last executing test programs:

12.092721404s ago: executing program 2 (id=950):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB='\a\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="080000000000007b8af8ff00000000bfa2000000000a0007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r3)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000340), 0x0)
r4 = open(&(0x7f00009e1000)='./file0\x00', 0x840, 0x0)
fcntl$setlease(r4, 0x400, 0x0)
fcntl$setlease(r4, 0x400, 0x2)
socket$unix(0x1, 0x5, 0x0)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
openat(r5, &(0x7f00000000c0)='./file0\x00', 0x6a1c2, 0x50)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r6)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x200000}, 0x1c)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)

11.836658284s ago: executing program 2 (id=963):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r0)

11.705626895s ago: executing program 2 (id=966):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c756e695f786c6174653d312c757466383d312c757466383d312c646973636172642c757466383d302c756e695f786c6174653d302c666c7573682c73686f72746e616d653d6d697865642c73686f72746e616d653d6c6f7765722c646f733178666c6f7070792c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c757466382c0014697a7960fb374b723f64329787434c6c9f891d2e309efaf1d4e529e1ba0f697fedffb095592bc19d5a8f8141ee9bf46262f3a2b1452bf206c0e2ae8a465e6e1be6eeb5d588035a24458d476fc1f9a234cdc4ba352a4185614ce67df4870bff796357ee95fffb99cde9"], 0xfe, 0x2ae, &(0x7f0000000a40)="$eJzs3c9qY1UYAPDvpkka7SJZuBLBu5iFG8tkti7MIBXErpQs/AM6ODMwNGGggcCoGGblE7hw4Xu4cy+48Q0EH8CdgxSO3NzbJLZp2rSmlfr7bXo45/vu+U7uabO43NPPXxsePHw6evz869+i1cqi1otevMiiE7U4lioBANwKL1KKPy71/V6vbaomAGCzFr7/G2eEbJ/uenvTZQEAG/ThRx+/f39/f++DPG9FDL8d97Mof5bj9x/HkxjEo7gb7TiaPwtIqWy/+97+XtTzQifuDCfjfpE5/OyXxccGRX432tFZnt/NSwv5k3G/ES9HZFnEk15RyL1oxyun8ovxvXtL8qPfjDda1SKL+XejHb9+EU9jEA+nzzTm83/TzfN30nd/fvVJEVzkZ5Nxf3saN5e2rvveAAAAAAAAAAAAAAAAAAAAAABwe+3mM524Myy6qvN3to6m47v/GJ+er1Objpf5WURz2jhxPtAkxQ/H5+vczfM8ZWX8/Hyferxaj/qNLRwAAAAAAAAAAAAAAAAAAAD+Q0bPvjx4MBg8OvxXGtVL/rPX+i97nd5Cz+uxOnh7rbliqwovaj0Z0/350+Gsp1jEZYofN/KIVTU3TvW8VNRz/pX/SimlLIu42m1qXGSucxo7q2OKD/in73fePHiQnfcZto5v3I+LQ804HD07cU8jW6fCtNb2a66IaVY75kLX2bniL9Fbv5eTVT3ZGqtoVI04a/u11trP1/c3CAAAAAAAAAAAAAAAAAAAKM1f+l0y+Hxlam1jRQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADANZv///81GpMqeXlMSmky62nG4eiGlwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/wN8BAAD//7DYbww=")
r3 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r2, r3, 0x0, 0x800000009)

11.705131385s ago: executing program 2 (id=967):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000c40)='./file0/file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
recvmsg$unix(r0, &(0x7f0000000bc0)={&(0x7f0000000880)=@abs, 0x6e, &(0x7f0000000b00)=[{&(0x7f0000000600)=""/24, 0x18}, {&(0x7f0000000680)=""/63, 0x3f}, {&(0x7f0000000900)=""/89, 0x59}, {&(0x7f0000000980)=""/231, 0xe7}, {&(0x7f0000000a80)=""/73, 0x49}], 0x5, &(0x7f0000000b80)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0x38}, 0x110)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r0, 0xe0, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x3, 0x7, &(0x7f00000003c0)=[0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x18, &(0x7f0000000440)=[{}], 0x8, 0x10, &(0x7f0000000480), &(0x7f00000004c0), 0x8, 0x72, 0x8, 0x8, &(0x7f0000000500)}}, 0x10)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000580)=0xffffffffffffffff, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000800)=@base={0x4, 0x1, 0x3b, 0x80000001, 0x54220, r0, 0xfffffffe, '\x00', r1, r2, 0x2, 0x4, 0x3, 0x0, @void, @value, @value=r0}, 0x50)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r3, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x4e23, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x58, 0x114, 0x1, {{}, {0x0}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}], 0x1, 0x1}}], 0x48, 0x20000801}, 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1d0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x2a05004, 0x0)
umount2(&(0x7f0000000300)='./file0/file0/file0\x00', 0x1)

11.690474526s ago: executing program 2 (id=968):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x40, 0x10, 0x49920d862a92153b, 0x0, 0x25dfdbfb, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_FWMARK={0x8, 0x14, 0x4}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x40}}, 0x0) (fail_nth: 19)

11.484578803s ago: executing program 2 (id=972):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.numa_stat\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x8004587d, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80000000000})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000400180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x2}, 0x18)
r3 = syz_open_dev$vcsn(&(0x7f0000000180), 0x0, 0x26642)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r4}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
get_robust_list(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$security_capability(r3, &(0x7f0000000280), &(0x7f0000000380)=@v3={0x3000000, [{0x5, 0x82}, {0x80000000, 0xffffaf0a}]}, 0x18, 0x0)
rmdir(&(0x7f0000000000)='./file0\x00')

11.484182373s ago: executing program 32 (id=972):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.numa_stat\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x8004587d, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80000000000})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000400180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x2}, 0x18)
r3 = syz_open_dev$vcsn(&(0x7f0000000180), 0x0, 0x26642)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r4}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
get_robust_list(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$security_capability(r3, &(0x7f0000000280), &(0x7f0000000380)=@v3={0x3000000, [{0x5, 0x82}, {0x80000000, 0xffffaf0a}]}, 0x18, 0x0)
rmdir(&(0x7f0000000000)='./file0\x00')

1.004335098s ago: executing program 4 (id=1233):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007"], &(0x7f0000000800)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
unshare(0x22020600)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000838500000071000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007009300000000000c0001"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000200)='sys_enter\x00', r0}, 0x10)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={0x1}, 0x4)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = socket$isdn_base(0x22, 0x3, 0x0)
flistxattr(r5, 0x0, 0x0)

948.776053ms ago: executing program 4 (id=1234):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0x81, 0x43)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'ip6tnl0\x00', <r1=>0x0})
sendto$packet(r0, &(0x7f0000000180)="0b036800e0ff64000200475400f6a13bb10000068900894f4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x0, r1}, 0x14)
r2 = syz_io_uring_setup(0x3, &(0x7f0000000580)={0x0, 0x226f, 0x13500, 0x0, 0xeffffffd}, &(0x7f0000000240), &(0x7f0000000300))
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0x7, &(0x7f0000006b40)=0x800007fe, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180900000020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0xe, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
sendfile(r0, r0, &(0x7f0000000100)=0x4, 0x1)
prctl$PR_SET_NAME(0xf, &(0x7f0000000040)='\x00')
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r2, 0x21, 0x0, 0x1)

948.148322ms ago: executing program 4 (id=1235):
syz_mount_image$iso9660(&(0x7f0000000b00), &(0x7f0000000040)='./file0\x00', 0x4002, &(0x7f0000000140)=ANY=[@ANYBLOB='map=off,cruft,iocharset=ascii,block=0x0000000000000200,unhide,session=0x0000000000000011,uid=', @ANYRESDEC=0x0, @ANYBLOB="2c004238994fceef7f633ea81416b1324d35327f7ace27c590b7f9fb133af0ffd6dfc4d893195864142b1450fbace6795f6e181993255fbbca2cb54fcf79cc53b3a6c3704aed82da89741aad5205bb43ded29cfd65509ff9c85cbdb7337ef48b9412ff439da96bb3f5ac11273d94d3d75d"], 0x1, 0xa2f, &(0x7f0000001580)="$eJzs3ctvXNd9B/DvHfEl2lBlW3VVwbZGMmTTNkuRVC1B8KKWyKFEl4+WpAALbWEZllQIIurCbgHb6EIFiq5q1CiKAk02gZdZGXAW8SbQLlkFWWURIPF/EBhZKQGCCebOUOJjZihSFKnIn89gNPfxO+f87tw792iGM/eEP2b1er28b3P+0vd3M1kePecnv/78i08b93+/lb7sy+vFD5OBJNWk5/flsdI7MbkwP7tJRTeTK0luJ0WS/jQfO9i/Zu5Kiv/Ok/fmb6f4bg63KTawxY1jU3W+1fb6+AMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEfSxOTo6FiRmem5S29XOyuHAO+yfqW6r8pRv4uvVjfR16bZIika9wwMrAz1ffjQvdXPNv45nueac881R/4eyCdPPHvwjWd6KivluyS0Kz78+JOb7y4vX/vg3qLeTQv1P9yctqVve8Uu1OamF+enZ89dqFWnF+erZ0+fHj15cWqxOjWd2uLlxaXabHVioXZuaX6hOjTxSnXs7NlT1drI5flLcxcmR2ZqKwvP/MX46Ojp6lsjf1M7t7A4P3fyrZHFiYvTMzPTcxfKmMbqRsyZxoH419NL1aXaudlq9fqN5WunNkuyETTWdk1R3ZdVQeOb1TQ+Oj4+NjY+Pnb69bOvnxkd7dmwYHSdbIjY+4OWvfODh3IOh22qtPr/zGQ6c7mUt1Nte5vIZBYyn9kO61tW+v8TJ2td213d/6/08ofvrT6Ssv9/oTn3Qqf+v0Mum9/q9WbN2y2/cvswH+eT3My7Wc5yruWDB66xP+sy++2D1ti6VR98azfeLqSWuUxnMfOZzmzOlUuqrSXVnM3pnM5o3snFTGUx1UxlOjOpZTGXs5il1MojaiILqeVcljKfhVQzlIm8kmrGcjZncyrV1DKSy5nPpczlQiZzrqzlem6Uz/upLjneDRq7n6DxLkE73P/XH8X/CfKw7ej5Gx5EvdX/t3uP3gyor0wNTexaVgAAAMBO+vOf5MChp3/8y6Q3z5efy09Nz9RG9zotAAAAYAeVX9d7rvHQ25h6PoX3/wAAAPC4Kcrf2BVJBnO0OdX8JdS++BAAAAAAHhPl3/9faDwMNqaOprh7JZQre50bAAAAsDPuXmM/na6xu+lV+Ivhlcv/Vq82H6+2IlrX+R2cmp6pjUzMz7wxlpfKqwyUvzTYUNu+pOgtf37wao41o44NNh8H19Y40IgaG3ljLK/meGtDhl5sPLw41CZyvBn5cjPy5S6RpxqRAPC4O96lP77f/v/VDDcjho/09CXpOdKmZx3VswLAo2LzMXY2jSj+8t77/95WtWv6/6dz/WjzKwUjeS/vZzlXM1z+2qD8xsGaWv/+s9ZnBne/hjCa4U0+DViJ/dmZSoY7fB7Ql/X1jmd4k08EmrH5h+TUw98RALCLjnfoh7fS/w+vev+fje//7w4tdM1PCgHgkXB3BPuHOLHX2wgArKWXBgAAAAAAAAAAAAAAAAAAAAAAAAAAgJ23o1f7H9hm8V+1xvV7uMMQbJjY33oOtl/P/yTZvZyLRlv9O1dhZQfqqSfZrf21exM5mGz7WW17GPcl2fvt2srEXp6VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2C1Fsq/d8krSn2Q0ycndz2r7isYWdXFr1zLZbT/92w4r/mr1THEnd/JRDuxOTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3x6t6/9X0nx8orkoPZXkRJIrSf5ur3PcSXf2OoEdsn+b5VZd/7+xz1Mv0tPc7Sl6JyYX5mfL8RP6G+u//vyLTxv3VcX777edMrCybnCJVgvrY7/35MrUU2WpwclrH978l/f/uTp5PpX05fzS1Mzk7IWFN+8Vebb4MqmmeV+xku+/nfjRZ222/MvGlra3vt2p8smZ3Njun7Ur3b3dbm4sXxtvtLRUe3vpX//pxkerVj2dY8mLQ8nQ2pb+sXHv0NKx9HZrrfim+M/iQP4vV8r933g2inrR2EV/Um7//us3lq+NvPf+8tUOOR3M0SRXk4H7z+lo5wE5yqOu0ttodbQMavxzqF193cf0aFvjWIdteKo8ZAZb29B3X9tQ3SSBVc97pd36ZkanOmT0TF5qs6fr/UnnjF7qvqfbK74pflFczM/zH6vG/6g09v+JdH51rq2ijFx1pHSMrDQjyy0fX73infWRv/7/+8q+7TA1bNV/rXnxVlad/1v7aofOR/Wi6/loVYtbe12sa3HdUdHldVH2SIfWlWidfTqVaeV5qBnVIc8/zWtJz5FuZ8UNvfVrm53SVsq/2X71dl//3ymG8pvcMv4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw6CuSfe2WV5ITSQ6uzFeT+haq7e+0ojJYbDXFHXXr7j+PhcpWCxR3cicf5cDDSQcAAAAAAACA3XZ+8uvPv/i0cS//Hr/vTr3e+vt+NelJcrD43/2ZXJif3aSi3uRKktuN6YFOQb+rN61d2iiXJ+/N327MHW5bwcH73S4AoLM/BAAA///r9m7p")
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xb, &(0x7f0000000000)={0x0, 0x5}, 0x0)
timer_create(0x5, 0x0, 0x0)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[], 0x10}, 0x1, 0x0, 0x0, 0x4008081}, 0x20048110)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r0, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)={0x28, 0x140d, 0x4, 0x70bd2b, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x5}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x28}, 0x1, 0x0, 0x0, 0x24008093}, 0x10)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)

947.680463ms ago: executing program 0 (id=1236):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x138, 0x10, 0x713, 0x0, 0x200, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@remote, 0x43, 0x2}, {@in6=@remote, 0x4d3, 0x32}, @in=@broadcast, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}]}, 0x138}}, 0x0)
preadv(r1, &(0x7f0000000680)=[{&(0x7f00000000c0)=""/149, 0x95}, {&(0x7f0000000240)=""/203, 0xcb}, {&(0x7f0000000040)=""/8, 0x8}, {&(0x7f00000004c0)=""/146, 0x92}, {&(0x7f00000001c0)=""/37, 0x25}, {&(0x7f0000000580)=""/253, 0xfd}], 0x6, 0x80000000, 0x1)

876.351478ms ago: executing program 4 (id=1237):
socketpair(0x18, 0x0, 0x2, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x78, 0x6}, 0x4)
setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000002040)=[{0x4, 0x8, 0x8, 0x6}]}, 0x10)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @local}], 0x10)
sendmsg$inet_sctp(r1, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{0x0}], 0x1, 0x0, 0x0, 0x804c040}, 0xc851)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r3=>0x0]}, &(0x7f0000000040)=0x8)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x100, 0x11)
openat(r4, &(0x7f0000000240)='./file0\x00', 0x1, 0x41)
setsockopt$X25_QBITINCL(r0, 0x106, 0x1, &(0x7f00000001c0)=0x2, 0x4)
sendmmsg$inet_sctp(r1, &(0x7f0000003640)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="30000000000000008400000001000000ff03040004020000090000004c000000f9ffffff00800000c00e0000", @ANYRES32=r3, @ANYBLOB="18"], 0x48, 0x4c004}], 0x1, 0x10)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(r1, 0x84, 0x79, &(0x7f0000000140)={r3, 0xfff, 0x101}, 0x8)
ioctl$sock_netdev_private(r0, 0x89f8, &(0x7f0000000040)="b9f78378984d7b0b81cfb907b3b99f19b3890ffe71d188f72c2e0c4ddae356dd8e2b1b2845d99cd4d92f5474bd0672d992049ef5657ee99b4b4b3e61d6149f7c5a37af3803212a74edd72982523eab06c1a325f5853e0106f07075f052e33e4f1a08ae97b16e512414b20d932b4c3e3a974ac5277ac0422ff31f2f5839740c2d4bfadebd84d507dda65000010df5ff097a3fc7645bff286805c6e8f5e9bebe9cb29c63b60a1dd251fa7b5d250081bea06d6d5cb8bd1555683e725f21ed4c3bea73067f152b90ef0782be7b5249e86b080fd34024bc73169b2690d8f1376522b807cd0e592056")

876.046958ms ago: executing program 0 (id=1238):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
syz_io_uring_setup(0x520f, 0x0, 0x0, 0x0)
mount$9p_tcp(0x0, &(0x7f0000000040)='./cgroup\x00', 0x0, 0x4000, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=tcp,port=0x0000000000004e21,privport'])
syz_io_uring_setup(0x10a, &(0x7f0000000140)={0x0, 0x5883, 0x8, 0x0, 0xfffffdfc}, &(0x7f0000000040), &(0x7f0000000280))

875.830838ms ago: executing program 4 (id=1239):
r0 = socket(0x1e, 0x4, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x401, 0xfffffffe, 0x0, 0xffffffff}, 0x10)
close(r0)

858.43681ms ago: executing program 0 (id=1240):
r0 = socket(0x11, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'gre0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2}, 0x14)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000440)=ANY=[@ANYBLOB="02017d29012918000e3580009f0001140000002f0600ac141414e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0aba61f6304a80500ffffca88faca"], 0xdd12}], 0x1}, 0x0)

799.844785ms ago: executing program 0 (id=1241):
openat(0xffffffffffffff9c, 0x0, 0x2060, 0x0)
r0 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r0, &(0x7f0000000880)=[{{&(0x7f0000000080)={0x2, 0x0, @rand_addr=0xac1414bb}, 0x10, &(0x7f0000000100)=[{0x0}], 0x1}, 0x20000000}], 0x1, 0x0)

799.359785ms ago: executing program 4 (id=1242):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB='\a\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="080000000000007b8af8ff00000000bfa2000000000a0007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r3)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000340), 0x0)
r4 = open(&(0x7f00009e1000)='./file0\x00', 0x840, 0x0)
fcntl$setlease(r4, 0x400, 0x0)
fcntl$setlease(r4, 0x400, 0x2)
socket$unix(0x1, 0x5, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x200000}, 0x1c)
listen(r5, 0x9)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)

755.730508ms ago: executing program 3 (id=1243):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0xfffffffffffffee8, &(0x7f00000044c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="480601080000000000000000050000000400078000000300856173683a6e65742c2e65740000000000000780000003000100000005000400000000000900020073797a31000000a98b0004000200000000000000"], 0x48}, 0x1, 0x0, 0x0, 0x200400c1}, 0x8000000)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet(0x2, 0x4000000805, 0x0)
listen(r1, 0x5)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = socket$nl_route(0x10, 0x3, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, &(0x7f00000010c0)={0x2, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, &(0x7f0000000300)={0x0, <r4=>0x3938700}, 0x0)
syz_clone(0x43100000, 0x0, 0x97, 0x0, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYRESHEX=r4], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x2000015f, &(0x7f0000000200)=ANY=[@ANYRES16=r2, @ANYRES16=0x0, @ANYRES32=0x0, @ANYRES64=r4], &(0x7f0000000780)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r6, 0x0, 0xfffffffffffffffe}, 0x18)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xc5fffffd)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r7}, 0x9)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
lchown(&(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x0)
set_tid_address(0x0)
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="540000001000010471bc30b00000000100000000", @ANYRES32=0x0, @ANYBLOB="fff00000000000002c0012800e00010069703667726574617000000018000280140007002001001000000000000000000000000208000a00f0"], 0x54}}, 0x40000084)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe001811", @ANYRES32=r2, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0xfdef, &(0x7f0000000100)=ANY=[], 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r8 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$TIOCSLCKTRMIOS(r5, 0x5457, &(0x7f0000000280))
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r9=>0x0})
connect$can_bcm(r8, &(0x7f00000000c0)={0x1d, r9}, 0x10)

677.401065ms ago: executing program 0 (id=1244):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007"], &(0x7f0000000800)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
unshare(0x22020600)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000838500000071000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007009300000000000c0001"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000200)='sys_enter\x00', r0}, 0x10)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={0x1}, 0x4)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = socket$isdn_base(0x22, 0x3, 0x0)
flistxattr(r5, 0x0, 0x0)

676.714945ms ago: executing program 0 (id=1245):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x18)
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000380)='kfree\x00', r0}, 0x18)
listen(0xffffffffffffffff, 0x5)
pause()
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000100)={'batadv0\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="300000001100010027bd7000fddbdf2500000000", @ANYRES32=r4], 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x8090) (fail_nth: 6)

268.981378ms ago: executing program 3 (id=1249):
r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x2000, 0x0)
symlinkat(&(0x7f0000000000)='./file0\x00', r0, &(0x7f0000000080)='./file0\x00')
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$PPPIOCSDEBUG(r1, 0x40047440, &(0x7f0000000100)=0x7)
ioctl$PPPIOCDISCONN(r1, 0x7439)
newfstatat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0, <r3=>0x0}, 0x6000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r4=>0x0, <r5=>0x0})
lchown(&(0x7f0000000140)='./file0\x00', r2, r5)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
lsetxattr$security_selinux(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0), &(0x7f0000000400)='system_u:object_r:wireless_device_t:s0\x00', 0x27, 0x3)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f00000004c0)=<r8=>0x0)
setxattr$system_posix_acl(&(0x7f0000000440)='./file0\x00', &(0x7f0000000480)='system.posix_acl_default\x00', &(0x7f0000000500)={{}, {0x1, 0x5}, [{0x2, 0x3, 0xee01}, {0x2, 0x1, r8}], {0x4, 0x6}, [{0x8, 0x1, r3}, {0x8, 0x1, r5}, {0x8, 0x2, r5}, {0x8, 0x2, r3}], {0x10, 0x5}}, 0x54, 0x2)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x18, 0x1f, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x9}, [@map_val={0x18, 0x6, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}, @call={0x85, 0x0, 0x0, 0x4e}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xd388}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @ringbuf_output={{}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @initr0={0x18, 0x0, 0x0, 0x0, 0xce4, 0x0, 0x0, 0x0, 0xffffffff}, @alu={0x4, 0x0, 0xa, 0x5, 0x4, 0x1, 0xfffffffffffffff8}]}, &(0x7f00000006c0)='syzkaller\x00', 0x8, 0xf9, &(0x7f0000000700)=""/249, 0x1e00, 0x5b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000800)={0x3, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000840)=[0x1, 0x1, 0x1, 0x1, 0x1], &(0x7f0000000880)=[{0x1, 0x4, 0x7, 0x7}, {0x1, 0x1, 0x6, 0x1}], 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000580)='ufshcd_clk_gating\x00', r9, 0x0, 0x7}, 0x18)
quotactl$Q_SETINFO(0xffffffff80000601, &(0x7f00000009c0)=@nbd={'/dev/nbd', 0x0}, r4, &(0x7f0000000a00)={0x9, 0x1, 0x1, 0x5})
mknodat$null(r7, &(0x7f0000000a40)='./file0\x00', 0x400, 0x103)
getrusage(0xffffffffffffffff, &(0x7f0000000a80))
ioctl$PPPIOCATTACH(r6, 0x4004743d, &(0x7f0000000b40)=0x4)
openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000b80), 0x2, 0x0)
r10 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000bc0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x123a1a1c, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x5}, 0x50)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000d00)={'gretap0\x00', &(0x7f0000000c40)={'sit0\x00', <r11=>0x0, 0x10, 0x7800, 0x0, 0x3, {{0x1b, 0x4, 0x3, 0x0, 0x6c, 0x42ef, 0x0, 0x7, 0x4, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010100, {[@timestamp_addr={0x44, 0x14, 0x38, 0x1, 0x6, [{@local, 0x7}, {@dev={0xac, 0x14, 0x14, 0x2c}}]}, @timestamp_addr={0x44, 0x2c, 0x49, 0x1, 0xf, [{@broadcast, 0x6}, {@remote, 0x8}, {@empty, 0x3}, {@remote, 0x8}, {@remote, 0xfffffffe}]}, @cipso={0x86, 0x15, 0x2, [{0x6, 0xf, "d4b3b742f93994461c1244fe73"}]}]}}}}})
bpf$MAP_CREATE(0x0, &(0x7f0000000d40)=@bloom_filter={0x1e, 0x1, 0xc, 0x40, 0x400, r10, 0x16, '\x00', r11, 0xffffffffffffffff, 0x2, 0x2, 0x0, 0x1}, 0x50)
ioctl$PPPIOCGUNIT(r6, 0x80047456, &(0x7f0000000dc0))
r12 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r12, 0x89f0, &(0x7f0000000ec0)={'syztnl2\x00', &(0x7f0000000e00)={'gre0\x00', r11, 0x8000, 0x20, 0x7, 0x400, {{0x1d, 0x4, 0x0, 0x9, 0x74, 0x68, 0x0, 0x5, 0x4, 0x0, @broadcast, @dev={0xac, 0x14, 0x14, 0x3b}, {[@timestamp={0x44, 0x8, 0xb3, 0x0, 0x8, [0x101]}, @timestamp_addr={0x44, 0x2c, 0x18, 0x1, 0x7, [{@local, 0x5}, {@rand_addr=0x64010100, 0x100}, {@private=0xa010101, 0xdd}, {@private=0xa010100, 0xfffffb50}, {@dev={0xac, 0x14, 0x14, 0x38}, 0x7ff}]}, @rr={0x7, 0x27, 0x1f, [@multicast1, @private=0xa010101, @empty, @rand_addr=0x64010102, @multicast1, @local, @empty, @broadcast, @local]}, @ra={0x94, 0x4, 0x1}]}}}}})
r13 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000f00)='./cgroup/syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r13, &(0x7f0000000f40)='memory.events.local\x00', 0x0, 0x0)
r14 = accept(r7, &(0x7f0000000f80)=@sco={0x1f, @none}, &(0x7f0000001000)=0x80)
setsockopt$inet6_IPV6_ADDRFORM(r14, 0x29, 0x1, &(0x7f0000001040), 0x4)

264.878268ms ago: executing program 5 (id=1250):
socketpair(0x18, 0x0, 0x2, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x78, 0x6}, 0x4)
setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000002040)=[{0x4, 0x8, 0x8, 0x6}]}, 0x10)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @local}], 0x10)
sendmsg$inet_sctp(r1, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)}], 0x1, 0x0, 0x0, 0x804c040}, 0xc851)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r3=>0x0]}, &(0x7f0000000040)=0x8)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x100, 0x11)
openat(r4, &(0x7f0000000240)='./file0\x00', 0x1, 0x41)
setsockopt$X25_QBITINCL(r0, 0x106, 0x1, &(0x7f00000001c0)=0x2, 0x4)
sendmmsg$inet_sctp(r1, &(0x7f0000003640)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="30000000000000008400000001000000ff03040004020000090000004c000000f9ffffff00800000c00e0000", @ANYRES32=r3, @ANYBLOB="18"], 0x48, 0x4c004}], 0x1, 0x10)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(r1, 0x84, 0x79, &(0x7f0000000140)={r3, 0xfff, 0x101}, 0x8)
ioctl$sock_netdev_private(r0, 0x89f8, &(0x7f0000000040)="b9f78378984d7b0b81cfb907b3b99f19b3890ffe71d188f72c2e0c4ddae356dd8e2b1b2845d99cd4d92f5474bd0672d992049ef5657ee99b4b4b3e61d6149f7c5a37af3803212a74edd72982523eab06c1a325f5853e0106f07075f052e33e4f1a08ae97b16e512414b20d932b4c3e3a974ac5277ac0422ff31f2f5839740c2d4bfadebd84d507dda65000010df5ff097a3fc7645bff286805c6e8f5e9bebe9cb29c63b60a1dd251fa7b5d250081bea06d6d5cb8bd1555683e725f21ed4c3bea73067f152b90ef0782be7b5249e86b080fd34024bc73169b2690d8f1376522b807cd0e592056")

205.715613ms ago: executing program 5 (id=1252):
r0 = socket(0x11, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'gre0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2}, 0x14)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000440)=ANY=[@ANYBLOB="02017d29012918000e3580009f0001140000002f0600ac141414e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0aba61f6304a80500ffffca88faca"], 0xdd12}], 0x1}, 0x0)

204.948973ms ago: executing program 1 (id=1253):
r0 = socket(0x1e, 0x4, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x401, 0xfffffffe, 0x0, 0xffffffff}, 0x10)
close(r0)

203.753993ms ago: executing program 3 (id=1254):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x8, 0x6}, 0x0, 0x0, 0x800000, 0x6, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = socket(0x1e, 0x1, 0x0)
connect$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r0, &(0x7f0000000400), 0x2000011a)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[], 0x48)
r2 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r3 = fcntl$dupfd(r2, 0x0, r2)
syz_io_uring_setup(0x18d6, &(0x7f0000000040)={0x0, 0x3, 0x0, 0x0, 0xad}, &(0x7f0000000440), &(0x7f0000ffe000))
ioctl$USBDEVFS_REAPURB(r3, 0x4008550c, 0x0)
sendmmsg$inet(r3, &(0x7f0000000940)=[{{&(0x7f0000000040)={0x2, 0x4e22, @remote}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000180)="65d34c3f7eb58439fd79f750703b41aae5bb995995b4361af64fd5902ab58f785ba2a0d3ff8e29ae8eb6fdf8ab52b3ade899deac23566c6609814b1a562d0e40ee565fa0d5c491e1b557aeb7d7e95c28f70e358207748091384a72cebaf96e4b2f3f", 0x62}, {&(0x7f0000000280)="1a19196cee4489549dea14b799ca0f14ac82be809273ef5534b0c7043c6260c81854891ce4d4ce66fd4df1ec93b0fb461e4e295c1e8fa0404ba25f4edb13ae48216d82f924162e59831da5de9b5574ac61f0575c4ae142a97759c13d30fa71863c3f6d6d91ac7b6a51c9a81f55a727ff079a0a69f8e54e85ed27ebb9f1cc317622ddf908140b1bc142be816edf611830df48a9ef26bb1b354ed4e0913fb6ff3d21623dd2ecb9c0cb1eb9bee0f62542874a81ea33044fec772c131c77fd40e32acbfcaed539d79e4ff4ed29997f88a09ab6c8b0a3747642e2821fb31b724f0de8dbb7308606f816e924ae0ba6dc7f6c3e4a319bfbbb3a68d66d", 0xf9}], 0x2}}, {{&(0x7f0000000200)={0x2, 0x4e23, @rand_addr=0x64010101}, 0x10, &(0x7f00000006c0)=[{&(0x7f00000004c0)="2a3ec291ab7b8f60c28759abf8317d710d0b554bf5832e742a873dd9e247ac3fab0246e3c6c43a7dd26dc4286808e46de1eb0db74455417ad254740da7a8e05779ad39800ae900bfface343b4994cae843039f86a82e850fb6fe7d53cc9ea25d9b73b76e99f6e0717ba0f829eb5fa01b7e341e369d66c1346eb9ada6a6008b88833cae85839cf491f4bd26b86793ec60ab23180c60fd4b3b023cbf0d49ddc72079989ad5882ccb991eb2367407451805d10710a24cf012496c984800b8d2a38d6cf812207327b7182b880b409375c8b20f22b9ff8f9f30", 0xd7}, {&(0x7f00000005c0)="87747e991b32ac29dfd75da944da6e0ed18713dff31cfe21c3832f15f30baaa41817ac58313896340b592a6987fb65488523cd961490d7b968711f6279880b153a0694920f2a946378bb5577cf48cb58967ec738a74c14709428991e73f255bbcaed1f763d6774566b9eef8fc70f35cbc2c03ce772c95093c653ecf82e8a1498b948f3e25fdafcef865e073ba17465ebaf455708010325b3c7418a7dcbafd879edea167e0f9b629d834893bcf56274ba5c0df4821439d0a4aa317ea8b222eb77dbcc9603e8600d0d147068abde8de47996814a7ad838a6b5d807421ad84703707bde935dec3f04d8a2", 0xe9}, {&(0x7f00000003c0)="d560ce5abf34baa99ed5038fd60b298732d2d96e468daf72d7e1e2ef6b62eeb55b4ca551bd6706be4f1a70cd8c1ca9496304a68dc88f670a0435a349a2aeb63365df83d7", 0x44}], 0x3, &(0x7f0000000700)=[@ip_retopts={{0x5c, 0x0, 0x7, {[@ra={0x94, 0x4, 0x1}, @timestamp={0x44, 0xc, 0x91, 0x0, 0x6, [0x0, 0x84]}, @ra={0x94, 0x4, 0x1}, @timestamp={0x44, 0x28, 0xd0, 0x0, 0xe, [0x8, 0x9, 0x634, 0x5, 0x582c, 0xf, 0xe46, 0xf00b, 0x48c]}, @ssrr={0x89, 0xf, 0xff, [@loopback, @rand_addr=0x64010100, @local]}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xff}}], 0x78}}, {{&(0x7f0000000780)={0x2, 0x4e24, @empty}, 0x10, &(0x7f0000000800)=[{&(0x7f00000007c0)="7e67acf01fb3246161eb2c64ac", 0xd}], 0x1, &(0x7f0000000840)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}, @ip_retopts={{0x3c, 0x0, 0x7, {[@timestamp_addr={0x44, 0x2c, 0x9f, 0x1, 0x8, [{@rand_addr=0x64010100}, {@multicast2, 0xc}, {@empty, 0x10}, {@rand_addr=0x64010100, 0x86}, {@broadcast, 0x7fff}]}]}}}], 0x58}}], 0x3, 0x26040044)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = getpgrp(0xffffffffffffffff)
r5 = getpgrp(0x0)
kcmp(r4, r5, 0x6, 0xffffffffffffffff, 0xffffffffffffffff)
fsync(r1)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000380)='kmem_cache_free\x00', r6}, 0x18)
cachestat(0xffffffffffffffff, 0x0, 0x0, 0x0)

159.280437ms ago: executing program 5 (id=1255):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x1eb5c1, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
write$cgroup_int(r1, &(0x7f0000000240)=0x2, 0x12)

158.519767ms ago: executing program 3 (id=1256):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007"], &(0x7f0000000800)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
unshare(0x22020600)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000838500000071000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007009300000000000c0001"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000200)='sys_enter\x00', r0}, 0x10)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={0x1}, 0x4)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = socket$isdn_base(0x22, 0x3, 0x0)
flistxattr(r5, 0x0, 0x0)

157.937987ms ago: executing program 1 (id=1257):
mkdir(0x0, 0x41)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = epoll_create1(0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f0000000240)={0x20000006})
dup3(r0, r5, 0x0)
bind$unix(r5, &(0x7f0000000000)=@file={0x1, '.\x00'}, 0x6e)
mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./control\x00', 0x0, 0x2000, 0x0)

112.267971ms ago: executing program 5 (id=1258):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000340)='kmem_cache_free\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r2, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)

111.547461ms ago: executing program 1 (id=1259):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000029000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000240)={0xa, 0x0, 0x1, @local, 0x3ff}, 0x1c)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x1}, 0x1c)
splice(r0, 0xffffffffffffffff, r0, 0x0, 0x6, 0xa)

61.308275ms ago: executing program 3 (id=1260):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="20010000160001040000000000000000fc000000000000000000000000000000ac14140a00000000000000000000000000040000000000000000800000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fe8000000000000000000000000000242000000033000000ac1414bb000000000000000000000000030000000000000000000000000000000500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001900000000000000000000000003000000feffffff0000000000000000d00000000000000008000000fdffffff04001b00240009"], 0x120}}, 0x20004808)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0) (async, rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async, rerun: 64)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b00000007000000010001000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r2 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x34, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_cake={{0x8}, {0x4}}]}, 0x34}}, 0x0) (async)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000e40)=@newtfilter={0x34, 0x2c, 0x300, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r3, {0xffe0}, {0x0, 0x6}, {0xc, 0xffe0}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x48080}, 0x24000840) (async)
r4 = socket$netlink(0x10, 0x3, 0x0) (async, rerun: 32)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'veth0_to_batadv\x00'}) (rerun: 32)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180600000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x18)
ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
syz_emit_ethernet(0x6e, &(0x7f00000005c0)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd6000000000383a00fe8000000000000000000000000000aaff02000000000000001000000000000102009078000007d0608cb02b00002e00fc000000000000000000000000000001fe8000000000000000000000000000aaab0c050c01631701cc0000040000000200"], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00'}, 0x10)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r7, &(0x7f0000000180), 0x40010) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r5}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000500)={{r1}, &(0x7f00000003c0), &(0x7f00000004c0)='%pS    \x00'}, 0x20)

60.905725ms ago: executing program 5 (id=1261):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x138, 0x10, 0x713, 0x80ff, 0x200, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@remote, 0x43, 0x2}, {@in6=@remote, 0x4d3, 0x32}, @in=@broadcast, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}]}, 0x138}}, 0x0)

60.495405ms ago: executing program 1 (id=1262):
socketpair(0x18, 0x0, 0x2, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x78, 0x6}, 0x4)
setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000002040)=[{0x4, 0x8, 0x8, 0x6}]}, 0x10)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @local}], 0x10)
sendmsg$inet_sctp(r1, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)}], 0x1, 0x0, 0x0, 0x804c040}, 0xc851)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r3=>0x0]}, &(0x7f0000000040)=0x8)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x100, 0x11)
openat(r4, &(0x7f0000000240)='./file0\x00', 0x1, 0x41)
setsockopt$X25_QBITINCL(r0, 0x106, 0x1, &(0x7f00000001c0)=0x2, 0x4)
sendmmsg$inet_sctp(r1, &(0x7f0000003640)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="30000000000000008400000001000000ff03040004020000090000004c000000f9ffffff00800000c00e0000", @ANYRES32=r3, @ANYBLOB="18"], 0x48, 0x4c004}], 0x1, 0x10)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(r1, 0x84, 0x79, &(0x7f0000000140)={r3, 0xfff, 0x101}, 0x8)
ioctl$sock_netdev_private(r0, 0x89f8, &(0x7f0000000040)="b9f78378984d7b0b81cfb907b3b99f19b3890ffe71d188f72c2e0c4ddae356dd8e2b1b2845d99cd4d92f5474bd0672d992049ef5657ee99b4b4b3e61d6149f7c5a37af3803212a74edd72982523eab06c1a325f5853e0106f07075f052e33e4f1a08ae97b16e512414b20d932b4c3e3a974ac5277ac0422ff31f2f5839740c2d4bfadebd84d507dda65000010df5ff097a3fc7645bff286805c6e8f5e9bebe9cb29c63b60a1dd251fa7b5d250081bea06d6d5cb8bd1555683e725f21ed4c3bea73067f152b90ef0782be7b5249e86b080fd34024bc73169b2690d8f1376522b807cd0e592056")

54.111006ms ago: executing program 3 (id=1263):
r0 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x1)
fchdir(r1)
fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000480)='\x00', 0x0, r0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r1)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000100)={'team0\x00', <r4=>0x0})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000140)={'syztnl0\x00', &(0x7f0000000340)={'sit0\x00', <r5=>0x0, 0x80, 0x8, 0x7, 0xb9, {{0x21, 0x4, 0x2, 0x2, 0x84, 0x67, 0x0, 0x7, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x27}, @empty, {[@noop, @timestamp={0x44, 0x1c, 0x8d, 0x0, 0x2, [0x7, 0xffffffce, 0x6, 0x1, 0x1, 0x3fe95984]}, @ra={0x94, 0x4, 0x1}, @cipso={0x86, 0x40, 0x0, [{0x2, 0xf, "9d63a70055068ab289709d2e8f"}, {0x5, 0x10, "30d201f345f63ea208bdbc08627c"}, {0x6, 0xc, "37a0b54fc16152d6475d"}, {0x1, 0x9, "41723dfa647001"}, {0x5, 0x6, "06db3c3c"}]}, @generic={0x82, 0xe, "51ea4d7158ac4e98b07c30a8"}]}}}}})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'veth1_virt_wifi\x00', <r6=>0x0})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000200)={'syztnl1\x00', &(0x7f0000000400)={'ip6gre0\x00', <r7=>0x0, 0x4, 0x5, 0x0, 0xee1, 0x5, @private2, @rand_addr=' \x01\x00', 0x700, 0x8000, 0x5, 0x9e2e}})
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r1, &(0x7f0000000600)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000005c0)={&(0x7f00000004c0)={0xcc, r3, 0x800, 0x8, 0x25dfdbfb, {}, [@HEADER={0x84, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}]}]}, 0xcc}, 0x1, 0x0, 0x0, 0x11}, 0x4004800)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="1400000010000100008d0008000000000100000a20000000000a01040000000000000000010080030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a320000000094000000060a010400000000000000000100000008000b40000000006c000480340001800b000100657874686472000024000280080001400000000c080003400000000008000440000000220500020007000000340001800c00010062697477697365002400028008000340000000040800014000000014080006400000001208000240000000120900010073797a30"], 0x108}}, 0x0)

48.129546ms ago: executing program 5 (id=1264):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001080)={0x18, 0x200000fc, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0xe64, 0x1ff, @empty, 0x2}, 0x1c)
r3 = socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r2, &(0x7f0000000080)={0xa, 0xce22, 0x5, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}, 0x1c)
r4 = socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0xe64, 0x3, @empty, 0x2}, 0x1c)
connect$unix(r4, &(0x7f0000001140)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xd40, 0xd2)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000c40)='./file1\x00', &(0x7f00000000c0), 0x200000, &(0x7f0000000c80)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',jfdno=', @ANYRESHEX=r6, @ANYBLOB=',\x00'])
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r7=>0x0})
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x200000, &(0x7f0000000480), 0x0, 0x3da, &(0x7f00000004c0)="$eJzs3N1qHFUcAPD/TPNhU3WjVi+0YKSI8SsfTYkNFlTw0ivrC6xJWqLbxjYr2JILBbEPoD6AeFkfwQvxThC8KV57pxSKJLmWldnMbsbNbszXMtr9/eDAOTM7nPOfmd1zcs4hAQysiYj4NCJGIuKDiKjkx5M8xZvbKfvc1sb6YpaSaDQu/Zk0z29urC9G4ZrMqbwwmUaknyfxTJd6127e+rBaqy3fyMvT9asfTa/dvPXqytXqleUry9fmZhYWZuYuzC/MH1usv8ft3y7efbvy5c9nf/3x/Xfns/a+mJ8rxnFcJmKifU86TR13ZSV7qJBPhkpsCAeSRsSJiBhqfv8rcSJ2Hl4lvq+U2jgAoC8ajTc6ygDAgy/R5wPAgGn93b+5sb7YSmXMQ5Tl/lvbi1eb+drmVjv+ofZKyHDH+tZxmoiI775+7dksRZ/WIQEAin7Ixj8Xuo3/0jhT+NzJiBjL93Y9HBGPRMSjhf1ihzXRUd49/knvHbGKPWXjv4uFvW1bhfhz4yfyUhbzeAwnl1dqyzN5/JMxPJqVZ/eo48ylp/7qda44/stSVn9rLJi3497Q6D+vWarWq0eJuej+ZxFPD3WLP2mPf5Nm3If3+vU7T/Y69+/x91fjm4gXuj7/nZ17yd77E6eb78N0663Y7fZLz1/vVX/Z8WfPf2zv+MeT4n7NtYPX8dP5lV96nTvs+z+SvNfMj+THPqnW6zdmI0aSd3YfP7dzbavc+nwW/+TZ7t//07FzJx6LiMcj4omI5vGeL3QXr9S+fe7w8fdXFv/SgZ7/wTNjX9y526v+/T3/883cZH5kP79/+23gUe4dAAAA/F+kzfncJJ1q59N0amp7nvd0jKW11bX6y5dXP762tD3vOx7DaWumq1KYD53N5whb5XMd5bl8DuWr0ZPN8tTiam2p7OABYECd6tH/Z/4YLbt1AEDf9GtzOwDw36X/B4DBo/8HgMGj/weAwaP/B4DBo/8HgIFylP/rJyMj86Bmyv5lAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAo198BAAD//+f91Vw=")
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r9 = dup(r8)
write$UHID_INPUT(r9, &(0x7f0000000000)={0x7, {"a2e3ad21ed0d52f91b23330987f70e06d038e7ff7fc6e5539b0d47078b089b3907346d090890e0878f0e1ac6e7049b334a959b669a240d5d67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07670936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70fe98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf1a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e470dea05918b41243513f000800000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3e3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14d9fdb8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a19000000000000006f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69b15c9f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d44400009a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc01008cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c16c02ed4b5d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaab1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106d26658b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6b14effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c110000a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b51028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6815d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3f3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51090840517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4e004a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6ce1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c817e9177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d543902113c4c859465c3c115c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc248850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafcc009fc074bb6b68a1f0c4649820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948998cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2fd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5dc4ff8f0104000000000000df72279fdb0d2b9e936e5a983c12fded79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d3700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa6e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9f07b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e3ebb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3fec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4cddd5d0fc5a752f9000", 0x1000}}, 0x1006)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0x9ecdbedf136e6234, 0x0, 0x0, 0x0)
syz_clone(0xaa2a500, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)
r10 = syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/mnt\x00')
unshare(0x28000600)
unshare(0x20020000)
setns(r10, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="010000000b000000050010000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r7, @ANYRES32, @ANYBLOB="0000000002"], 0x50)

1.6008ms ago: executing program 1 (id=1265):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
syz_io_uring_setup(0x520f, 0x0, 0x0, 0x0)
mount$9p_tcp(0x0, &(0x7f0000000040)='./cgroup\x00', 0x0, 0x4000, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=tcp,port=0x0000000000004e21,privport'])
syz_io_uring_setup(0x10a, &(0x7f0000000140)={0x0, 0x5883, 0x8, 0x0, 0xfffffdfc}, &(0x7f0000000040), &(0x7f0000000280))

0s ago: executing program 1 (id=1266):
r0 = socket(0x11, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'gre0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2}, 0x14)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000440)=ANY=[@ANYBLOB="02017d29012918000e3580009f0001140000002f0600ac141414e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0aba61f6304a80500ffffca88faca"], 0xdd12}], 0x1}, 0x0)

kernel console output (not intermixed with test programs):

op2): shut down requested (0)
[   59.474146][ T4921] loop1: detected capacity change from 0 to 256
[   59.481602][ T4921] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   59.493340][ T4921] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[   59.501980][ T4921] FAT-fs (loop1): Filesystem has been set read-only
[   59.513208][ T4912] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   59.523785][ T4912] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   59.573745][ T4933] loop2: detected capacity change from 0 to 1024
[   59.581380][ T4934] loop3: detected capacity change from 0 to 128
[   59.601990][ T4933] EXT4-fs: Ignoring removed orlov option
[   59.746535][ T4960] loop2: detected capacity change from 0 to 512
[   59.766327][ T4960] ext4 filesystem being mounted at /115/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   59.830744][ T4960] EXT4-fs (loop2): shut down requested (0)
[   59.846050][ T4969] netlink: 240 bytes leftover after parsing attributes in process `syz.0.560'.
[   59.862287][ T4960] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   59.871549][ T4960] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   59.887341][ T4972] pim6reg: entered allmulticast mode
[   59.896505][ T4972] pim6reg: left allmulticast mode
[   59.906053][ T4974] loop2: detected capacity change from 0 to 256
[   59.913590][ T4974] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   59.927096][ T4974] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[   59.935728][ T4974] FAT-fs (loop2): Filesystem has been set read-only
[   60.005794][ T4994] netlink: 'syz.1.576': attribute type 1 has an invalid length.
[   60.102866][ T5010] loop1: detected capacity change from 0 to 512
[   60.113118][ T5012] loop2: detected capacity change from 0 to 512
[   60.129067][ T5012] ext4 filesystem being mounted at /118/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.134470][ T5010] ext4 filesystem being mounted at /98/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.163011][ T5010] EXT4-fs (loop1): shut down requested (0)
[   60.172807][ T5010] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[   60.181802][ T5010] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[   60.212916][ T5022] loop0: detected capacity change from 0 to 128
[   60.220452][ T5022] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   60.240876][ T5028] FAULT_INJECTION: forcing a failure.
[   60.240876][ T5028] name failslab, interval 1, probability 0, space 0, times 0
[   60.253651][ T5028] CPU: 0 UID: 0 PID: 5028 Comm: syz.1.589 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   60.253697][ T5028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   60.253781][ T5028] Call Trace:
[   60.253790][ T5028]  <TASK>
[   60.253799][ T5028]  __dump_stack+0x1d/0x30
[   60.253826][ T5028]  dump_stack_lvl+0xe8/0x140
[   60.253846][ T5028]  dump_stack+0x15/0x1b
[   60.253861][ T5028]  should_fail_ex+0x265/0x280
[   60.253978][ T5028]  should_failslab+0x8c/0xb0
[   60.254008][ T5028]  kmem_cache_alloc_noprof+0x50/0x310
[   60.254044][ T5028]  ? getname_flags+0x80/0x3b0
[   60.254140][ T5028]  getname_flags+0x80/0x3b0
[   60.254212][ T5028]  user_path_at+0x28/0x130
[   60.254357][ T5028]  __se_sys_pivot_root+0xd0/0x710
[   60.254387][ T5028]  __x64_sys_pivot_root+0x31/0x40
[   60.254414][ T5028]  x64_sys_call+0x144/0x2ff0
[   60.254507][ T5028]  do_syscall_64+0xd2/0x200
[   60.254537][ T5028]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   60.254561][ T5028]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   60.254588][ T5028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.254689][ T5028] RIP: 0033:0x7ff4c83aeb69
[   60.254706][ T5028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.254771][ T5028] RSP: 002b:00007ff4c6a0f038 EFLAGS: 00000246 ORIG_RAX: 000000000000009b
[   60.254795][ T5028] RAX: ffffffffffffffda RBX: 00007ff4c85d5fa0 RCX: 00007ff4c83aeb69
[   60.254811][ T5028] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 00002000000001c0
[   60.254827][ T5028] RBP: 00007ff4c6a0f090 R08: 0000000000000000 R09: 0000000000000000
[   60.254842][ T5028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.254858][ T5028] R13: 0000000000000000 R14: 00007ff4c85d5fa0 R15: 00007ffefdc688a8
[   60.254882][ T5028]  </TASK>
[   60.258490][ T5022] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   60.320876][   T29] kauditd_printk_skb: 170 callbacks suppressed
[   60.320896][   T29] audit: type=1326 audit(1754137963.679:1496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5029 comm="syz.1.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4c83aeb69 code=0x7ffc0000
[   60.435009][ T5032] loop1: detected capacity change from 0 to 256
[   60.468038][   T29] audit: type=1326 audit(1754137963.689:1497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5029 comm="syz.1.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ff4c83aeb69 code=0x7ffc0000
[   60.484483][ T5032] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   60.507627][   T29] audit: type=1326 audit(1754137963.689:1498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5029 comm="syz.1.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4c83aeb69 code=0x7ffc0000
[   60.524862][ T5032] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[   60.541745][   T29] audit: type=1326 audit(1754137963.689:1499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5029 comm="syz.1.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4c83aeb69 code=0x7ffc0000
[   60.550228][ T5032] FAT-fs (loop1): Filesystem has been set read-only
[   60.580267][   T29] audit: type=1326 audit(1754137963.689:1500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5029 comm="syz.1.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7ff4c83aeb69 code=0x7ffc0000
[   60.601734][ T5034] netlink: 240 bytes leftover after parsing attributes in process `syz.2.586'.
[   60.603619][   T29] audit: type=1326 audit(1754137963.719:1501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5029 comm="syz.1.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4c83aeb69 code=0x7ffc0000
[   60.635825][   T29] audit: type=1326 audit(1754137963.719:1502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5029 comm="syz.1.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff4c83aeb69 code=0x7ffc0000
[   60.659328][   T29] audit: type=1326 audit(1754137963.719:1503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5029 comm="syz.1.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4c83aeb69 code=0x7ffc0000
[   60.697611][   T29] audit: type=1400 audit(1754137964.059:1504): avc:  denied  { read } for  pid=5037 comm="syz.0.591" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   60.724113][   T29] audit: type=1400 audit(1754137964.079:1505): avc:  denied  { listen } for  pid=5037 comm="syz.0.591" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   60.817882][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   60.857664][ T5051] SELinux: failed to load policy
[   60.872192][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   60.884148][ T5051] SELinux: failed to load policy
[   60.889311][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   60.910902][ T5051] SELinux: failed to load policy
[   60.917255][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   60.926964][ T5051] SELinux: failed to load policy
[   60.932188][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   60.937434][ T5059] vhci_hcd: invalid port number 96
[   60.947433][ T5059] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   60.954173][ T5051] SELinux: failed to load policy
[   60.959633][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   60.970747][ T5051] SELinux: failed to load policy
[   60.975923][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   60.986907][ T5051] SELinux: failed to load policy
[   60.992045][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   61.001805][ T5051] SELinux: failed to load policy
[   61.008098][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   61.017945][ T5051] SELinux: failed to load policy
[   61.022995][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   61.033573][ T5061] netlink: 24 bytes leftover after parsing attributes in process `syz.0.598'.
[   61.034731][ T5051] SELinux: failed to load policy
[   61.050730][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   61.063265][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   61.073749][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   61.117504][ T5068] netlink: 60 bytes leftover after parsing attributes in process `syz.0.604'.
[   61.121241][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   61.155357][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   61.179402][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   61.207611][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   61.280387][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   61.299705][ T5073] loop4: detected capacity change from 0 to 256
[   61.300348][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   61.317445][ T5073] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   61.346200][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   61.347530][ T5073] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[   61.364487][ T5073] FAT-fs (loop4): Filesystem has been set read-only
[   61.368298][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   61.434027][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   61.469197][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   61.472791][ T5075] FAULT_INJECTION: forcing a failure.
[   61.472791][ T5075] name failslab, interval 1, probability 0, space 0, times 0
[   61.489417][ T5051] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   61.491790][ T5075] CPU: 0 UID: 0 PID: 5075 Comm: syz.1.606 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   61.491828][ T5075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   61.491847][ T5075] Call Trace:
[   61.491857][ T5075]  <TASK>
[   61.491868][ T5075]  __dump_stack+0x1d/0x30
[   61.491896][ T5075]  dump_stack_lvl+0xe8/0x140
[   61.491970][ T5075]  dump_stack+0x15/0x1b
[   61.491992][ T5075]  should_fail_ex+0x265/0x280
[   61.492057][ T5075]  should_failslab+0x8c/0xb0
[   61.492090][ T5075]  __kmalloc_noprof+0xa5/0x3e0
[   61.492128][ T5075]  ? genl_family_rcv_msg_attrs_parse+0x75/0x190
[   61.492167][ T5075]  genl_family_rcv_msg_attrs_parse+0x75/0x190
[   61.492246][ T5075]  genl_family_rcv_msg_doit+0x48/0x1b0
[   61.492279][ T5075]  ? selinux_capable+0x31/0x40
[   61.492314][ T5075]  ? security_capable+0x83/0x90
[   61.492397][ T5075]  ? ns_capable+0x7d/0xb0
[   61.492444][ T5075]  genl_rcv_msg+0x422/0x460
[   61.492475][ T5075]  ? __pfx_nl802154_pre_doit+0x10/0x10
[   61.492506][ T5075]  ? __pfx_nl802154_add_llsec_seclevel+0x10/0x10
[   61.492602][ T5075]  ? __pfx_nl802154_post_doit+0x10/0x10
[   61.492634][ T5075]  netlink_rcv_skb+0x123/0x220
[   61.492740][ T5075]  ? __pfx_genl_rcv_msg+0x10/0x10
[   61.492781][ T5075]  genl_rcv+0x28/0x40
[   61.492808][ T5075]  netlink_unicast+0x5bd/0x690
[   61.492850][ T5075]  netlink_sendmsg+0x58b/0x6b0
[   61.492966][ T5075]  ? __pfx_netlink_sendmsg+0x10/0x10
[   61.493064][ T5075]  __sock_sendmsg+0x142/0x180
[   61.493099][ T5075]  ____sys_sendmsg+0x31e/0x4e0
[   61.493145][ T5075]  ___sys_sendmsg+0x17b/0x1d0
[   61.493229][ T5075]  __x64_sys_sendmsg+0xd4/0x160
[   61.493284][ T5075]  x64_sys_call+0x191e/0x2ff0
[   61.493314][ T5075]  do_syscall_64+0xd2/0x200
[   61.493354][ T5075]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   61.493488][ T5075]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   61.493518][ T5075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.493546][ T5075] RIP: 0033:0x7ff4c83aeb69
[   61.493693][ T5075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.493718][ T5075] RSP: 002b:00007ff4c6a0f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   61.493743][ T5075] RAX: ffffffffffffffda RBX: 00007ff4c85d5fa0 RCX: 00007ff4c83aeb69
[   61.493823][ T5075] RDX: 0000000000000080 RSI: 0000200000000880 RDI: 0000000000000004
[   61.493840][ T5075] RBP: 00007ff4c6a0f090 R08: 0000000000000000 R09: 0000000000000000
[   61.493856][ T5075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.493873][ T5075] R13: 0000000000000000 R14: 00007ff4c85d5fa0 R15: 00007ffefdc688a8
[   61.493905][ T5075]  </TASK>
[   61.861780][ T5094] FAULT_INJECTION: forcing a failure.
[   61.861780][ T5094] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   61.875180][ T5094] CPU: 1 UID: 0 PID: 5094 Comm: syz.4.615 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   61.875325][ T5094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   61.875340][ T5094] Call Trace:
[   61.875348][ T5094]  <TASK>
[   61.875357][ T5094]  __dump_stack+0x1d/0x30
[   61.875383][ T5094]  dump_stack_lvl+0xe8/0x140
[   61.875407][ T5094]  dump_stack+0x15/0x1b
[   61.875426][ T5094]  should_fail_ex+0x265/0x280
[   61.875530][ T5094]  should_fail_alloc_page+0xf2/0x100
[   61.875609][ T5094]  __alloc_frozen_pages_noprof+0xff/0x360
[   61.875730][ T5094]  alloc_pages_mpol+0xb3/0x250
[   61.875768][ T5094]  vma_alloc_folio_noprof+0x1aa/0x300
[   61.875808][ T5094]  handle_mm_fault+0xec2/0x2c20
[   61.875893][ T5094]  ? __rcu_read_lock+0x37/0x50
[   61.875918][ T5094]  ? __pte_offset_map_lock+0x1d4/0x230
[   61.875963][ T5094]  __get_user_pages+0x102e/0x1fa0
[   61.876044][ T5094]  __gup_longterm_locked+0x8f4/0xe60
[   61.876078][ T5094]  ? mntput+0x4b/0x80
[   61.876135][ T5094]  ? terminate_walk+0x27f/0x2a0
[   61.876168][ T5094]  gup_fast_fallback+0x1f5/0x1420
[   61.876209][ T5094]  pin_user_pages_fast+0x5f/0x90
[   61.876239][ T5094]  rds_info_getsockopt+0x160/0x360
[   61.876277][ T5094]  rds_getsockopt+0x2ce/0x3e0
[   61.876310][ T5094]  ? __pfx_rds_getsockopt+0x10/0x10
[   61.876342][ T5094]  do_sock_getsockopt+0x200/0x240
[   61.876383][ T5094]  __x64_sys_getsockopt+0x11e/0x1a0
[   61.876490][ T5094]  x64_sys_call+0x2bc6/0x2ff0
[   61.876516][ T5094]  do_syscall_64+0xd2/0x200
[   61.876624][ T5094]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   61.876697][ T5094]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   61.876723][ T5094]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.876808][ T5094] RIP: 0033:0x7f0fdd9deb69
[   61.876826][ T5094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.876847][ T5094] RSP: 002b:00007f0fdc047038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[   61.876968][ T5094] RAX: ffffffffffffffda RBX: 00007f0fddc05fa0 RCX: 00007f0fdd9deb69
[   61.876983][ T5094] RDX: 0000000000002716 RSI: 0000200000000114 RDI: 0000000000000003
[   61.877052][ T5094] RBP: 00007f0fdc047090 R08: 0000200000000000 R09: 0000000000000000
[   61.877066][ T5094] R10: 0000200000c35fff R11: 0000000000000246 R12: 0000000000000001
[   61.877080][ T5094] R13: 0000000000000000 R14: 00007f0fddc05fa0 R15: 00007ffce7e66768
[   61.877103][ T5094]  </TASK>
[   61.907099][ T5091] loop3: detected capacity change from 0 to 8192
[   61.912443][ T5097] loop1: detected capacity change from 0 to 128
[   62.096285][ T5101] netlink: 'syz.4.617': attribute type 1 has an invalid length.
[   62.170521][ T5104] netlink: 4 bytes leftover after parsing attributes in process `syz.0.618'.
[   62.203101][ T5105] loop4: detected capacity change from 0 to 8192
[   62.220755][ T5108] loop3: detected capacity change from 0 to 128
[   62.229754][ T5108] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   62.237649][ T5108] FAT-fs (loop3): Filesystem has been set read-only
[   62.244464][ T5105]  loop4: p3 p4 < >
[   62.246243][ T5108] syz.3.620: attempt to access beyond end of device
[   62.246243][ T5108] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   62.248490][ T5105] loop4: p3 size 33554432 extends beyond EOD, truncated
[   62.272481][ T5108] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   62.280616][ T5108] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   62.290727][ T5108] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   62.310533][ T5114] loop1: detected capacity change from 0 to 512
[   62.317684][ T5108] syz.3.620: attempt to access beyond end of device
[   62.317684][ T5108] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   62.331581][ T5112] syz.3.620: attempt to access beyond end of device
[   62.331581][ T5112] loop3: rw=0, sector=2065, nr_sectors = 1 limit=128
[   62.335630][ T5114] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843e028, mo2=0002]
[   62.344990][ T5112] Buffer I/O error on dev loop3, logical block 2065, async page read
[   62.352932][ T5114] System zones: 1-12
[   62.367175][ T5108] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   62.375119][ T5108] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   62.383121][ T5112] syz.3.620: attempt to access beyond end of device
[   62.383121][ T5112] loop3: rw=0, sector=2066, nr_sectors = 1 limit=128
[   62.396357][ T5112] Buffer I/O error on dev loop3, logical block 2066, async page read
[   62.398842][ T5114] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.622: invalid indirect mapped block 8 (level 2)
[   62.404751][ T5112] syz.3.620: attempt to access beyond end of device
[   62.404751][ T5112] loop3: rw=0, sector=2067, nr_sectors = 1 limit=128
[   62.430787][ T5112] Buffer I/O error on dev loop3, logical block 2067, async page read
[   62.438986][ T5112] syz.3.620: attempt to access beyond end of device
[   62.438986][ T5112] loop3: rw=0, sector=2068, nr_sectors = 1 limit=128
[   62.447252][ T5114] EXT4-fs (loop1): Remounting filesystem read-only
[   62.452403][ T5112] Buffer I/O error on dev loop3, logical block 2068, async page read
[   62.469835][ T5112] syz.3.620: attempt to access beyond end of device
[   62.469835][ T5112] loop3: rw=0, sector=2069, nr_sectors = 1 limit=128
[   62.483113][ T5112] Buffer I/O error on dev loop3, logical block 2069, async page read
[   62.491341][ T5112] syz.3.620: attempt to access beyond end of device
[   62.491341][ T5112] loop3: rw=0, sector=2070, nr_sectors = 1 limit=128
[   62.504586][ T5112] Buffer I/O error on dev loop3, logical block 2070, async page read
[   62.507110][ T5114] EXT4-fs (loop1): 1 truncate cleaned up
[   62.512682][ T5112] syz.3.620: attempt to access beyond end of device
[   62.512682][ T5112] loop3: rw=0, sector=2071, nr_sectors = 1 limit=128
[   62.531543][ T5112] Buffer I/O error on dev loop3, logical block 2071, async page read
[   62.541307][ T5125] netlink: 'syz.4.626': attribute type 1 has an invalid length.
[   62.542333][ T5112] syz.3.620: attempt to access beyond end of device
[   62.542333][ T5112] loop3: rw=0, sector=2072, nr_sectors = 1 limit=128
[   62.549034][ T5125] netlink: 199820 bytes leftover after parsing attributes in process `syz.4.626'.
[   62.563934][ T5125] netlink: 8 bytes leftover after parsing attributes in process `syz.4.626'.
[   62.571843][ T5112] Buffer I/O error on dev loop3, logical block 2072, async page read
[   62.588999][ T5108] Buffer I/O error on dev loop3, logical block 2065, async page read
[   62.601069][ T5108] Buffer I/O error on dev loop3, logical block 2066, async page read
[   62.685909][ T5131] loop0: detected capacity change from 0 to 512
[   62.694298][ T5131] EXT4-fs: inline encryption not supported
[   62.702688][ T5131] EXT4-fs: Ignoring removed nobh option
[   62.712678][ T5131] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   62.724330][ T5131] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[   62.734686][ T5131] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.629: Corrupt directory, running e2fsck is recommended
[   62.753988][ T5131] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[   62.763144][ T5131] EXT4-fs error (device loop0): ext4_iget_extra_inode:5104: inode #15: comm syz.0.629: corrupted in-inode xattr: invalid ea_ino
[   62.825222][ T5131] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.629: couldn't read orphan inode 15 (err -117)
[   62.851018][ T5139] netlink: 'syz.4.632': attribute type 12 has an invalid length.
[   62.858884][ T5139] netlink: 132 bytes leftover after parsing attributes in process `syz.4.632'.
[   62.901855][ T5131] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   62.913409][ T5131] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[   62.923534][ T5131] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.629: Corrupt directory, running e2fsck is recommended
[   62.985432][ T5141] loop2: detected capacity change from 0 to 512
[   63.065472][ T5141] ext4 filesystem being mounted at /124/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.109341][ T5141] EXT4-fs (loop2): shut down requested (0)
[   63.134842][ T5141] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   63.159266][ T5131] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   63.170908][ T5131] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[   63.181143][ T5131] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.629: Corrupt directory, running e2fsck is recommended
[   63.204117][ T5141] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   63.293295][ T5137] siw: device registration error -23
[   63.336581][ T5160] FAULT_INJECTION: forcing a failure.
[   63.336581][ T5160] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   63.349787][ T5160] CPU: 0 UID: 0 PID: 5160 Comm: syz.1.640 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   63.349827][ T5160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   63.349840][ T5160] Call Trace:
[   63.349846][ T5160]  <TASK>
[   63.349855][ T5160]  __dump_stack+0x1d/0x30
[   63.349879][ T5160]  dump_stack_lvl+0xe8/0x140
[   63.349900][ T5160]  dump_stack+0x15/0x1b
[   63.349917][ T5160]  should_fail_ex+0x265/0x280
[   63.349957][ T5160]  should_fail+0xb/0x20
[   63.349988][ T5160]  should_fail_usercopy+0x1a/0x20
[   63.350008][ T5160]  _copy_from_user+0x1c/0xb0
[   63.350053][ T5160]  __sys_sendto+0x19e/0x330
[   63.350096][ T5160]  __x64_sys_sendto+0x76/0x90
[   63.350208][ T5160]  x64_sys_call+0x2d05/0x2ff0
[   63.350237][ T5160]  do_syscall_64+0xd2/0x200
[   63.350262][ T5160]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   63.350334][ T5160]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   63.350356][ T5160]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.350379][ T5160] RIP: 0033:0x7ff4c83aeb69
[   63.350396][ T5160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.350428][ T5160] RSP: 002b:00007ff4c6a0f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   63.350448][ T5160] RAX: ffffffffffffffda RBX: 00007ff4c85d5fa0 RCX: 00007ff4c83aeb69
[   63.350462][ T5160] RDX: 000000000000ffe0 RSI: 0000200000000100 RDI: 0000000000000006
[   63.350475][ T5160] RBP: 00007ff4c6a0f090 R08: 0000200000000140 R09: 000000000000001c
[   63.350489][ T5160] R10: 000000002000c851 R11: 0000000000000246 R12: 0000000000000001
[   63.350502][ T5160] R13: 0000000000000000 R14: 00007ff4c85d5fa0 R15: 00007ffefdc688a8
[   63.350533][ T5160]  </TASK>
[   63.548461][ T5162] FAULT_INJECTION: forcing a failure.
[   63.548461][ T5162] name failslab, interval 1, probability 0, space 0, times 0
[   63.561161][ T5162] CPU: 0 UID: 0 PID: 5162 Comm: syz.2.642 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   63.561205][ T5162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   63.561221][ T5162] Call Trace:
[   63.561228][ T5162]  <TASK>
[   63.561237][ T5162]  __dump_stack+0x1d/0x30
[   63.561327][ T5162]  dump_stack_lvl+0xe8/0x140
[   63.561411][ T5162]  dump_stack+0x15/0x1b
[   63.561428][ T5162]  should_fail_ex+0x265/0x280
[   63.561463][ T5162]  should_failslab+0x8c/0xb0
[   63.561489][ T5162]  __kmalloc_noprof+0xa5/0x3e0
[   63.561593][ T5162]  ? bpf_prog_bind_map+0x2cc/0x590
[   63.561653][ T5162]  bpf_prog_bind_map+0x2cc/0x590
[   63.561687][ T5162]  __sys_bpf+0x73c/0x7b0
[   63.561778][ T5162]  __x64_sys_bpf+0x41/0x50
[   63.561802][ T5162]  x64_sys_call+0x2aea/0x2ff0
[   63.561823][ T5162]  do_syscall_64+0xd2/0x200
[   63.561846][ T5162]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   63.561870][ T5162]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   63.561961][ T5162]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.561982][ T5162] RIP: 0033:0x7fe349cbeb69
[   63.561998][ T5162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.562068][ T5162] RSP: 002b:00007fe348327038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   63.562087][ T5162] RAX: ffffffffffffffda RBX: 00007fe349ee5fa0 RCX: 00007fe349cbeb69
[   63.562099][ T5162] RDX: 000000000000000c RSI: 0000200000000040 RDI: 0000000000000023
[   63.562184][ T5162] RBP: 00007fe348327090 R08: 0000000000000000 R09: 0000000000000000
[   63.562196][ T5162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   63.562208][ T5162] R13: 0000000000000000 R14: 00007fe349ee5fa0 R15: 00007ffd883e7688
[   63.562228][ T5162]  </TASK>
[   63.771069][ T5167] netlink: 4 bytes leftover after parsing attributes in process `syz.0.643'.
[   63.787309][ T5171] netlink: 'syz.1.644': attribute type 1 has an invalid length.
[   63.805724][ T5173] loop4: detected capacity change from 0 to 512
[   63.853308][ T5180] FAULT_INJECTION: forcing a failure.
[   63.853308][ T5180] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   63.866535][ T5180] CPU: 0 UID: 0 PID: 5180 Comm: syz.0.648 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   63.866605][ T5180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   63.866621][ T5180] Call Trace:
[   63.866629][ T5180]  <TASK>
[   63.866637][ T5180]  __dump_stack+0x1d/0x30
[   63.866659][ T5180]  dump_stack_lvl+0xe8/0x140
[   63.866678][ T5180]  dump_stack+0x15/0x1b
[   63.866779][ T5180]  should_fail_ex+0x265/0x280
[   63.866876][ T5180]  should_fail+0xb/0x20
[   63.866909][ T5180]  should_fail_usercopy+0x1a/0x20
[   63.866976][ T5180]  _copy_from_user+0x1c/0xb0
[   63.867051][ T5180]  ___sys_sendmsg+0xc1/0x1d0
[   63.867109][ T5180]  __x64_sys_sendmsg+0xd4/0x160
[   63.867147][ T5180]  x64_sys_call+0x191e/0x2ff0
[   63.867210][ T5180]  do_syscall_64+0xd2/0x200
[   63.867310][ T5180]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   63.867342][ T5180]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   63.867370][ T5180]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.867392][ T5180] RIP: 0033:0x7efdee0beb69
[   63.867407][ T5180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.867427][ T5180] RSP: 002b:00007efdec727038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   63.867450][ T5180] RAX: ffffffffffffffda RBX: 00007efdee2e5fa0 RCX: 00007efdee0beb69
[   63.867466][ T5180] RDX: 0000000000000000 RSI: 0000200000000700 RDI: 0000000000000005
[   63.867481][ T5180] RBP: 00007efdec727090 R08: 0000000000000000 R09: 0000000000000000
[   63.867492][ T5180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   63.867503][ T5180] R13: 0000000000000000 R14: 00007efdee2e5fa0 R15: 00007ffd3a675258
[   63.867520][ T5180]  </TASK>
[   64.122664][ T5197] FAULT_INJECTION: forcing a failure.
[   64.122664][ T5197] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   64.135878][ T5197] CPU: 0 UID: 0 PID: 5197 Comm: syz.4.657 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   64.135912][ T5197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   64.135925][ T5197] Call Trace:
[   64.135934][ T5197]  <TASK>
[   64.135942][ T5197]  __dump_stack+0x1d/0x30
[   64.135964][ T5197]  dump_stack_lvl+0xe8/0x140
[   64.135983][ T5197]  dump_stack+0x15/0x1b
[   64.136067][ T5197]  should_fail_ex+0x265/0x280
[   64.136102][ T5197]  should_fail+0xb/0x20
[   64.136132][ T5197]  should_fail_usercopy+0x1a/0x20
[   64.136231][ T5197]  _copy_to_user+0x20/0xa0
[   64.136257][ T5197]  con_get_cmap+0x107/0x150
[   64.136290][ T5197]  vt_ioctl+0x100d/0x1880
[   64.136363][ T5197]  ? tty_jobctrl_ioctl+0x29e/0x810
[   64.136456][ T5197]  tty_ioctl+0x7de/0xb80
[   64.136486][ T5197]  ? __pfx_tty_ioctl+0x10/0x10
[   64.136540][ T5197]  __se_sys_ioctl+0xcb/0x140
[   64.136575][ T5197]  __x64_sys_ioctl+0x43/0x50
[   64.136608][ T5197]  x64_sys_call+0x1816/0x2ff0
[   64.136679][ T5197]  do_syscall_64+0xd2/0x200
[   64.136703][ T5197]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   64.136725][ T5197]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.136803][ T5197] RIP: 0033:0x7f0fdd9deb69
[   64.136818][ T5197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.136836][ T5197] RSP: 002b:00007f0fdc047038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   64.136855][ T5197] RAX: ffffffffffffffda RBX: 00007f0fddc05fa0 RCX: 00007f0fdd9deb69
[   64.136867][ T5197] RDX: 0000200000000040 RSI: 0000000000004b70 RDI: 0000000000000003
[   64.136880][ T5197] RBP: 00007f0fdc047090 R08: 0000000000000000 R09: 0000000000000000
[   64.136969][ T5197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   64.136981][ T5197] R13: 0000000000000000 R14: 00007f0fddc05fa0 R15: 00007ffce7e66768
[   64.137000][ T5197]  </TASK>
[   64.145827][ T5201] FAULT_INJECTION: forcing a failure.
[   64.145827][ T5201] name failslab, interval 1, probability 0, space 0, times 0
[   64.341276][ T5207] loop4: detected capacity change from 0 to 256
[   64.341938][ T5201] CPU: 0 UID: 0 PID: 5201 Comm: syz.1.651 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   64.342036][ T5201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   64.342052][ T5201] Call Trace:
[   64.342062][ T5201]  <TASK>
[   64.342075][ T5201]  __dump_stack+0x1d/0x30
[   64.342104][ T5201]  dump_stack_lvl+0xe8/0x140
[   64.342188][ T5201]  dump_stack+0x15/0x1b
[   64.342210][ T5201]  should_fail_ex+0x265/0x280
[   64.342256][ T5201]  should_failslab+0x8c/0xb0
[   64.342290][ T5201]  kmem_cache_alloc_node_noprof+0x57/0x320
[   64.342335][ T5201]  ? __alloc_skb+0x101/0x320
[   64.342375][ T5201]  __alloc_skb+0x101/0x320
[   64.342410][ T5201]  ? audit_log_start+0x365/0x6c0
[   64.342462][ T5201]  audit_log_start+0x380/0x6c0
[   64.342544][ T5201]  audit_seccomp+0x48/0x100
[   64.342578][ T5201]  ? __seccomp_filter+0x68c/0x10d0
[   64.342608][ T5201]  __seccomp_filter+0x69d/0x10d0
[   64.342705][ T5201]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   64.342742][ T5201]  ? vfs_write+0x75e/0x8e0
[   64.342771][ T5201]  ? __rcu_read_unlock+0x4f/0x70
[   64.342818][ T5201]  ? __fget_files+0x184/0x1c0
[   64.342868][ T5201]  __secure_computing+0x82/0x150
[   64.342942][ T5201]  syscall_trace_enter+0xcf/0x1e0
[   64.343029][ T5201]  do_syscall_64+0xac/0x200
[   64.343063][ T5201]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   64.343095][ T5201]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   64.343180][ T5201]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.343215][ T5201] RIP: 0033:0x7ff4c83aeb69
[   64.343235][ T5201] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.343260][ T5201] RSP: 002b:00007ff4c66ed038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[   64.343286][ T5201] RAX: ffffffffffffffda RBX: 00007ff4c85d6080 RCX: 00007ff4c83aeb69
[   64.343324][ T5201] RDX: 0000000000000000 RSI: 000000000000f4ff RDI: ffffffff80000101
[   64.343377][ T5201] RBP: 00007ff4c66ed090 R08: 0000000000000000 R09: 0000000000000000
[   64.343394][ T5201] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   64.343411][ T5201] R13: 0000000000000000 R14: 00007ff4c85d6080 R15: 00007ffefdc688a8
[   64.343439][ T5201]  </TASK>
[   64.577259][ T5207] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   64.591107][ T5206] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[   64.599757][ T5206] FAT-fs (loop4): Filesystem has been set read-only
[   64.676730][ T5215] netlink: 'syz.3.662': attribute type 1 has an invalid length.
[   64.714985][ T5217] netlink: 36 bytes leftover after parsing attributes in process `syz.3.663'.
[   64.782491][ T5225] FAULT_INJECTION: forcing a failure.
[   64.782491][ T5225] name failslab, interval 1, probability 0, space 0, times 0
[   64.795333][ T5225] CPU: 0 UID: 0 PID: 5225 Comm: syz.3.667 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   64.795442][ T5225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   64.795455][ T5225] Call Trace:
[   64.795462][ T5225]  <TASK>
[   64.795470][ T5225]  __dump_stack+0x1d/0x30
[   64.795495][ T5225]  dump_stack_lvl+0xe8/0x140
[   64.795519][ T5225]  dump_stack+0x15/0x1b
[   64.795540][ T5225]  should_fail_ex+0x265/0x280
[   64.795645][ T5225]  should_failslab+0x8c/0xb0
[   64.795729][ T5225]  __kmalloc_noprof+0xa5/0x3e0
[   64.795764][ T5225]  ? kernfs_fop_read_iter+0xd9/0x300
[   64.795805][ T5225]  kernfs_fop_read_iter+0xd9/0x300
[   64.795974][ T5225]  do_iter_readv_writev+0x421/0x4c0
[   64.796010][ T5225]  vfs_readv+0x1ea/0x690
[   64.796056][ T5225]  ? mutex_lock+0xd/0x30
[   64.796107][ T5225]  do_readv+0xe7/0x210
[   64.796143][ T5225]  __x64_sys_readv+0x45/0x50
[   64.796172][ T5225]  x64_sys_call+0x29f8/0x2ff0
[   64.796228][ T5225]  do_syscall_64+0xd2/0x200
[   64.796257][ T5225]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   64.796287][ T5225]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   64.796314][ T5225]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.796341][ T5225] RIP: 0033:0x7f77e476eb69
[   64.796412][ T5225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.796492][ T5225] RSP: 002b:00007f77e2dd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[   64.796514][ T5225] RAX: ffffffffffffffda RBX: 00007f77e4995fa0 RCX: 00007f77e476eb69
[   64.796526][ T5225] RDX: 0000000000000001 RSI: 0000200000000400 RDI: 0000000000000003
[   64.796538][ T5225] RBP: 00007f77e2dd7090 R08: 0000000000000000 R09: 0000000000000000
[   64.796549][ T5225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   64.796560][ T5225] R13: 0000000000000000 R14: 00007f77e4995fa0 R15: 00007fffa239d448
[   64.796578][ T5225]  </TASK>
[   65.051171][ T5237] FAULT_INJECTION: forcing a failure.
[   65.051171][ T5237] name failslab, interval 1, probability 0, space 0, times 0
[   65.064001][ T5237] CPU: 0 UID: 0 PID: 5237 Comm: syz.0.671 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   65.064109][ T5237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   65.064121][ T5237] Call Trace:
[   65.064126][ T5237]  <TASK>
[   65.064141][ T5237]  __dump_stack+0x1d/0x30
[   65.064162][ T5237]  dump_stack_lvl+0xe8/0x140
[   65.064225][ T5237]  dump_stack+0x15/0x1b
[   65.064240][ T5237]  should_fail_ex+0x265/0x280
[   65.064276][ T5237]  ? resv_map_alloc+0x57/0x190
[   65.064324][ T5237]  should_failslab+0x8c/0xb0
[   65.064353][ T5237]  __kmalloc_cache_noprof+0x4c/0x320
[   65.064384][ T5237]  resv_map_alloc+0x57/0x190
[   65.064412][ T5237]  hugetlbfs_get_inode+0x67/0x370
[   65.064459][ T5237]  hugetlb_file_setup+0x192/0x3d0
[   65.064488][ T5237]  ksys_mmap_pgoff+0x157/0x310
[   65.064531][ T5237]  x64_sys_call+0x14a3/0x2ff0
[   65.064556][ T5237]  do_syscall_64+0xd2/0x200
[   65.064598][ T5235] loop3: detected capacity change from 0 to 1024
[   65.064613][ T5237]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   65.064700][ T5237]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   65.064773][ T5237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.064803][ T5237] RIP: 0033:0x7efdee0beb69
[   65.064826][ T5237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.064851][ T5237] RSP: 002b:00007efdec727038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   65.064934][ T5237] RAX: ffffffffffffffda RBX: 00007efdee2e5fa0 RCX: 00007efdee0beb69
[   65.064951][ T5237] RDX: 000000000300000c RSI: 0000000000c00000 RDI: 0000200000400000
[   65.064968][ T5237] RBP: 00007efdec727090 R08: ffffffffffffffff R09: 0000000000000000
[   65.065006][ T5237] R10: 0000000000051031 R11: 0000000000000246 R12: 0000000000000001
[   65.065023][ T5237] R13: 0000000000000000 R14: 00007efdee2e5fa0 R15: 00007ffd3a675258
[   65.065049][ T5237]  </TASK>
[   65.080591][ T5241] netlink: 'syz.4.674': attribute type 1 has an invalid length.
[   65.218335][ T5235] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28
[   65.274438][ T5235] EXT4-fs (loop3): This should not happen!! Data will be lost
[   65.274438][ T5235] 
[   65.284192][ T5235] EXT4-fs (loop3): Total free blocks count 0
[   65.290191][ T5235] EXT4-fs (loop3): Free/Dirty block details
[   65.296135][ T5235] EXT4-fs (loop3): free_blocks=0
[   65.301150][ T5235] EXT4-fs (loop3): dirty_blocks=0
[   65.306187][ T5235] EXT4-fs (loop3): Block reservation details
[   65.312244][ T5235] EXT4-fs (loop3): i_reserved_data_blocks=0
[   65.318910][ T5244] FAULT_INJECTION: forcing a failure.
[   65.318910][ T5244] name failslab, interval 1, probability 0, space 0, times 0
[   65.331572][ T5244] CPU: 1 UID: 0 PID: 5244 Comm: syz.1.676 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   65.331641][ T5244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   65.331654][ T5244] Call Trace:
[   65.331660][ T5244]  <TASK>
[   65.331666][ T5244]  __dump_stack+0x1d/0x30
[   65.331750][ T5244]  dump_stack_lvl+0xe8/0x140
[   65.331838][ T5244]  dump_stack+0x15/0x1b
[   65.331858][ T5244]  should_fail_ex+0x265/0x280
[   65.331891][ T5244]  should_failslab+0x8c/0xb0
[   65.331938][ T5244]  __kmalloc_noprof+0xa5/0x3e0
[   65.332046][ T5244]  ? ip_options_get+0x52/0x350
[   65.332074][ T5244]  ip_options_get+0x52/0x350
[   65.332102][ T5244]  do_ip_setsockopt+0x19d4/0x2240
[   65.332136][ T5244]  ip_setsockopt+0x58/0x110
[   65.332242][ T5244]  ipv6_setsockopt+0xfb/0x130
[   65.332284][ T5244]  tcp_setsockopt+0x95/0xb0
[   65.332318][ T5244]  sock_common_setsockopt+0x66/0x80
[   65.332411][ T5244]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   65.332480][ T5244]  __sys_setsockopt+0x181/0x200
[   65.332544][ T5244]  __x64_sys_setsockopt+0x64/0x80
[   65.332666][ T5244]  x64_sys_call+0x20ec/0x2ff0
[   65.332694][ T5244]  do_syscall_64+0xd2/0x200
[   65.332728][ T5244]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   65.332757][ T5244]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   65.332779][ T5244]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.332881][ T5244] RIP: 0033:0x7ff4c83aeb69
[   65.332901][ T5244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.332923][ T5244] RSP: 002b:00007ff4c6a0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   65.332943][ T5244] RAX: ffffffffffffffda RBX: 00007ff4c85d5fa0 RCX: 00007ff4c83aeb69
[   65.332955][ T5244] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003
[   65.332966][ T5244] RBP: 00007ff4c6a0f090 R08: 0000000000000000 R09: 0000000000000000
[   65.332977][ T5244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   65.332988][ T5244] R13: 0000000000000000 R14: 00007ff4c85d5fa0 R15: 00007ffefdc688a8
[   65.333080][ T5244]  </TASK>
[   65.333118][   T29] kauditd_printk_skb: 141 callbacks suppressed
[   65.333129][   T29] audit: type=1326 audit(1754137968.689:1645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5234 comm="syz.3.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e476eb69 code=0x7ffc0000
[   65.379737][   T29] audit: type=1326 audit(1754137968.689:1646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5234 comm="syz.3.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e476eb69 code=0x7ffc0000
[   65.607618][ T5260] netlink: 48 bytes leftover after parsing attributes in process `syz.0.681'.
[   65.621927][ T5260] random: crng reseeded on system resumption
[   65.629509][   T29] audit: type=1400 audit(1754137968.979:1647): avc:  denied  { append } for  pid=5258 comm="syz.0.681" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   65.652648][   T29] audit: type=1400 audit(1754137968.979:1648): avc:  denied  { open } for  pid=5258 comm="syz.0.681" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   65.677546][   T29] audit: type=1400 audit(1754137968.989:1649): avc:  denied  { ioctl } for  pid=5258 comm="syz.0.681" path="socket:[10971]" dev="sockfs" ino=10971 ioctlcmd=0x4944 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[   65.718903][ T5264] loop1: detected capacity change from 0 to 164
[   65.761343][ T5268] loop4: detected capacity change from 0 to 512
[   65.797841][ T5268] ext4 filesystem being mounted at /153/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.839099][ T5264] Unsupported NM flag settings (8)
[   65.910037][   T29] audit: type=1326 audit(1754137969.269:1650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5278 comm="syz.3.688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e476eb69 code=0x7ffc0000
[   65.933558][   T29] audit: type=1326 audit(1754137969.269:1651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5277 comm="syz.1.687" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff4c83aeb69 code=0x0
[   65.956560][   T29] audit: type=1326 audit(1754137969.269:1652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5278 comm="syz.3.688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e476eb69 code=0x7ffc0000
[   65.979965][   T29] audit: type=1326 audit(1754137969.269:1653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5278 comm="syz.3.688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f77e476eb69 code=0x7ffc0000
[   66.003257][   T29] audit: type=1326 audit(1754137969.269:1654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5278 comm="syz.3.688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e476eb69 code=0x7ffc0000
[   66.056977][ T5285] loop3: detected capacity change from 0 to 512
[   66.078022][ T5285] ext4 filesystem being mounted at /120/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.092644][ T5285] EXT4-fs (loop3): shut down requested (0)
[   66.108750][ T5285] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[   66.131330][ T5285] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[   66.212328][ T5301] netlink: 4 bytes leftover after parsing attributes in process `syz.3.694'.
[   66.306656][ T5308] netlink: 36 bytes leftover after parsing attributes in process `syz.4.698'.
[   66.315639][ T5308] netlink: 16 bytes leftover after parsing attributes in process `syz.4.698'.
[   66.376810][ T5318] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   66.376810][ T5318]    program syz.0.711 not setting count and/or reply_len properly
[   66.397060][ T5316] random: crng reseeded on system resumption
[   66.426124][ T5318] tunl0: entered promiscuous mode
[   66.456483][ T5318] netlink: 'syz.0.711': attribute type 1 has an invalid length.
[   66.563001][ T5339] loop4: detected capacity change from 0 to 128
[   66.593290][ T5339] ext4 filesystem being mounted at /159/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   66.608323][ T5345] loop3: detected capacity change from 0 to 512
[   66.638308][ T5345] ext4 filesystem being mounted at /126/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.659277][ T3365] IPVS: starting estimator thread 0...
[   66.669589][ T5345] EXT4-fs (loop3): shut down requested (0)
[   66.682221][ T5345] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[   66.692594][ T5345] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[   66.695275][ T5348] IPVS: lblc: SCTP 172.20.20.187:0 - no destination available
[   66.734529][ T5360] loop2: detected capacity change from 0 to 1024
[   66.741291][ T5360] EXT4-fs: Ignoring removed orlov option
[   66.768886][ T5354] IPVS: using max 2352 ests per chain, 117600 per kthread
[   66.807483][ T5370] loop2: detected capacity change from 0 to 256
[   66.882055][ T5370] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   66.898968][ T5370] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[   66.907696][ T5370] FAT-fs (loop2): Filesystem has been set read-only
[   66.994120][ T3365] IPVS: starting estimator thread 0...
[   67.010498][ T5388] IPVS: lblc: SCTP 172.20.20.187:0 - no destination available
[   67.014386][ T5394] loop1: detected capacity change from 0 to 512
[   67.056234][ T5394] ext4 filesystem being mounted at /123/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.071277][ T5394] EXT4-fs (loop1): shut down requested (0)
[   67.092176][ T5404] netlink: 'syz.0.739': attribute type 1 has an invalid length.
[   67.103439][ T5394] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[   67.112482][ T5389] IPVS: using max 2304 ests per chain, 115200 per kthread
[   67.129144][ T5394] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[   67.169457][ T5412] loop4: detected capacity change from 0 to 512
[   67.186760][ T5412] ext4 filesystem being mounted at /169/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.224088][ T5412] EXT4-fs (loop4): shut down requested (0)
[   67.254147][ T5412] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[   67.263025][ T5412] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[   67.283048][ T5422] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   67.283048][ T5422]    program syz.2.747 not setting count and/or reply_len properly
[   67.353408][ T5427] loop4: detected capacity change from 0 to 256
[   67.361987][ T5427] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   67.397422][ T5427] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[   67.406046][ T5427] FAT-fs (loop4): Filesystem has been set read-only
[   67.406419][ T5433] loop1: detected capacity change from 0 to 1024
[   67.413408][ T5431] netlink: 'syz.2.751': attribute type 1 has an invalid length.
[   67.421330][ T5433] EXT4-fs: Ignoring removed nomblk_io_submit option
[   67.435679][ T5433] ext4: Unknown parameter 'mask'
[   67.453327][ T5423] __nla_validate_parse: 5 callbacks suppressed
[   67.453348][ T5423] netlink: 8 bytes leftover after parsing attributes in process `syz.0.741'.
[   67.468561][ T5423] netlink: 2 bytes leftover after parsing attributes in process `syz.0.741'.
[   67.619438][ T5439] netlink: 488 bytes leftover after parsing attributes in process `syz.2.755'.
[   67.644450][ T5448] loop3: detected capacity change from 0 to 512
[   67.670961][ T5448] ext4 filesystem being mounted at /129/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.725637][ T5448] EXT4-fs (loop3): shut down requested (0)
[   67.759262][ T5448] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[   67.768414][ T5448] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[   67.832025][ T5464] loop1: detected capacity change from 0 to 256
[   67.846096][ T5466] loop3: detected capacity change from 0 to 512
[   67.859052][ T5464] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   67.880877][ T5466] ext4 filesystem being mounted at /130/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.937755][ T5464] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[   67.946490][ T5464] FAT-fs (loop1): Filesystem has been set read-only
[   67.989214][ T5466] EXT4-fs (loop3): shut down requested (0)
[   68.009369][ T5466] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[   68.019552][ T5466] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[   68.148990][ T5474] netlink: 4 bytes leftover after parsing attributes in process `syz.0.767'.
[   68.257928][ T5481] loop3: detected capacity change from 0 to 512
[   68.276241][ T5481] ext4 filesystem being mounted at /133/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.349014][ T5481] netlink: 40 bytes leftover after parsing attributes in process `syz.3.770'.
[   68.440147][ T5488] netlink: 268 bytes leftover after parsing attributes in process `syz.0.773'.
[   68.449837][ T5488] unsupported nla_type 65024
[   68.682279][ T5498] netlink: 36 bytes leftover after parsing attributes in process `syz.2.775'.
[   68.691362][ T5498] netlink: 16 bytes leftover after parsing attributes in process `syz.2.775'.
[   68.698670][ T5500] loop3: detected capacity change from 0 to 512
[   68.700363][ T5498] netlink: 36 bytes leftover after parsing attributes in process `syz.2.775'.
[   68.716573][ T5498] netlink: 36 bytes leftover after parsing attributes in process `syz.2.775'.
[   68.729104][ T5500] ext4 filesystem being mounted at /135/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.747874][ T5500] EXT4-fs (loop3): shut down requested (0)
[   68.759611][ T5500] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[   68.768610][ T5500] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[   68.801492][ T5508] loop2: detected capacity change from 0 to 512
[   68.812880][ T5508] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   68.824489][ T5508] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[   68.834621][ T5508] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.779: Corrupt directory, running e2fsck is recommended
[   68.848442][ T5508] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[   68.852270][ T5511] loop3: detected capacity change from 0 to 256
[   68.858393][ T5508] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.779: corrupted in-inode xattr: invalid ea_ino
[   68.878396][ T5511] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   68.889212][ T5508] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.779: couldn't read orphan inode 15 (err -117)
[   68.892923][ T5506] nfs4: Bad value for 'source'
[   68.903919][ T5511] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[   68.914589][ T5511] FAT-fs (loop3): Filesystem has been set read-only
[   68.922919][ T5508] EXT4-fs mount: 112 callbacks suppressed
[   68.922940][ T5508] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.969510][ T5515] IPVS: lblc: SCTP 172.20.20.187:0 - no destination available
[   68.979755][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.111440][ T5531] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[   69.952334][ T5578] loop4: detected capacity change from 0 to 2048
[   69.994722][ T5578] EXT4-fs (loop4): #clusters per group too big: 151011328
[   70.073702][ T5584] tunl0: left promiscuous mode
[   70.543588][ T5584] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   70.590436][   T29] kauditd_printk_skb: 461 callbacks suppressed
[   70.590456][   T29] audit: type=1326 audit(1754137973.919:2116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5622 comm="syz.0.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdee0beb69 code=0x7ffc0000
[   70.620123][   T29] audit: type=1326 audit(1754137973.919:2117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5622 comm="syz.0.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7efdee0beb69 code=0x7ffc0000
[   70.643456][   T29] audit: type=1326 audit(1754137973.919:2118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5622 comm="syz.0.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdee0beb69 code=0x7ffc0000
[   70.666829][   T29] audit: type=1326 audit(1754137973.919:2119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5622 comm="syz.0.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efdee0beb69 code=0x7ffc0000
[   70.690265][   T29] audit: type=1326 audit(1754137973.919:2120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5622 comm="syz.0.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdee0beb69 code=0x7ffc0000
[   70.713693][   T29] audit: type=1326 audit(1754137973.919:2121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5622 comm="syz.0.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7efdee0beb69 code=0x7ffc0000
[   70.737010][   T29] audit: type=1326 audit(1754137973.919:2122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5622 comm="syz.0.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdee0beb69 code=0x7ffc0000
[   70.760380][   T29] audit: type=1326 audit(1754137973.919:2123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5622 comm="syz.0.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efdee0beb69 code=0x7ffc0000
[   70.783810][   T29] audit: type=1326 audit(1754137973.919:2124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5622 comm="syz.0.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdee0beb69 code=0x7ffc0000
[   70.807263][   T29] audit: type=1326 audit(1754137973.919:2125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5622 comm="syz.0.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efdee0beb69 code=0x7ffc0000
[   70.890413][   T36] IPVS: starting estimator thread 0...
[   70.900101][ T5643] IPVS: lblc: SCTP 172.20.20.187:0 - no destination available
[   70.920996][ T5648] IPVS: lblc: SCTP 172.20.20.187:0 - no destination available
[   70.995104][ T5644] IPVS: using max 1680 ests per chain, 84000 per kthread
[   71.041381][ T5668] bridge_slave_1: left allmulticast mode
[   71.047162][ T5668] bridge_slave_1: left promiscuous mode
[   71.053098][ T5668] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.061401][ T5668] bridge_slave_0: left allmulticast mode
[   71.067138][ T5668] bridge_slave_0: left promiscuous mode
[   71.072863][ T5668] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.099894][ T5676] FAULT_INJECTION: forcing a failure.
[   71.099894][ T5676] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   71.113044][ T5676] CPU: 0 UID: 0 PID: 5676 Comm: syz.0.847 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   71.113143][ T5676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   71.113156][ T5676] Call Trace:
[   71.113163][ T5676]  <TASK>
[   71.113170][ T5676]  __dump_stack+0x1d/0x30
[   71.113208][ T5676]  dump_stack_lvl+0xe8/0x140
[   71.113232][ T5676]  dump_stack+0x15/0x1b
[   71.113253][ T5676]  should_fail_ex+0x265/0x280
[   71.113291][ T5676]  should_fail+0xb/0x20
[   71.113363][ T5676]  should_fail_usercopy+0x1a/0x20
[   71.113384][ T5676]  _copy_from_user+0x1c/0xb0
[   71.113415][ T5676]  memdup_user+0x5e/0xd0
[   71.113454][ T5676]  strndup_user+0x68/0xb0
[   71.113483][ T5676]  __se_sys_request_key+0xea/0x290
[   71.113576][ T5676]  ? fput+0x8f/0xc0
[   71.113616][ T5676]  __x64_sys_request_key+0x55/0x70
[   71.113642][ T5676]  x64_sys_call+0x1d98/0x2ff0
[   71.113739][ T5676]  do_syscall_64+0xd2/0x200
[   71.113764][ T5676]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   71.113787][ T5676]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   71.113830][ T5676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.113851][ T5676] RIP: 0033:0x7efdee0beb69
[   71.113915][ T5676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.113968][ T5676] RSP: 002b:00007efdec727038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9
[   71.113993][ T5676] RAX: ffffffffffffffda RBX: 00007efdee2e5fa0 RCX: 00007efdee0beb69
[   71.114010][ T5676] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000200000000340
[   71.114025][ T5676] RBP: 00007efdec727090 R08: 0000000000000000 R09: 0000000000000000
[   71.114040][ T5676] R10: 00000000387ff0ed R11: 0000000000000246 R12: 0000000000000001
[   71.114081][ T5676] R13: 0000000000000000 R14: 00007efdee2e5fa0 R15: 00007ffd3a675258
[   71.114105][ T5676]  </TASK>
[   71.118198][ T5678] IPVS: lblc: SCTP 172.20.20.187:0 - no destination available
[   71.329945][   T36] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   71.337464][   T36] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   71.345345][   T36] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   71.352786][   T36] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   71.360333][   T36] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   71.367938][   T36] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   71.375438][   T36] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   71.382843][   T36] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   71.390416][   T36] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   71.398087][   T36] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   71.446779][ T5687] netlink: 'syz.2.851': attribute type 9 has an invalid length.
[   71.447143][   T36] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   71.460896][ T3365] hid-generic 0000:FFFFFFFC:0000.0002: item fetching failed at offset 40/43
[   71.475347][ T3365] hid-generic 0000:FFFFFFFC:0000.0002: probe with driver hid-generic failed with error -22
[   71.604954][ T5708] netlink: 'syz.3.860': attribute type 1 has an invalid length.
[   72.052166][ T5751] IPVS: lblc: SCTP 172.20.20.187:0 - no destination available
[   72.055030][ T5753] IPVS: lblc: SCTP 172.20.20.187:0 - no destination available
[   72.156126][ T5765] tmpfs: Bad value for 'size'
[   72.170660][ T5766] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   72.277672][ T5781] FAULT_INJECTION: forcing a failure.
[   72.277672][ T5781] name failslab, interval 1, probability 0, space 0, times 0
[   72.290420][ T5781] CPU: 0 UID: 0 PID: 5781 Comm: syz.0.894 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   72.290468][ T5781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   72.290485][ T5781] Call Trace:
[   72.290494][ T5781]  <TASK>
[   72.290504][ T5781]  __dump_stack+0x1d/0x30
[   72.290598][ T5781]  dump_stack_lvl+0xe8/0x140
[   72.290622][ T5781]  dump_stack+0x15/0x1b
[   72.290652][ T5781]  should_fail_ex+0x265/0x280
[   72.290685][ T5781]  should_failslab+0x8c/0xb0
[   72.290716][ T5781]  kmem_cache_alloc_noprof+0x50/0x310
[   72.290751][ T5781]  ? alloc_vfsmnt+0x2d/0x300
[   72.290832][ T5781]  alloc_vfsmnt+0x2d/0x300
[   72.290860][ T5781]  clone_mnt+0x46/0x630
[   72.290938][ T5781]  copy_tree+0x2cd/0x8c0
[   72.290966][ T5781]  copy_mnt_ns+0x120/0x5c0
[   72.291000][ T5781]  ? kmem_cache_alloc_noprof+0x220/0x310
[   72.291025][ T5781]  ? create_new_namespaces+0x3c/0x3d0
[   72.291096][ T5781]  create_new_namespaces+0x83/0x3d0
[   72.291136][ T5781]  unshare_nsproxy_namespaces+0xe8/0x120
[   72.291215][ T5781]  ksys_unshare+0x3d0/0x6d0
[   72.291250][ T5781]  ? ksys_write+0x192/0x1a0
[   72.291280][ T5781]  __x64_sys_unshare+0x1f/0x30
[   72.291316][ T5781]  x64_sys_call+0x2911/0x2ff0
[   72.291415][ T5781]  do_syscall_64+0xd2/0x200
[   72.291496][ T5781]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   72.291527][ T5781]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   72.291548][ T5781]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.291568][ T5781] RIP: 0033:0x7efdee0beb69
[   72.291583][ T5781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.291632][ T5781] RSP: 002b:00007efdec727038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[   72.291655][ T5781] RAX: ffffffffffffffda RBX: 00007efdee2e5fa0 RCX: 00007efdee0beb69
[   72.291671][ T5781] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000002c020400
[   72.291685][ T5781] RBP: 00007efdec727090 R08: 0000000000000000 R09: 0000000000000000
[   72.291700][ T5781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   72.291725][ T5781] R13: 0000000000000000 R14: 00007efdee2e5fa0 R15: 00007ffd3a675258
[   72.291812][ T5781]  </TASK>
[   72.558559][ T5787] IPVS: lblc: SCTP 172.20.20.187:0 - no destination available
[   72.743851][ T5812] netlink: 'syz.0.909': attribute type 1 has an invalid length.
[   72.779570][ T5815] __nla_validate_parse: 11 callbacks suppressed
[   72.779587][ T5815] netlink: 328 bytes leftover after parsing attributes in process `syz.0.910'.
[   72.824277][ T5819] IPVS: lblc: SCTP 172.20.20.187:0 - no destination available
[   72.832112][   T36] IPVS: starting estimator thread 0...
[   72.887493][ T5826] FAULT_INJECTION: forcing a failure.
[   72.887493][ T5826] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   72.901029][ T5826] CPU: 1 UID: 0 PID: 5826 Comm: syz.3.913 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   72.901064][ T5826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   72.901148][ T5826] Call Trace:
[   72.901155][ T5826]  <TASK>
[   72.901164][ T5826]  __dump_stack+0x1d/0x30
[   72.901190][ T5826]  dump_stack_lvl+0xe8/0x140
[   72.901223][ T5826]  dump_stack+0x15/0x1b
[   72.901243][ T5826]  should_fail_ex+0x265/0x280
[   72.901286][ T5826]  should_fail_alloc_page+0xf2/0x100
[   72.901319][ T5826]  __alloc_frozen_pages_noprof+0xff/0x360
[   72.901376][ T5826]  alloc_pages_mpol+0xb3/0x250
[   72.901408][ T5826]  vma_alloc_folio_noprof+0x1aa/0x300
[   72.901456][ T5826]  handle_mm_fault+0xec2/0x2c20
[   72.901485][ T5826]  ? __rcu_read_unlock+0x4f/0x70
[   72.901563][ T5826]  do_user_addr_fault+0x3fe/0x1090
[   72.901610][ T5826]  exc_page_fault+0x62/0xa0
[   72.901632][ T5826]  asm_exc_page_fault+0x26/0x30
[   72.901651][ T5826] RIP: 0010:csum_partial_copy_generic+0x91/0x1e0
[   72.901688][ T5826] Code: 4c 8b 77 30 4c 8b 6f 38 0f 18 8f 40 01 00 00 48 11 d8 4c 11 c0 4c 11 d8 48 11 d0 4c 11 d0 4c 11 f8 4c 11 f0 4c 11 e8 41 ff cc <48> 89 1e 4c 89 46 08 4c 89 5e 10 48 89 56 18 4c 89 56 20 4c 89 7e
[   72.901777][ T5826] RSP: 0018:ffffc9000f3478b0 EFLAGS: 00050247
[   72.901797][ T5826] RAX: 9d5536469dfac208 RBX: 0200740700000004 RCX: 0000000000000045
[   72.901815][ T5826] RDX: 51261141bc5b774f RSI: 00002000000053c0 RDI: ffff88810b3a006a
[   72.901831][ T5826] RBP: ffffc9000f347c48 R08: fffffffffffffffd R09: 0000000000000000
[   72.901848][ T5826] R10: aef3e61828ab673b R11: 2d15edd64e52679c R12: 0000000000000000
[   72.901864][ T5826] R13: f87d265373f71ad4 R14: 5c08b1d98bbc0557 R15: 199f04e16aee5bb5
[   72.901891][ T5826]  csum_and_copy_to_user+0x67/0x90
[   72.901952][ T5826]  csum_and_copy_to_iter+0x30f/0xf80
[   72.901974][ T5826]  ? __account_obj_stock+0x211/0x350
[   72.902003][ T5826]  ? __skb_try_recv_from_queue+0x3d6/0x440
[   72.902117][ T5826]  ? __pfx_csum_and_copy_to_iter+0x10/0x10
[   72.902144][ T5826]  __skb_datagram_iter+0x64a/0x690
[   72.902177][ T5826]  ? __pfx_csum_and_copy_to_iter+0x10/0x10
[   72.902213][ T5826]  skb_copy_and_csum_datagram_msg+0x119/0x340
[   72.902319][ T5826]  udp_recvmsg+0x301/0xb30
[   72.902368][ T5826]  ? __pfx_udp_recvmsg+0x10/0x10
[   72.902389][ T5826]  inet_recvmsg+0x143/0x290
[   72.902470][ T5826]  sock_recvmsg+0xf6/0x170
[   72.902503][ T5826]  sock_read_iter+0x152/0x1a0
[   72.902530][ T5826]  do_iter_readv_writev+0x421/0x4c0
[   72.902604][ T5826]  vfs_readv+0x1ea/0x690
[   72.902644][ T5826]  do_readv+0xe7/0x210
[   72.902678][ T5826]  __x64_sys_readv+0x45/0x50
[   72.902710][ T5826]  x64_sys_call+0x29f8/0x2ff0
[   72.902862][ T5826]  do_syscall_64+0xd2/0x200
[   72.902890][ T5826]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   72.902916][ T5826]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   72.902943][ T5826]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.903001][ T5826] RIP: 0033:0x7f77e476eb69
[   72.903019][ T5826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.903039][ T5826] RSP: 002b:00007f77e2dd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[   72.903057][ T5826] RAX: ffffffffffffffda RBX: 00007f77e4995fa0 RCX: 00007f77e476eb69
[   72.903121][ T5826] RDX: 0000000000000002 RSI: 0000200000000100 RDI: 0000000000000003
[   72.903133][ T5826] RBP: 00007f77e2dd7090 R08: 0000000000000000 R09: 0000000000000000
[   72.903146][ T5826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   72.903158][ T5826] R13: 0000000000000000 R14: 00007f77e4995fa0 R15: 00007fffa239d448
[   72.903177][ T5826]  </TASK>
[   73.254780][ T5820] IPVS: using max 2352 ests per chain, 117600 per kthread
[   73.307586][ T5833] netlink: 40 bytes leftover after parsing attributes in process `syz.1.917'.
[   73.393370][ T5848] IPVS: lblc: SCTP 172.20.20.187:0 - no destination available
[   73.415292][ T5845] bridge_slave_0: entered promiscuous mode
[   73.427716][ T5845] ipvlan0: entered promiscuous mode
[   73.433620][ T5845] ipvlan0: left promiscuous mode
[   73.443391][ T5859] netlink: 12 bytes leftover after parsing attributes in process `syz.0.926'.
[   73.453148][ T5845] bridge_slave_0: left promiscuous mode
[   73.472574][ T5859] 8021q: adding VLAN 0 to HW filter on device bond1
[   73.484368][ T5859] netlink: 4 bytes leftover after parsing attributes in process `syz.0.926'.
[   73.508197][ T5859] FAULT_INJECTION: forcing a failure.
[   73.508197][ T5859] name failslab, interval 1, probability 0, space 0, times 0
[   73.520927][ T5859] CPU: 1 UID: 0 PID: 5859 Comm: syz.0.926 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   73.521016][ T5859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   73.521028][ T5859] Call Trace:
[   73.521035][ T5859]  <TASK>
[   73.521043][ T5859]  __dump_stack+0x1d/0x30
[   73.521063][ T5859]  dump_stack_lvl+0xe8/0x140
[   73.521081][ T5859]  dump_stack+0x15/0x1b
[   73.521105][ T5859]  should_fail_ex+0x265/0x280
[   73.521223][ T5859]  ? netdevice_event+0x2ae/0x610
[   73.521263][ T5859]  should_failslab+0x8c/0xb0
[   73.521288][ T5859]  __kmalloc_cache_noprof+0x4c/0x320
[   73.521322][ T5859]  ? __pfx_netdevice_event+0x10/0x10
[   73.521392][ T5859]  netdevice_event+0x2ae/0x610
[   73.521422][ T5859]  ? __pfx_del_netdev_ips+0x10/0x10
[   73.521452][ T5859]  ? __pfx_pass_all_filter+0x10/0x10
[   73.521550][ T5859]  ? __pfx_netdevice_event+0x10/0x10
[   73.521602][ T5859]  raw_notifier_call_chain+0x6f/0x1b0
[   73.521625][ T5859]  ? call_netdevice_notifiers_info+0x9c/0x100
[   73.521654][ T5859]  call_netdevice_notifiers_info+0xae/0x100
[   73.521679][ T5859]  unregister_netdevice_many_notify+0xda9/0x15d0
[   73.521712][ T5859]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[   73.521756][ T5859]  rtnl_dellink+0x3cb/0x550
[   73.521810][ T5859]  ? selinux_capable+0x31/0x40
[   73.521856][ T5859]  ? security_capable+0x83/0x90
[   73.521879][ T5859]  ? ns_capable+0x7d/0xb0
[   73.521900][ T5859]  ? __pfx_rtnl_dellink+0x10/0x10
[   73.521999][ T5859]  rtnetlink_rcv_msg+0x5fb/0x6d0
[   73.522031][ T5859]  netlink_rcv_skb+0x123/0x220
[   73.522065][ T5859]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   73.522099][ T5859]  rtnetlink_rcv+0x1c/0x30
[   73.522134][ T5859]  netlink_unicast+0x5bd/0x690
[   73.522178][ T5859]  netlink_sendmsg+0x58b/0x6b0
[   73.522217][ T5859]  ? __pfx_netlink_sendmsg+0x10/0x10
[   73.522279][ T5859]  __sock_sendmsg+0x142/0x180
[   73.522329][ T5859]  ____sys_sendmsg+0x31e/0x4e0
[   73.522440][ T5859]  ___sys_sendmsg+0x17b/0x1d0
[   73.522490][ T5859]  __x64_sys_sendmsg+0xd4/0x160
[   73.522531][ T5859]  x64_sys_call+0x191e/0x2ff0
[   73.522560][ T5859]  do_syscall_64+0xd2/0x200
[   73.522584][ T5859]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   73.522607][ T5859]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.522633][ T5859] RIP: 0033:0x7efdee0beb69
[   73.522650][ T5859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.522672][ T5859] RSP: 002b:00007efdec727038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   73.522693][ T5859] RAX: ffffffffffffffda RBX: 00007efdee2e5fa0 RCX: 00007efdee0beb69
[   73.522706][ T5859] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[   73.522768][ T5859] RBP: 00007efdec727090 R08: 0000000000000000 R09: 0000000000000000
[   73.522782][ T5859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   73.522796][ T5859] R13: 0000000000000000 R14: 00007efdee2e5fa0 R15: 00007ffd3a675258
[   73.522817][ T5859]  </TASK>
[   73.816796][ T5859] bond1 (unregistering): Released all slaves
[   73.854401][ T5867] FAULT_INJECTION: forcing a failure.
[   73.854401][ T5867] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   73.867863][ T5867] CPU: 1 UID: 0 PID: 5867 Comm: syz.4.929 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   73.867956][ T5867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   73.867971][ T5867] Call Trace:
[   73.867978][ T5867]  <TASK>
[   73.867987][ T5867]  __dump_stack+0x1d/0x30
[   73.868015][ T5867]  dump_stack_lvl+0xe8/0x140
[   73.868100][ T5867]  dump_stack+0x15/0x1b
[   73.868120][ T5867]  should_fail_ex+0x265/0x280
[   73.868160][ T5867]  should_fail_alloc_page+0xf2/0x100
[   73.868194][ T5867]  __alloc_frozen_pages_noprof+0xff/0x360
[   73.868278][ T5867]  alloc_pages_mpol+0xb3/0x250
[   73.868376][ T5867]  vma_alloc_folio_noprof+0x1aa/0x300
[   73.868421][ T5867]  handle_mm_fault+0xec2/0x2c20
[   73.868449][ T5867]  ? __rcu_read_unlock+0x4f/0x70
[   73.868487][ T5867]  do_user_addr_fault+0x3fe/0x1090
[   73.868583][ T5867]  ? audit_seccomp+0xdc/0x100
[   73.868618][ T5867]  exc_page_fault+0x62/0xa0
[   73.868660][ T5867]  asm_exc_page_fault+0x26/0x30
[   73.868750][ T5867] RIP: 0010:rep_movs_alternative+0x33/0x90
[   73.868803][ T5867] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 bd f6 01 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb
[   73.868826][ T5867] RSP: 0018:ffffc9000f2ffe58 EFLAGS: 00050216
[   73.868846][ T5867] RAX: 0000000000000000 RBX: 0000000000000020 RCX: 0000000000000020
[   73.868863][ T5867] RDX: 0000000000000000 RSI: ffffc9000f2ffeb0 RDI: 0000200000001080
[   73.868879][ T5867] RBP: 0000000000000000 R08: 000000000000075b R09: 0000000000000000
[   73.868894][ T5867] R10: 0001c9000f2ffeb0 R11: 0001c9000f2ffecf R12: 00002000000010a0
[   73.868923][ T5867] R13: 00007ffffffff000 R14: 0000200000001080 R15: ffffc9000f2ffeb0
[   73.868948][ T5867]  _copy_to_user+0x7c/0xa0
[   73.868980][ T5867]  __x64_sys_getitimer+0xeb/0x130
[   73.869018][ T5867]  x64_sys_call+0x2b84/0x2ff0
[   73.869059][ T5867]  do_syscall_64+0xd2/0x200
[   73.869114][ T5867]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   73.869200][ T5867]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   73.869227][ T5867]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.869254][ T5867] RIP: 0033:0x7f0fdd9deb69
[   73.869272][ T5867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.869301][ T5867] RSP: 002b:00007f0fdc047038 EFLAGS: 00000246 ORIG_RAX: 0000000000000024
[   73.869323][ T5867] RAX: ffffffffffffffda RBX: 00007f0fddc05fa0 RCX: 00007f0fdd9deb69
[   73.869339][ T5867] RDX: 0000000000000000 RSI: 0000200000001080 RDI: 0000000000000002
[   73.869362][ T5867] RBP: 00007f0fdc047090 R08: 0000000000000000 R09: 0000000000000000
[   73.869378][ T5867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.869393][ T5867] R13: 0000000000000000 R14: 00007f0fddc05fa0 R15: 00007ffce7e66768
[   73.869470][ T5867]  </TASK>
[   74.184762][ T5876] netlink: 12 bytes leftover after parsing attributes in process `syz.3.933'.
[   74.221180][ T5876] 8021q: adding VLAN 0 to HW filter on device bond1
[   74.240101][ T5876] netlink: 4 bytes leftover after parsing attributes in process `syz.3.933'.
[   74.302472][ T5876] bond1 (unregistering): Released all slaves
[   74.309166][ T5891] FAULT_INJECTION: forcing a failure.
[   74.309166][ T5891] name failslab, interval 1, probability 0, space 0, times 0
[   74.322030][ T5891] CPU: 1 UID: 0 PID: 5891 Comm: syz.1.938 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   74.322135][ T5891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   74.322151][ T5891] Call Trace:
[   74.322160][ T5891]  <TASK>
[   74.322170][ T5891]  __dump_stack+0x1d/0x30
[   74.322197][ T5891]  dump_stack_lvl+0xe8/0x140
[   74.322222][ T5891]  dump_stack+0x15/0x1b
[   74.322268][ T5891]  should_fail_ex+0x265/0x280
[   74.322437][ T5891]  should_failslab+0x8c/0xb0
[   74.322469][ T5891]  kmem_cache_alloc_noprof+0x50/0x310
[   74.322495][ T5891]  ? getname_flags+0x80/0x3b0
[   74.322532][ T5891]  getname_flags+0x80/0x3b0
[   74.322569][ T5891]  user_path_at+0x28/0x130
[   74.322600][ T5891]  __se_sys_quotactl+0xb6/0x670
[   74.322677][ T5891]  __x64_sys_quotactl+0x55/0x70
[   74.322702][ T5891]  x64_sys_call+0x15d6/0x2ff0
[   74.322730][ T5891]  do_syscall_64+0xd2/0x200
[   74.322826][ T5891]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   74.322856][ T5891]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   74.322884][ T5891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.322912][ T5891] RIP: 0033:0x7ff4c83aeb69
[   74.322932][ T5891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.322994][ T5891] RSP: 002b:00007ff4c69ee038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[   74.323018][ T5891] RAX: ffffffffffffffda RBX: 00007ff4c85d6080 RCX: 00007ff4c83aeb69
[   74.323035][ T5891] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffff80000201
[   74.323051][ T5891] RBP: 00007ff4c69ee090 R08: 0000000000000000 R09: 0000000000000000
[   74.323067][ T5891] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000001
[   74.323082][ T5891] R13: 0000000000000001 R14: 00007ff4c85d6080 R15: 00007ffefdc688a8
[   74.323100][ T5891]  </TASK>
[   74.557702][ T5898] tmpfs: Bad value for 'mpol'
[   75.136829][ T5951] netdevsim netdevsim1: Direct firmware load for ./file0/file1 failed with error -2
[   75.587001][ T5982] FAULT_INJECTION: forcing a failure.
[   75.587001][ T5982] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   75.600228][ T5982] CPU: 0 UID: 0 PID: 5982 Comm: syz.4.969 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   75.600262][ T5982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   75.600328][ T5982] Call Trace:
[   75.600336][ T5982]  <TASK>
[   75.600346][ T5982]  __dump_stack+0x1d/0x30
[   75.600374][ T5982]  dump_stack_lvl+0xe8/0x140
[   75.600394][ T5982]  dump_stack+0x15/0x1b
[   75.600409][ T5982]  should_fail_ex+0x265/0x280
[   75.600470][ T5982]  should_fail+0xb/0x20
[   75.600556][ T5982]  should_fail_usercopy+0x1a/0x20
[   75.600626][ T5982]  _copy_to_user+0x20/0xa0
[   75.600659][ T5982]  con_get_cmap+0x107/0x150
[   75.600698][ T5982]  vt_ioctl+0x100d/0x1880
[   75.600790][ T5982]  ? tty_jobctrl_ioctl+0x29e/0x810
[   75.600819][ T5982]  tty_ioctl+0x7de/0xb80
[   75.600852][ T5982]  ? __pfx_tty_ioctl+0x10/0x10
[   75.600886][ T5982]  __se_sys_ioctl+0xcb/0x140
[   75.600997][ T5982]  __x64_sys_ioctl+0x43/0x50
[   75.601027][ T5982]  x64_sys_call+0x1816/0x2ff0
[   75.601093][ T5982]  do_syscall_64+0xd2/0x200
[   75.601124][ T5982]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   75.601191][ T5982]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   75.601217][ T5982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.601238][ T5982] RIP: 0033:0x7f0fdd9deb69
[   75.601257][ T5982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.601279][ T5982] RSP: 002b:00007f0fdc047038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   75.601302][ T5982] RAX: ffffffffffffffda RBX: 00007f0fddc05fa0 RCX: 00007f0fdd9deb69
[   75.601365][ T5982] RDX: 0000200000000040 RSI: 0000000000004b70 RDI: 0000000000000004
[   75.601378][ T5982] RBP: 00007f0fdc047090 R08: 0000000000000000 R09: 0000000000000000
[   75.601389][ T5982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.601405][ T5982] R13: 0000000000000000 R14: 00007f0fddc05fa0 R15: 00007ffce7e66768
[   75.601428][ T5982]  </TASK>
[   75.628053][ T3432] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.652543][ T3432] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.714202][ T3432] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.719136][ T5986] netlink: 'syz.0.971': attribute type 1 has an invalid length.
[   75.835222][   T29] kauditd_printk_skb: 452 callbacks suppressed
[   75.835246][   T29] audit: type=1400 audit(1754137979.189:2578): avc:  denied  { mounton } for  pid=5992 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   75.896797][ T3432] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.966617][ T3432] bridge_slave_1: left allmulticast mode
[   75.972310][ T3432] bridge_slave_1: left promiscuous mode
[   75.978188][ T3432] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.993711][ T3432] bridge_slave_0: left allmulticast mode
[   75.999578][ T3432] bridge_slave_0: left promiscuous mode
[   76.005395][ T3432] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.048499][ T6012] FAULT_INJECTION: forcing a failure.
[   76.048499][ T6012] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   76.061675][ T6012] CPU: 0 UID: 0 PID: 6012 Comm: syz.4.979 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   76.061771][ T6012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   76.061788][ T6012] Call Trace:
[   76.061795][ T6012]  <TASK>
[   76.061805][ T6012]  __dump_stack+0x1d/0x30
[   76.061832][ T6012]  dump_stack_lvl+0xe8/0x140
[   76.061856][ T6012]  dump_stack+0x15/0x1b
[   76.061877][ T6012]  should_fail_ex+0x265/0x280
[   76.061975][ T6012]  should_fail+0xb/0x20
[   76.062089][ T6012]  should_fail_usercopy+0x1a/0x20
[   76.062143][ T6012]  _copy_from_iter+0xcf/0xe40
[   76.062174][ T6012]  ? alloc_pages_mpol+0x201/0x250
[   76.062236][ T6012]  copy_page_from_iter+0x178/0x2a0
[   76.062266][ T6012]  tun_get_user+0x679/0x2680
[   76.062358][ T6012]  ? ref_tracker_alloc+0x1f2/0x2f0
[   76.062437][ T6012]  tun_chr_write_iter+0x15e/0x210
[   76.062472][ T6012]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   76.062506][ T6012]  vfs_write+0x4a0/0x8e0
[   76.062544][ T6012]  ksys_write+0xda/0x1a0
[   76.062571][ T6012]  __x64_sys_write+0x40/0x50
[   76.062593][ T6012]  x64_sys_call+0x27fe/0x2ff0
[   76.062684][ T6012]  do_syscall_64+0xd2/0x200
[   76.062740][ T6012]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   76.062764][ T6012]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   76.062792][ T6012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.062813][ T6012] RIP: 0033:0x7f0fdd9dd61f
[   76.062906][ T6012] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   76.062924][ T6012] RSP: 002b:00007f0fdc047000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   76.062946][ T6012] RAX: ffffffffffffffda RBX: 00007f0fddc05fa0 RCX: 00007f0fdd9dd61f
[   76.062959][ T6012] RDX: 0000000000000056 RSI: 0000200000000040 RDI: 00000000000000c8
[   76.063006][ T6012] RBP: 00007f0fdc047090 R08: 0000000000000000 R09: 0000000000000000
[   76.063018][ T6012] R10: 0000000000000056 R11: 0000000000000293 R12: 0000000000000001
[   76.063030][ T6012] R13: 0000000000000000 R14: 00007f0fddc05fa0 R15: 00007ffce7e66768
[   76.063048][ T6012]  </TASK>
[   76.321102][   T29] audit: type=1326 audit(1754137979.679:2579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6019 comm="syz.3.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e476eb69 code=0x7ffc0000
[   76.344571][   T29] audit: type=1326 audit(1754137979.679:2580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6019 comm="syz.3.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e476eb69 code=0x7ffc0000
[   76.367990][   T29] audit: type=1326 audit(1754137979.679:2581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6019 comm="syz.3.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f77e476eb69 code=0x7ffc0000
[   76.391307][   T29] audit: type=1326 audit(1754137979.689:2582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6019 comm="syz.3.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e476eb69 code=0x7ffc0000
[   76.414712][   T29] audit: type=1326 audit(1754137979.689:2583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6019 comm="syz.3.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f77e476eb69 code=0x7ffc0000
[   76.438069][   T29] audit: type=1326 audit(1754137979.689:2584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6019 comm="syz.3.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e476eb69 code=0x7ffc0000
[   76.461443][   T29] audit: type=1326 audit(1754137979.689:2585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6019 comm="syz.3.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7f77e476eb69 code=0x7ffc0000
[   76.484692][   T29] audit: type=1326 audit(1754137979.689:2586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6019 comm="syz.3.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e476eb69 code=0x7ffc0000
[   76.508010][   T29] audit: type=1326 audit(1754137979.689:2587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6019 comm="syz.3.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f77e476eb69 code=0x7ffc0000
[   76.537826][ T3432] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   76.548314][ T3432] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   76.558607][ T3432] bond0 (unregistering): Released all slaves
[   76.585789][ T6021] syzkaller0: entered promiscuous mode
[   76.591338][ T6021] syzkaller0: entered allmulticast mode
[   76.608220][ T5992] lo speed is unknown, defaulting to 1000
[   76.666267][ T6039] program syz.4.987 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   76.675829][ T6038] netlink: 'syz.1.988': attribute type 1 has an invalid length.
[   76.684284][ T6037] program syz.4.987 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   76.695216][ T3432] hsr_slave_0: left promiscuous mode
[   76.701733][ T3432] hsr_slave_1: left promiscuous mode
[   76.719364][ T3432] veth1_macvtap: left promiscuous mode
[   76.734393][ T3432] veth0_macvtap: left promiscuous mode
[   76.739971][ T3432] veth1_vlan: left promiscuous mode
[   76.754199][ T3432] veth0_vlan: left promiscuous mode
[   76.773830][ T6047] netlink: 24 bytes leftover after parsing attributes in process `syz.0.991'.
[   76.786050][ T6047] FAULT_INJECTION: forcing a failure.
[   76.786050][ T6047] name failslab, interval 1, probability 0, space 0, times 0
[   76.798730][ T6047] CPU: 0 UID: 0 PID: 6047 Comm: syz.0.991 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   76.798767][ T6047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   76.798780][ T6047] Call Trace:
[   76.798785][ T6047]  <TASK>
[   76.798870][ T6047]  __dump_stack+0x1d/0x30
[   76.798893][ T6047]  dump_stack_lvl+0xe8/0x140
[   76.798911][ T6047]  dump_stack+0x15/0x1b
[   76.798929][ T6047]  should_fail_ex+0x265/0x280
[   76.799046][ T6047]  should_failslab+0x8c/0xb0
[   76.799079][ T6047]  __kmalloc_noprof+0xa5/0x3e0
[   76.799165][ T6047]  ? nfc_llcp_build_tlv+0xac/0x100
[   76.799187][ T6047]  ? _raw_spin_unlock+0x26/0x50
[   76.799245][ T6047]  nfc_llcp_build_tlv+0xac/0x100
[   76.799266][ T6047]  nfc_llcp_build_gb+0xb0/0x2f0
[   76.799303][ T6047]  nfc_llcp_general_bytes+0xd9/0x1e0
[   76.799418][ T6047]  nfc_dep_link_up+0xdd/0x260
[   76.799442][ T6047]  nfc_genl_dep_link_up+0xdd/0x120
[   76.799468][ T6047]  genl_family_rcv_msg_doit+0x140/0x1b0
[   76.799504][ T6047]  genl_rcv_msg+0x422/0x460
[   76.799600][ T6047]  ? __pfx_nfc_genl_dep_link_up+0x10/0x10
[   76.799678][ T6047]  netlink_rcv_skb+0x123/0x220
[   76.799706][ T6047]  ? __pfx_genl_rcv_msg+0x10/0x10
[   76.799791][ T6047]  genl_rcv+0x28/0x40
[   76.799816][ T6047]  netlink_unicast+0x5bd/0x690
[   76.799847][ T6047]  netlink_sendmsg+0x58b/0x6b0
[   76.799896][ T6047]  ? __pfx_netlink_sendmsg+0x10/0x10
[   76.799933][ T6047]  __sock_sendmsg+0x142/0x180
[   76.799957][ T6047]  ____sys_sendmsg+0x31e/0x4e0
[   76.800042][ T6047]  ___sys_sendmsg+0x17b/0x1d0
[   76.800098][ T6047]  __x64_sys_sendmsg+0xd4/0x160
[   76.800146][ T6047]  x64_sys_call+0x191e/0x2ff0
[   76.800173][ T6047]  do_syscall_64+0xd2/0x200
[   76.800202][ T6047]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   76.800268][ T6047]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   76.800291][ T6047]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.800312][ T6047] RIP: 0033:0x7efdee0beb69
[   76.800382][ T6047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.800404][ T6047] RSP: 002b:00007efdec727038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   76.800423][ T6047] RAX: ffffffffffffffda RBX: 00007efdee2e5fa0 RCX: 00007efdee0beb69
[   76.800435][ T6047] RDX: 0000000000000040 RSI: 0000200000000600 RDI: 0000000000000004
[   76.800447][ T6047] RBP: 00007efdec727090 R08: 0000000000000000 R09: 0000000000000000
[   76.800463][ T6047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.800484][ T6047] R13: 0000000000000000 R14: 00007efdee2e5fa0 R15: 00007ffd3a675258
[   76.800523][ T6047]  </TASK>
[   77.137154][ T3432] team0 (unregistering): Port device team_slave_1 removed
[   77.147757][ T3432] team0 (unregistering): Port device team_slave_0 removed
[   77.202183][ T1036] lo speed is unknown, defaulting to 1000
[   77.207993][ T1036] infiniband syz0: ib_query_port failed (-19)
[   77.241808][ T5992] chnl_net:caif_netlink_parms(): no params data found
[   77.279237][ T5992] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.286390][ T5992] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.293602][ T5992] bridge_slave_0: entered allmulticast mode
[   77.300249][ T5992] bridge_slave_0: entered promiscuous mode
[   77.308160][ T5992] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.315308][ T5992] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.319461][ T6068] netlink: 'syz.4.998': attribute type 1 has an invalid length.
[   77.323181][ T5992] bridge_slave_1: entered allmulticast mode
[   77.336736][ T5992] bridge_slave_1: entered promiscuous mode
[   77.355384][ T6070] IPVS: lblc: SCTP 172.20.20.187:0 - no destination available
[   77.357559][ T5992] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.374037][ T5992] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.397121][ T5992] team0: Port device team_slave_0 added
[   77.445306][ T5992] team0: Port device team_slave_1 added
[   77.469304][ T5992] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.476315][ T5992] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.502291][ T5992] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.515048][ T5992] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.522052][ T5992] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.548020][ T5992] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.578437][ T5992] hsr_slave_0: entered promiscuous mode
[   77.585153][ T5992] hsr_slave_1: entered promiscuous mode
[   77.591163][ T5992] debugfs: 'hsr0' already exists in 'hsr'
[   77.596975][ T5992] Cannot create hsr debugfs directory
[   77.603814][ T3432] IPVS: stop unused estimator thread 0...
[   77.630483][ T6077] syz.4.1002 (6077) used greatest stack depth: 9424 bytes left
[   77.754308][ T6093] netlink: 'syz.1.1009': attribute type 1 has an invalid length.
[   77.770721][ T5992] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   77.797477][ T5992] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   77.826362][ T5992] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   77.836089][ T5992] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   77.869644][ T6081] FAULT_INJECTION: forcing a failure.
[   77.869644][ T6081] name failslab, interval 1, probability 0, space 0, times 0
[   77.882444][ T6081] CPU: 0 UID: 0 PID: 6081 Comm: syz.4.1004 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   77.882476][ T6081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   77.882581][ T6081] Call Trace:
[   77.882589][ T6081]  <TASK>
[   77.882597][ T6081]  __dump_stack+0x1d/0x30
[   77.882622][ T6081]  dump_stack_lvl+0xe8/0x140
[   77.882713][ T6081]  dump_stack+0x15/0x1b
[   77.882816][ T6081]  should_fail_ex+0x265/0x280
[   77.882857][ T6081]  ? resv_map_alloc+0x57/0x190
[   77.882892][ T6081]  should_failslab+0x8c/0xb0
[   77.882922][ T6081]  __kmalloc_cache_noprof+0x4c/0x320
[   77.883022][ T6081]  resv_map_alloc+0x57/0x190
[   77.883058][ T6081]  hugetlbfs_get_inode+0x67/0x370
[   77.883136][ T6081]  hugetlb_file_setup+0x192/0x3d0
[   77.883224][ T6081]  ksys_mmap_pgoff+0x157/0x310
[   77.883337][ T6081]  x64_sys_call+0x14a3/0x2ff0
[   77.883403][ T6081]  do_syscall_64+0xd2/0x200
[   77.883431][ T6081]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   77.883464][ T6081]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   77.883489][ T6081]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.883515][ T6081] RIP: 0033:0x7f0fdd9deb69
[   77.883533][ T6081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.883605][ T6081] RSP: 002b:00007f0fdc047038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   77.883643][ T6081] RAX: ffffffffffffffda RBX: 00007f0fddc05fa0 RCX: 00007f0fdd9deb69
[   77.883659][ T6081] RDX: 000000000300000c RSI: 0000000000c00000 RDI: 0000200000400000
[   77.883675][ T6081] RBP: 00007f0fdc047090 R08: ffffffffffffffff R09: 0000000000000000
[   77.883690][ T6081] R10: 0000000000051031 R11: 0000000000000246 R12: 0000000000000001
[   77.883705][ T6081] R13: 0000000000000000 R14: 00007f0fddc05fa0 R15: 00007ffce7e66768
[   77.883792][ T6081]  </TASK>
[   77.897770][ T5992] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.967221][ T6106] netlink: 'syz.1.1011': attribute type 1 has an invalid length.
[   77.969172][ T5992] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.973663][ T6106] netlink: 199820 bytes leftover after parsing attributes in process `syz.1.1011'.
[   77.979867][ T5992] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.979964][ T5992] bridge0: port 1(bridge_slave_0) entered forwarding state
[   78.158952][ T6112] syzkaller0: entered promiscuous mode
[   78.164661][ T6112] syzkaller0: entered allmulticast mode
[   78.179417][ T5992] 8021q: adding VLAN 0 to HW filter on device bond0
[   78.191265][ T5992] 8021q: adding VLAN 0 to HW filter on device team0
[   78.301060][ T5992] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.846770][ T5992] veth0_vlan: entered promiscuous mode
[   78.859007][ T5992] veth1_vlan: entered promiscuous mode
[   78.883163][ T5992] veth0_macvtap: entered promiscuous mode
[   78.891409][ T5992] veth1_macvtap: entered promiscuous mode
[   78.903676][ T5992] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.921695][ T5992] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.935972][  T124] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.954610][  T124] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.962358][ T6153] IPVS: lblc: SCTP 172.20.20.187:0 - no destination available
[   78.973237][  T124] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.990403][  T124] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   79.140441][ T6175] FAULT_INJECTION: forcing a failure.
[   79.140441][ T6175] name failslab, interval 1, probability 0, space 0, times 0
[   79.153224][ T6175] CPU: 0 UID: 0 PID: 6175 Comm: syz.1.1033 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   79.153254][ T6175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   79.153270][ T6175] Call Trace:
[   79.153308][ T6175]  <TASK>
[   79.153315][ T6175]  __dump_stack+0x1d/0x30
[   79.153379][ T6175]  dump_stack_lvl+0xe8/0x140
[   79.153401][ T6175]  dump_stack+0x15/0x1b
[   79.153416][ T6175]  should_fail_ex+0x265/0x280
[   79.153480][ T6175]  should_failslab+0x8c/0xb0
[   79.153512][ T6175]  __kmalloc_noprof+0xa5/0x3e0
[   79.153548][ T6175]  ? cttimeout_new_timeout+0x1b6/0x460
[   79.153573][ T6175]  cttimeout_new_timeout+0x1b6/0x460
[   79.153619][ T6175]  ? __nla_parse+0x40/0x60
[   79.153647][ T6175]  nfnetlink_rcv_msg+0x4c6/0x590
[   79.153695][ T6175]  netlink_rcv_skb+0x123/0x220
[   79.153768][ T6175]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   79.153866][ T6175]  nfnetlink_rcv+0x16b/0x1690
[   79.153908][ T6175]  ? nlmon_xmit+0x4f/0x60
[   79.153934][ T6175]  ? consume_skb+0x49/0x150
[   79.153965][ T6175]  ? nlmon_xmit+0x4f/0x60
[   79.154061][ T6175]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   79.154118][ T6175]  ? __dev_queue_xmit+0x1200/0x2000
[   79.154200][ T6175]  ? __dev_queue_xmit+0x182/0x2000
[   79.154272][ T6175]  ? ref_tracker_free+0x37d/0x3e0
[   79.154320][ T6175]  ? __netlink_deliver_tap+0x4dc/0x500
[   79.154446][ T6175]  netlink_unicast+0x5bd/0x690
[   79.154482][ T6175]  netlink_sendmsg+0x58b/0x6b0
[   79.154525][ T6175]  ? __pfx_netlink_sendmsg+0x10/0x10
[   79.154604][ T6175]  __sock_sendmsg+0x142/0x180
[   79.154684][ T6175]  ____sys_sendmsg+0x31e/0x4e0
[   79.154718][ T6175]  ___sys_sendmsg+0x17b/0x1d0
[   79.154771][ T6175]  __x64_sys_sendmsg+0xd4/0x160
[   79.154867][ T6175]  x64_sys_call+0x191e/0x2ff0
[   79.154887][ T6175]  do_syscall_64+0xd2/0x200
[   79.154913][ T6175]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   79.154936][ T6175]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   79.154987][ T6175]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.155051][ T6175] RIP: 0033:0x7ff4c83aeb69
[   79.155070][ T6175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.155113][ T6175] RSP: 002b:00007ff4c6a0f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   79.155133][ T6175] RAX: ffffffffffffffda RBX: 00007ff4c85d5fa0 RCX: 00007ff4c83aeb69
[   79.155145][ T6175] RDX: 0000000000000004 RSI: 00002000000004c0 RDI: 0000000000000003
[   79.155156][ T6175] RBP: 00007ff4c6a0f090 R08: 0000000000000000 R09: 0000000000000000
[   79.155167][ T6175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   79.155179][ T6175] R13: 0000000000000000 R14: 00007ff4c85d5fa0 R15: 00007ffefdc688a8
[   79.155203][ T6175]  </TASK>
[   79.461148][ T6183] netlink: 'syz.1.1037': attribute type 1 has an invalid length.
[   79.467154][ T6184] IPVS: lblc: SCTP 172.20.20.187:0 - no destination available
[   79.766995][ T6206] block device autoloading is deprecated and will be removed.
[   80.165806][ T6273] netlink: 'syz.3.1050': attribute type 1 has an invalid length.
[   80.666758][ T6285] loop3: detected capacity change from 0 to 256
[   80.718836][ T6285] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   80.742918][ T6285] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[   80.751669][ T6285] FAT-fs (loop3): Filesystem has been set read-only
[   80.772282][ T6289] infiniband syz2: set active
[   80.777238][ T6289] infiniband syz2: added veth0_to_bond
[   80.788410][ T6289] RDS/IB: syz2: added
[   80.792604][ T6289] smc: adding ib device syz2 with port count 1
[   80.799393][ T6289] smc:    ib device syz2 port 1 has pnetid 
[   81.128525][ T6314] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1064'.
[   81.161247][ T6322] FAULT_INJECTION: forcing a failure.
[   81.161247][ T6322] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   81.174397][ T6322] CPU: 0 UID: 0 PID: 6322 Comm: syz.3.1071 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   81.174430][ T6322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   81.174443][ T6322] Call Trace:
[   81.174449][ T6322]  <TASK>
[   81.174457][ T6322]  __dump_stack+0x1d/0x30
[   81.174527][ T6322]  dump_stack_lvl+0xe8/0x140
[   81.174549][ T6322]  dump_stack+0x15/0x1b
[   81.174570][ T6322]  should_fail_ex+0x265/0x280
[   81.174618][ T6322]  should_fail+0xb/0x20
[   81.174646][ T6322]  should_fail_usercopy+0x1a/0x20
[   81.174664][ T6322]  _copy_from_user+0x1c/0xb0
[   81.174694][ T6322]  memdup_user+0x5e/0xd0
[   81.174751][ T6322]  strndup_user+0x68/0xb0
[   81.174785][ T6322]  __se_sys_mount+0x4d/0x2e0
[   81.174814][ T6322]  ? fput+0x8f/0xc0
[   81.174910][ T6322]  ? ksys_write+0x192/0x1a0
[   81.174939][ T6322]  __x64_sys_mount+0x67/0x80
[   81.174967][ T6322]  x64_sys_call+0x2b4d/0x2ff0
[   81.174998][ T6322]  do_syscall_64+0xd2/0x200
[   81.175027][ T6322]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   81.175059][ T6322]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   81.175134][ T6322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.175159][ T6322] RIP: 0033:0x7f77e476eb69
[   81.175176][ T6322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.175197][ T6322] RSP: 002b:00007f77e2dd7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   81.175229][ T6322] RAX: ffffffffffffffda RBX: 00007f77e4995fa0 RCX: 00007f77e476eb69
[   81.175272][ T6322] RDX: 0000200000000080 RSI: 0000200000000000 RDI: 0000000000000000
[   81.175284][ T6322] RBP: 00007f77e2dd7090 R08: 0000200000000340 R09: 0000000000000000
[   81.175362][ T6322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.175380][ T6322] R13: 0000000000000001 R14: 00007f77e4995fa0 R15: 00007fffa239d448
[   81.175408][ T6322]  </TASK>
[   81.189992][   T29] kauditd_printk_skb: 295 callbacks suppressed
[   81.190010][   T29] audit: type=1326 audit(1754137984.549:2883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6325 comm="syz.0.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdee0beb69 code=0x7ffc0000
[   81.191232][   T29] audit: type=1326 audit(1754137984.549:2884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6325 comm="syz.0.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7efdee0beb69 code=0x7ffc0000
[   81.191347][   T29] audit: type=1326 audit(1754137984.549:2885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6325 comm="syz.0.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdee0beb69 code=0x7ffc0000
[   81.191811][   T29] audit: type=1326 audit(1754137984.549:2886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6325 comm="syz.0.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7efdee0beb69 code=0x7ffc0000
[   81.191838][   T29] audit: type=1326 audit(1754137984.549:2887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6325 comm="syz.0.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdee0beb69 code=0x7ffc0000
[   81.192136][   T29] audit: type=1326 audit(1754137984.549:2888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6325 comm="syz.0.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7efdee0beb69 code=0x7ffc0000
[   81.192395][   T29] audit: type=1326 audit(1754137984.549:2889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6325 comm="syz.0.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdee0beb69 code=0x7ffc0000
[   81.192535][   T29] audit: type=1326 audit(1754137984.549:2890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6325 comm="syz.0.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7efdee0beb69 code=0x7ffc0000
[   81.236947][ T6332] netlink: 'syz.4.1070': attribute type 3 has an invalid length.
[   81.301285][ T6335] rdma_op ffff8881143d1980 conn xmit_rdma 0000000000000000
[   81.312133][   T29] audit: type=1326 audit(1754137984.669:2891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6325 comm="syz.0.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdee0beb69 code=0x7ffc0000
[   81.627074][   T29] audit: type=1326 audit(1754137984.719:2892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6325 comm="syz.0.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efdee0beb69 code=0x7ffc0000
[   81.669353][ T6342] netlink: 'syz.3.1076': attribute type 1 has an invalid length.
[   81.670094][ T6343] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1077'.
[   81.677223][ T6342] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1076'.
[   81.696609][ T6343] netlink: 5 bytes leftover after parsing attributes in process `syz.4.1077'.
[   81.713351][ T6343] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1077'.
[   81.722410][ T6343] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1077'.
[   81.731708][ T6343] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1077'.
[   81.774324][ T6343] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1077'.
[   81.783327][ T6343] netlink: 'syz.4.1077': attribute type 6 has an invalid length.
[   81.787131][ T6344] IPVS: set_ctl: invalid protocol: 58 255.255.255.255:20001
[   81.831415][ T6350] netlink: 'syz.5.1078': attribute type 1 has an invalid length.
[   82.079650][ T6378] netlink: 'syz.1.1093': attribute type 1 has an invalid length.
[   82.282944][ T6401] sit0: entered promiscuous mode
[   82.300126][ T6401] netlink: 'syz.3.1099': attribute type 1 has an invalid length.
[   82.307999][ T6401] netlink: 1 bytes leftover after parsing attributes in process `syz.3.1099'.
[   82.339292][ T6403] hub 6-0:1.0: USB hub found
[   82.344183][ T6403] hub 6-0:1.0: 8 ports detected
[   82.491796][ T6417] netlink: 'syz.3.1105': attribute type 1 has an invalid length.
[   82.618565][ T6433] FAULT_INJECTION: forcing a failure.
[   82.618565][ T6433] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   82.631718][ T6433] CPU: 0 UID: 0 PID: 6433 Comm: syz.1.1113 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   82.631752][ T6433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   82.631766][ T6433] Call Trace:
[   82.631774][ T6433]  <TASK>
[   82.631785][ T6433]  __dump_stack+0x1d/0x30
[   82.631809][ T6433]  dump_stack_lvl+0xe8/0x140
[   82.631838][ T6433]  dump_stack+0x15/0x1b
[   82.631856][ T6433]  should_fail_ex+0x265/0x280
[   82.631955][ T6433]  should_fail+0xb/0x20
[   82.631985][ T6433]  should_fail_usercopy+0x1a/0x20
[   82.632005][ T6433]  _copy_from_user+0x1c/0xb0
[   82.632079][ T6433]  memdup_user+0x5e/0xd0
[   82.632108][ T6433]  strndup_user+0x68/0xb0
[   82.632135][ T6433]  __se_sys_mount+0x4d/0x2e0
[   82.632158][ T6433]  ? fput+0x8f/0xc0
[   82.632188][ T6433]  ? ksys_write+0x192/0x1a0
[   82.632272][ T6433]  __x64_sys_mount+0x67/0x80
[   82.632296][ T6433]  x64_sys_call+0x2b4d/0x2ff0
[   82.632329][ T6433]  do_syscall_64+0xd2/0x200
[   82.632501][ T6433]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   82.632527][ T6433]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   82.632682][ T6433]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.632710][ T6433] RIP: 0033:0x7ff4c83aeb69
[   82.632729][ T6433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.632794][ T6433] RSP: 002b:00007ff4c6a0f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   82.632817][ T6433] RAX: ffffffffffffffda RBX: 00007ff4c85d5fa0 RCX: 00007ff4c83aeb69
[   82.632845][ T6433] RDX: 0000200000000080 RSI: 0000200000000000 RDI: 0000000000000000
[   82.632859][ T6433] RBP: 00007ff4c6a0f090 R08: 0000200000000340 R09: 0000000000000000
[   82.632872][ T6433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   82.632885][ T6433] R13: 0000000000000000 R14: 00007ff4c85d5fa0 R15: 00007ffefdc688a8
[   82.632906][ T6433]  </TASK>
[   82.862550][ T6441] 9pnet: Could not find request transport: fÂ?(LÔýx0Á€.<fè<Þ‰r«ÍVK|�Î\›öhÀNð8Ï]ÑC¥��h›©w
fØø0lDayÝfDñ§f¿UÌú…�=(ky¦—HÞ6a!ÌyÅR­òëî3	G0x0000000000000000
[   83.066436][ T6456] random: crng reseeded on system resumption
[   83.096258][ T6460] netlink: 'wÞ£ÿ': attribute type 1 has an invalid length.
[   83.112149][ T6460] bond1: entered promiscuous mode
[   83.117718][ T6460] 8021q: adding VLAN 0 to HW filter on device bond1
[   83.130025][ T6460] __nla_validate_parse: 1 callbacks suppressed
[   83.130045][ T6460] netlink: 28 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[   83.180651][ T6469] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.268129][ T6469] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.328848][ T6469] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.387641][ T6469] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.486048][ T6223] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.500956][ T6223] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.518625][ T6223] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.546276][ T6223] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.748367][ T6503] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1139'.
[   83.757541][ T6503] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1139'.
[   83.766908][ T6503] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1139'.
[   83.788563][ T6503] FAULT_INJECTION: forcing a failure.
[   83.788563][ T6503] name failslab, interval 1, probability 0, space 0, times 0
[   83.801335][ T6503] CPU: 0 UID: 0 PID: 6503 Comm: syz.1.1139 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   83.801371][ T6503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   83.801388][ T6503] Call Trace:
[   83.801395][ T6503]  <TASK>
[   83.801454][ T6503]  __dump_stack+0x1d/0x30
[   83.801506][ T6503]  dump_stack_lvl+0xe8/0x140
[   83.801525][ T6503]  dump_stack+0x15/0x1b
[   83.801544][ T6503]  should_fail_ex+0x265/0x280
[   83.801611][ T6503]  should_failslab+0x8c/0xb0
[   83.801655][ T6503]  __kmalloc_noprof+0xa5/0x3e0
[   83.801689][ T6503]  ? tcf_idr_create+0x41/0x4a0
[   83.801711][ T6503]  tcf_idr_create+0x41/0x4a0
[   83.801810][ T6503]  tcf_idr_create_from_flags+0x60/0x80
[   83.801842][ T6503]  tcf_mirred_init+0x451/0x900
[   83.801885][ T6503]  tcf_action_init_1+0x367/0x4a0
[   83.801960][ T6503]  tcf_action_init+0x267/0x6d0
[   83.802013][ T6503]  tc_ctl_action+0x291/0x830
[   83.802055][ T6503]  ? __pfx_tc_ctl_action+0x10/0x10
[   83.802116][ T6503]  rtnetlink_rcv_msg+0x65a/0x6d0
[   83.802145][ T6503]  netlink_rcv_skb+0x123/0x220
[   83.802184][ T6503]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   83.802291][ T6503]  rtnetlink_rcv+0x1c/0x30
[   83.802362][ T6503]  netlink_unicast+0x5bd/0x690
[   83.802392][ T6503]  netlink_sendmsg+0x58b/0x6b0
[   83.802461][ T6503]  ? __pfx_netlink_sendmsg+0x10/0x10
[   83.802538][ T6503]  __sock_sendmsg+0x142/0x180
[   83.802561][ T6503]  ____sys_sendmsg+0x31e/0x4e0
[   83.802645][ T6503]  ___sys_sendmsg+0x17b/0x1d0
[   83.802703][ T6503]  __x64_sys_sendmsg+0xd4/0x160
[   83.802751][ T6503]  x64_sys_call+0x191e/0x2ff0
[   83.802779][ T6503]  do_syscall_64+0xd2/0x200
[   83.802881][ T6503]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   83.802911][ T6503]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   83.802936][ T6503]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.802968][ T6503] RIP: 0033:0x7ff4c83aeb69
[   83.802987][ T6503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.803010][ T6503] RSP: 002b:00007ff4c69ee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   83.803034][ T6503] RAX: ffffffffffffffda RBX: 00007ff4c85d6080 RCX: 00007ff4c83aeb69
[   83.803060][ T6503] RDX: 0000000000000000 RSI: 0000200000006280 RDI: 0000000000000003
[   83.803074][ T6503] RBP: 00007ff4c69ee090 R08: 0000000000000000 R09: 0000000000000000
[   83.803086][ T6503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.803101][ T6503] R13: 0000000000000000 R14: 00007ff4c85d6080 R15: 00007ffefdc688a8
[   83.803119][ T6503]  </TASK>
[   84.064376][ T6505] FAULT_INJECTION: forcing a failure.
[   84.064376][ T6505] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   84.077521][ T6505] CPU: 0 UID: 0 PID: 6505 Comm: syz.5.1141 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   84.077556][ T6505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   84.077571][ T6505] Call Trace:
[   84.077579][ T6505]  <TASK>
[   84.077588][ T6505]  __dump_stack+0x1d/0x30
[   84.077688][ T6505]  dump_stack_lvl+0xe8/0x140
[   84.077714][ T6505]  dump_stack+0x15/0x1b
[   84.077747][ T6505]  should_fail_ex+0x265/0x280
[   84.077811][ T6505]  should_fail+0xb/0x20
[   84.077903][ T6505]  should_fail_usercopy+0x1a/0x20
[   84.077927][ T6505]  _copy_to_user+0x20/0xa0
[   84.077960][ T6505]  simple_read_from_buffer+0xb5/0x130
[   84.077988][ T6505]  proc_fail_nth_read+0x10e/0x150
[   84.078023][ T6505]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   84.078136][ T6505]  vfs_read+0x1a0/0x6f0
[   84.078240][ T6505]  ? __rcu_read_unlock+0x4f/0x70
[   84.078267][ T6505]  ? __fget_files+0x184/0x1c0
[   84.078296][ T6505]  ? ldsem_up_read+0x8a/0xd0
[   84.078324][ T6505]  ksys_read+0xda/0x1a0
[   84.078352][ T6505]  __x64_sys_read+0x40/0x50
[   84.078392][ T6505]  x64_sys_call+0x27bc/0x2ff0
[   84.078419][ T6505]  do_syscall_64+0xd2/0x200
[   84.078448][ T6505]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   84.078479][ T6505]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   84.078532][ T6505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.078559][ T6505] RIP: 0033:0x7f63afa9d57c
[   84.078578][ T6505] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   84.078642][ T6505] RSP: 002b:00007f63ae0e6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   84.078667][ T6505] RAX: ffffffffffffffda RBX: 00007f63afcc6080 RCX: 00007f63afa9d57c
[   84.078683][ T6505] RDX: 000000000000000f RSI: 00007f63ae0e60a0 RDI: 0000000000000004
[   84.078770][ T6505] RBP: 00007f63ae0e6090 R08: 0000000000000000 R09: 0000000000000000
[   84.078786][ T6505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   84.078802][ T6505] R13: 0000000000000001 R14: 00007f63afcc6080 R15: 00007ffe2754d7b8
[   84.078826][ T6505]  </TASK>
[   84.372998][ T6520] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[   84.562692][ T6555] FAULT_INJECTION: forcing a failure.
[   84.562692][ T6555] name failslab, interval 1, probability 0, space 0, times 0
[   84.575391][ T6555] CPU: 1 UID: 0 PID: 6555 Comm: syz.1.1164 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   84.575427][ T6555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   84.575444][ T6555] Call Trace:
[   84.575453][ T6555]  <TASK>
[   84.575463][ T6555]  __dump_stack+0x1d/0x30
[   84.575489][ T6555]  dump_stack_lvl+0xe8/0x140
[   84.575511][ T6555]  dump_stack+0x15/0x1b
[   84.575531][ T6555]  should_fail_ex+0x265/0x280
[   84.575562][ T6555]  should_failslab+0x8c/0xb0
[   84.575585][ T6555]  kmem_cache_alloc_noprof+0x50/0x310
[   84.575616][ T6555]  ? vm_area_alloc+0x2c/0xb0
[   84.575646][ T6555]  vm_area_alloc+0x2c/0xb0
[   84.575674][ T6555]  mmap_region+0xaa2/0x1630
[   84.575729][ T6555]  do_mmap+0x9b3/0xbe0
[   84.575770][ T6555]  vm_mmap_pgoff+0x17a/0x2e0
[   84.575801][ T6555]  ksys_mmap_pgoff+0xc2/0x310
[   84.575835][ T6555]  ? __x64_sys_mmap+0x49/0x70
[   84.575865][ T6555]  x64_sys_call+0x14a3/0x2ff0
[   84.575892][ T6555]  do_syscall_64+0xd2/0x200
[   84.575929][ T6555]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   84.575953][ T6555]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   84.575973][ T6555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.575994][ T6555] RIP: 0033:0x7ff4c83aeba3
[   84.576008][ T6555] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[   84.576030][ T6555] RSP: 002b:00007ff4c6a0ee18 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   84.576053][ T6555] RAX: ffffffffffffffda RBX: 0000000000000552 RCX: 00007ff4c83aeba3
[   84.576065][ T6555] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[   84.576076][ T6555] RBP: 00002000000007c2 R08: 00000000ffffffff R09: 0000000000000000
[   84.576087][ T6555] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000004
[   84.576099][ T6555] R13: 00007ff4c6a0eef0 R14: 00007ff4c6a0eeb0 R15: 0000200000000400
[   84.576118][ T6555]  </TASK>
[   84.863315][ T6567] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6567 comm=syz.0.1167
[   84.991876][ T6579] team0 (unregistering): Port device team_slave_0 removed
[   85.026390][ T6579] team0 (unregistering): Port device team_slave_1 removed
[   85.372140][ T6635] FAULT_INJECTION: forcing a failure.
[   85.372140][ T6635] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   85.385314][ T6635] CPU: 1 UID: 0 PID: 6635 Comm: syz.1.1201 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   85.385355][ T6635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   85.385371][ T6635] Call Trace:
[   85.385378][ T6635]  <TASK>
[   85.385388][ T6635]  __dump_stack+0x1d/0x30
[   85.385443][ T6635]  dump_stack_lvl+0xe8/0x140
[   85.385466][ T6635]  dump_stack+0x15/0x1b
[   85.385487][ T6635]  should_fail_ex+0x265/0x280
[   85.385528][ T6635]  should_fail+0xb/0x20
[   85.385613][ T6635]  should_fail_usercopy+0x1a/0x20
[   85.385683][ T6635]  _copy_to_user+0x20/0xa0
[   85.385712][ T6635]  simple_read_from_buffer+0xb5/0x130
[   85.385737][ T6635]  proc_fail_nth_read+0x10e/0x150
[   85.385772][ T6635]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   85.385887][ T6635]  vfs_read+0x1a0/0x6f0
[   85.385912][ T6635]  ? __rcu_read_unlock+0x4f/0x70
[   85.385939][ T6635]  ? __fget_files+0x184/0x1c0
[   85.385972][ T6635]  ksys_read+0xda/0x1a0
[   85.386080][ T6635]  __x64_sys_read+0x40/0x50
[   85.386107][ T6635]  x64_sys_call+0x27bc/0x2ff0
[   85.386188][ T6635]  do_syscall_64+0xd2/0x200
[   85.386264][ T6635]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   85.386346][ T6635]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   85.386373][ T6635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.386394][ T6635] RIP: 0033:0x7ff4c83ad57c
[   85.386475][ T6635] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   85.386537][ T6635] RSP: 002b:00007ff4c6a0f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   85.386554][ T6635] RAX: ffffffffffffffda RBX: 00007ff4c85d5fa0 RCX: 00007ff4c83ad57c
[   85.386565][ T6635] RDX: 000000000000000f RSI: 00007ff4c6a0f0a0 RDI: 0000000000000003
[   85.386587][ T6635] RBP: 00007ff4c6a0f090 R08: 0000000000000000 R09: 0000000000000000
[   85.386597][ T6635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   85.386607][ T6635] R13: 0000000000000000 R14: 00007ff4c85d5fa0 R15: 00007ffefdc688a8
[   85.386626][ T6635]  </TASK>
[   85.826863][ T6673] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[   85.833413][ T6673] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   85.841162][ T6673] vhci_hcd vhci_hcd.0: Device attached
[   85.847029][ T6674] vhci_hcd: connection closed
[   85.847153][  T124] vhci_hcd: stop threads
[   85.856365][  T124] vhci_hcd: release socket
[   85.860815][  T124] vhci_hcd: disconnect device
[   86.195185][   T29] kauditd_printk_skb: 863 callbacks suppressed
[   86.195203][   T29] audit: type=1400 audit(1754137989.559:3754): avc:  denied  { map_create } for  pid=6711 comm="syz.0.1236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   86.234084][   T29] audit: type=1400 audit(1754137989.559:3755): avc:  denied  { prog_load } for  pid=6711 comm="syz.0.1236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   86.253334][   T29] audit: type=1400 audit(1754137989.559:3756): avc:  denied  { create } for  pid=6711 comm="syz.0.1236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=0
[   86.274027][   T29] audit: type=1400 audit(1754137989.579:3757): avc:  denied  { create } for  pid=6712 comm="syz.4.1237" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=0
[   86.293785][   T29] audit: type=1400 audit(1754137989.579:3758): avc:  denied  { prog_load } for  pid=6715 comm="syz.0.1238" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   86.313151][   T29] audit: type=1400 audit(1754137989.589:3759): avc:  denied  { create } for  pid=6712 comm="syz.4.1237" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=0
[   86.332812][   T29] audit: type=1400 audit(1754137989.589:3760): avc:  denied  { create } for  pid=6712 comm="syz.4.1237" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0
[   86.352749][   T29] audit: type=1400 audit(1754137989.589:3761): avc:  denied  { mounton } for  pid=6715 comm="syz.0.1238" path="/syzcgroup/unified/syz0" dev="cgroup2" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=0
[   86.376915][   T29] audit: type=1400 audit(1754137989.589:3762): avc:  denied  { allowed } for  pid=6715 comm="syz.0.1238" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=0
[   86.425184][   T29] audit: type=1400 audit(1754137989.619:3763): avc:  denied  { create } for  pid=6717 comm="syz.4.1239" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=0
[   86.508789][ T6734] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1245'.
[   86.521511][ T6728] futex_wake_op: syz.3.1243 tries to shift op by -1; fix this program
[   86.538883][ T6734] FAULT_INJECTION: forcing a failure.
[   86.538883][ T6734] name failslab, interval 1, probability 0, space 0, times 0
[   86.551608][ T6734] CPU: 0 UID: 0 PID: 6734 Comm: syz.0.1245 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   86.551711][ T6734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   86.551728][ T6734] Call Trace:
[   86.551736][ T6734]  <TASK>
[   86.551745][ T6734]  __dump_stack+0x1d/0x30
[   86.551774][ T6734]  dump_stack_lvl+0xe8/0x140
[   86.551793][ T6734]  dump_stack+0x15/0x1b
[   86.551820][ T6734]  should_fail_ex+0x265/0x280
[   86.551867][ T6734]  should_failslab+0x8c/0xb0
[   86.551899][ T6734]  kmem_cache_alloc_node_noprof+0x57/0x320
[   86.551970][ T6734]  ? __alloc_skb+0x101/0x320
[   86.552006][ T6734]  __alloc_skb+0x101/0x320
[   86.552038][ T6734]  netlink_ack+0xfd/0x500
[   86.552138][ T6734]  netlink_rcv_skb+0x192/0x220
[   86.552220][ T6734]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   86.552247][ T6734]  rtnetlink_rcv+0x1c/0x30
[   86.552266][ T6734]  netlink_unicast+0x5bd/0x690
[   86.552302][ T6734]  netlink_sendmsg+0x58b/0x6b0
[   86.552401][ T6734]  ? __pfx_netlink_sendmsg+0x10/0x10
[   86.552437][ T6734]  __sock_sendmsg+0x142/0x180
[   86.552465][ T6734]  ____sys_sendmsg+0x31e/0x4e0
[   86.552508][ T6734]  ___sys_sendmsg+0x17b/0x1d0
[   86.552617][ T6734]  __x64_sys_sendmsg+0xd4/0x160
[   86.552700][ T6734]  x64_sys_call+0x191e/0x2ff0
[   86.552722][ T6734]  do_syscall_64+0xd2/0x200
[   86.552744][ T6734]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   86.552836][ T6734]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   86.552863][ T6734]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.552887][ T6734] RIP: 0033:0x7efdee0beb69
[   86.552903][ T6734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.553060][ T6734] RSP: 002b:00007efdec706038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   86.553084][ T6734] RAX: ffffffffffffffda RBX: 00007efdee2e6080 RCX: 00007efdee0beb69
[   86.553097][ T6734] RDX: 0000000000008090 RSI: 00002000000001c0 RDI: 0000000000000004
[   86.553108][ T6734] RBP: 00007efdec706090 R08: 0000000000000000 R09: 0000000000000000
[   86.553120][ T6734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.553131][ T6734] R13: 0000000000000000 R14: 00007efdee2e6080 R15: 00007ffd3a675258
[   86.553156][ T6734]  </TASK>
[   87.245538][ T5992] ==================================================================
[   87.253683][ T5992] BUG: KCSAN: data-race in shmem_getattr / shmem_recalc_inode
[   87.261192][ T5992] 
[   87.263538][ T5992] read-write to 0xffff888119f6c8c8 of 8 bytes by task 6783 on cpu 0:
[   87.271622][ T5992]  shmem_recalc_inode+0x3b/0x200
[   87.276600][ T5992]  shmem_get_folio_gfp+0x7a3/0xd60
[   87.281759][ T5992]  shmem_write_begin+0xa8/0x190
[   87.286648][ T5992]  generic_perform_write+0x184/0x490
[   87.291965][ T5992]  shmem_file_write_iter+0xc5/0xf0
[   87.297105][ T5992]  __kernel_write_iter+0x256/0x4c0
[   87.302235][ T5992]  dump_user_range+0x61e/0x8f0
[   87.307017][ T5992]  elf_core_dump+0x1e00/0x1f90
[   87.311840][ T5992]  coredump_write+0xb0a/0xe30
[   87.316534][ T5992]  vfs_coredump+0x142f/0x20c0
[   87.321242][ T5992]  get_signal+0xd85/0xf70
[   87.325613][ T5992]  arch_do_signal_or_restart+0x96/0x480
[   87.331170][ T5992]  irqentry_exit_to_user_mode+0x5e/0xa0
[   87.336777][ T5992]  irqentry_exit+0x12/0x50
[   87.341293][ T5992]  asm_exc_stack_segment+0x26/0x30
[   87.346438][ T5992] 
[   87.348768][ T5992] read to 0xffff888119f6c8c8 of 8 bytes by task 5992 on cpu 1:
[   87.356321][ T5992]  shmem_getattr+0x41/0x200
[   87.360841][ T5992]  vfs_getattr_nosec+0x146/0x1e0
[   87.365799][ T5992]  vfs_statx+0x113/0x390
[   87.370063][ T5992]  vfs_fstatat+0x115/0x170
[   87.374503][ T5992]  __se_sys_newfstatat+0x55/0x260
[   87.379563][ T5992]  __x64_sys_newfstatat+0x55/0x70
[   87.384608][ T5992]  x64_sys_call+0x135a/0x2ff0
[   87.389297][ T5992]  do_syscall_64+0xd2/0x200
[   87.393908][ T5992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.399814][ T5992] 
[   87.402142][ T5992] value changed: 0x0000000000000209 -> 0x000000000000020c
[   87.409274][ T5992] 
[   87.411605][ T5992] Reported by Kernel Concurrency Sanitizer on:
[   87.417761][ T5992] CPU: 1 UID: 0 PID: 5992 Comm: syz-executor Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   87.430019][ T5992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   87.440088][ T5992] ==================================================================
[   87.855475][ T6220] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.919164][ T6220] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.988326][ T6220] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.066572][ T6220] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.139463][ T6220] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.176814][ T6220] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.236634][ T6220] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.307070][ T6220] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.368870][ T6220] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.406779][ T6220] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.467048][ T6220] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.516642][ T6220] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.558754][ T6220] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.606760][ T6220] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.656693][ T6220] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.706560][ T6220] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.768005][ T6220] dummy0: left allmulticast mode
[   88.772970][ T6220] dummy0: left promiscuous mode
[   88.777986][ T6220] bridge0: port 3(dummy0) entered disabled state
[   88.785071][ T6220] bridge_slave_1: left allmulticast mode
[   88.790741][ T6220] bridge_slave_1: left promiscuous mode
[   88.796467][ T6220] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.804408][ T6220] bridge_slave_0: left allmulticast mode
[   88.810156][ T6220] bridge_slave_0: left promiscuous mode
[   88.815852][ T6220] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.824242][ T6220] bridge_slave_1: left allmulticast mode
[   88.829884][ T6220] bridge_slave_1: left promiscuous mode
[   88.835567][ T6220] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.843558][ T6220] bridge_slave_0: left allmulticast mode
[   88.849294][ T6220] bridge_slave_0: left promiscuous mode
[   88.855062][ T6220] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.863333][ T6220] bridge_slave_1: left allmulticast mode
[   88.869035][ T6220] bridge_slave_1: left promiscuous mode
[   88.874838][ T6220] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.882714][ T6220] bridge_slave_0: left allmulticast mode
[   88.888430][ T6220] bridge_slave_0: left promiscuous mode
[   88.894167][ T6220] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.046107][ T6220] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   89.056031][ T6220] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   89.065449][ T6220] bond0 (unregistering): Released all slaves
[   89.106951][ T6220] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   89.116696][ T6220] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   89.126205][ T6220] bond0 (unregistering): Released all slaves
[   89.197112][ T6220] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   89.206993][ T6220] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   89.216590][ T6220] bond0 (unregistering): Released all slaves
[   89.242250][ T6220] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   89.251929][ T6220] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   89.261654][ T6220] bond0 (unregistering): (slave dummy0): Releasing backup interface
[   89.271812][ T6220] bond0 (unregistering): Released all slaves
[   89.282570][ T3380] syz2: Port: 1 Link DOWN
[   89.374270][ T6220] hsr_slave_0: left promiscuous mode
[   89.379920][ T6220] hsr_slave_1: left promiscuous mode
[   89.387100][ T6220] hsr_slave_0: left promiscuous mode
[   89.392658][ T6220] hsr_slave_1: left promiscuous mode
[   89.400742][ T6220] hsr_slave_0: left promiscuous mode
[   89.406474][ T6220] hsr_slave_1: left promiscuous mode
[   89.412188][ T6220] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   89.419623][ T6220] batman_adv: batadv0: Removing interface: batadv_slave_0
[   89.427209][ T6220] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   89.434681][ T6220] batman_adv: batadv0: Removing interface: batadv_slave_1
[   89.444267][ T6220] hsr_slave_0: left promiscuous mode
[   89.449873][ T6220] hsr_slave_1: left promiscuous mode
[   89.463866][ T6220] veth1_macvtap: left promiscuous mode
[   89.469458][ T6220] veth0_macvtap: left promiscuous mode
[   89.475070][ T6220] veth1_vlan: left promiscuous mode
[   89.480309][ T6220] veth0_vlan: left promiscuous mode
[   89.486066][ T6220] veth1_macvtap: left promiscuous mode
[   89.491541][ T6220] veth0_macvtap: left promiscuous mode
[   89.497070][ T6220] veth1_vlan: left promiscuous mode
[   89.502343][ T6220] veth0_vlan: left promiscuous mode
[   89.508345][ T6220] veth1_macvtap: left promiscuous mode
[   89.513860][ T6220] veth0_macvtap: left promiscuous mode
[   89.519534][ T6220] veth1_vlan: left promiscuous mode
[   89.524805][ T6220] veth0_vlan: left promiscuous mode
[   89.530430][ T6220] veth1_macvtap: left promiscuous mode
[   89.536071][ T6220] veth0_macvtap: left promiscuous mode
[   89.541655][ T6220] veth1_vlan: left promiscuous mode
[   89.546949][ T6220] veth0_vlan: left promiscuous mode
[   89.703251][ T6220] team0 (unregistering): Port device team_slave_1 removed
[   89.712771][ T6220] team0 (unregistering): Port device team_slave_0 removed
[   89.810095][ T6220] team0 (unregistering): Port device team_slave_1 removed
[   89.820081][ T6220] team0 (unregistering): Port device team_slave_0 removed
[   89.876203][ T6220] team0 (unregistering): Port device team_slave_1 removed
[   89.885724][ T6220] team0 (unregistering): Port device team_slave_0 removed
[   89.897887][ T6210] smc: removing ib device syz2
[   90.678322][ T6220] IPVS: stop unused estimator thread 0...
[   90.684435][ T6220] IPVS: stop unused estimator thread 0...
[   90.690738][ T6220] IPVS: stop unused estimator thread 0...
[   90.746066][ T6220] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.805676][ T6220] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.855431][ T6220] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.905523][ T6220] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.966911][ T6220] bridge_slave_1: left allmulticast mode
[   90.972583][ T6220] bridge_slave_1: left promiscuous mode
[   90.978357][ T6220] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.986205][ T6220] bridge_slave_0: left allmulticast mode
[   90.991884][ T6220] bridge_slave_0: left promiscuous mode
[   90.997686][ T6220] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.041632][ T6220] team0: Port device geneve1 removed
[   91.176035][ T6220] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   91.185904][ T6220] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   91.195483][ T6220] bond0 (unregistering): Released all slaves
[   91.203968][ T6220] bond1 (unregistering): Released all slaves
[   91.245809][ T6220] tipc: Left network mode
[   91.252252][ T6220] hsr_slave_0: left promiscuous mode
[   91.258083][ T6220] hsr_slave_1: left promiscuous mode
[   91.266381][ T6220] veth1_macvtap: left promiscuous mode
[   91.271878][ T6220] veth0_macvtap: left promiscuous mode
[   91.277548][ T6220] veth1_vlan: left promiscuous mode
[   91.282801][ T6220] veth0_vlan: left promiscuous mode
[   91.342210][ T6220] team0 (unregistering): Port device team_slave_1 removed
[   91.351787][ T6220] team0 (unregistering): Port device team_slave_0 removed
[   91.746281][ T6220] IPVS: stop unused estimator thread 0...