): Port device team_slave_0 removed
[   71.782901][   T28] IPVS: stop unused estimator thread 0...
[   71.842883][   T28] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.152128][   T28] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.202097][   T28] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.232304][   T28] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.300969][   T28] bridge_slave_1: left allmulticast mode
[   72.306700][   T28] bridge_slave_1: left promiscuous mode
[   72.312454][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.320191][   T28] bridge_slave_0: left allmulticast mode
[   72.325876][   T28] bridge_slave_0: left promiscuous mode
[   72.331678][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.401962][   T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   72.411819][   T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   72.421309][   T28] bond0 (unregistering): Released all slaves
[   72.453245][   T28] hsr_slave_0: left promiscuous mode
[   72.458932][   T28] hsr_slave_1: left promiscuous mode
[   72.464662][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   72.472097][   T28] batman_adv: batadv0: Removing interface: batadv_slave_0
[   72.479822][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   72.487222][   T28] batman_adv: batadv0: Removing interface: batadv_slave_1
[   72.496704][   T28] veth1_macvtap: left promiscuous mode
[   72.502233][   T28] veth0_macvtap: left promiscuous mode
[   72.507746][   T28] veth1_vlan: left promiscuous mode
[   72.513075][   T28] veth0_vlan: left promiscuous mode
[   72.583293][   T28] team0 (unregistering): Port device team_slave_1 removed
[   72.592616][   T28] team0 (unregistering): Port device team_slave_0 removed