last executing test programs:

3.615141222s ago: executing program 1 (id=1018):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'syz_tun\x00', <r1=>0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='rxrpc_peer\x00'}, 0x18)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="44000000100003052bbd7000249d020000000000", @ANYRES32=0x0, @ANYBLOB="15010000ad190800140012800b0001006d61637365630000ff00028008000500", @ANYRES32=r1, @ANYBLOB='\b\x00'], 0x44}}, 0x0)

3.502071932s ago: executing program 1 (id=1022):
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000356ffc)=0xffffffffffffff40, 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f00000003c0)={0x4, &(0x7f0000000380)=[{0x1, 0x0, 0x4, 0x8}, {0x9, 0xd6, 0x2, 0xfffffe00}, {0xf88c, 0x6, 0x5d, 0x4da0}, {0x461, 0x4, 0x0, 0x6}]}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000600000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000d91e0e3900"/28], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r3}, 0x10)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e24, 0x800, @loopback, 0x5b5}, 0x1c)
socket$inet(0x2, 0x2, 0x1)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r1}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f00000a2000)={0x1, &(0x7f0000f07000)=[{0x6, 0x0, 0x0, 0x4}]}, 0x10)

2.58702697s ago: executing program 1 (id=1043):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100", @ANYRES32=0x0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={0x0, r1}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newtclass={0x454, 0x28, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0x2}}, [@tclass_kind_options=@c_netem={0xa}, @tclass_kind_options=@c_cake={0x9}, @TCA_RATE={0x6}, @tclass_kind_options=@c_htb={{0x8}, {0x408, 0x2, [@TCA_HTB_CTAB={0x404, 0x3, [0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x846e, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ff0b358, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}]}}]}, 0x454}}, 0x0)
pipe2$9p(&(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
write$P9_RLERRORu(r4, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0}}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$RDMA_USER_CM_CMD_BIND_IP(r4, &(0x7f00000002c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @private2}}}, 0x30)
write$binfmt_elf64(r4, &(0x7f0000000280)=ANY=[], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
chdir(&(0x7f0000000100)='./file0\x00')
open(&(0x7f0000000300)='.\x00', 0xc00, 0x0)

2.566805362s ago: executing program 1 (id=1045):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f0000000100)={[{@jqfmt_vfsv0}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}]}, 0x1, 0x784, &(0x7f00000007c0)="$eJzs3c1rHOUfAPDvbJKmSfv7JYKg9RQQNFC6MTW2Ch4qHkSwUNCz7bLZhppNtmQ3pQkBW0TwIqh4EPTSsy/15tWXq/4XHqSlalqseJDI7Eu7bXbTTZvdDeTzgck+z8xsnue7z8wzz+wMOwHsWRPpn0zEoYj4KIkYq89PImKomhqMOFFb7/b6Wj6dktjYePOPpLrOrfW1fDS9J3WgnnkyIn58P+JwZnO55ZXV+VyxWFiq56cqC+enyiurR84t5OYKc4XFY9MzM0ePv3D82M7F+tcvqwevf/zas9+c+Oe9J65++FMSJ+JgfVlzHDtlIibqn8lQ+hHe49WdLqzPkn5XgIeS7poDtb08DsVYDFRTbYz0smYAQLe8GxEbAMAekzj+A8Ae0/ge4Nb6Wr4x9fcbid668UpE7K/F37i+WVsyWL9mt796HXT0VnLPlZEkIsZ3oPyJiPjiu7e/Sqfo0nVIgFYuXY6IM+MTm/v/ZNM9C9v13FYLN4arLxP3zdb/Qe98n45/Xmw1/svcGf9Ei/HPcIt992E8eP/PXNuBYtpKx38vN93bdrsp/rrxgXruf9Ux31By9lyxkPZt/4+IyRgaTvPT1VVb3wU1efPfm+3Kbx7//fnJO1+m5aevd9fIXBscvvc9s7lK7lHjbrhxOeKpwVbxJ3faP2kz/j3VYRmvv/TB5+2WpfGn8TamzfF318aViGdatv/dtky2vD9xqro5TDU2iha+/fWz0XblN7d/OqXlN84FeiFt/9Gt4x9Pmu/XLG+/jJ+vjP3QbtmD42+9/e9L3qqm99XnXcxVKkvTEfuSNzbPP3r3vY18Y/00/smnW+//W23/6TnhmQ7jH7z++9cPH393pfHPbqv9t5+4ent+oF35nbX/TDU1WZ/TSf/XaQUf5bMDAAAAAAAAAAAAAAAAAAAAAAAAgE5lIuJgJJnsnXQmk83WnuH9eIxmiqVy5fDZ0vLibFSflT0eQ5nGT12ONf0e6nT99/Ab+aP35Z+PiMci4tPhkWo+my8VZ/sdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWjz/P/Ub8P9rh0A0DX7+10BAKDnHP8BYO/Z3vF/pGv1AAB6x/k/AOw9HR//z3S3HgBA7zj/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMtOnTyZTht/r6/l0/zshZXl+dKFI7OF8nx2YTmfzZeWzmfnSqW5YiGbLy20/UeXai/FUun8TCwuX5yqFMqVqfLK6umF0vJi5fS5hdxc4XRhqGeRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDnyiur87lisbAksWViZHdUY9ckBmNXVEOia4nmXmKkfx0UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwC73XwAAAP//+Lkq2Q==")
fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x200, &(0x7f0000000140)=<r1=>0x0)
r2 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x896a, 0x4, 0x6, 0x8, r0, 0x40, '\x00', 0x0, r2, 0x4, 0x5, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
write$binfmt_script(r2, &(0x7f0000000080), 0x208e24b)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, &(0x7f0000001540)={0x7, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r5=>0x0}], 0x7, "bc13a9ce552560"})
ioctl$BTRFS_IOC_TREE_SEARCH(r4, 0xd0009411, &(0x7f0000002540)={{<r6=>0x0, 0x600, 0xde, 0x33f, 0x4, 0x7ff, 0x2967, 0x5, 0xff, 0x8, 0x1, 0x9, 0x3, 0x1a000, 0x1}})
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
mkdir(&(0x7f0000000240)='./file0\x00', 0x0)
creat(&(0x7f0000000280)='./file0/file1\x00', 0x0)
unlink(&(0x7f00000003c0)='./file0/file1\x00')
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r3, 0xd000943e, &(0x7f0000003540)={r5, r6, "c44a3294998b6f21c400ea10971d70556668fcc18cf4a102326e60557782dd56381a0b3d4141d5689894ce9bbc37fbd0beb33d05b9844b1ee700ce32f68abd0e7b8477998a3b933dd287efb42d92bcb0a8492ecfc70507db7412fa2c627504e0a26da035ac772355f816413e5e0c47c6f1588549dfa72b2aba4fb0d6e39a0b3c0c036d48600e0dc52b265fa609fe14f7558e3f0cf4e17f48a53fa6b6278c845351b0b9862f3452a9f354329211a5e8dfbc5dc2d9c179d9fc636fce7e5ba8a7f78572c47cbf6fa7ded86dd3c5da997cbfd51b315dc311bcfb0f3ee2a6236f48f1d6b49dfea69f3611e1240aedd632972c6f8c2a989698763bfd1963c6c4230f91", "d71932e1bc04c58613c098630e218e7e7e050d975bb104fadbc78bb62bd65fb677926e8767aac99b047ba6bba6ac20df253799ceea9dfd90ce2c357dd1cb7d949fbd4bde61dcf8db265935d0b67dafb044af16596f1ee86d61ae6a47323728cc4df0f359b0b17e14fd5f522aa541690e1b1dadc35d8c72ad3808e6807173bb3df292564873ba35bc986250fbfd9bce18b6731e1c25c89a06cab9f5182149273fdb8ca3e166f7020631ef2511a6b515d83d4a08fcc35010db56afdb9a3054cdfcf3d6d2866955f58facd2e513f094c2da23e117a2cdfbf8c2eeff3f8beadd8c9d62a0c3944b2d55b15bd50c6805058083f32406c3e6bd195da9b09530167a88e755f08f43dc4925ad6f1e21ac18d9c7cbf0ff8e361833391972b37d1ee2ce75c82d3f1cb755fd2d14994939a1a1260a7e57412f37a779e85a6ff0a086bff91faf0525a258334cf974820c9a5f530c700a1632b2bccf67f3bf28bb24ef9501b04449d01e371e6f08f8047f1fbfae9b34e9584191f68c1e11d38b7f3da862bf4ca74f5cf2155cf15a0e6a6f03b63e25b0c1f676de7430738968b322205e76821268a3f2075beeacb84e345c76a6c06a77f607e1947f5679f22e69a7f306b314564b85b56e5ef5da924e3963f7a28b89da16dc9a01fd40b906cc7346dd2120f3010b3a31eeddcdf45b9ecbec1336e1781d999144200c398ad40bd8e85a60b9b5be06b32876afb63af0ac6f4e9874ec743c61a9cec98ca74b17a40917c519328a9e438b5fa76c0e8607fff30b303df4fd00d38b3ffc17c794e0d43809912b7856c40824f7774019cb83d630a187ccf54c24b8459e9cde564dafc039a61c2cf1769f472349136fc195ed0780c11f3210237f2e4a566879e9236ae4bf90354a960d51ab7cc6c9f8a156ba164e323ae454839e72dee92bddb35a81293aa0ecd481bbb9507f42553f50284fafc1e9f3d6dc26325718b94c7679d7191afd9ea4a8dee836c5e6fa3b4531d48df08ebbd198471c2271693279cbea6888ca5720e3681546c6cca832e275b876769e2fc341dabcee0cb87e594e13a567fa2558c105358009b8f926352687043c9105fafefa0016cf8dfc50bb253a00c716465c4ae9c8c8b9702f377b5433e19ddbc376ee2ab6adf564c124a20274670748f5fe33961a1a819b63734fd348451d453caa45719631f8dab82c2bba5efe33292c86c5d19e477d3479a8d5e178277bfb1ede5a533406b9428f47b2802ca2faae5fbbfddf010186ecac6e660ebd771638042df932d670a08ca9edabfe707189b02907efb8fadd7432a49780415e29adce0435d5ff40e0f2c6d08331fe24a744e7786be6d888d88c6a7c2736f16ae682cf1e991c5e534312d28f0678f1c86442a8196fcb64345894c371ce5c48d5bd4577f3395ad7218ec608bc4286a712e941de29c04f22b85ccf57b0aa85b43dc05eb62e82cf67c59ff8ffbfdabbb47c00f66afbacee04ad156c1a13b1bf191a14921650aa53ed7451a3cf4dca397995ece7694e0a53104aaaae009ff31380d069c2a513e2116a7893381a2ca8945b0dd21a281e2404a52a4befff8de0a3da7198eedf987b1e39be1384dfdd48726189c43f1f0436a47485bea4fccdefee1e8eb3a9f9a26beb3ad4ff015a78eb6b7ed65157eb700dbe25ab2d34a9b1a165eb183cf55fe0ca8ebcae46022d7842335f97acd86d07ab5101f1b77f3aea1a97a0bfb9954c67398a19e9ac57bab4d38fb0da8e50668faece66f46195be4e56d070921e1e59f74baaafb9b7f706a25af939fb303f6eb293262e59dd481787ff98c6f73b38f1a012b326fede8f276f6af7fc2e14da78b3cc277745aed6bde6ba1600e5518ee6f9b77d864bca37de83452b8a04829c5c6d708dbc03bb176f787fadae310b628698124b2ecc39b7677ef84227253863e8fed5e746ea814b314161ce1b6049641f231c1e05bbfad9ec504805ddda39af353be364e7027884b317599ca543269f0396f2615a217a2366216ff2638695fc9ff7d5010655559a65cdc8bfb3c4f3979395b57f5556a307ecd6dc5cc3ea4b6521e5a69c2d042c7a7cd54d24ac8713a7f74b62fe8607aaf90f819c9ac442ba67f40765198c1a709804291be14d27f1c6559389e1a5d795ed3fabf95540e21bce4760e703a48d2dea9b9e239b5862a8fe43a48793670f4ba4199ab8fdbc6e3c22b05c86eb3cfe8a490b4ea65b61e2b0e3f911cf2a7abb588066c35fabde6428faa756c51bb2dedf8ea9addf8d014749fa8f96c748af4ac9c3d4b2ff26bf9773ea8c46e734048b9c91671204ad7fe884ee926acd3cace6e2810a0bfc164b1c57b45fcc1120cc1a2814ec9e0f6220f16c50ffdf8fd0d939a548d17e50d232922b90ed0dea03ac05d07ac35a35efc3cc493b1081093f7a998d70c70d6224cd86de1cb5b8995baaa046a394cd79b7cd5cd82bfe9d04e05b40880b58c448afae70c632ab2ef0d68345aca7c6ff70ba2977ecb30960f3a0ed8b1cca11f09499b89f7edc366252ae8cd20c3e9fe011e56d7dd77aaf12efa4b1ea905b62ded28233043b1506eef689841e8e868e333159bc7503888aeae69fd4e85545fddede5636ef331773a8df361fdb5117cebc93cf3dfd8282f2f30074d469d5e63003a618893186b8ac23bcf6a18d93e14bd34ac61efbd0658b9ffa0d32e21ac301d10900db93c3fca15e9145825abd9f68c522fcfc9dab3eae164a986b9652079831c99966a28ec9bd6f6d4cd3945115c1512bff043ef5b128ff5919d0e6bc37f9bb9c5c15fb303139e5685029fce5bfb128dc7e8417eafd3fd1d69e16a47a32f3ddd25791070b0d67e101ece3d4c43c23b161eef2d50fcac99e8f4bf7fe6812c936f1d341be738babdf62f9f643268198d9b0485dab371171ece2a70430d9f9157b3dd4cfb9e2f96056ae1ca8dd650c31b0037e0946ac336168ed7c902f179e072acdf69c76ddf88ff00372ba44815a6f18c02c7e28b588aafc89840db4c991c3c812d4b258ccc9e3d9f7a40202547184539fff7b3130ca5c33b62305ed31ac7b03d106345b1e81c1118a360cbd2b2512a72d6be38c77bc0d71890c01dbda2363c7700060259853947332fc774b24fbb478bfcae1b09c1e5f85b81c969d5826c7c078eb96772881f810345da46c77234afe681b4599eac29b072214360c7df0cbae3f289adbcb4aca51f1a3b93fb966d0033ff348fe570aedf6b2da25881d95ba748493801d65fdd8b3a13b50c8792b6cfe26b4a08afa830cb51edc9384b4ed8ffafd7dce3cc7ecca0b478c484ad36ec68f320a30a8e5e09664360a5d30e9bdd0795fb1efd0795861513f71c13cd7dd9d78e5f66d882ae7588291f0fed70f924b03b278ccfd04ecebfdaa155619f36972d4ad7f5189d37bdbd27da88f925db65056d6d204b64736b952bd3b419473bfdfad5c8e7c38e3a96ba8b15f1f61032904f1fe635a16a3ea64eca7a8e853f3a9e0f797aefee3a78a4694e707664d3254ff5b9148fc676849411b7c59aa2a7fa3f9128696e666dcb420f21d6640bf3079f553fe44af08968c212d4ca46ff4ace6b5edaa3bc54619796114ea5d390b475198999da695d7c7157a5a42866f769edee6e57388d176cf8dfd31cc71210c0072e7085b3cb0d1bb3469750548d8784366166b788194b83a07bea0aa5e30c27dc74c99e6c4123bb64cc2985119df216c0d6f32675186fe9b42f7f09c376f2a4fa0148e4c26b5e114d6c6ba7c87342558a76bfb4b1024030f76d8cda4af45301308e5afa97d39348333d28aef2586f49e8e6753d5e019b0eaa99fa6ce4d6a59327beaada3f8055a3073996e1b6ca3a0bc7242c41d7d8c109e4ee7ee71b45db2e4b771f2cc4907caad8b633d39ea09babfb6a89e5a0c7a2c32c47df73f8246dbd6faa7cb19bbf104e79ec6ab2929246ce5422122bee2d126c5a3fdab394e804a1710ad26ee0b615d99adec931161a95d07fbc957647e5732f5269a3276d924c79c659f5ed00a00faf7c79d318f71de99304a705024a0d69a94573b8b8a3c5556680e145594135c60030458b043649eea284dca8c8c2fc26946a343757376a2fcb72781f3c5e86febfc73f6992cecffe856bb9e3a43edb0af65208be5970f0ce812e8a16878194cebefd982205aecfa199ed99817bad9251e15199808954c5670b26f08c604c4b192094bfade17908a4237cff3cfa411812f4289f62a5f1a43b3320776f53de97a91fd894b9104c7ce501b578b1e721dd3da46885ee1e6c87c67710f0d7f715ec3c162eb173a328116b99bb6a8035995f3d5ad5347770a488b2796e934208619f874112a90a45422a173f4f70745d4ecee09e8e041d49b77afdbb206565ba060e6bf7c3642168c2103a36a967825f5b771ddaf18babb97d0300f12269d6f95d3a96c26b6848830f930013c1dfbbe915a5a75d96419420d7d6fe53bc1e6683222068a7ec1fd86fce2ed40db9d0df57b975e3e78f9a5c30b4df9ff5b3dc4fa76f3be6ce4ce95902d6f874f4e29541aea0dd286f3ad792d7e8bae77e0eb737edccc15db6ad7b2ea22746ec37d21a16f188ac34cd5003b961587bad9e24b5e3ff65af29506084372b2933f9c5a9d02c20561ed8908d657f0414af8e1580006359bab51560e18134e076dbd1bf6d862e25f8b0ead6a0192e5889dda493485634cfc5ef0234847c162e3aee8489ad8ad529d122a96c3f8180158b1d4862a65ead48edbb69b944c1e7bbfa4326e915aa4b1671a8d1984f92e8298d2fcda9e116191e0e7bb597c75c3e3e5bc3d155234485c5166fa6e0f2361bed6b0444812ea43eac9f3b7f323c6f82aa4b7da77e005184be68955fcb119f4746020a98aa67afcdeff7c925605162a3534e9e72a49cb8ee89b4c8e53c31f5a1fcd82c6ef5e627fe82d476dd58b4b5dbd911c75d7c4ab7700ae9f365c7eae4d2560c57125ebff1567588776bfc0cc996783146f10948185a12da70a58b691eedb81be7b5284fb067bdc524ddc628af6b1dc3b6397bbf118c10ec1c9666fa721a99a5edd6f8afe9e67a6111d17f865e0aa7512df12192855085d7e8e32ad3e72207c27611b4f10cdeb3c17a327200e8a1cc82701f0ddb6845cf161b6fc24f32d05433b0ca37d9fda160f2bdcf0049b336003af8c98904715bb27d4bc69acc3eccd2c70e4d3fe8654cf7549db0c999fc7b6e17724383f1a2f17d6b8fca0d4659b93a253928c7d3760b8accd49d133f430809564c414201e9ff2957059416ec0d1c20665f8fa50e73b23bc44b8b40948a78a19fd84030d5a21114288bc473aa48e6b3b0102b098ab13a923b529b51d7b3449074e064cc3f8f491feb6c6eeb96690a4b57d14cb4e597bfc95eb13ee274c221b4a090eca7bd916f188aed9408adcb7753c8bb244822f6ff4"})
bpf$PROG_LOAD(0x5, &(0x7f0000001480)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r8, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000067dfb4a518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r9}, 0x10)
syz_emit_ethernet(0x5e, &(0x7f0000000b40)={@random="cf702e8cf675", @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x28, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @dev, @dev}}}}}}, 0x0)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x4000}])

2.425795214s ago: executing program 4 (id=1048):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000003c0), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e"], 0x70}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000700)=ANY=[@ANYBLOB="340000001800dd8d00000000000000000200000000000006000000000600150006000000100016800c0002"], 0x34}, 0x1, 0x0, 0x0, 0x11}, 0x8000)

2.372731558s ago: executing program 2 (id=1049):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0xe}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000140)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x9) (fail_nth: 12)

2.363021589s ago: executing program 4 (id=1051):
syz_open_dev$loop(&(0x7f00000005c0), 0x10000, 0x10d480)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT")
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
creat(&(0x7f0000000240)='./bus\x00', 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
r2 = open(&(0x7f0000000280)='./bus\x00', 0x10d042, 0x12)
sendfile(r1, r2, 0x0, 0x10001)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7f03)
socket$inet_mptcp(0x2, 0x1, 0x106)

2.102690601s ago: executing program 4 (id=1053):
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000356ffc)=0xffffffffffffff40, 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f00000003c0)={0x4, &(0x7f0000000380)=[{0x1, 0x0, 0x4, 0x8}, {0x9, 0xd6, 0x2, 0xfffffe00}, {0xf88c, 0x6, 0x5d, 0x4da0}, {0x461, 0x4, 0x0, 0x6}]}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000600000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000d91e0e3900"/28], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r3}, 0x10)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e24, 0x800, @loopback, 0x5b5}, 0x1c)
socket$inet(0x2, 0x2, 0x1)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r1}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f00000a2000)={0x1, &(0x7f0000f07000)=[{0x6, 0x0, 0x0, 0x4}]}, 0x10)

2.032405887s ago: executing program 2 (id=1054):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000200000000000000002000"/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000001c0)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r2, &(0x7f000000cf00)=[{{&(0x7f00000084c0)={0xa, 0xfffc, 0x0, @loopback}, 0x1c, &(0x7f0000008900)=[{&(0x7f0000008500)="88", 0xff12}], 0x1}}], 0x1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4, 0x0, 0xe}, 0x18)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x3000004, 0x4004010, 0xffffffffffffffff, 0x0)
r6 = syz_io_uring_complete(r5)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1)
faccessat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r7, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r7, 0x84, 0x6d, &(0x7f0000000300)={<r8=>0x0, 0x66, "a8d5ab0d2a0e046715321ac8f922c06a72923c2cdbe2de2c379ea9aaf6fba6ef042d22595b80a1d63456558cd6232c149759b55814a4d910e3bb03f47c38ad737d6a4d737bdb42b0be6848dc09a50a9959bd0692be0f2b87dd750382f91b1c7e251259357d98"}, &(0x7f0000000200)=0x6e)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000380)={r8, 0x10, &(0x7f0000000280)=[@in={0x2, 0x4e24, @empty}]}, &(0x7f00000003c0)=0x10)
getsockopt$TIPC_SRC_DROPPABLE(r7, 0x10f, 0x80, &(0x7f0000000040), &(0x7f00000001c0)=0x4)

1.856001392s ago: executing program 0 (id=1057):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000b40000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r1, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f00000002c0)=[@fadd={0x58, 0x114, 0x6, {{0x4d13535d, 0x8}, 0x0, 0x0, 0x7, 0xa0010000000000, 0xfffffffffffffff3, 0xb, 0x65, 0x100}}], 0x58}, 0x0)

1.720836354s ago: executing program 0 (id=1058):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x800000000}, 0x18)
r2 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004001)
sendmsg(r2, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000780)="a9", 0xfffffdef}], 0x1}, 0x200000000000000)

1.716454504s ago: executing program 0 (id=1060):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000880)={[{@errors_remount}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@oldalloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x2, 0x44a, &(0x7f0000000400)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c")

1.715546834s ago: executing program 1 (id=1061):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000020000085000000820000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000ac0)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='sched_switch\x00', r5}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x50, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14}}}}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x10}]}, 0x50}}, 0x0)
r10 = io_uring_setup(0x26fd, &(0x7f0000000000)={0x0, 0x0, 0x40, 0x2, 0x40})
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r11, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
readv(r2, &(0x7f0000000880)=[{&(0x7f0000000080)=""/5, 0x5}, {&(0x7f00000004c0)=""/217, 0xd9}, {&(0x7f0000000280)=""/35, 0x23}, {&(0x7f00000005c0)=""/216, 0xd8}, {&(0x7f0000000380)=""/170, 0xaa}, {&(0x7f00000002c0)=""/88, 0x58}, {&(0x7f00000006c0)=""/174, 0xae}, {&(0x7f0000000c00)=""/4096, 0x1000}, {&(0x7f0000000780)=""/244, 0xf4}], 0x9)
sendmsg$NFT_BATCH(r11, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
close_range(r10, 0xffffffffffffffff, 0x0)

1.599068384s ago: executing program 0 (id=1062):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000003c0), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = dup(r3)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x4000000000000, 0x4, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000700)=ANY=[@ANYBLOB="340000001800dd8d00000000000000000200000000000006000000000600150006000000100016800c0002"], 0x34}, 0x1, 0x0, 0x0, 0x11}, 0x8000)

1.557827777s ago: executing program 0 (id=1064):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="163e6cce65ffff0000000008003950323030302e"], 0x15)
pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
open_tree(r4, &(0x7f0000000400)='./file0\x00', 0x80001)
write$P9_RVERSION(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1500000065ffff0180"], 0x15)
r5 = dup(r0)
write$P9_RLERRORu(r5, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r5, &(0x7f00000002c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x30)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000340)='kfree\x00', r7}, 0x10)
r8 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$read(0x1d, r8, 0x0, 0x0)
add_key$keyring(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x2}, 0x0, 0x0, r8)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0xc, &(0x7f0000001340)=ANY=[@ANYBLOB="1800000087000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000030000009500000000000000669c58f5e2a7b2907bcfdf5f89145c190ef0353568de804a3d1e0f5f88dfe2d91e4e8f5e0f63e038ed691c2cea4332b510d2e9732e78d87a28c86b3624337c34903ffad4ede0cac933a9b89850df2667ba031317de3b6a81fc9efef40c993dc8070a5751de14bcb71e0784b79e6033f390785ad657310451c0c5aad0d8de0c84a5bd4ebe5e3c76bcc3e0"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r10}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000700)={{r9}, &(0x7f0000000680), &(0x7f00000006c0)='%+9llu \x00'}, 0x20)
lsm_get_self_attr(0x64, &(0x7f00000014c0)={0x0, 0x0, 0x48, 0x28, ""/40}, &(0x7f0000000240)=0x48, 0x0)

1.496283073s ago: executing program 0 (id=1065):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0200000004432244379b125bbb90949bfb148a89f127d5ffd10000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x44842, 0x0)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)='$', 0x3fec00}], 0x2, 0x1400, 0x0, 0x3)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x800000000}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0xcc, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @multicast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_SEQ_ADJ_REPLY={0x54, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x7}, @CTA_SEQADJ_CORRECTION_POS={0x8}, @CTA_SEQADJ_OFFSET_AFTER={0x8}, @CTA_SEQADJ_OFFSET_BEFORE={0x8}, @CTA_SEQADJ_CORRECTION_POS={0x8}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x200}, @CTA_SEQADJ_OFFSET_AFTER={0x8}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x9}, @CTA_SEQADJ_CORRECTION_POS={0x8}]}, @CTA_SEQ_ADJ_REPLY={0x14, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8}, @CTA_SEQADJ_OFFSET_BEFORE={0x8}]}]}, 0xcc}}, 0x0)
r4 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r4, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004001)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000a094bb2993e2174fb555f36a5df1a2132445d006cb2734667a03baa4d6ee6b312434bd459c5fb218e81e3d7ed6ab228c0d454e711e41841179c9cc4f3e182b516114bf229681529e9ce75f9958fae6fbdbdc9ba3152bde89e315c845256a94b902d8e2fa217b5f83941e65bc2e2d25dbd1e84e2884d76d81b73028641b0c7b78d042f9f2e4dddac587aa1c8038ee41f8620a9407c09f299573c9eb82c58f4d5d141d05abf16632d073caa1ac985d98d39462446ac42ce2f9d74d804fa64080ae43d504e762f811f7929380fcb9cf362dee62de6d07099e5951f0d27664a2a83e726e38a4a02d0a7933bf967202cccad9a3680f9cbba146c58a9e7eb903207c05d088e70ffa2666a73e88d4b99d3fb2a7d665786ef87677f9cc354631a6f0aa663b7b9ac52f62273754de6af1f8d8f360eab7014beeeb43e21d452029d1d3bc5399fa25cbdf106941adb021def4389d00736f22b720a3cbc8436682e055911d6beda81c80424dc8d1c717addbdf39ae3b6ec5a72f7baa891083892ec27c2257829b33bebc84d1800dc13c80a458f6204f54519f8525592840e9ad8ad67cb698acdde89b3f7beee7ac8ba7aae52c9ab79110c8e4d4df70ea9758b6652a94e9035af55dc1f669fcda5636f8d93e11ddf47fe5dc71163f34914bf3506626a575e09c89fcc0f3f0d3dd7c4debd5ec6cf45e4a5f39f89ecfe3558d40f885f3d14d4286a8ec831ee39174f3cbf6fed4dac40291f60d43f847374852fb95cca1e234f02da36577f5a151591079", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000e47f00000180000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r8}, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r9}, 0x10)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000c80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7f8fbc9cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b2cdf41dc10d1e8bf076d83923dd29c0301000000010000003d5d78c07fa1f7e4d5b318e2ec0e0700897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6e70af07da5ceb01b7551ef3bb622003b538dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0476619f28d99cde7a6b73340cc2160a1fe3c184b751c51160fbce841dfebd31a08b32808b80200000000009dd27080e71113610e10d8fb9c2aec61ce63a3462fd50117b89a9ab759b4eeb8cb000067d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0180aabc18cae2ed4b4390af9a9ceafd07ed0030000002cab154ad029a119ca3c972780870014605c83d7d11c3c975d5aec84222fff0d7216fdb0d3a0ec4bfae563858dc06e7c337642d3e5a815212f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a46939868d75211bbae0e7313bff5d4c391ddece00fc772dd6b4d4d0a917b239fe12280fc92c88c5b8dcdcc22ee1747790a8992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5cc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffff7f23877a6b24db0e067345560942fa629fbef2461c96a08707671215c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e42e50adab988dd8e12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859adfe38f77b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2499d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc874b2f663ddeef0005b3d96c7aae73835d5a3cda9e90d76c1993e0799d4894ee7f8249dc1e3428d2129369ee1b85afa1a5b6154eb2eea0d0df414b315f65112412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7ade8a5b859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10d82eafb03062e95196d5e3ffea0000000000000be959096ea948cfa8e7194123e918914a71ad5a8521fb9553bc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c63ebb4380b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989177a1bcd1e30280bc586e79a5dd80701018e7d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fc03000000000000001547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f0000000011d415b6b085fb73a2c7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aac029d15af607ad83532ff181c985f54b39370c06e63055b4d6a36fa98a44e379d28307c9912fb097601f3f88a2ca6fd1f9320cfe7fc8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589c95d8ad67a65e9a44c576dc24452eaa9d819e2b04bdd1c000000070000000000000000000000005333c6199c12dcd926891927a7267c47cf897853d160100b39b613faefe16bed1fc105dddd77ab929b837d4442d13d5a29179a00837918dd7854aa17eb9fbdc2bdc0e98ae2c3f23a6131e2879f04ff01000030b92dd493be66c2242f8184733b80ba28e8ffffff7f00000000bb2f89049c5f6d63d56995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99040b5d91398e17df85c25ccae973eecc7d187168d5c9cd848d566cc17587641ed01889c927da38d83314480b15e23138c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5d371c61f550e9d86aabda45706bda78ab60200000000000000000000000000000000000000706f78f0a2ea9667fb5b951808545a46830970c2dfae01adbda7d29bf1f7abdaf52e0de6f9d7150808ed086642e64ebf98762b34338b80e41b704c3eefaf0bb5ff070000000000000ea15ccc0d7a830b6eb33b6b61675511d693ef5e3c44bbf71cabc5f45c879e7499f8baae2a1a09cf38da73297764fbc0e723e1cc3abb12e3076982ed32c94a2ce3e6f37c47e983da4ca5c96187db5a2a2e1742bc93a65d7187126126b3a80f17dd2f7dbbe82d104ede9ba6925afc2ee6cb94f56f1363cad635abf8f983292c49c0ebf5005154c7b58a3a2a2ea86d2fd92b8661264f781e3fb02d05a28f3f17b64d0258853d45cb5ebde10cd3d82eeed2f1ed925b7cf400304932c5ed0a362b235ce37e1f17700f7d1fecf8be8a2c5d25a9c60657560d05441387ff158a018d19a286c58684a1d2f624c3eb59d509ee89cc2df52881d005b2e5c27563ba54e4153c132d0366aa660000000000000009c1aaec93ec0f925921fb2e9eb202a29bef28224dbabe723de5c584bc398a8792e493048c87f60a51a391e95921218149403558fd13c649f90b0911d57eeb298b590581eba1ce383b539ab80fd15445987b1bb4eb512545e1ab65fef3103ce10b1ee362b51c72f82edf2f502ddf52567775e34a56d1be892f1e62b08950d517fa6fb1b0ef2edf1b67f8644786116b037d4a36fdd30b000063e58c856ec44cbbc2d370553f832af9480215e09aaa3843fe360b1c293a14627f2cfbe278f31d0abc0f5aaa10926dbbfe8a4b131c13a73d4e6d065c2c0fed3ab8442520ce0e0ad7d2d177377ab197ace3ef8b1c24ceb0bdee84bd6e6317633938dd19dc42de7f8f860eca6d9c74525fcd3497526df4c13e3ba5f0d75365a4542ae9440d2fede416d618cdaaf7e038879c5d177b3876fda4121e00000100000000003edd3d43cc64e0d26b46907b42e08d000000000000903350932d3eef7fdada20c19807066e2c72d0d816eb9fa50be213bf6bbb7ccb9f2e8a153e6ced68f192ebed6e86af0f2cec7335fa8039fd6eb025440bc2a34d071f0a0e6774308a74748b8cd994ed368695aa2c5986aa9200a1306ffa5a71ca69e89a6980612b35fc858f37c2c398515a910a35e22ab0573c10b85df4c2972a2fb8b9c080fbb41a753791df727fdeaded2930376eda31312256191c620cce34d1e3bf40a4a207ab1575b399eb8155781bfc7cb5920b49c039935a888d77041894f60fbbcafa487ee96b368e8769da90b44190e569fe8b923c32c288baaca5c5558b5a78bb43e5d9e47a1d5809bb178184b5672d08e29aecf1f572ac1e6cab7e820751e95999b7532603494d37a2bff35a9eec46dfc8a52433f605ebf151c837b4966b5f3628a406175a87e32c5e4268d3000933b580415b162e2946446b8f02554c8a1225217d69d049685dd06aa8528673a9673a723ac414af77f523ad730d00e8700c213f95c87a94f39f506b9e000000000000000000000000000000000000000000000000000090668ac41a1c2a4f7831e6c6a3e9c68ca2c449482bb70a994e71a7f24873848fbb128c820c1de19cc003dfa65a2b296caeb1253802080e08eeb724c4c7b7e052afa19b0f2cd7a13bda4b5a8f3b8fa3ca70bb756a3d529718d5c79d9bdb89e5d33793533211d76d00a45079eff797476106bf76f1fed952a7c9162b88911b5b00c3d26fd2fb4d7b29d1ce025e102d458efd5cca3f3835ce760359eaa01cb13cb28d60e8942fdc02b6824c00dac62f8a2d4c680ae284a82f09d6641921536814b444e4188d9b2e97eb3b108e7876f0f3f3863147ab694218c7cecc075d52d590dddbb57fc6fedf5ec69d7894a7b5c8109f303dab998815c80534b0bd34c49eea63997e56728a8185a8bb6988a7197b87f5548f5edfdfb3efc907fe561b33a6f7c707f7828c6adaf3b2a39929b4b65253e787d65c08aff5e4a9b2267bd8f803ea38f10a6e9c4a49bf23525e08c12d229211fe4d88cf1440f29accfa50f327ac1fb20d7f164100111bd21fca713b2475f1c997f3000000000080c426bcec79c6bc83ce4e6cbb17c01be69db342192d0a716cc24710d23321441f475ec485d642b61c6bd907071dbbe37c0b78f60fd2ad0d13ca62d9d9aafb01c3920b64cb5e023810e2de4327f90c389ce36d90ff9f3cb9d8cd2260d05a8126943a3df17157470595c68ac8df7fea6d42ecb2cdb65b4f2aef0db2b2de949a6d4ec37f2fd693ae44944041a64fe6336aba1c66b1b95d2edbc40364a049616ae962d75eae619548aa86bd5f0bad56e7ad7de2ee5e6f3b42e3a27094b6b5face99456d9af1926b21d37faf7612d9752cf58e6424decd530b5419e117ec08647566b1bdd75d6a9a1e600aaf0f42ce94b4725d4c2da80150dc34e5975d6904f061ed9a7608959f2d24ee6ec4f2395d16e02f53c746f74b12013f738d76456c3407188eff97f31ca36e5d79e1f1c7c3b688ee21d37ba5ebf4afc2a61f16"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x55, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r10, 0x18000000000002a0, 0xe06, 0x1000000, &(0x7f0000000100)="b9ff030f6044238cb89e14f088ca1bff430500001100630377fbac141414e000000162079f4b4d2f87e56dca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r6}, 0x10)
r11 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendto$inet(r11, &(0x7f0000000040)="40e4", 0x2, 0x20008840, &(0x7f0000000140)={0x2, 0x0, @empty}, 0x10)
sendto$inet(r11, &(0x7f0000000100)="1ce0", 0xffeb, 0x0, &(0x7f0000001100)={0x2, 0x0, @private}, 0x10)
sendmsg(r4, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000780)="a9", 0xfffffdef}], 0x1}, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/profiling', 0x10000, 0x48)

1.459851156s ago: executing program 3 (id=1066):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x5, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0xce2}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4003, &(0x7f00000003c0), 0x2, 0x4e6, &(0x7f0000000840)="$eJzs3MtrHdUfAPDvTJK26eOX/OqzD+3VKgbFpkmfCxdWFLoRBEXqMiZpqU1baSK0JdgoUsGF0r/Ax07wL3ClG1FxobhV3IpQJJtWF3Jl7p0b5/bem1dvctvk84FJzsycmXPOzJzkPO7cANatUvYjidgaEb9ERF91tT5Cqfrr5uz06F+z06NJlMsv/5lU4t2YnR6tRe3Lf2/JzzmQRqTvJbGrSbqTly6fGZmYGL+Qrw9OpXno7Mip8VPj54aPHj14oPfI4eFDbSlnlqcbO98+v3vH8deuvTh64trr332R5b+c7y+Wo6p/iSl0NWwpRan+WhY8vsSz3+m2FcJJd/Yz7VxmWLTsqc1uV0+l/veVc5V9ffHCu7V4GzqZSWBFZJV9Y8PWuf9lM+WiJKkeAKwRiSoN61TtH/2N2aynOj3a2A9uorutTZCOun4sKgXKyn0zX6p7uis92FJ/tW/Us0Lp3xsRJ2b+/jhbouk4BABAe311LGJz3u6oLdU9adxfiPe/fFSoPyL+HxHbI+KevP1yX0Ql7gMR8WDhmKQwJ9RK6Zb1xvbPT715oNhcbZus/fdMPrdV3/6bm7/o78rXtlXK35OcPD0xvj+/JgPRszFbH2o89dyw2tfP//xRq/RLhfZftmTp19qCeT7+6L5lgG5sZGrkdstdc/2dyoW90lj+JLqTWihiR0TsXMb5s2t2+snPd7faX1f+rJwN5f+w9cnb0A8pfxrxRPX+z8Qt5Y983iOpzE+efXNw8tLlp08X5yeHjhwePjS4KSbG9w/WnopG3/949aU82NCNWPj+r6zs/m9u+vzPzVz2J8X52smlp3H11/db9mmW+/xvSF6phGvzUhdHpqYuDEVsSGYatw//d+zFkd66+Fn5B/Y2r//bI/75JD9uV0RkD/FDEfFwROzJ8/5IRDwaEXvnKf+3zz32Rqsu5J1w/8eWdP9bBZ79IaL5rq4z33zZkPAHpUWWP7v/ByuhgXzL2MjUpoXKNV9Oi4HbvoAAAABwF9gTEVsjSfflY5xbI0337YvYMjeCMjn11Mnzb50bq74j0B89aW2kq68wHjqUjw1n69lRw4X1bP+ByrhxuVwu92brWf99Yltniw7r3pYW9T/ze+MrLcBas6R5tFZvtAF3peXPo7f/AxnA6lpDn+cHlkj9h/Vr0fV/pd6CAzqmWf2/EnGzA1kBVlmz+v9qB/IBrD79f1i/1H9YtxZ8mRZYkxb1kvwyAtuPzxMn6V6ZRFsH0qjbkv3Fq/sWgP6IWuTaBxznP+FvaUR7ctjV1pL21t3TtGmcTdGOtCJdME73Er6IYXUD6Z2RjWpgY0Qs8PTOPWxXaoHLK52xSiX4rLN/nQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG7fvwEAAP//bDbZlg==")

1.423728909s ago: executing program 3 (id=1067):
syz_extract_tcp_res(&(0x7f0000000080)={<r0=>0x41424344}, 0x7fffffff, 0x793)
syz_extract_tcp_res$synack(&(0x7f00000000c0)={<r1=>0x41424344, <r2=>0x41424344}, 0x1, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000e40)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a860900180600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="0000907800100000f6ffffff"], 0x0)
syz_emit_ethernet(0x142, &(0x7f0000000300)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}, @void, {@ipv6={0x86dd, @tcp={0x4, 0x6, "c4b322", 0x10c, 0x6, 0x0, @private1, @empty, {[@fragment={0x88, 0x0, 0x62, 0x1, 0x0, 0x8, 0x67}, @fragment={0x6, 0x0, 0x2d, 0x1, 0x0, 0x6, 0x68}], {{0x4e21, 0x4e20, r0, r1, 0x0, 0x0, 0x11, 0x80, 0x8000, 0x0, 0x7, {[@generic={0x3, 0x2}, @timestamp={0x8, 0xa, 0x13bcb9bc, 0x4}, @exp_fastopen={0xfe, 0xc, 0xf989, "1b6b281c719ce944"}, @timestamp={0x8, 0xa, 0x10000, 0x7}, @sack={0x5, 0x4, [0xa79, 0x80, 0xff]}]}}, {"4a323bcd8f5e5571de5e8371c9c2e2005213f37e6162009f60de8a0780f4783e12323e4dba6ffff5b54bc39135e2344b946b3a49148c1b29f9d28f796864a1896c4c2aae699ecf8831ea2358f2b7061bc7b94ece87e5426ee0c7babeb80836fd90d108d000db6ab7b8aa26acf32fd7b11f49d17663710b895df657c46135ebc6ff02fc2f8fe5c8bd00c179a9eec5bd0444dd80ab775ce3e9a17fb0cd0b0c5e2c2993c4866cf359929e3a3c567a5b6ee9ffd83b3a0f27c0e5"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f00000006c0)={0xf5f89c70, {{0x2, 0x4e23, @empty}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r4, 0x0, 0x30, &(0x7f0000000600)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000002"], 0x110)
setsockopt$inet_group_source_req(r4, 0x0, 0x2c, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @empty}}}, 0x108)
setsockopt$inet_group_source_req(r4, 0x0, 0x2b, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @private}}}, 0x108)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.234281725s ago: executing program 3 (id=1068):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000b40000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001002010000000000000000000000000a60000000060a090400000000000000000200000034000480300001800e000100696d6d6564696174650000001c000280100002800c000280080001800000000508000140000000000900010073797a30000000020900020073797a3200000000140000001100010000000000000000000000000a86d6b90c49766d251aee2d10bf552dcf71ba620eed341ca8c2ab4559f7016aacf224219609457d97b2c39ed655321383ca71b2d5db5a7a8dc87058098458fb82c3f2383e3fdb813262edf7349eec60fe6965f14ee4066a6f94df4eb913150f2998b20a94e3092ef60d85fd"], 0x88}}, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x20000023896)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000020001801000020646c2100000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x34, r7, 0x1, 0x0, 0x25dfdbfc, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}}, 0x0)
sendmsg$SMC_PNETID_DEL(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000000", @ANYRES16=r7, @ANYBLOB="270e000000000000000004"], 0x14}, 0x1, 0x40030000000000}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r4}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="0000186df4b1768c36153d42", @ANYRES32, @ANYBLOB="0a3f000000a3f500950004000000010045"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000001080), 0x1, 0x4e2, &(0x7f0000000b80)="$eJzs3c9vG1kdAPDvTOImm81usrASPwRsWRYKqmon7m602tNyAaHVSogVJw7ZkLhRFDuOYmdpQiXS/wGJSpzgT+CAxAGpJ+7c4MalHJAKVKAGiYPRjCdpSOMkbRMb7M9HGs28eeP5vldr3nO/SfwCGFlXI2IvIq5ExMcRMVOcT4ot3u9u2XWPH91Z3n90ZzmJTuejvyV5fXYujrwm83Jxz8mI+N63I36YPB23tbO7vlSv17aKcqXd2Ky0dnZvrDWWVmurtY1qdWF+Ye7dm+9UL6yvbzR+9fBbax98/7e/+eKD3+9948dZs6aLuqP9uEjdrpcO42TGI+KDywg2AGNFf64MuiE8lzQiPhURb+bP/0yM5e/m+ZzwWAMA/wc6nZnozBwtAwDDLs1zYElaLnIB05Gm5XI3h/d6TKX1Zqt9/VZze2OlmyubjVJ6a61emytyhbNRSrLyfH78pFw9Vr4ZEa9FxE8nXsrL5eXz5xkAgIv18rH5/58T3fkfABhyk2ddsNifdgAA/XPm/A8ADB3zPwCMHvM/AIwe8z8AjB7zPwCMnmL+Hxt0OwCAvvjuhx9mW2e/+P7rlU92ttebn9xYqbXWy43t5fJyc2uzvNpsrtZr5eVm46z71ZvNzfm3Y/t2pV1rtSutnd3FRnN7o72Yf6/3Yq3Ul14BAKd57Y37f0wiYu+9l/ItjqzlYK6G4ZYOugHAwMj5w+jyLdwwuvwfHzhrLc+evyJ87zmCdX7yHC8CLtq1z8n/w6iS/4fRJf8Po0v+H0ZXp5P0WvM/PbwEABgqcvxAX3/+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAENiOt+StFysBT4daVouR7wSEbNRSm6t1WtzEfFqRPxhojSRlecH3WgA4AWlf0mK9b+uzbw1fbz2SvKviXwfET/6+Uc/u73Ubm/NZ+f/fni+fa84Xx1E+wGAsxzM0wfz+IHHj+4sH2z9bM/Db3YXF83i7hdbt2Y8xvP9ZJQiYuofSVHuyj6vjF1A/L27EfHZk/qf5LmR2WLl0+Pxs9iv9DV++l/x07yuu8/+LT79DDHPWusVRsX9bPx5/6TnL42r+X7yxMWPJ/MR6sUdjH/7T41/6eH4N9Zj/Lt63hhv/+47PevuRnx+/KT4yWH8pEf8t84Z/09f+NKbveo6v4i4FifHPxqr0m5sVlo7uzfWGkurtdXaRrW6ML8w9+7Nd6qVPEddOchUP+2v711/9bT+T/WIP3lG/796aq87EwdHv/z3xz/48inxv/6Vk9//10+Jn82JXzs1/hNLU7/uuXx3Fn+l2/+7z/r+Xz9n/Ad/3l0556UAQB+0dnbXl+r12taFHpTigm945CC5pDY7GPKD7PP4i97nM0XK7H+gO5d9MOiRCbhsTx76QbcEAAAAAAAAAAAAAADo5dL/nCgddA8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYZv8JAAD//wqryik=")
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, @void, @value}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10)

1.099706667s ago: executing program 4 (id=1069):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10) (async)
r1 = getpgrp(0x0)
r2 = syz_pidfd_open(r1, 0x0)
r3 = epoll_create(0x1)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000180)) (async)
r4 = gettid()
kcmp$KCMP_EPOLL_TFD(r1, r4, 0x7, r2, &(0x7f0000000040)={r3, r2}) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r5}, &(0x7f0000000800), &(0x7f0000000840)=r6}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r7}, 0x10) (async)
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000) (async)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r8}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x4, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000020000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000600459e850000000400000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0xffffffc2, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r9}, 0x10)
r10 = getpid()
setreuid(0xee00, 0x0) (async)
r11 = syz_pidfd_open(r10, 0x0)
setns(r11, 0x24020000) (async)
syz_clone3(&(0x7f00000008c0)={0x14840000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000880)=[0x0], 0x1}, 0x58) (async)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, 0x0, 0x38}, 0x0)
r12 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="021eeecd558b31cbf98f7a00005d00000000ff0f00000504000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r12, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r13}, 0x10) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

942.94752ms ago: executing program 2 (id=1070):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r1=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000778600000000001f00000095"], &(0x7f0000000300)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x40, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x35, 0x1, 0x40, 0x0, 0x0, 0x7, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x2, @perf_config_ext={0x280, 0x100000001}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_dccp(0xa, 0x6, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet6(0xa, 0x3, 0x8b)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)=ANY=[@ANYBLOB="940000001100010026bd7000fcdbdf2500000000", @ANYRES32=r2], 0x94}, 0x1, 0x0, 0x0, 0x800}, 0x80)
socket$inet6(0xa, 0x2, 0x3a)

832.246419ms ago: executing program 4 (id=1071):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
openat$thread_pidfd(0xffffff9c, &(0x7f0000000000), 0x80, 0x0)
r2 = syz_io_uring_setup(0x335, &(0x7f0000000080)={0x0, 0x0, 0x11900, 0x3}, &(0x7f0000000300)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000003c0)=@IORING_OP_SYMLINKAT={0x26, 0x40, 0x0, 0xffffffffffffffff, &(0x7f0000000340)='\x00', &(0x7f0000000dc0)='./bus\x00'})
io_uring_enter(r2, 0xa05, 0x0, 0x0, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0e00000004000000080000000f"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000003c0)=@migrate={0xa0, 0x21, 0x1, 0x0, 0x0, {{@in=@private=0xa010101, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x0, 0x0, 0x0, 0xfffc, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}}, [@migrate={0x50, 0x11, [{@in=@dev, @in6=@loopback, @in6=@rand_addr=' \x01\x00', @in6=@private0, 0x25, 0x0, 0x0, 0x0, 0x0, 0x2}]}]}, 0xa0}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="b70000b90ac135", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x48)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$TIOCL_UNBLANKSCREEN(0xffffffffffffffff, 0x541c, &(0x7f0000000040))
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_RATE={0x6}]}, 0x38}}, 0x0)

818.53561ms ago: executing program 4 (id=1072):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x21000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

308.741154ms ago: executing program 3 (id=1073):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000880)={[{@errors_remount}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@oldalloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x2, 0x44a, &(0x7f0000000400)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c")

220.482981ms ago: executing program 2 (id=1074):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c) (async, rerun: 64)
listen(r0, 0x20) (rerun: 64)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r1, 0x10d, 0x92, &(0x7f0000000000), &(0x7f0000000240)=0x4) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000050000000000fd04aabfc286414931fd000c01000000000000305f615f0000000000000000090000000000000000"], 0x0, 0x2c, 0x0, 0x1, 0x1000000, 0x0, @void, @value}, 0x28)

212.553792ms ago: executing program 3 (id=1075):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\v\x00\x00\x00\x00\x00\x00'], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f00000000c0)=[{0x61}, {0x6}]})
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000580)='!pu&-\x00\x00\x00|\x93\xeco\xb3.i\xc3\xefT\x91\x8d:\xb7\xc2\x03\xf6\a5ND\x13\xe6\xf9\xac@\"\xae\x86,\x19\x8bI\xa4r\xab\x1dj\x91\xbc\xbd\xc0\x97oZ`V0\xe2\xf7\xfb,1\xec\'c\xad\xee\xc0\x1b\xeb\x18\xf4\x91\xda8\xae\xcdW%\xdd2')
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newtclass={0x454, 0x28, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0x2}}, [@tclass_kind_options=@c_netem={0xa}, @tclass_kind_options=@c_cake={0x9}, @TCA_RATE={0x6}, @tclass_kind_options=@c_htb={{0x8}, {0x408, 0x2, [@TCA_HTB_CTAB={0x404, 0x3, [0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x846e, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ff0b358, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}]}}]}, 0x454}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300001e880000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
pipe2$9p(&(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
write$P9_RLERRORu(r4, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0}}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$RDMA_USER_CM_CMD_BIND_IP(r4, &(0x7f00000002c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @private2}}}, 0x30)
write$binfmt_elf64(r4, &(0x7f0000000280)=ANY=[], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
chdir(&(0x7f0000000100)='./file0\x00')
open(&(0x7f0000000300)='.\x00', 0xc00, 0x0)

148.005608ms ago: executing program 2 (id=1076):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18)
fstatfs(0xffffffffffffffff, 0x0)

41.629667ms ago: executing program 3 (id=1077):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)={0x40, 0x0, 0x7, 0x401, 0x0, 0x0, {}, [@NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x7}, @NFACCT_NAME={0x9, 0x1, 'syz0\x00'}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x4}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x2}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="2000000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="000000000000000000a8c1ce5d00"/24, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xb, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000685cf6822ccae7a37343901f80dd23503621b8e024d19ed09673a7ce606f5ed35e4d419f2e6ec71c04845318e6ba193f27e47a393d0491953881d0063252b6b15b3cad2db7c4f189d1e1058e9738b01803be54ce3075d9cc756215340d3e4961dfa5de88336e643ec1be3e71852e01f47f03644911fabf0f9679", @ANYRES32=r2, @ANYBLOB="0000000000000000b708000001fcffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r5 = fcntl$dupfd(r4, 0x0, r4)
write$P9_RLERRORu(r5, &(0x7f0000000040)={0xd, 0x7, 0x1, {{}, 0x2}}, 0xd)
write$sndseq(r5, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick=0x36, {0xff}, {}, @addr={0x1, 0x6}}, {0x0, 0x0, 0x0, 0x20, @time={0x0, 0x4}, {}, {}, @note={0x0, 0x0, 0x2}}], 0x38)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000003c0), 0x5}, 0x38)
ioprio_set$pid(0x1, 0x0, 0x0)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000180)='syz_tun\x00', 0x10)
connect$inet(r6, &(0x7f0000000040)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
shutdown(r6, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCDARP(r8, 0x8953, &(0x7f0000000100)={{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x0, @remote}, 0x0, {0x2, 0x0, @private}, 'syz_tun\x00'})
io_setup(0x203, &(0x7f0000000040))

18.412139ms ago: executing program 2 (id=1078):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, 0x0, &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
r1 = io_uring_setup(0x2a40, &(0x7f0000000240)={0x0, 0x7bb7, 0x400, 0x3, 0x110})
io_uring_enter(r1, 0x7205, 0x78dc, 0x4, &(0x7f00000002c0)={[0x7]}, 0x8)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r3, &(0x7f0000000380)=ANY=[@ANYBLOB="8fedcb5d07081196f37538e486dd6372ce22667f2c00dbf6e97158b33d4fec877f1b6d76745b686158bbcfe8875afdef00010000000029"], 0x280)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000340), r2)
sendmsg$NL802154_CMD_NEW_INTERFACE(r2, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80012010}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x24, r5, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@NL802154_ATTR_IFTYPE={0x8, 0x5, 0x1}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x34048800}, 0x20000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0x1, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
unshare(0x62040200)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x20000a, 0xa)
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000000)='./file0/file0\x00', 0x80d0, &(0x7f0000000800)=ANY=[@ANYBLOB='dots,errors=continue,nodots,dmask=00000000000000000077777,nodots,dots,nodots,showexec,dots,sys_immutable,discard,dots,nodots,nodots,dots,nodots,dots,nfs,dots,dots,dots,dots,nodots,nodots,nodots,quiet,dots,nodots,gid=', @ANYRES64, @ANYBLOB="2c616c6c6f775f99787bfc79612f6b137574696d303030303030303030303030304f30303030302c4572726fc8ed8a34ef53c91969643c00"/66, @ANYRES8, @ANYBLOB=',\x00'], 0xfd, 0x1bf, &(0x7f0000000640)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r7 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)

0s ago: executing program 1 (id=1079):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000400121001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000002000083850000007100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mkdir(0x0, 0x0)
r2 = syz_io_uring_setup(0xe42, &(0x7f0000000140)={0x0, 0x2119, 0x400}, &(0x7f0000000240)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x18})
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

loop0): Remounting filesystem read-only
[   68.627190][ T5322] EXT4-fs warning (device loop0): ext4_evict_inode:259: couldn't mark inode dirty (err -5)
[   68.658602][ T5322] EXT4-fs (loop0): 1 orphan inode deleted
[   68.666033][ T5322] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.678266][ T5322] SELinux: (dev loop0, type ext4) getxattr errno 5
[   68.681478][ T5330] capability: warning: `syz.2.667' uses deprecated v2 capabilities in a way that may be insecure
[   68.686459][ T5322] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.709478][   T29] kauditd_printk_skb: 78 callbacks suppressed
[   68.709536][   T29] audit: type=1326 audit(1728913387.341:2220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="syz.2.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000
[   68.741666][   T29] audit: type=1326 audit(1728913387.351:2221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="syz.2.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000
[   68.765357][   T29] audit: type=1326 audit(1728913387.351:2222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="syz.2.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000
[   68.788903][   T29] audit: type=1326 audit(1728913387.351:2223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="syz.2.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000
[   68.812362][   T29] audit: type=1326 audit(1728913387.351:2224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="syz.2.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000
[   68.835944][   T29] audit: type=1326 audit(1728913387.351:2225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="syz.2.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000
[   68.859423][   T29] audit: type=1326 audit(1728913387.351:2226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="syz.2.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000
[   68.882996][   T29] audit: type=1326 audit(1728913387.351:2227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="syz.2.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000
[   68.893677][ T5335] FAULT_INJECTION: forcing a failure.
[   68.893677][ T5335] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   68.906721][   T29] audit: type=1326 audit(1728913387.351:2228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="syz.2.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000
[   68.919430][ T5335] CPU: 0 UID: 0 PID: 5335 Comm: syz.0.668 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   68.919464][ T5335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   68.942781][   T29] audit: type=1326 audit(1728913387.351:2229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="syz.2.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000
[   68.953340][ T5335] Call Trace:
[   68.953350][ T5335]  <TASK>
[   68.953360][ T5335]  dump_stack_lvl+0xf2/0x150
[   68.953391][ T5335]  dump_stack+0x15/0x20
[   69.001689][ T5335]  should_fail_ex+0x223/0x230
[   69.006454][ T5335]  should_fail+0xb/0x10
[   69.010716][ T5335]  should_fail_usercopy+0x1a/0x20
[   69.015827][ T5335]  _copy_to_user+0x1e/0xa0
[   69.020258][ T5335]  simple_read_from_buffer+0xa0/0x110
[   69.025735][ T5335]  proc_fail_nth_read+0xf9/0x140
[   69.030697][ T5335]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   69.036282][ T5335]  vfs_read+0x195/0x720
[   69.040494][ T5335]  ? __rcu_read_unlock+0x4e/0x70
[   69.045468][ T5335]  ? __fget_files+0x1d4/0x210
[   69.050184][ T5335]  ksys_read+0xeb/0x1b0
[   69.054361][ T5335]  __x64_sys_read+0x42/0x50
[   69.058954][ T5335]  x64_sys_call+0x27d3/0x2d60
[   69.063662][ T5335]  do_syscall_64+0xc9/0x1c0
[   69.068211][ T5335]  ? clear_bhb_loop+0x55/0xb0
[   69.072946][ T5335]  ? clear_bhb_loop+0x55/0xb0
[   69.077715][ T5335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.083667][ T5335] RIP: 0033:0x7faf68e0ca3c
[   69.088187][ T5335] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[   69.107895][ T5335] RSP: 002b:00007faf67a87030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   69.116385][ T5335] RAX: ffffffffffffffda RBX: 00007faf68fc5f80 RCX: 00007faf68e0ca3c
[   69.124430][ T5335] RDX: 000000000000000f RSI: 00007faf67a870a0 RDI: 0000000000000007
[   69.132498][ T5335] RBP: 00007faf67a87090 R08: 0000000000000000 R09: 0000000000000000
[   69.140478][ T5335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   69.148490][ T5335] R13: 0000000000000000 R14: 00007faf68fc5f80 R15: 00007ffcf7ce12b8
[   69.156478][ T5335]  </TASK>
[   69.163580][ T5336] netlink: 4 bytes leftover after parsing attributes in process `syz.4.662'.
[   69.251637][ T5339] loop0: detected capacity change from 0 to 512
[   69.275565][ T5339] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[   69.292325][ T5346] FAULT_INJECTION: forcing a failure.
[   69.292325][ T5346] name failslab, interval 1, probability 0, space 0, times 0
[   69.305121][ T5346] CPU: 0 UID: 0 PID: 5346 Comm: syz.3.673 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   69.315747][ T5346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   69.325888][ T5346] Call Trace:
[   69.329272][ T5346]  <TASK>
[   69.332305][ T5346]  dump_stack_lvl+0xf2/0x150
[   69.336988][ T5346]  dump_stack+0x15/0x20
[   69.341171][ T5346]  should_fail_ex+0x223/0x230
[   69.345906][ T5346]  ? __d_alloc+0x3d/0x340
[   69.349611][ T5344] netlink: 12 bytes leftover after parsing attributes in process `syz.1.672'.
[   69.350259][ T5346]  should_failslab+0x8f/0xb0
[   69.363812][ T5346]  kmem_cache_alloc_lru_noprof+0x51/0x2a0
[   69.369614][ T5346]  __d_alloc+0x3d/0x340
[   69.373876][ T5346]  d_alloc_parallel+0x54/0xc80
[   69.378762][ T5346]  ? __rcu_read_unlock+0x4e/0x70
[   69.383768][ T5346]  ? __d_lookup+0x342/0x370
[   69.388399][ T5346]  ? inode_permission+0xbf/0x300
[   69.393463][ T5346]  __lookup_slow+0x8d/0x250
[   69.398074][ T5346]  lookup_one_len+0xea/0x1a0
[   69.403230][ T5346]  start_creating+0x139/0x230
[   69.408073][ T5346]  __debugfs_create_file+0x73/0x300
[   69.413316][ T5346]  debugfs_create_file+0x49/0x60
[   69.418354][ T5346]  do_blk_trace_setup+0x2d2/0x4d0
[   69.423514][ T5346]  blk_trace_setup+0xad/0x140
[   69.428310][ T5346]  sg_ioctl+0x6ce/0x1870
[   69.432651][ T5346]  ? __pfx_sg_ioctl+0x10/0x10
[   69.437409][ T5346]  __se_sys_ioctl+0xcd/0x140
[   69.442041][ T5346]  __x64_sys_ioctl+0x43/0x50
[   69.446708][ T5346]  x64_sys_call+0x15cc/0x2d60
[   69.451594][ T5346]  do_syscall_64+0xc9/0x1c0
[   69.456130][ T5346]  ? clear_bhb_loop+0x55/0xb0
[   69.460883][ T5346]  ? clear_bhb_loop+0x55/0xb0
[   69.461077][ T5352] loop2: detected capacity change from 0 to 512
[   69.465585][ T5346]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.477780][ T5346] RIP: 0033:0x7f20fc95dff9
[   69.482246][ T5346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.501983][ T5346] RSP: 002b:00007f20fb5d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   69.510483][ T5346] RAX: ffffffffffffffda RBX: 00007f20fcb15f80 RCX: 00007f20fc95dff9
[   69.518462][ T5346] RDX: 0000000020000000 RSI: 00000000c0481273 RDI: 0000000000000007
[   69.526444][ T5346] RBP: 00007f20fb5d7090 R08: 0000000000000000 R09: 0000000000000000
[   69.534769][ T5346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   69.542824][ T5346] R13: 0000000000000000 R14: 00007f20fcb15f80 R15: 00007ffdfacf8ac8
[   69.550889][ T5346]  </TASK>
[   69.583590][ T5339] netlink: 8 bytes leftover after parsing attributes in process `syz.0.670'.
[   69.753699][ T5352] EXT4-fs error (device loop2): __ext4_iget:4952: inode #3: block 127754: comm syz.2.676: invalid block
[   69.758339][ T5365] FAULT_INJECTION: forcing a failure.
[   69.758339][ T5365] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   69.778098][ T5365] CPU: 1 UID: 0 PID: 5365 Comm: syz.0.678 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   69.788730][ T5365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   69.799239][ T5365] Call Trace:
[   69.802532][ T5365]  <TASK>
[   69.805481][ T5365]  dump_stack_lvl+0xf2/0x150
[   69.810116][ T5365]  dump_stack+0x15/0x20
[   69.814366][ T5365]  should_fail_ex+0x223/0x230
[   69.819117][ T5365]  should_fail+0xb/0x10
[   69.823327][ T5365]  should_fail_usercopy+0x1a/0x20
[   69.828497][ T5365]  _copy_from_iter+0xd3/0xd20
[   69.833288][ T5365]  ? kmalloc_reserve+0x16e/0x190
[   69.838393][ T5365]  ? __build_skb_around+0x196/0x1f0
[   69.843713][ T5365]  ? __alloc_skb+0x21f/0x310
[   69.848411][ T5365]  ? __virt_addr_valid+0x1ed/0x250
[   69.853548][ T5365]  ? __check_object_size+0x364/0x520
[   69.858942][ T5365]  netlink_sendmsg+0x460/0x6e0
[   69.863825][ T5365]  ? __pfx_netlink_sendmsg+0x10/0x10
[   69.869190][ T5365]  __sock_sendmsg+0x140/0x180
[   69.873915][ T5365]  ____sys_sendmsg+0x312/0x410
[   69.878775][ T5365]  __sys_sendmsg+0x1d9/0x270
[   69.883481][ T5365]  __x64_sys_sendmsg+0x46/0x50
[   69.888357][ T5365]  x64_sys_call+0x2689/0x2d60
[   69.893138][ T5365]  do_syscall_64+0xc9/0x1c0
[   69.897734][ T5365]  ? clear_bhb_loop+0x55/0xb0
[   69.902462][ T5365]  ? clear_bhb_loop+0x55/0xb0
[   69.907176][ T5365]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.913106][ T5365] RIP: 0033:0x7faf68e0dff9
[   69.917546][ T5365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.937385][ T5365] RSP: 002b:00007faf67a66038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   69.938599][ T5352] EXT4-fs (loop2): Remounting filesystem read-only
[   69.945854][ T5365] RAX: ffffffffffffffda RBX: 00007faf68fc6058 RCX: 00007faf68e0dff9
[   69.945873][ T5365] RDX: 0000000000008080 RSI: 0000000020000040 RDI: 0000000000000004
[   69.945889][ T5365] RBP: 00007faf67a66090 R08: 0000000000000000 R09: 0000000000000000
[   69.945906][ T5365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   69.952431][ T5352] EXT4-fs warning (device loop2): ext4_enable_quotas:7097: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[   69.960371][ T5365] R13: 0000000000000000 R14: 00007faf68fc6058 R15: 00007ffcf7ce12b8
[   69.990671][ T5352] EXT4-fs (loop2): mount failed
[   69.998882][ T5365]  </TASK>
[   70.099691][ T5375] netlink: 'syz.2.684': attribute type 32 has an invalid length.
[   70.315695][ T5373] loop4: detected capacity change from 0 to 128
[   70.583027][ T5387] netlink: 8 bytes leftover after parsing attributes in process `syz.1.689'.
[   70.617036][ T5390] loop4: detected capacity change from 0 to 1024
[   70.664721][ T5390] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[   70.674621][ T5390] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[   70.695506][ T5390] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   70.712359][ T5398] netlink: 8 bytes leftover after parsing attributes in process `syz.3.695'.
[   70.714160][ T5390] EXT4-fs error (device loop4): ext4_get_journal_inode:5762: inode #5: comm syz.4.691: unexpected bad inode w/o EXT4_IGET_BAD
[   70.721281][ T5398] netlink: 24 bytes leftover after parsing attributes in process `syz.3.695'.
[   70.749184][ T5390] EXT4-fs (loop4): no journal found
[   70.754514][ T5390] EXT4-fs (loop4): can't get journal size
[   70.781138][ T5390] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   70.839149][ T5390] netlink: 24 bytes leftover after parsing attributes in process `syz.4.691'.
[   70.890366][ T5405] team0: Device ipvlan2 is already an upper device of the team interface
[   70.942397][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.991954][ T5418] FAULT_INJECTION: forcing a failure.
[   70.991954][ T5418] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   71.005318][ T5418] CPU: 1 UID: 0 PID: 5418 Comm: syz.4.698 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   71.016011][ T5418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   71.026175][ T5418] Call Trace:
[   71.029485][ T5418]  <TASK>
[   71.032435][ T5418]  dump_stack_lvl+0xf2/0x150
[   71.037059][ T5418]  dump_stack+0x15/0x20
[   71.041398][ T5418]  should_fail_ex+0x223/0x230
[   71.046190][ T5418]  should_fail_alloc_page+0xfd/0x110
[   71.051580][ T5418]  __alloc_pages_noprof+0x109/0x340
[   71.056816][ T5418]  alloc_pages_mpol_noprof+0xb1/0x1e0
[   71.062292][ T5418]  alloc_pages_noprof+0xe1/0x100
[   71.067349][ T5418]  pte_alloc_one+0x32/0xf0
[   71.071790][ T5418]  __pte_alloc+0x33/0x270
[   71.076145][ T5418]  handle_mm_fault+0x1b05/0x2a80
[   71.081130][ T5418]  exc_page_fault+0x3b9/0x650
[   71.085856][ T5418]  asm_exc_page_fault+0x26/0x30
[   71.090849][ T5418] RIP: 0033:0x7f098d5718b6
[   71.095283][ T5418] Code: f0 72 6e 48 63 cd 48 01 c1 49 39 4f 08 72 4c 8d 4d ff 85 ed 74 33 66 0f 1f 44 00 00 48 39 f0 72 1b 4d 8b 07 49 89 c1 49 29 f1 <47> 0f b6 0c 08 45 84 c9 74 08 45 88 0c 00 49 8b 47 10 48 83 c0 01
[   71.114958][ T5418] RSP: 002b:00007f098c3263f0 EFLAGS: 00010206
[   71.121040][ T5418] RAX: 00000000000f9001 RBX: 00007f098c326490 RCX: 000000000000004c
[   71.129123][ T5418] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00007f098c326530
[   71.137193][ T5418] RBP: 0000000000000102 R08: 00007f0983f07000 R09: 00000000000f9000
[   71.145175][ T5418] R10: 0000000000000000 R11: 00007f098c3264a0 R12: 0000000000000001
[   71.153157][ T5418] R13: 00007f098d734a40 R14: 0000000000000000 R15: 00007f098c326530
[   71.161149][ T5418]  </TASK>
[   71.164403][ T5418] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   71.177947][ T5418] loop4: detected capacity change from 0 to 2048
[   71.210410][ T5380] syz.2.686 (5380) used greatest stack depth: 7416 bytes left
[   71.230091][ T5423] loop0: detected capacity change from 0 to 512
[   71.234005][ T5418]  loop4: p1 < > p4
[   71.240502][ T5423] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   71.240997][ T5418] loop4: p4 size 8388608 extends beyond EOD, 
[   71.253671][ T5423] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   71.269620][ T5418] truncated
[   71.277403][ T5423] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec01c, mo2=0002]
[   71.290432][ T5423] System zones: 1-12
[   71.294818][ T5423] EXT4-fs (loop0): 1 truncate cleaned up
[   71.300851][ T5423] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.377496][ T3271] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.457113][ T5428] loop2: detected capacity change from 0 to 512
[   71.470321][ T5428] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   71.510130][ T5432] FAULT_INJECTION: forcing a failure.
[   71.510130][ T5432] name failslab, interval 1, probability 0, space 0, times 0
[   71.522891][ T5432] CPU: 1 UID: 0 PID: 5432 Comm: syz.4.705 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   71.533524][ T5432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   71.543698][ T5432] Call Trace:
[   71.546993][ T5432]  <TASK>
[   71.550028][ T5432]  dump_stack_lvl+0xf2/0x150
[   71.554726][ T5432]  dump_stack+0x15/0x20
[   71.558899][ T5432]  should_fail_ex+0x223/0x230
[   71.563646][ T5432]  ? __alloc_skb+0x10b/0x310
[   71.568324][ T5432]  should_failslab+0x8f/0xb0
[   71.572994][ T5432]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[   71.579282][ T5432]  __alloc_skb+0x10b/0x310
[   71.583725][ T5432]  alloc_skb_with_frags+0x80/0x450
[   71.588867][ T5432]  ? memcg_list_lru_alloc+0xd2/0x740
[   71.594177][ T5432]  ? mod_objcg_state+0x3b1/0x4f0
[   71.599154][ T5432]  sock_alloc_send_pskb+0x435/0x4f0
[   71.604393][ T5432]  ? __rcu_read_unlock+0x4e/0x70
[   71.609400][ T5432]  packet_sendmsg+0x2401/0x34f0
[   71.614319][ T5432]  ? avc_has_perm+0xd4/0x160
[   71.618961][ T5432]  ? selinux_socket_sendmsg+0x19c/0x1d0
[   71.624559][ T5432]  ? __pfx_packet_sendmsg+0x10/0x10
[   71.629828][ T5432]  __sock_sendmsg+0x140/0x180
[   71.634566][ T5432]  ____sys_sendmsg+0x312/0x410
[   71.639364][ T5432]  __sys_sendmsg+0x1d9/0x270
[   71.644049][ T5432]  __x64_sys_sendmsg+0x46/0x50
[   71.648839][ T5432]  x64_sys_call+0x2689/0x2d60
[   71.653624][ T5432]  do_syscall_64+0xc9/0x1c0
[   71.658233][ T5432]  ? clear_bhb_loop+0x55/0xb0
[   71.662967][ T5432]  ? clear_bhb_loop+0x55/0xb0
[   71.667685][ T5432]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.673700][ T5432] RIP: 0033:0x7f098d6adff9
[   71.678127][ T5432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.697812][ T5432] RSP: 002b:00007f098c327038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   71.706327][ T5432] RAX: ffffffffffffffda RBX: 00007f098d865f80 RCX: 00007f098d6adff9
[   71.714325][ T5432] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003
[   71.722317][ T5432] RBP: 00007f098c327090 R08: 0000000000000000 R09: 0000000000000000
[   71.730309][ T5432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.738352][ T5432] R13: 0000000000000000 R14: 00007f098d865f80 R15: 00007ffeddaf64c8
[   71.746382][ T5432]  </TASK>
[   71.796732][ T5444] loop2: detected capacity change from 0 to 512
[   71.805321][ T5444] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -13
[   71.814074][ T5444] EXT4-fs warning (device loop2): ext4_block_to_path:107: block 3279945729 > max in inode 13
[   71.828064][ T5444] EXT4-fs warning (device loop2): ext4_block_to_path:107: block 3279945730 > max in inode 13
[   71.850145][ T5454] sch_tbf: peakrate 6 is lower than or equals to rate 705765376 !
[   71.858844][ T5444] EXT4-fs (loop2): 1 truncate cleaned up
[   71.866274][ T5444] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.883795][ T5444] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   71.891263][ T5444] batman_adv: batadv0: Removing interface: batadv_slave_0
[   71.912078][ T5444] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   71.919689][ T5444] batman_adv: batadv0: Removing interface: batadv_slave_1
[   71.947748][   T24] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x4
[   71.955652][   T24] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x2
[   71.965026][   T24] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x3
[   71.974291][   T24] hid-generic 0000:3000000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   71.990571][ T5456] sch_tbf: peakrate 6 is lower than or equals to rate 705765376 !
[   72.028982][ T5473] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in;
[   72.028982][ T5473]    program syz.4.717 not setting count and/or reply_len properly
[   72.050234][ T5467] FAULT_INJECTION: forcing a failure.
[   72.050234][ T5467] name failslab, interval 1, probability 0, space 0, times 0
[   72.062933][ T5467] CPU: 1 UID: 0 PID: 5467 Comm: syz.3.712 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   72.063304][ T5475] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.709: corrupted in-inode xattr: overlapping e_value 
[   72.073619][ T5467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   72.073639][ T5467] Call Trace:
[   72.073647][ T5467]  <TASK>
[   72.073656][ T5467]  dump_stack_lvl+0xf2/0x150
[   72.108692][ T5467]  dump_stack+0x15/0x20
[   72.112894][ T5467]  should_fail_ex+0x223/0x230
[   72.117614][ T5467]  ? kobject_uevent_env+0x1a4/0x550
[   72.122846][ T5467]  should_failslab+0x8f/0xb0
[   72.127520][ T5467]  __kmalloc_cache_noprof+0x4b/0x2a0
[   72.132905][ T5467]  ? __pfx_dev_uevent_name+0x10/0x10
[   72.138204][ T5467]  kobject_uevent_env+0x1a4/0x550
[   72.143295][ T5467]  ? kobject_put+0x10a/0x180
[   72.147930][ T5467]  kobject_uevent+0x1c/0x30
[   72.152499][ T5467]  device_release_driver_internal+0x478/0x4f0
[   72.158644][ T5467]  device_release_driver+0x19/0x20
[   72.163855][ T5467]  bus_remove_device+0x26f/0x290
[   72.168806][ T5467]  device_del+0x370/0x780
[   72.173222][ T5467]  ? enable_work+0x116/0x1b0
[   72.178023][ T5467]  hid_destroy_device+0x52/0xc0
[   72.183004][ T5467]  uhid_dev_destroy+0x6a/0xb0
[   72.187750][ T5467]  uhid_char_write+0x512/0x5b0
[   72.192590][ T5467]  ? __pfx_uhid_char_write+0x10/0x10
[   72.197920][ T5467]  vfs_write+0x26c/0x910
[   72.202187][ T5467]  ? __rcu_read_unlock+0x4e/0x70
[   72.207221][ T5467]  ? __fget_files+0x1d4/0x210
[   72.211947][ T5467]  ksys_write+0xeb/0x1b0
[   72.216253][ T5467]  __x64_sys_write+0x42/0x50
[   72.220869][ T5467]  x64_sys_call+0x27dd/0x2d60
[   72.225752][ T5467]  do_syscall_64+0xc9/0x1c0
[   72.230337][ T5467]  ? clear_bhb_loop+0x55/0xb0
[   72.235049][ T5467]  ? clear_bhb_loop+0x55/0xb0
[   72.239821][ T5467]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.245819][ T5467] RIP: 0033:0x7f20fc95dff9
[   72.250242][ T5467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.269920][ T5467] RSP: 002b:00007f20fb5d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   72.278349][ T5467] RAX: ffffffffffffffda RBX: 00007f20fcb15f80 RCX: 00007f20fc95dff9
[   72.286559][ T5467] RDX: 0000000000000004 RSI: 0000000020000340 RDI: 0000000000000003
[   72.294542][ T5467] RBP: 00007f20fb5d7090 R08: 0000000000000000 R09: 0000000000000000
[   72.302526][ T5467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   72.310647][ T5467] R13: 0000000000000000 R14: 00007f20fcb15f80 R15: 00007ffdfacf8ac8
[   72.318638][ T5467]  </TASK>
[   72.404455][ T5479] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   72.420452][ T5479] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   72.431987][ T5479] bond0 (unregistering): Released all slaves
[   72.505974][ T5483] __nla_validate_parse: 6 callbacks suppressed
[   72.505989][ T5483] netlink: 8 bytes leftover after parsing attributes in process `syz.1.719'.
[   72.705855][ T5127] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.734983][ T5491] FAULT_INJECTION: forcing a failure.
[   72.734983][ T5491] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   72.748222][ T5491] CPU: 1 UID: 0 PID: 5491 Comm: syz.3.722 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   72.758902][ T5491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   72.769047][ T5491] Call Trace:
[   72.772346][ T5491]  <TASK>
[   72.775295][ T5491]  dump_stack_lvl+0xf2/0x150
[   72.780055][ T5491]  dump_stack+0x15/0x20
[   72.784278][ T5491]  should_fail_ex+0x223/0x230
[   72.788992][ T5491]  should_fail+0xb/0x10
[   72.793186][ T5491]  should_fail_usercopy+0x1a/0x20
[   72.798236][ T5491]  _copy_from_user+0x1e/0xd0
[   72.802839][ T5491]  __sys_bpf+0x14e/0x7a0
[   72.807166][ T5491]  __x64_sys_bpf+0x43/0x50
[   72.811676][ T5491]  x64_sys_call+0x2625/0x2d60
[   72.816403][ T5491]  do_syscall_64+0xc9/0x1c0
[   72.820941][ T5491]  ? clear_bhb_loop+0x55/0xb0
[   72.825643][ T5491]  ? clear_bhb_loop+0x55/0xb0
[   72.830608][ T5491]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.836804][ T5491] RIP: 0033:0x7f20fc95dff9
[   72.841316][ T5491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.860937][ T5491] RSP: 002b:00007f20fb5d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   72.869598][ T5491] RAX: ffffffffffffffda RBX: 00007f20fcb15f80 RCX: 00007f20fc95dff9
[   72.877606][ T5491] RDX: 0000000000000050 RSI: 0000000020000000 RDI: 000000000000000a
[   72.885689][ T5491] RBP: 00007f20fb5d7090 R08: 0000000000000000 R09: 0000000000000000
[   72.893688][ T5491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   72.901750][ T5491] R13: 0000000000000000 R14: 00007f20fcb15f80 R15: 00007ffdfacf8ac8
[   72.909783][ T5491]  </TASK>
[   72.999885][ T5500] netlink: 4 bytes leftover after parsing attributes in process `syz.4.718'.
[   73.083665][ T5508] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in;
[   73.083665][ T5508]    program syz.1.729 not setting count and/or reply_len properly
[   73.201293][ T5502] sch_tbf: peakrate 6 is lower than or equals to rate 705765376 !
[   73.779557][ T5535] FAULT_INJECTION: forcing a failure.
[   73.779557][ T5535] name failslab, interval 1, probability 0, space 0, times 0
[   73.792363][ T5535] CPU: 0 UID: 0 PID: 5535 Comm: +}[@ Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   73.802622][ T5535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   73.812705][ T5535] Call Trace:
[   73.815991][ T5535]  <TASK>
[   73.818936][ T5535]  dump_stack_lvl+0xf2/0x150
[   73.823561][ T5535]  dump_stack+0x15/0x20
[   73.827846][ T5535]  should_fail_ex+0x223/0x230
[   73.832813][ T5535]  ? audit_log_start+0x34c/0x6b0
[   73.837869][ T5535]  should_failslab+0x8f/0xb0
[   73.842558][ T5535]  kmem_cache_alloc_noprof+0x4c/0x290
[   73.848131][ T5535]  audit_log_start+0x34c/0x6b0
[   73.852926][ T5535]  ? kmem_cache_free+0xdc/0x2d0
[   73.857820][ T5535]  audit_seccomp+0x4b/0x130
[   73.862357][ T5535]  __seccomp_filter+0x6fa/0x1180
[   73.867340][ T5535]  ? __perf_event_task_sched_out+0x111/0xfe0
[   73.873391][ T5535]  ? __dequeue_entity+0x22/0x310
[   73.878378][ T5535]  ? tracing_record_taskinfo_sched_switch+0x6f/0x270
[   73.885109][ T5535]  __secure_computing+0x9f/0x1c0
[   73.890253][ T5535]  syscall_trace_enter+0xd1/0x1f0
[   73.891762][ T5537] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in;
[   73.891762][ T5537]    program syz.1.738 not setting count and/or reply_len properly
[   73.895300][ T5535]  do_syscall_64+0xaa/0x1c0
[   73.916326][ T5535]  ? clear_bhb_loop+0x55/0xb0
[   73.921112][ T5535]  ? clear_bhb_loop+0x55/0xb0
[   73.925916][ T5535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.931856][ T5535] RIP: 0033:0x7fd6eb48ca3c
[   73.936302][ T5535] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[   73.956032][ T5535] RSP: 002b:00007fd6ea101030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   73.964642][ T5535] RAX: ffffffffffffffda RBX: 00007fd6eb645f80 RCX: 00007fd6eb48ca3c
[   73.972704][ T5535] RDX: 000000000000000f RSI: 00007fd6ea1010a0 RDI: 0000000000000005
[   73.980711][ T5535] RBP: 00007fd6ea101090 R08: 0000000000000000 R09: 0000000000000000
[   73.988925][ T5535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.996946][ T5535] R13: 0000000000000000 R14: 00007fd6eb645f80 R15: 00007fff98092018
[   74.004935][ T5535]  </TASK>
[   74.008021][ T5535] audit_log_lost: 159 callbacks suppressed
[   74.008211][ T5535] audit: audit_lost=6 audit_rate_limit=0 audit_backlog_limit=64
[   74.010605][ T5543] netlink: 'syz.3.736': attribute type 8 has an invalid length.
[   74.014099][ T5535] audit: out of memory in audit_log_start
[   74.035397][ T5543] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   74.079848][   T29] audit: type=1326 audit(1728913392.537:2389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5534 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fd6eb48cadf code=0x7ffc0000
[   74.102666][   T29] audit: type=1326 audit(1728913392.537:2390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5534 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fd6eb48cc8a code=0x7ffc0000
[   74.104316][ T5546] netlink: 8 bytes leftover after parsing attributes in process `syz.0.742'.
[   74.125676][   T29] audit: type=1326 audit(1728913392.537:2391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5534 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000
[   74.134557][ T5546] netlink: 24 bytes leftover after parsing attributes in process `syz.0.742'.
[   74.156074][ T5549] FAULT_INJECTION: forcing a failure.
[   74.156074][ T5549] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   74.157730][   T29] audit: type=1326 audit(1728913392.537:2392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5534 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000
[   74.166543][ T5549] CPU: 0 UID: 0 PID: 5549 Comm: syz.0.743 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   74.166619][ T5549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   74.166634][ T5549] Call Trace:
[   74.166641][ T5549]  <TASK>
[   74.166649][ T5549]  dump_stack_lvl+0xf2/0x150
[   74.166680][ T5549]  dump_stack+0x15/0x20
[   74.166703][ T5549]  should_fail_ex+0x223/0x230
[   74.166795][ T5549]  should_fail+0xb/0x10
[   74.166832][ T5549]  should_fail_usercopy+0x1a/0x20
[   74.183523][ T5547] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in;
[   74.183523][ T5547]    program syz.2.741 not setting count and/or reply_len properly
[   74.202706][ T5549]  _copy_from_user+0x1e/0xd0
[   74.202744][ T5549]  sctp_getsockopt_scheduler+0x71/0x340
[   74.202800][ T5549]  sctp_getsockopt+0xa1e/0xab0
[   74.284226][ T5549]  sock_common_getsockopt+0x5b/0x70
[   74.289533][ T5549]  ? __pfx_sock_common_getsockopt+0x10/0x10
[   74.295504][ T5549]  do_sock_getsockopt+0x1ca/0x260
[   74.300566][ T5549]  __sys_getsockopt+0x18a/0x200
[   74.305520][ T5549]  __x64_sys_getsockopt+0x66/0x80
[   74.310647][ T5549]  x64_sys_call+0x11cd/0x2d60
[   74.315341][ T5549]  do_syscall_64+0xc9/0x1c0
[   74.319867][ T5549]  ? clear_bhb_loop+0x55/0xb0
[   74.324640][ T5549]  ? clear_bhb_loop+0x55/0xb0
[   74.329340][ T5549]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.335256][ T5549] RIP: 0033:0x7faf68e0dff9
[   74.339752][ T5549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.359380][ T5549] RSP: 002b:00007faf67a87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[   74.367854][ T5549] RAX: ffffffffffffffda RBX: 00007faf68fc5f80 RCX: 00007faf68e0dff9
[   74.375834][ T5549] RDX: 000000000000007b RSI: 0000000000000084 RDI: 0000000000000004
[   74.383815][ T5549] RBP: 00007faf67a87090 R08: 00000000200000c0 R09: 0000000000000000
[   74.391884][ T5549] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001
[   74.399932][ T5549] R13: 0000000000000000 R14: 00007faf68fc5f80 R15: 00007ffcf7ce12b8
[   74.407936][ T5549]  </TASK>
[   74.475858][   T29] audit: type=1326 audit(1728913392.925:2393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5561 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000
[   74.510462][   T29] audit: type=1326 audit(1728913392.925:2394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5561 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000
[   74.527112][ T5562] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[   74.534031][   T29] audit: type=1326 audit(1728913392.925:2395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5561 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000
[   74.562944][   T29] audit: type=1326 audit(1728913392.925:2396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5561 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000
[   74.589654][ T5568] 9pnet_fd: Insufficient options for proto=fd
[   74.715704][ T5570] netlink: 12 bytes leftover after parsing attributes in process `syz.3.751'.
[   74.769184][ T5581] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in;
[   74.769184][ T5581]    program syz.3.756 not setting count and/or reply_len properly
[   74.779069][ T5580] loop2: detected capacity change from 0 to 2048
[   74.888471][ T5586] netlink: 4 bytes leftover after parsing attributes in process `syz.4.750'.
[   74.923806][ T5590] netlink: 12 bytes leftover after parsing attributes in process `syz.3.759'.
[   75.013126][ T5600] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   75.048017][ T5600] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   75.094664][ T5602] pimreg: entered allmulticast mode
[   75.110053][ T5602] pimreg: left allmulticast mode
[   75.202131][ T5604] FAULT_INJECTION: forcing a failure.
[   75.202131][ T5604] name failslab, interval 1, probability 0, space 0, times 0
[   75.214820][ T5604] CPU: 0 UID: 0 PID: 5604 Comm: syz.3.764 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   75.225464][ T5604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   75.235546][ T5604] Call Trace:
[   75.238871][ T5604]  <TASK>
[   75.241915][ T5604]  dump_stack_lvl+0xf2/0x150
[   75.246557][ T5604]  dump_stack+0x15/0x20
[   75.250856][ T5604]  should_fail_ex+0x223/0x230
[   75.255592][ T5604]  ? p9_client_prepare_req+0xf9/0x870
[   75.261000][ T5604]  should_failslab+0x8f/0xb0
[   75.265681][ T5604]  kmem_cache_alloc_noprof+0x4c/0x290
[   75.271087][ T5604]  p9_client_prepare_req+0xf9/0x870
[   75.276359][ T5604]  ? xas_load+0x3ae/0x3d0
[   75.280785][ T5604]  ? xas_load+0x3ae/0x3d0
[   75.285221][ T5604]  ? __rcu_read_unlock+0x4e/0x70
[   75.290200][ T5604]  ? xa_load+0xb9/0xe0
[   75.294360][ T5604]  ? delete_node+0x40b/0x450
[   75.299165][ T5604]  p9_client_rpc+0xf0/0x710
[   75.303766][ T5604]  ? radix_tree_iter_tag_clear+0x109/0x180
[   75.309794][ T5604]  p9_client_walk+0xfb/0x4e0
[   75.314414][ T5604]  v9fs_file_open+0x163/0x530
[   75.319188][ T5604]  ? __pfx_v9fs_file_open+0x10/0x10
[   75.324415][ T5604]  do_dentry_open+0x621/0xa20
[   75.329169][ T5604]  vfs_open+0x38/0x1f0
[   75.333274][ T5604]  path_openat+0x1ac2/0x1fa0
[   75.337894][ T5604]  ? _parse_integer_limit+0x167/0x180
[   75.343308][ T5604]  ? _parse_integer+0x27/0x30
[   75.348081][ T5604]  ? kstrtoull+0x110/0x140
[   75.352530][ T5604]  do_filp_open+0xf7/0x200
[   75.357111][ T5604]  do_sys_openat2+0xab/0x120
[   75.361861][ T5604]  __x64_sys_open+0xe6/0x110
[   75.366542][ T5604]  x64_sys_call+0x1321/0x2d60
[   75.371321][ T5604]  do_syscall_64+0xc9/0x1c0
[   75.375904][ T5604]  ? clear_bhb_loop+0x55/0xb0
[   75.380622][ T5604]  ? clear_bhb_loop+0x55/0xb0
[   75.385457][ T5604]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.391462][ T5604] RIP: 0033:0x7f20fc95dff9
[   75.395905][ T5604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.415532][ T5604] RSP: 002b:00007f20fb5d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[   75.424071][ T5604] RAX: ffffffffffffffda RBX: 00007f20fcb15f80 RCX: 00007f20fc95dff9
[   75.432506][ T5604] RDX: 0000000000000000 RSI: 0000000000000c00 RDI: 0000000020000300
[   75.440547][ T5604] RBP: 00007f20fb5d7090 R08: 0000000000000000 R09: 0000000000000000
[   75.448610][ T5604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.456605][ T5604] R13: 0000000000000000 R14: 00007f20fcb15f80 R15: 00007ffdfacf8ac8
[   75.464673][ T5604]  </TASK>
[   75.543958][ T5606] netlink: 19 bytes leftover after parsing attributes in process `syz.3.765'.
[   75.655663][ T5614] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in;
[   75.655663][ T5614]    program syz.3.769 not setting count and/or reply_len properly
[   75.677885][ T5618] loop0: detected capacity change from 0 to 128
[   75.684897][ T5618] vfat: Unknown parameter 'ÿÿÿÿ0x0000000000000004'
[   75.698527][ T5618] loop0: detected capacity change from 0 to 512
[   75.745288][ T5618] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[   75.756848][ T5629] loop2: detected capacity change from 0 to 512
[   75.763217][ T5618] System zones: 0-2, 18-18, 34-34
[   75.769586][ T5631] FAULT_INJECTION: forcing a failure.
[   75.769586][ T5631] name failslab, interval 1, probability 0, space 0, times 0
[   75.782443][ T5631] CPU: 0 UID: 0 PID: 5631 Comm: syz.3.774 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   75.793107][ T5631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   75.803329][ T5631] Call Trace:
[   75.806627][ T5631]  <TASK>
[   75.809612][ T5631]  dump_stack_lvl+0xf2/0x150
[   75.814244][ T5631]  dump_stack+0x15/0x20
[   75.818436][ T5631]  should_fail_ex+0x223/0x230
[   75.823140][ T5631]  ? tcp_sendmsg_fastopen+0x163/0x4f0
[   75.828607][ T5631]  should_failslab+0x8f/0xb0
[   75.833232][ T5631]  __kmalloc_cache_noprof+0x4b/0x2a0
[   75.838569][ T5631]  tcp_sendmsg_fastopen+0x163/0x4f0
[   75.843796][ T5631]  tcp_sendmsg_locked+0x2513/0x2700
[   75.844767][ T5618] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.771: bg 0: block 248: padding at end of block bitmap is not set
[   75.849006][ T5631]  ? mntput+0x49/0x70
[   75.864546][ T5618] EXT4-fs error (device loop0): ext4_acquire_dquot:6879: comm syz.0.771: Failed to acquire dquot type 1
[   75.867171][ T5631]  ? __rcu_read_unlock+0x4e/0x70
[   75.883220][ T5631]  ? avc_has_perm_noaudit+0x1cc/0x210
[   75.883306][ T5631]  ? avc_has_perm+0xd4/0x160
[   75.890378][ T5618] EXT4-fs (loop0): 1 truncate cleaned up
[   75.893234][ T5631]  ? _raw_spin_unlock_bh+0x36/0x40
[   75.899405][ T5618] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.903965][ T5631]  ? __pfx_tcp_sendmsg+0x10/0x10
[   75.903995][ T5631]  tcp_sendmsg+0x30/0x50
[   75.904034][ T5631]  inet6_sendmsg+0x77/0xd0
[   75.917658][ T5618] ext4 filesystem being mounted at /155/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   75.921336][ T5631]  __sock_sendmsg+0x8b/0x180
[   75.937604][ T5629] EXT4-fs error (device loop2): ext4_orphan_get:1388: inode #15: comm syz.2.773: casefold flag without casefold feature
[   75.940379][ T5631]  __sys_sendto+0x1d6/0x260
[   75.945338][ T5629] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.773: couldn't read orphan inode 15 (err -117)
[   75.957469][ T5631]  __x64_sys_sendto+0x78/0x90
[   75.957543][ T5631]  x64_sys_call+0x2959/0x2d60
[   75.963529][ T5629] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.973733][ T5631]  do_syscall_64+0xc9/0x1c0
[   75.973783][ T5631]  ? clear_bhb_loop+0x55/0xb0
[   75.973820][ T5631]  ? clear_bhb_loop+0x55/0xb0
[   75.973850][ T5631]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.015545][ T5631] RIP: 0033:0x7f20fc95dff9
[   76.019968][ T5631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.039640][ T5631] RSP: 002b:00007f20fb5d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   76.048068][ T5631] RAX: ffffffffffffffda RBX: 00007f20fcb15f80 RCX: 00007f20fc95dff9
[   76.056107][ T5631] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000006
[   76.064229][ T5631] RBP: 00007f20fb5d7090 R08: 0000000000000000 R09: 0000000000000000
[   76.072211][ T5631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.080228][ T5631] R13: 0000000000000000 R14: 00007f20fcb15f80 R15: 00007ffdfacf8ac8
[   76.088219][ T5631]  </TASK>
[   76.122063][ T5618] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.128027][ T5636] FAULT_INJECTION: forcing a failure.
[   76.128027][ T5636] name failslab, interval 1, probability 0, space 0, times 0
[   76.143781][ T5636] CPU: 0 UID: 0 PID: 5636 Comm: syz.3.776 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   76.154579][ T5636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   76.164681][ T5636] Call Trace:
[   76.167983][ T5636]  <TASK>
[   76.170919][ T5636]  dump_stack_lvl+0xf2/0x150
[   76.175620][ T5636]  dump_stack+0x15/0x20
[   76.179808][ T5636]  should_fail_ex+0x223/0x230
[   76.184498][ T5636]  ? __alloc_skb+0x10b/0x310
[   76.189127][ T5636]  should_failslab+0x8f/0xb0
[   76.193732][ T5636]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[   76.199581][ T5636]  __alloc_skb+0x10b/0x310
[   76.204171][ T5636]  netlink_ack+0xef/0x4f0
[   76.208630][ T5636]  netlink_rcv_skb+0x19c/0x230
[   76.213439][ T5636]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   76.218953][ T5636]  nfnetlink_rcv+0x16c/0x15c0
[   76.223649][ T5636]  ? kmem_cache_free+0xdc/0x2d0
[   76.228682][ T5636]  ? nlmon_xmit+0x51/0x60
[   76.233060][ T5636]  ? __kfree_skb+0x102/0x150
[   76.237680][ T5636]  ? consume_skb+0x49/0x160
[   76.242206][ T5636]  ? nlmon_xmit+0x51/0x60
[   76.246597][ T5636]  ? dev_hard_start_xmit+0x3c1/0x3f0
[   76.251920][ T5636]  ? __dev_queue_xmit+0xb4c/0x2040
[   76.257074][ T5636]  ? ref_tracker_free+0x3a5/0x410
[   76.262165][ T5636]  ? __dev_queue_xmit+0x161/0x2040
[   76.267455][ T5636]  ? ref_tracker_alloc+0x1f5/0x2f0
[   76.272752][ T5636]  ? __netlink_deliver_tap+0x495/0x4c0
[   76.278260][ T5636]  netlink_unicast+0x599/0x670
[   76.283150][ T5636]  netlink_sendmsg+0x5cc/0x6e0
[   76.287963][ T5636]  ? __pfx_netlink_sendmsg+0x10/0x10
[   76.293335][ T5636]  __sock_sendmsg+0x140/0x180
[   76.298043][ T5636]  ____sys_sendmsg+0x312/0x410
[   76.302900][ T5636]  __sys_sendmsg+0x1d9/0x270
[   76.307517][ T5636]  __x64_sys_sendmsg+0x46/0x50
[   76.312452][ T5636]  x64_sys_call+0x2689/0x2d60
[   76.317353][ T5636]  do_syscall_64+0xc9/0x1c0
[   76.322002][ T5636]  ? clear_bhb_loop+0x55/0xb0
[   76.326846][ T5636]  ? clear_bhb_loop+0x55/0xb0
[   76.331646][ T5636]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.337584][ T5636] RIP: 0033:0x7f20fc95dff9
[   76.342036][ T5636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.361751][ T5636] RSP: 002b:00007f20fb5d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   76.370179][ T5636] RAX: ffffffffffffffda RBX: 00007f20fcb15f80 RCX: 00007f20fc95dff9
[   76.378164][ T5636] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[   76.386440][ T5636] RBP: 00007f20fb5d7090 R08: 0000000000000000 R09: 0000000000000000
[   76.394417][ T5636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.402390][ T5636] R13: 0000000000000000 R14: 00007f20fcb15f80 R15: 00007ffdfacf8ac8
[   76.410390][ T5636]  </TASK>
[   76.415571][ T5127] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.444101][ T5644] loop2: detected capacity change from 0 to 512
[   76.453772][ T5644] EXT4-fs: Ignoring removed oldalloc option
[   76.482357][ T5644] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.777: Parent and EA inode have the same ino 15
[   76.495693][ T5644] EXT4-fs (loop2): Remounting filesystem read-only
[   76.502286][ T5644] EXT4-fs warning (device loop2): ext4_evict_inode:259: couldn't mark inode dirty (err -5)
[   76.513299][ T5644] EXT4-fs (loop2): 1 orphan inode deleted
[   76.519371][ T5644] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.532418][ T5644] SELinux: (dev loop2, type ext4) getxattr errno 5
[   76.539943][ T5644] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.574416][ T5651] loop2: detected capacity change from 0 to 512
[   76.584274][ T5651] netlink: 20 bytes leftover after parsing attributes in process `syz.2.780'.
[   76.698433][ T5666] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   76.699566][ T5661] netlink: 4 bytes leftover after parsing attributes in process `syz.0.778'.
[   76.717071][ T5666] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   76.917379][ T5682] loop4: detected capacity change from 0 to 512
[   76.924948][ T5682] EXT4-fs: Ignoring removed oldalloc option
[   76.933146][ T5682] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.791: Parent and EA inode have the same ino 15
[   76.945571][ T5682] EXT4-fs (loop4): Remounting filesystem read-only
[   76.952177][ T5682] EXT4-fs warning (device loop4): ext4_evict_inode:259: couldn't mark inode dirty (err -5)
[   76.963186][ T5682] EXT4-fs (loop4): 1 orphan inode deleted
[   76.969289][ T5682] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.981349][ T5682] SELinux: (dev loop4, type ext4) getxattr errno 5
[   76.989348][ T5682] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.021003][ T5686] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in;
[   77.021003][ T5686]    program syz.4.792 not setting count and/or reply_len properly
[   77.217820][ T5702] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[   77.270164][ T5704] netlink: 'syz.1.801': attribute type 10 has an invalid length.
[   77.284766][ T5704] team0: Failed to send options change via netlink (err -105)
[   77.292391][ T5704] team0: Port device netdevsim1 added
[   77.315184][ T5704] netlink: 'syz.1.801': attribute type 10 has an invalid length.
[   77.330690][ T5704] team0: Failed to send port change of device netdevsim1 via netlink (err -105)
[   77.381252][ T5704] team0: Failed to send options change via netlink (err -105)
[   77.405518][ T5712] loop4: detected capacity change from 0 to 512
[   77.436583][ T5704] team0: Failed to send port change of device netdevsim1 via netlink (err -105)
[   77.448473][ T5704] team0: Port device netdevsim1 removed
[   77.458849][ T5712] EXT4-fs error (device loop4): ext4_orphan_get:1388: inode #15: comm syz.4.803: casefold flag without casefold feature
[   77.478097][ T5714] loop0: detected capacity change from 0 to 1024
[   77.498370][ T5712] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.803: couldn't read orphan inode 15 (err -117)
[   77.513471][ T5708] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   77.526862][ T5712] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.542226][ T5714] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.570577][ T5714] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   77.605538][ T5721] bpf: Bad value for 'uid'
[   77.618172][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.636000][ T5723] FAULT_INJECTION: forcing a failure.
[   77.636000][ T5723] name failslab, interval 1, probability 0, space 0, times 0
[   77.648784][ T5723] CPU: 0 UID: 0 PID: 5723 Comm: syz.2.808 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   77.659405][ T5723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   77.669492][ T5723] Call Trace:
[   77.672873][ T5723]  <TASK>
[   77.675884][ T5723]  dump_stack_lvl+0xf2/0x150
[   77.680584][ T5723]  dump_stack+0x15/0x20
[   77.684775][ T5723]  should_fail_ex+0x223/0x230
[   77.689631][ T5723]  ? sidtab_sid2str_get+0xb8/0x140
[   77.694856][ T5723]  should_failslab+0x8f/0xb0
[   77.699570][ T5723]  __kmalloc_node_track_caller_noprof+0xa6/0x380
[   77.706012][ T5723]  ? vsnprintf+0xdd8/0xe30
[   77.710472][ T5723]  kmemdup_noprof+0x2a/0x60
[   77.715064][ T5723]  sidtab_sid2str_get+0xb8/0x140
[   77.720075][ T5723]  security_sid_to_context_core+0x1eb/0x2f0
[   77.726074][ T5723]  security_sid_to_context+0x27/0x30
[   77.731408][ T5723]  selinux_secid_to_secctx+0x22/0x30
[   77.736818][ T5723]  security_secid_to_secctx+0x48/0x90
[   77.742328][ T5723]  audit_log_task_context+0x8c/0x1b0
[   77.747662][ T5723]  audit_log_task+0xfb/0x180
[   77.752328][ T5723]  audit_seccomp+0x68/0x130
[   77.756862][ T5723]  __seccomp_filter+0x6fa/0x1180
[   77.761877][ T5723]  ? xfd_validate_state+0x46/0xf0
[   77.767024][ T5723]  ? save_fpregs_to_fpstate+0x102/0x160
[   77.772697][ T5723]  __secure_computing+0x9f/0x1c0
[   77.777696][ T5723]  syscall_trace_enter+0xd1/0x1f0
[   77.782806][ T5723]  do_syscall_64+0xaa/0x1c0
[   77.787323][ T5723]  ? clear_bhb_loop+0x55/0xb0
[   77.792030][ T5723]  ? clear_bhb_loop+0x55/0xb0
[   77.796870][ T5723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.802821][ T5723] RIP: 0033:0x7fd6eb48ca3c
[   77.807348][ T5723] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[   77.827019][ T5723] RSP: 002b:00007fd6ea101030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   77.835495][ T5723] RAX: ffffffffffffffda RBX: 00007fd6eb645f80 RCX: 00007fd6eb48ca3c
[   77.843646][ T5723] RDX: 000000000000000f RSI: 00007fd6ea1010a0 RDI: 0000000000000003
[   77.851625][ T5723] RBP: 00007fd6ea101090 R08: 0000000000000000 R09: 0000000000000000
[   77.859630][ T5723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   77.867611][ T5723] R13: 0000000000000000 R14: 00007fd6eb645f80 R15: 00007fff98092018
[   77.875597][ T5723]  </TASK>
[   77.904774][ T3271] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.054081][ T5737] loop4: detected capacity change from 0 to 1024
[   78.063343][ T5737] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   78.079972][ T5737] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.153294][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.165893][ T5748] x_tables: ip6_tables: sctp match: only valid for protocol 132
[   78.233561][ T5760] FAULT_INJECTION: forcing a failure.
[   78.233561][ T5760] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   78.246800][ T5760] CPU: 0 UID: 0 PID: 5760 Comm: syz.3.823 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   78.257482][ T5760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   78.267566][ T5760] Call Trace:
[   78.267720][ T5765] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in;
[   78.267720][ T5765]    program syz.1.825 not setting count and/or reply_len properly
[   78.270851][ T5760]  <TASK>
[   78.270862][ T5760]  dump_stack_lvl+0xf2/0x150
[   78.270893][ T5760]  dump_stack+0x15/0x20
[   78.270950][ T5760]  should_fail_ex+0x223/0x230
[   78.303841][ T5760]  should_fail+0xb/0x10
[   78.308092][ T5760]  should_fail_usercopy+0x1a/0x20
[   78.313148][ T5760]  _copy_to_iter+0xd3/0xd20
[   78.317736][ T5760]  ? filemap_map_pages+0x8c6/0xb30
[   78.323070][ T5760]  copy_page_to_iter+0x171/0x2b0
[   78.328124][ T5760]  shmem_file_read_iter+0x408/0x550
[   78.333352][ T5760]  aio_read+0x1e0/0x2e0
[   78.337535][ T5760]  io_submit_one+0xade/0x1230
[   78.342263][ T5760]  __se_sys_io_submit+0xf5/0x280
[   78.347266][ T5760]  __x64_sys_io_submit+0x43/0x50
[   78.352248][ T5760]  x64_sys_call+0x1ebc/0x2d60
[   78.357021][ T5760]  do_syscall_64+0xc9/0x1c0
[   78.361534][ T5760]  ? clear_bhb_loop+0x55/0xb0
[   78.366255][ T5760]  ? clear_bhb_loop+0x55/0xb0
[   78.371047][ T5760]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.376969][ T5760] RIP: 0033:0x7f20fc95dff9
[   78.381428][ T5760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.401092][ T5760] RSP: 002b:00007f20fb5d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[   78.409569][ T5760] RAX: ffffffffffffffda RBX: 00007f20fcb15f80 RCX: 00007f20fc95dff9
[   78.417566][ T5760] RDX: 0000000020001d00 RSI: 0000000000000002 RDI: 00007f20fcaef000
[   78.425550][ T5760] RBP: 00007f20fb5d7090 R08: 0000000000000000 R09: 0000000000000000
[   78.433549][ T5760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   78.441530][ T5760] R13: 0000000000000000 R14: 00007f20fcb15f80 R15: 00007ffdfacf8ac8
[   78.449720][ T5760]  </TASK>
[   78.509611][ T5771] __nla_validate_parse: 1 callbacks suppressed
[   78.509628][ T5771] netlink: 8 bytes leftover after parsing attributes in process `syz.0.826'.
[   78.559934][ T5777] netlink: 132 bytes leftover after parsing attributes in process `syz.0.830'.
[   78.570445][ T5773] netlink: 8 bytes leftover after parsing attributes in process `syz.1.828'.
[   78.579606][ T5777] netlink: 'syz.0.830': attribute type 10 has an invalid length.
[   78.598018][ T5777] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   78.608393][ T5781] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in;
[   78.608393][ T5781]    program syz.1.832 not setting count and/or reply_len properly
[   78.645643][ T5786] loop0: detected capacity change from 0 to 128
[   78.660178][ T5786] syz.0.834: attempt to access beyond end of device
[   78.660178][ T5786] loop0: rw=0, sector=121, nr_sectors = 119 limit=128
[   78.671372][ T5789] netlink: 4 bytes leftover after parsing attributes in process `syz.3.836'.
[   78.748341][ T5795] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in;
[   78.748341][ T5795]    program syz.3.838 not setting count and/or reply_len properly
[   78.832500][ T5798] loop0: detected capacity change from 0 to 129
[   78.942987][ T5811] loop2: detected capacity change from 0 to 512
[   78.949928][ T5811] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   78.962237][ T5811] netlink: 8 bytes leftover after parsing attributes in process `syz.2.843'.
[   78.977330][ T5819] FAULT_INJECTION: forcing a failure.
[   78.977330][ T5819] name failslab, interval 1, probability 0, space 0, times 0
[   78.990067][ T5819] CPU: 1 UID: 0 PID: 5819 Comm: syz.0.846 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   78.994621][ T5821] loop2: detected capacity change from 0 to 512
[   79.000751][ T5819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   79.000771][ T5819] Call Trace:
[   79.020345][ T5819]  <TASK>
[   79.023285][ T5819]  dump_stack_lvl+0xf2/0x150
[   79.027917][ T5819]  dump_stack+0x15/0x20
[   79.032087][ T5819]  should_fail_ex+0x223/0x230
[   79.036853][ T5819]  ? getname_flags+0x81/0x3b0
[   79.041544][ T5819]  should_failslab+0x8f/0xb0
[   79.046174][ T5819]  kmem_cache_alloc_noprof+0x4c/0x290
[   79.051573][ T5819]  getname_flags+0x81/0x3b0
[   79.056090][ T5819]  getname+0x17/0x20
[   79.060018][ T5819]  do_sys_openat2+0x67/0x120
[   79.064622][ T5819]  __x64_sys_openat+0xf3/0x120
[   79.069482][ T5819]  x64_sys_call+0x1025/0x2d60
[   79.074249][ T5819]  do_syscall_64+0xc9/0x1c0
[   79.078780][ T5819]  ? clear_bhb_loop+0x55/0xb0
[   79.083518][ T5819]  ? clear_bhb_loop+0x55/0xb0
[   79.088285][ T5819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.094199][ T5819] RIP: 0033:0x7faf68e0dff9
[   79.098663][ T5819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.118396][ T5819] RSP: 002b:00007faf67a87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   79.126819][ T5819] RAX: ffffffffffffffda RBX: 00007faf68fc5f80 RCX: 00007faf68e0dff9
[   79.134863][ T5819] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffff9c
[   79.142845][ T5819] RBP: 00007faf67a87090 R08: 0000000000000000 R09: 0000000000000000
[   79.150889][ T5819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   79.158874][ T5819] R13: 0000000000000000 R14: 00007faf68fc5f80 R15: 00007ffcf7ce12b8
[   79.166945][ T5819]  </TASK>
[   79.189922][ T5823] netlink: 4 bytes leftover after parsing attributes in process `syz.0.848'.
[   79.215754][ T5829] FAULT_INJECTION: forcing a failure.
[   79.215754][ T5829] name failslab, interval 1, probability 0, space 0, times 0
[   79.228546][ T5829] CPU: 0 UID: 0 PID: 5829 Comm: syz.0.850 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   79.239161][ T5829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   79.249242][ T5829] Call Trace:
[   79.252574][ T5829]  <TASK>
[   79.255642][ T5829]  dump_stack_lvl+0xf2/0x150
[   79.260270][ T5829]  dump_stack+0x15/0x20
[   79.264451][ T5829]  should_fail_ex+0x223/0x230
[   79.269246][ T5829]  ? __kvmalloc_node_noprof+0x72/0x170
[   79.274781][ T5829]  should_failslab+0x8f/0xb0
[   79.279404][ T5829]  __kmalloc_node_noprof+0xa8/0x380
[   79.284651][ T5829]  ? should_failslab+0x8f/0xb0
[   79.289505][ T5829]  __kvmalloc_node_noprof+0x72/0x170
[   79.292523][ T5825] syz.4.849[5825] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   79.294813][ T5829]  page_pool_create_percpu+0x24d/0x650
[   79.294903][ T5825] syz.4.849[5825] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   79.306125][ T5829]  page_pool_create+0x1a/0x20
[   79.306193][ T5829]  bpf_test_run_xdp_live+0x138/0x1010
[   79.311747][ T5825] syz.4.849[5825] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   79.322866][ T5829]  ? __pfx_autoremove_wake_function+0x10/0x10
[   79.322989][ T5829]  ? 0xffffffffa00038c0
[   79.323006][ T5829]  ? synchronize_rcu+0x46/0x320
[   79.359595][ T5829]  ? 0xffffffffa00038c0
[   79.363834][ T5829]  ? bpf_dispatcher_change_prog+0x73c/0x830
[   79.369827][ T5829]  ? 0xffffffffa00038c0
[   79.374034][ T5829]  ? 0xffffffffa0000958
[   79.378201][ T5829]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   79.384173][ T5829]  bpf_prog_test_run_xdp+0x51d/0x8b0
[   79.389545][ T5829]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   79.395440][ T5829]  bpf_prog_test_run+0x20f/0x3a0
[   79.400405][ T5829]  __sys_bpf+0x400/0x7a0
[   79.404758][ T5829]  __x64_sys_bpf+0x43/0x50
[   79.409292][ T5829]  x64_sys_call+0x2625/0x2d60
[   79.413989][ T5829]  do_syscall_64+0xc9/0x1c0
[   79.418525][ T5829]  ? clear_bhb_loop+0x55/0xb0
[   79.423250][ T5829]  ? clear_bhb_loop+0x55/0xb0
[   79.427954][ T5829]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.433887][ T5829] RIP: 0033:0x7faf68e0dff9
[   79.438310][ T5829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.457934][ T5829] RSP: 002b:00007faf67a87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   79.466516][ T5829] RAX: ffffffffffffffda RBX: 00007faf68fc5f80 RCX: 00007faf68e0dff9
[   79.474532][ T5829] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   79.482521][ T5829] RBP: 00007faf67a87090 R08: 0000000000000000 R09: 0000000000000000
[   79.490597][ T5829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   79.498586][ T5829] R13: 0000000000000000 R14: 00007faf68fc5f80 R15: 00007ffcf7ce12b8
[   79.506581][ T5829]  </TASK>
[   79.509938][ T5829] page_pool_create_percpu() gave up with errno -12
[   79.518303][ T5825] loop4: detected capacity change from 0 to 512
[   79.526475][   T29] kauditd_printk_skb: 291 callbacks suppressed
[   79.526497][   T29] audit: type=1326 audit(1728913397.568:2685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5824 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f098d6adff9 code=0x7ffc0000
[   79.556106][   T29] audit: type=1326 audit(1728913397.568:2686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5824 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f098d6adff9 code=0x7ffc0000
[   79.579726][   T29] audit: type=1326 audit(1728913397.568:2687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5824 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f098d6adff9 code=0x7ffc0000
[   79.603149][   T29] audit: type=1326 audit(1728913397.568:2688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5824 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f098d6adff9 code=0x7ffc0000
[   79.604087][ T5821] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.626677][   T29] audit: type=1326 audit(1728913397.568:2689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5824 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f098d6adff9 code=0x7ffc0000
[   79.639914][ T5821] ext4 filesystem being mounted at /40/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   79.662475][   T29] audit: type=1326 audit(1728913397.568:2690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5824 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f098d6adff9 code=0x7ffc0000
[   79.696034][   T29] audit: type=1326 audit(1728913397.568:2691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5824 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f098d6ae033 code=0x7ffc0000
[   79.719292][   T29] audit: type=1326 audit(1728913397.568:2692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5824 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f098d6acadf code=0x7ffc0000
[   79.742519][   T29] audit: type=1326 audit(1728913397.568:2693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5824 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f098d6ae087 code=0x7ffc0000
[   79.765793][   T29] audit: type=1326 audit(1728913397.568:2694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5824 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f098d6ac990 code=0x7ffc0000
[   79.823432][ T5825] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.836076][ T5825] ext4 filesystem being mounted at /150/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   79.857937][ T5848] netlink: 52 bytes leftover after parsing attributes in process `syz.3.856'.
[   79.886323][ T5848] netlink: 52 bytes leftover after parsing attributes in process `syz.3.856'.
[   79.896235][ T5127] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.912367][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.930395][ T5848] netlink: 52 bytes leftover after parsing attributes in process `syz.3.856'.
[   79.960581][ T5859] netlink: 8 bytes leftover after parsing attributes in process `syz.2.857'.
[   79.975831][ T5859] syz_tun: entered promiscuous mode
[   79.981251][ T5859] macsec1: entered promiscuous mode
[   79.993741][ T5856] sch_tbf: peakrate 6 is lower than or equals to rate 705765376 !
[   80.003073][ T5862] geneve0: entered allmulticast mode
[   80.033481][ T5867] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in;
[   80.033481][ T5867]    program syz.4.861 not setting count and/or reply_len properly
[   80.468736][ T5901] FAULT_INJECTION: forcing a failure.
[   80.468736][ T5901] name failslab, interval 1, probability 0, space 0, times 0
[   80.481600][ T5901] CPU: 0 UID: 0 PID: 5901 Comm: syz.4.875 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   80.492473][ T5901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   80.502564][ T5901] Call Trace:
[   80.505866][ T5901]  <TASK>
[   80.508852][ T5901]  dump_stack_lvl+0xf2/0x150
[   80.513538][ T5901]  dump_stack+0x15/0x20
[   80.517723][ T5901]  should_fail_ex+0x223/0x230
[   80.522440][ T5901]  ? vmemdup_user+0x42/0x1b0
[   80.527154][ T5901]  should_failslab+0x8f/0xb0
[   80.531802][ T5901]  __kmalloc_node_noprof+0xa8/0x380
[   80.537048][ T5901]  ? should_fail_usercopy+0x1a/0x20
[   80.542372][ T5901]  vmemdup_user+0x42/0x1b0
[   80.546832][ T5901]  __se_sys_fsetxattr+0x1af/0x360
[   80.552010][ T5901]  ? proc_fail_nth_write+0x12a/0x150
[   80.557430][ T5901]  __x64_sys_fsetxattr+0x67/0x80
[   80.562491][ T5901]  x64_sys_call+0x16a5/0x2d60
[   80.567224][ T5901]  do_syscall_64+0xc9/0x1c0
[   80.571755][ T5901]  ? clear_bhb_loop+0x55/0xb0
[   80.576505][ T5901]  ? clear_bhb_loop+0x55/0xb0
[   80.581382][ T5901]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.581579][ T5887] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   80.587342][ T5901] RIP: 0033:0x7f098d6adff9
[   80.587371][ T5901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.619791][ T5901] RSP: 002b:00007f098c327038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[   80.628346][ T5901] RAX: ffffffffffffffda RBX: 00007f098d865f80 RCX: 00007f098d6adff9
[   80.636439][ T5901] RDX: 0000000020000040 RSI: 00000000200000c0 RDI: 0000000000000004
[   80.644513][ T5901] RBP: 00007f098c327090 R08: 0000000000000000 R09: 0000000000000000
[   80.652626][ T5901] R10: 000000000000001e R11: 0000000000000246 R12: 0000000000000001
[   80.660663][ T5901] R13: 0000000000000000 R14: 00007f098d865f80 R15: 00007ffeddaf64c8
[   80.668662][ T5901]  </TASK>
[   80.673184][ T5887] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   80.768085][ T5915] loop0: detected capacity change from 0 to 512
[   80.784213][ T5915] EXT4-fs: Ignoring removed oldalloc option
[   80.806372][ T5915] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.880: Parent and EA inode have the same ino 15
[   80.823166][ T5915] EXT4-fs (loop0): Remounting filesystem read-only
[   80.829776][ T5915] EXT4-fs warning (device loop0): ext4_evict_inode:259: couldn't mark inode dirty (err -5)
[   80.840339][ T5915] EXT4-fs (loop0): 1 orphan inode deleted
[   80.847496][ T5915] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.859785][ T5915] SELinux: (dev loop0, type ext4) getxattr errno 5
[   80.869657][ T5915] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.949015][ T5927] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   80.959321][ T5927] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   80.979349][ T5927] FAULT_INJECTION: forcing a failure.
[   80.979349][ T5927] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   80.992908][ T5927] CPU: 0 UID: 0 PID: 5927 Comm: syz.3.886 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   81.003543][ T5927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   81.013613][ T5927] Call Trace:
[   81.016991][ T5927]  <TASK>
[   81.019932][ T5927]  dump_stack_lvl+0xf2/0x150
[   81.024631][ T5927]  dump_stack+0x15/0x20
[   81.028802][ T5927]  should_fail_ex+0x223/0x230
[   81.033604][ T5927]  should_fail+0xb/0x10
[   81.037861][ T5927]  should_fail_usercopy+0x1a/0x20
[   81.042913][ T5927]  _copy_from_user+0x1e/0xd0
[   81.047524][ T5927]  input_event_from_user+0x126/0x1e0
[   81.052914][ T5927]  evdev_write+0x29d/0x440
[   81.057357][ T5927]  ? __pfx_evdev_write+0x10/0x10
[   81.062542][ T5927]  vfs_write+0x26c/0x910
[   81.066824][ T5927]  ? __rcu_read_unlock+0x4e/0x70
[   81.071856][ T5927]  ? __fget_files+0x1d4/0x210
[   81.076712][ T5927]  ksys_write+0xeb/0x1b0
[   81.080983][ T5927]  __x64_sys_write+0x42/0x50
[   81.085626][ T5927]  x64_sys_call+0x27dd/0x2d60
[   81.090323][ T5927]  do_syscall_64+0xc9/0x1c0
[   81.094868][ T5927]  ? clear_bhb_loop+0x55/0xb0
[   81.099640][ T5927]  ? clear_bhb_loop+0x55/0xb0
[   81.104410][ T5927]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.110354][ T5927] RIP: 0033:0x7f20fc95dff9
[   81.114799][ T5927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.134428][ T5927] RSP: 002b:00007f20fb5d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   81.143003][ T5927] RAX: ffffffffffffffda RBX: 00007f20fcb15f80 RCX: 00007f20fc95dff9
[   81.150986][ T5927] RDX: 0000000000002250 RSI: 0000000020000040 RDI: 000000000000000c
[   81.158974][ T5927] RBP: 00007f20fb5d7090 R08: 0000000000000000 R09: 0000000000000000
[   81.166996][ T5927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.174977][ T5927] R13: 0000000000000000 R14: 00007f20fcb15f80 R15: 00007ffdfacf8ac8
[   81.183029][ T5927]  </TASK>
[   81.243962][ T5951] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   81.261280][ T5951] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   81.314929][ T5962] loop4: detected capacity change from 0 to 2048
[   81.329577][ T5962] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.377634][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.400414][ T5975] loop4: detected capacity change from 0 to 256
[   81.469297][ T5982] FAULT_INJECTION: forcing a failure.
[   81.469297][ T5982] name failslab, interval 1, probability 0, space 0, times 0
[   81.482114][ T5982] CPU: 1 UID: 0 PID: 5982 Comm: syz.4.904 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   81.492790][ T5982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   81.502869][ T5982] Call Trace:
[   81.506214][ T5982]  <TASK>
[   81.509170][ T5982]  dump_stack_lvl+0xf2/0x150
[   81.513779][ T5982]  dump_stack+0x15/0x20
[   81.517944][ T5982]  should_fail_ex+0x223/0x230
[   81.522824][ T5982]  ? mas_alloc_nodes+0x1d3/0x4a0
[   81.527779][ T5982]  should_failslab+0x8f/0xb0
[   81.532384][ T5982]  kmem_cache_alloc_noprof+0x4c/0x290
[   81.537785][ T5982]  mas_alloc_nodes+0x1d3/0x4a0
[   81.542593][ T5982]  mas_preallocate+0x449/0x650
[   81.547448][ T5982]  __split_vma+0x244/0x6a0
[   81.551966][ T5982]  vms_gather_munmap_vmas+0x2a9/0x7a0
[   81.557439][ T5982]  mmap_region+0x385/0x16e0
[   81.562159][ T5982]  do_mmap+0x718/0xb60
[   81.566250][ T5982]  vm_mmap_pgoff+0x133/0x290
[   81.570940][ T5982]  ksys_mmap_pgoff+0x286/0x330
[   81.575723][ T5982]  x64_sys_call+0x1884/0x2d60
[   81.580478][ T5982]  do_syscall_64+0xc9/0x1c0
[   81.585079][ T5982]  ? clear_bhb_loop+0x55/0xb0
[   81.589932][ T5982]  ? clear_bhb_loop+0x55/0xb0
[   81.594706][ T5982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.600724][ T5982] RIP: 0033:0x7f098d6adff9
[   81.605220][ T5982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.625090][ T5982] RSP: 002b:00007f098c327038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   81.633570][ T5982] RAX: ffffffffffffffda RBX: 00007f098d865f80 RCX: 00007f098d6adff9
[   81.641577][ T5982] RDX: 0000000000000000 RSI: 0000000000001000 RDI: 0000000020ffd000
[   81.649571][ T5982] RBP: 00007f098c327090 R08: 0000000000000003 R09: 0000000000000000
[   81.657706][ T5982] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000001
[   81.665738][ T5982] R13: 0000000000000000 R14: 00007f098d865f80 R15: 00007ffeddaf64c8
[   81.673725][ T5982]  </TASK>
[   81.683479][ T5980] sch_tbf: peakrate 6 is lower than or equals to rate 705765376 !
[   81.749524][ T5990] loop4: detected capacity change from 0 to 4096
[   81.774206][ T5990] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.811277][ T5997] loop2: detected capacity change from 0 to 512
[   81.839522][ T5997] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.854243][ T5997] ext4 filesystem being mounted at /51/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.885262][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.915072][ T5127] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.957395][ T6012] FAULT_INJECTION: forcing a failure.
[   81.957395][ T6012] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   81.970543][ T6012] CPU: 1 UID: 0 PID: 6012 Comm: syz.3.915 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   81.981158][ T6012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   81.991310][ T6012] Call Trace:
[   81.994596][ T6012]  <TASK>
[   81.997534][ T6012]  dump_stack_lvl+0xf2/0x150
[   82.002223][ T6012]  dump_stack+0x15/0x20
[   82.006395][ T6012]  should_fail_ex+0x223/0x230
[   82.011165][ T6012]  should_fail+0xb/0x10
[   82.015341][ T6012]  should_fail_usercopy+0x1a/0x20
[   82.020453][ T6012]  _copy_to_iter+0x246/0xd20
[   82.025146][ T6012]  ? __skb_try_recv_from_queue+0x3b5/0x420
[   82.031004][ T6012]  ? __virt_addr_valid+0x1ed/0x250
[   82.036246][ T6012]  ? __check_object_size+0x364/0x520
[   82.041614][ T6012]  ? __pfx_simple_copy_to_iter+0x10/0x10
[   82.047286][ T6012]  __skb_datagram_iter+0xc8/0x610
[   82.052509][ T6012]  skb_copy_datagram_iter+0x41/0x130
[   82.057896][ T6012]  netlink_recvmsg+0x1a4/0x780
[   82.062784][ T6012]  ? __pfx_netlink_recvmsg+0x10/0x10
[   82.068090][ T6012]  sock_recvmsg+0x13f/0x170
[   82.072607][ T6012]  ____sys_recvmsg+0xf9/0x280
[   82.077395][ T6012]  do_recvmmsg+0x2dc/0x740
[   82.081833][ T6012]  __x64_sys_recvmmsg+0xf9/0x170
[   82.086783][ T6012]  x64_sys_call+0x26e3/0x2d60
[   82.091628][ T6012]  do_syscall_64+0xc9/0x1c0
[   82.096190][ T6012]  ? clear_bhb_loop+0x55/0xb0
[   82.100896][ T6012]  ? clear_bhb_loop+0x55/0xb0
[   82.105650][ T6012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.111570][ T6012] RIP: 0033:0x7f20fc95dff9
[   82.115997][ T6012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.135772][ T6012] RSP: 002b:00007f20fb5d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[   82.144303][ T6012] RAX: ffffffffffffffda RBX: 00007f20fcb15f80 RCX: 00007f20fc95dff9
[   82.152285][ T6012] RDX: 04000000000003b4 RSI: 00000000200037c0 RDI: 0000000000000003
[   82.160339][ T6012] RBP: 00007f20fb5d7090 R08: 0000000020003700 R09: 0000000000000000
[   82.168424][ T6012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   82.176493][ T6012] R13: 0000000000000000 R14: 00007f20fcb15f80 R15: 00007ffdfacf8ac8
[   82.184508][ T6012]  </TASK>
[   82.196565][ T6010] FAULT_INJECTION: forcing a failure.
[   82.196565][ T6010] name failslab, interval 1, probability 0, space 0, times 0
[   82.209352][ T6010] CPU: 0 UID: 0 PID: 6010 Comm: syz.2.913 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   82.219969][ T6010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   82.230051][ T6010] Call Trace:
[   82.233379][ T6010]  <TASK>
[   82.236360][ T6010]  dump_stack_lvl+0xf2/0x150
[   82.240999][ T6010]  dump_stack+0x15/0x20
[   82.245214][ T6010]  should_fail_ex+0x223/0x230
[   82.250376][ T6010]  ? io_ring_ctx_alloc+0x38/0xd90
[   82.251012][ T6014] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in;
[   82.251012][ T6014]    program syz.0.916 not setting count and/or reply_len properly
[   82.255418][ T6010]  should_failslab+0x8f/0xb0
[   82.255452][ T6010]  __kmalloc_cache_noprof+0x4b/0x2a0
[   82.282003][ T6010]  io_ring_ctx_alloc+0x38/0xd90
[   82.286893][ T6010]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   82.292575][ T6010]  io_uring_create+0x1cf/0x940
[   82.297400][ T6010]  __se_sys_io_uring_setup+0x1d2/0x1e0
[   82.302940][ T6010]  __x64_sys_io_uring_setup+0x31/0x40
[   82.308339][ T6010]  x64_sys_call+0x1f7e/0x2d60
[   82.313117][ T6010]  do_syscall_64+0xc9/0x1c0
[   82.317653][ T6010]  ? clear_bhb_loop+0x55/0xb0
[   82.322377][ T6010]  ? clear_bhb_loop+0x55/0xb0
[   82.327149][ T6010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.333084][ T6010] RIP: 0033:0x7fd6eb48dff9
[   82.337513][ T6010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.353219][ T6006] loop4: detected capacity change from 0 to 512
[   82.357160][ T6010] RSP: 002b:00007fd6ea100fc8 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[   82.357188][ T6010] RAX: ffffffffffffffda RBX: 00007fd6eb645f80 RCX: 00007fd6eb48dff9
[   82.357205][ T6010] RDX: 00000000200007c0 RSI: 0000000020000580 RDI: 00000000000070f0
[   82.357221][ T6010] RBP: 0000000020000580 R08: 0000000000000000 R09: 00000000200007c0
[   82.357237][ T6010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   82.368321][ T6006] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   82.371904][ T6010] R13: 0000000020000780 R14: 00000000000070f0 R15: 00000000200007c0
[   82.371932][ T6010]  </TASK>
[   82.456275][ T6021] loop0: detected capacity change from 0 to 512
[   82.465940][ T6021] FAULT_INJECTION: forcing a failure.
[   82.465940][ T6021] name failslab, interval 1, probability 0, space 0, times 0
[   82.478627][ T6021] CPU: 1 UID: 0 PID: 6021 Comm: syz.0.918 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   82.489274][ T6021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   82.499433][ T6021] Call Trace:
[   82.502846][ T6021]  <TASK>
[   82.505808][ T6021]  dump_stack_lvl+0xf2/0x150
[   82.510469][ T6021]  dump_stack+0x15/0x20
[   82.514657][ T6021]  should_fail_ex+0x223/0x230
[   82.519459][ T6021]  ? getname_flags+0x81/0x3b0
[   82.524178][ T6021]  should_failslab+0x8f/0xb0
[   82.528788][ T6021]  kmem_cache_alloc_noprof+0x4c/0x290
[   82.534296][ T6021]  getname_flags+0x81/0x3b0
[   82.538929][ T6021]  user_path_at+0x26/0x110
[   82.543428][ T6021]  __se_sys_move_mount+0x13c/0x730
[   82.548671][ T6021]  __x64_sys_move_mount+0x67/0x80
[   82.553771][ T6021]  x64_sys_call+0x1b80/0x2d60
[   82.558538][ T6021]  do_syscall_64+0xc9/0x1c0
[   82.563081][ T6021]  ? clear_bhb_loop+0x55/0xb0
[   82.567790][ T6021]  ? clear_bhb_loop+0x55/0xb0
[   82.572498][ T6021]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.578462][ T6021] RIP: 0033:0x7faf68e0dff9
[   82.582901][ T6021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.602543][ T6021] RSP: 002b:00007faf67a87038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ad
[   82.610992][ T6021] RAX: ffffffffffffffda RBX: 00007faf68fc5f80 RCX: 00007faf68e0dff9
[   82.619016][ T6021] RDX: ffffffffffffff9c RSI: 0000000020000140 RDI: 0000000000000005
[   82.627007][ T6021] RBP: 00007faf67a87090 R08: 0000000000000000 R09: 0000000000000000
[   82.635003][ T6021] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001
[   82.643082][ T6021] R13: 0000000000000000 R14: 00007faf68fc5f80 R15: 00007ffcf7ce12b8
[   82.651119][ T6021]  </TASK>
[   82.743036][ T6038] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   82.764354][ T6038] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   82.786494][ T6044] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in;
[   82.786494][ T6044]    program syz.0.928 not setting count and/or reply_len properly
[   82.852040][ T6046] loop4: detected capacity change from 0 to 8192
[   82.898392][ T6063] FAULT_INJECTION: forcing a failure.
[   82.898392][ T6063] name failslab, interval 1, probability 0, space 0, times 0
[   82.911203][ T6063] CPU: 1 UID: 0 PID: 6063 Comm: syz.0.934 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   82.921817][ T6063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   82.931900][ T6063] Call Trace:
[   82.935242][ T6063]  <TASK>
[   82.938176][ T6063]  dump_stack_lvl+0xf2/0x150
[   82.942782][ T6063]  dump_stack+0x15/0x20
[   82.947015][ T6063]  should_fail_ex+0x223/0x230
[   82.951729][ T6063]  ? page_pool_create_percpu+0x4d/0x650
[   82.957383][ T6063]  should_failslab+0x8f/0xb0
[   82.961997][ T6063]  __kmalloc_cache_node_noprof+0x50/0x2b0
[   82.967744][ T6063]  page_pool_create_percpu+0x4d/0x650
[   82.973156][ T6063]  page_pool_create+0x1a/0x20
[   82.977933][ T6063]  bpf_test_run_xdp_live+0x138/0x1010
[   82.983372][ T6063]  ? bpf_dispatcher_xdp_func+0x20/0x30
[   82.988857][ T6063]  ? cpus_read_unlock+0x7b/0xc0
[   82.993794][ T6063]  ? __static_call_update+0x362/0x3a0
[   82.999184][ T6063]  ? 0xffffffffa00038c0
[   83.003348][ T6063]  ? synchronize_rcu+0x46/0x320
[   83.008393][ T6063]  ? 0xffffffffa00038c0
[   83.012714][ T6063]  ? bpf_dispatcher_change_prog+0x73c/0x830
[   83.018639][ T6063]  ? 0xffffffffa00038c0
[   83.022860][ T6063]  ? 0xffffffffa00006c8
[   83.027100][ T6063]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   83.033039][ T6063]  bpf_prog_test_run_xdp+0x51d/0x8b0
[   83.038371][ T6063]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   83.044315][ T6063]  bpf_prog_test_run+0x20f/0x3a0
[   83.049282][ T6063]  __sys_bpf+0x400/0x7a0
[   83.053531][ T6063]  __x64_sys_bpf+0x43/0x50
[   83.058077][ T6063]  x64_sys_call+0x2625/0x2d60
[   83.062780][ T6063]  do_syscall_64+0xc9/0x1c0
[   83.067318][ T6063]  ? clear_bhb_loop+0x55/0xb0
[   83.072059][ T6063]  ? clear_bhb_loop+0x55/0xb0
[   83.076756][ T6063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.082672][ T6063] RIP: 0033:0x7faf68e0dff9
[   83.087169][ T6063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.106989][ T6063] RSP: 002b:00007faf67a87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   83.115418][ T6063] RAX: ffffffffffffffda RBX: 00007faf68fc5f80 RCX: 00007faf68e0dff9
[   83.123390][ T6063] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   83.131362][ T6063] RBP: 00007faf67a87090 R08: 0000000000000000 R09: 0000000000000000
[   83.139352][ T6063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.147442][ T6063] R13: 0000000000000000 R14: 00007faf68fc5f80 R15: 00007ffcf7ce12b8
[   83.155428][ T6063]  </TASK>
[   83.209783][ T6067] loop4: detected capacity change from 0 to 1024
[   83.245136][ T6072] FAULT_INJECTION: forcing a failure.
[   83.245136][ T6072] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   83.258408][ T6072] CPU: 1 UID: 0 PID: 6072 Comm: syz.4.937 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   83.269031][ T6072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   83.279102][ T6072] Call Trace:
[   83.282613][ T6072]  <TASK>
[   83.285553][ T6072]  dump_stack_lvl+0xf2/0x150
[   83.290378][ T6072]  dump_stack+0x15/0x20
[   83.294546][ T6072]  should_fail_ex+0x223/0x230
[   83.299379][ T6072]  should_fail+0xb/0x10
[   83.303557][ T6072]  should_fail_usercopy+0x1a/0x20
[   83.308634][ T6072]  _copy_from_user+0x1e/0xd0
[   83.313274][ T6072]  __se_sys_mount+0x119/0x2d0
[   83.318008][ T6072]  __x64_sys_mount+0x67/0x80
[   83.322631][ T6072]  x64_sys_call+0x203e/0x2d60
[   83.327347][ T6072]  do_syscall_64+0xc9/0x1c0
[   83.331918][ T6072]  ? clear_bhb_loop+0x55/0xb0
[   83.336653][ T6072]  ? clear_bhb_loop+0x55/0xb0
[   83.341356][ T6072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.347397][ T6072] RIP: 0033:0x7f098d6adff9
[   83.351832][ T6072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.373201][ T6072] RSP: 002b:00007f098c327038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   83.381698][ T6072] RAX: ffffffffffffffda RBX: 00007f098d865f80 RCX: 00007f098d6adff9
[   83.389773][ T6072] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[   83.397753][ T6072] RBP: 00007f098c327090 R08: 00000000200002c0 R09: 0000000000000000
[   83.405754][ T6072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.413735][ T6072] R13: 0000000000000000 R14: 00007f098d865f80 R15: 00007ffeddaf64c8
[   83.421742][ T6072]  </TASK>
[   83.462698][ T6075] FAULT_INJECTION: forcing a failure.
[   83.462698][ T6075] name failslab, interval 1, probability 0, space 0, times 0
[   83.475628][ T6075] CPU: 1 UID: 0 PID: 6075 Comm: +}[@ Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   83.485959][ T6075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   83.485977][ T6075] Call Trace:
[   83.485985][ T6075]  <TASK>
[   83.485995][ T6075]  dump_stack_lvl+0xf2/0x150
[   83.486028][ T6075]  dump_stack+0x15/0x20
[   83.486050][ T6075]  should_fail_ex+0x223/0x230
[   83.486126][ T6075]  ? key_alloc+0x2a6/0xa40
[   83.486162][ T6075]  should_failslab+0x8f/0xb0
[   83.525049][ T6075]  kmem_cache_alloc_noprof+0x4c/0x290
[   83.530453][ T6075]  key_alloc+0x2a6/0xa40
[   83.534755][ T6075]  ? sprintf+0x89/0xb0
[   83.538849][ T6075]  ? request_key_auth_new+0x351/0x510
[   83.544451][ T6075]  request_key_auth_new+0x3a6/0x510
[   83.549686][ T6075]  ? refcount_dec_and_lock+0xdb/0x180
[   83.555275][ T6075]  request_key_and_link+0x835/0xcf0
[   83.560497][ T6075]  ? __pfx_key_default_cmp+0x10/0x10
[   83.565842][ T6075]  ? __pfx_keyring_search_iterator+0x10/0x10
[   83.571876][ T6075]  __se_sys_request_key+0x1d7/0x290
[   83.577160][ T6075]  ? fput+0x14e/0x190
[   83.581217][ T6075]  __x64_sys_request_key+0x55/0x70
[   83.586472][ T6075]  x64_sys_call+0x2643/0x2d60
[   83.591364][ T6075]  do_syscall_64+0xc9/0x1c0
[   83.595907][ T6075]  ? clear_bhb_loop+0x55/0xb0
[   83.600613][ T6075]  ? clear_bhb_loop+0x55/0xb0
[   83.605312][ T6075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.611227][ T6075] RIP: 0033:0x7f20fc95dff9
[   83.615754][ T6075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.635501][ T6075] RSP: 002b:00007f20fb5d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9
[   83.643954][ T6075] RAX: ffffffffffffffda RBX: 00007f20fcb15f80 RCX: 00007f20fc95dff9
[   83.651935][ T6075] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000020000040
[   83.659950][ T6075] RBP: 00007f20fb5d7090 R08: 0000000000000000 R09: 0000000000000000
[   83.667935][ T6075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   83.676072][ T6075] R13: 0000000000000000 R14: 00007f20fcb15f80 R15: 00007ffdfacf8ac8
[   83.684076][ T6075]  </TASK>
[   83.734124][ T6087] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in;
[   83.734124][ T6087]    program syz.3.944 not setting count and/or reply_len properly
[   83.808522][ T6097] loop2: detected capacity change from 0 to 256
[   83.886030][ T6101] sch_tbf: peakrate 6 is lower than or equals to rate 705765376 !
[   83.894171][ T6097] FAT-fs (loop2): codepage cp874 not found
[   83.943373][ T6108] __nla_validate_parse: 12 callbacks suppressed
[   83.943392][ T6108] netlink: 8 bytes leftover after parsing attributes in process `syz.0.951'.
[   83.959078][ T6108] netlink: 4 bytes leftover after parsing attributes in process `syz.0.951'.
[   83.975047][ T6108] FAULT_INJECTION: forcing a failure.
[   83.975047][ T6108] name failslab, interval 1, probability 0, space 0, times 0
[   83.987776][ T6108] CPU: 1 UID: 0 PID: 6108 Comm: syz.0.951 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   83.998394][ T6108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   84.008469][ T6108] Call Trace:
[   84.011768][ T6108]  <TASK>
[   84.014768][ T6108]  dump_stack_lvl+0xf2/0x150
[   84.019461][ T6108]  dump_stack+0x15/0x20
[   84.023658][ T6108]  should_fail_ex+0x223/0x230
[   84.028400][ T6108]  ? __request_module+0x1ba/0x3e0
[   84.033642][ T6108]  should_failslab+0x8f/0xb0
[   84.038295][ T6108]  __kmalloc_cache_noprof+0x4b/0x2a0
[   84.043604][ T6108]  ? rtnl_newlink+0x7d5/0x1690
[   84.048411][ T6108]  __request_module+0x1ba/0x3e0
[   84.053341][ T6108]  ? __nla_parse+0x40/0x60
[   84.057765][ T6108]  rtnl_newlink+0x7d5/0x1690
[   84.062383][ T6108]  ? rtnl_newlink+0x821/0x1690
[   84.067266][ T6108]  ? selinux_capable+0x1f2/0x260
[   84.072244][ T6108]  ? __list_del_entry_valid_or_report+0x5f/0xf0
[   84.078557][ T6108]  ? _raw_spin_unlock+0x26/0x50
[   84.083524][ T6108]  ? __mutex_lock+0x221/0x8e0
[   84.088228][ T6108]  ? __pfx_rtnl_newlink+0x10/0x10
[   84.093349][ T6108]  rtnetlink_rcv_msg+0x6aa/0x710
[   84.098412][ T6108]  ? ref_tracker_free+0x3a5/0x410
[   84.103453][ T6108]  ? __dev_queue_xmit+0x161/0x2040
[   84.108727][ T6108]  ? ref_tracker_alloc+0x1f5/0x2f0
[   84.113884][ T6108]  netlink_rcv_skb+0x12c/0x230
[   84.118668][ T6108]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   84.124289][ T6108]  rtnetlink_rcv+0x1c/0x30
[   84.128735][ T6108]  netlink_unicast+0x599/0x670
[   84.133575][ T6108]  netlink_sendmsg+0x5cc/0x6e0
[   84.138404][ T6108]  ? __pfx_netlink_sendmsg+0x10/0x10
[   84.143770][ T6108]  __sock_sendmsg+0x140/0x180
[   84.148467][ T6108]  ____sys_sendmsg+0x312/0x410
[   84.153289][ T6108]  __sys_sendmsg+0x1d9/0x270
[   84.157943][ T6108]  __x64_sys_sendmsg+0x46/0x50
[   84.162935][ T6108]  x64_sys_call+0x2689/0x2d60
[   84.167672][ T6108]  do_syscall_64+0xc9/0x1c0
[   84.172207][ T6108]  ? clear_bhb_loop+0x55/0xb0
[   84.176911][ T6108]  ? clear_bhb_loop+0x55/0xb0
[   84.181711][ T6108]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.187629][ T6108] RIP: 0033:0x7faf68e0dff9
[   84.192057][ T6108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.211864][ T6108] RSP: 002b:00007faf67a87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   84.220323][ T6108] RAX: ffffffffffffffda RBX: 00007faf68fc5f80 RCX: 00007faf68e0dff9
[   84.228346][ T6108] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000006
[   84.236384][ T6108] RBP: 00007faf67a87090 R08: 0000000000000000 R09: 0000000000000000
[   84.244366][ T6108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   84.252393][ T6108] R13: 0000000000000000 R14: 00007faf68fc5f80 R15: 00007ffcf7ce12b8
[   84.260393][ T6108]  </TASK>
[   84.290969][ T6115] loop0: detected capacity change from 0 to 1024
[   84.309194][ T6118] FAULT_INJECTION: forcing a failure.
[   84.309194][ T6118] name failslab, interval 1, probability 0, space 0, times 0
[   84.315075][ T6115] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.321921][ T6118] CPU: 1 UID: 0 PID: 6118 Comm: syz.2.956 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   84.345009][ T6118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   84.355104][ T6118] Call Trace:
[   84.358399][ T6118]  <TASK>
[   84.361330][ T6118]  dump_stack_lvl+0xf2/0x150
[   84.365930][ T6118]  dump_stack+0x15/0x20
[   84.370211][ T6118]  should_fail_ex+0x223/0x230
[   84.375045][ T6118]  ? skb_clone+0x154/0x1f0
[   84.379515][ T6118]  should_failslab+0x8f/0xb0
[   84.384195][ T6118]  kmem_cache_alloc_noprof+0x4c/0x290
[   84.389644][ T6118]  skb_clone+0x154/0x1f0
[   84.393977][ T6118]  __netlink_deliver_tap+0x2bd/0x4c0
[   84.399313][ T6118]  netlink_unicast+0x64a/0x670
[   84.404151][ T6118]  netlink_sendmsg+0x5cc/0x6e0
[   84.408943][ T6118]  ? __pfx_netlink_sendmsg+0x10/0x10
[   84.414270][ T6118]  __sock_sendmsg+0x140/0x180
[   84.418967][ T6118]  ____sys_sendmsg+0x312/0x410
[   84.423785][ T6118]  __sys_sendmsg+0x1d9/0x270
[   84.428434][ T6118]  __x64_sys_sendmsg+0x46/0x50
[   84.433223][ T6118]  x64_sys_call+0x2689/0x2d60
[   84.437922][ T6118]  do_syscall_64+0xc9/0x1c0
[   84.442447][ T6118]  ? clear_bhb_loop+0x55/0xb0
[   84.447148][ T6118]  ? clear_bhb_loop+0x55/0xb0
[   84.451976][ T6118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.458001][ T6118] RIP: 0033:0x7fd6eb48dff9
[   84.462505][ T6118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.482150][ T6118] RSP: 002b:00007fd6ea101038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   84.490748][ T6118] RAX: ffffffffffffffda RBX: 00007fd6eb645f80 RCX: 00007fd6eb48dff9
[   84.499028][ T6118] RDX: 0000000000000000 RSI: 0000000020000380 RDI: 0000000000000005
[   84.507032][ T6118] RBP: 00007fd6ea101090 R08: 0000000000000000 R09: 0000000000000000
[   84.515037][ T6118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   84.523017][ T6118] R13: 0000000000000000 R14: 00007fd6eb645f80 R15: 00007fff98092018
[   84.531042][ T6118]  </TASK>
[   84.536497][ T3271] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.587556][ T6125] loop0: detected capacity change from 0 to 512
[   84.606492][ T6125] EXT4-fs: Ignoring removed oldalloc option
[   84.628050][ T6125] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.957: Parent and EA inode have the same ino 15
[   84.648302][ T6125] EXT4-fs (loop0): Remounting filesystem read-only
[   84.654932][ T6125] EXT4-fs warning (device loop0): ext4_evict_inode:259: couldn't mark inode dirty (err -5)
[   84.666469][ T6125] EXT4-fs (loop0): 1 orphan inode deleted
[   84.668082][ T6127] netlink: 12 bytes leftover after parsing attributes in process `syz.3.959'.
[   84.672796][ T6125] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.693840][ T6125] SELinux: (dev loop0, type ext4) getxattr errno 5
[   84.702500][ T6125] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.751174][ T6134] sch_tbf: peakrate 6 is lower than or equals to rate 705765376 !
[   84.798333][ T6141] loop0: detected capacity change from 0 to 4096
[   84.812557][ T6141] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.855192][ T6148] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in;
[   84.855192][ T6148]    program syz.1.968 not setting count and/or reply_len properly
[   84.857185][ T6141] +}[@[6141] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   84.872619][ T6141] +}[@[6141] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   84.886296][ T6141] +}[@[6141] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   84.906305][ T6151] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.952120][ T3271] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.976797][ T6161] netlink: 40 bytes leftover after parsing attributes in process `syz.0.970'.
[   84.991211][ T6161] netlink: 8 bytes leftover after parsing attributes in process `syz.0.970'.
[   84.991784][ T6151] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.022288][ T6161] loop0: detected capacity change from 0 to 4096
[   85.030123][ T6161] EXT4-fs: Ignoring removed nomblk_io_submit option
[   85.049872][ T6161] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.067429][ T6161] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #15: comm syz.0.970: corrupted inode contents
[   85.082278][ T6151] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.093974][ T6161] EXT4-fs error (device loop0): ext4_dirty_inode:5984: inode #15: comm syz.0.970: mark_inode_dirty error
[   85.106222][ T6161] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #15: comm syz.0.970: corrupted inode contents
[   85.118416][ T6161] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #15: comm syz.0.970: mark_inode_dirty error
[   85.131638][ T6161] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #15: comm syz.0.970: corrupted inode contents
[   85.145698][ T6161] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #15: comm syz.0.970: mark_inode_dirty error
[   85.146958][ T6151] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.164164][ T6161] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #15: comm syz.0.970: corrupted inode contents
[   85.179548][ T6161] EXT4-fs error (device loop0): ext4_truncate:4208: inode #15: comm syz.0.970: mark_inode_dirty error
[   85.190781][ T6161] EXT4-fs error (device loop0) in ext4_setattr:5523: Corrupt filesystem
[   85.213008][ T3271] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.229038][ T6151] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.240600][ T6151] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.252877][ T6151] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.266271][ T6151] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.274638][   T29] kauditd_printk_skb: 378 callbacks suppressed
[   85.274655][   T29] audit: type=1326 audit(1728913402.884:3071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6169 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf68e0dff9 code=0x7ffc0000
[   85.304601][   T29] audit: type=1326 audit(1728913402.884:3072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6169 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf68e0dff9 code=0x7ffc0000
[   85.328155][   T29] audit: type=1326 audit(1728913402.884:3073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6169 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf68e0dff9 code=0x7ffc0000
[   85.351693][   T29] audit: type=1326 audit(1728913402.884:3074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6169 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf68e0dff9 code=0x7ffc0000
[   85.375034][   T29] audit: type=1326 audit(1728913402.884:3075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6169 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf68e0dff9 code=0x7ffc0000
[   85.398473][   T29] audit: type=1326 audit(1728913402.884:3076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6169 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf68e0dff9 code=0x7ffc0000
[   85.421867][   T29] audit: type=1326 audit(1728913402.893:3077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6169 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf68e0dff9 code=0x7ffc0000
[   85.445343][   T29] audit: type=1326 audit(1728913402.893:3078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6169 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf68e0dff9 code=0x7ffc0000
[   85.468765][   T29] audit: type=1326 audit(1728913402.893:3079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6169 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf68e0dff9 code=0x7ffc0000
[   85.492097][   T29] audit: type=1326 audit(1728913402.893:3080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6169 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf68e0dff9 code=0x7ffc0000
[   85.534058][ T6173] FAULT_INJECTION: forcing a failure.
[   85.534058][ T6173] name failslab, interval 1, probability 0, space 0, times 0
[   85.546870][ T6173] CPU: 0 UID: 0 PID: 6173 Comm: syz.2.974 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   85.557500][ T6173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   85.567583][ T6173] Call Trace:
[   85.570875][ T6173]  <TASK>
[   85.573813][ T6173]  dump_stack_lvl+0xf2/0x150
[   85.578424][ T6173]  dump_stack+0x15/0x20
[   85.582619][ T6173]  should_fail_ex+0x223/0x230
[   85.587325][ T6173]  ? audit_log_start+0x34c/0x6b0
[   85.592339][ T6173]  should_failslab+0x8f/0xb0
[   85.596943][ T6173]  kmem_cache_alloc_noprof+0x4c/0x290
[   85.602346][ T6173]  audit_log_start+0x34c/0x6b0
[   85.607136][ T6173]  audit_seccomp+0x4b/0x130
[   85.611649][ T6173]  __seccomp_filter+0x6fa/0x1180
[   85.616677][ T6173]  ? proc_fail_nth_write+0x12a/0x150
[   85.622013][ T6173]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   85.627738][ T6173]  ? vfs_write+0x580/0x910
[   85.632176][ T6173]  ? __fget_files+0x1d4/0x210
[   85.636880][ T6173]  __secure_computing+0x9f/0x1c0
[   85.641913][ T6173]  syscall_trace_enter+0xd1/0x1f0
[   85.646959][ T6173]  ? fpregs_assert_state_consistent+0x83/0xa0
[   85.653133][ T6173]  do_syscall_64+0xaa/0x1c0
[   85.657663][ T6173]  ? clear_bhb_loop+0x55/0xb0
[   85.662495][ T6173]  ? clear_bhb_loop+0x55/0xb0
[   85.667199][ T6173]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.673181][ T6173] RIP: 0033:0x7fd6eb48dff9
[   85.677601][ T6173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.697326][ T6173] RSP: 002b:00007fd6ea101038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e1
[   85.705751][ T6173] RAX: ffffffffffffffda RBX: 00007fd6eb645f80 RCX: 00007fd6eb48dff9
[   85.713731][ T6173] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   85.721716][ T6173] RBP: 00007fd6ea101090 R08: 0000000000000000 R09: 0000000000000000
[   85.729863][ T6173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   85.737846][ T6173] R13: 0000000000000000 R14: 00007fd6eb645f80 R15: 00007fff98092018
[   85.745841][ T6173]  </TASK>
[   85.755612][ T6175] netlink: 12 bytes leftover after parsing attributes in process `syz.0.975'.
[   85.825229][ T6179] sch_tbf: peakrate 6 is lower than or equals to rate 705765376 !
[   85.835688][ T6188] 9pnet_fd: Insufficient options for proto=fd
[   85.868929][ T6190] netlink: 8 bytes leftover after parsing attributes in process `syz.4.979'.
[   85.948332][ T6206] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   85.957822][ T6206] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   86.038830][ T6204] netlink: 12 bytes leftover after parsing attributes in process `syz.1.988'.
[   86.554902][ T6221] FAULT_INJECTION: forcing a failure.
[   86.554902][ T6221] name failslab, interval 1, probability 0, space 0, times 0
[   86.567635][ T6221] CPU: 1 UID: 0 PID: 6221 Comm: syz.2.992 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   86.578402][ T6221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   86.588482][ T6221] Call Trace:
[   86.591779][ T6221]  <TASK>
[   86.594735][ T6221]  dump_stack_lvl+0xf2/0x150
[   86.599393][ T6221]  dump_stack+0x15/0x20
[   86.603645][ T6221]  should_fail_ex+0x223/0x230
[   86.608512][ T6221]  ? skb_clone+0x154/0x1f0
[   86.612990][ T6221]  should_failslab+0x8f/0xb0
[   86.617652][ T6221]  kmem_cache_alloc_noprof+0x4c/0x290
[   86.623053][ T6221]  skb_clone+0x154/0x1f0
[   86.627354][ T6221]  __netlink_deliver_tap+0x2bd/0x4c0
[   86.632692][ T6221]  netlink_unicast+0x64a/0x670
[   86.637545][ T6221]  netlink_sendmsg+0x5cc/0x6e0
[   86.642360][ T6221]  ? __pfx_netlink_sendmsg+0x10/0x10
[   86.647847][ T6221]  __sock_sendmsg+0x140/0x180
[   86.652555][ T6221]  ____sys_sendmsg+0x312/0x410
[   86.657422][ T6221]  __sys_sendmsg+0x1d9/0x270
[   86.662067][ T6221]  __x64_sys_sendmsg+0x46/0x50
[   86.667048][ T6221]  x64_sys_call+0x2689/0x2d60
[   86.671833][ T6221]  do_syscall_64+0xc9/0x1c0
[   86.676355][ T6221]  ? clear_bhb_loop+0x55/0xb0
[   86.681250][ T6221]  ? clear_bhb_loop+0x55/0xb0
[   86.685985][ T6221]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.691974][ T6221] RIP: 0033:0x7fd6eb48dff9
[   86.696555][ T6221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.716339][ T6221] RSP: 002b:00007fd6ea101038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   86.724799][ T6221] RAX: ffffffffffffffda RBX: 00007fd6eb645f80 RCX: 00007fd6eb48dff9
[   86.732838][ T6221] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000005
[   86.740909][ T6221] RBP: 00007fd6ea101090 R08: 0000000000000000 R09: 0000000000000000
[   86.748934][ T6221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.757011][ T6221] R13: 0000000000000000 R14: 00007fd6eb645f80 R15: 00007fff98092018
[   86.765003][ T6221]  </TASK>
[   86.777626][ T6221] tipc: Started in network mode
[   86.782569][ T6221] tipc: Node identity ac1414aa, cluster identity 4711
[   86.809863][ T6221] tipc: New replicast peer: 100.1.1.1
[   86.815443][ T6221] tipc: Enabled bearer <udp:s>, priority 10
[   86.881559][ T6224] netlink: 8 bytes leftover after parsing attributes in process `syz.4.993'.
[   87.039241][ T6227] bridge0: port 3(vlan0) entered blocking state
[   87.045724][ T6227] bridge0: port 3(vlan0) entered disabled state
[   87.056432][ T6227] vlan0: entered allmulticast mode
[   87.066299][ T6227] vlan0: left allmulticast mode
[   87.078838][ T6233] loop0: detected capacity change from 0 to 512
[   87.108179][ T6238] netlink: 8 bytes leftover after parsing attributes in process `syz.2.998'.
[   87.134517][ T6233] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.148148][ T6233] ext4 filesystem being mounted at /201/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.213443][ T3271] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.313187][ T6258] loop2: detected capacity change from 0 to 128
[   87.461673][ T6269] smc: net device bond0 applied user defined pnetid SYZ0
[   87.475986][ T6269] smc: net device bond0 erased user defined pnetid SYZ0
[   87.484922][ T6269] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   87.493354][ T6269] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   87.733536][ T6279] loop2: detected capacity change from 0 to 1024
[   87.749597][ T6279] EXT4-fs: Ignoring removed i_version option
[   87.786579][ T6279] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.904322][ T1017] tipc: Node number set to 2886997162
[   88.293442][ T5127] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.366634][ T6306] geneve2: entered promiscuous mode
[   88.372201][ T6306] geneve2: entered allmulticast mode
[   88.637839][ T6340] sch_tbf: peakrate 6 is lower than or equals to rate 705765376 !
[   88.664033][ T6345] loop0: detected capacity change from 0 to 512
[   88.664159][ T6347] loop4: detected capacity change from 0 to 512
[   88.670890][ T6345] EXT4-fs: Ignoring removed oldalloc option
[   88.684233][ T6345] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.1032: Parent and EA inode have the same ino 15
[   88.697087][ T6345] EXT4-fs (loop0): Remounting filesystem read-only
[   88.703711][ T6345] EXT4-fs warning (device loop0): ext4_evict_inode:259: couldn't mark inode dirty (err -5)
[   88.708155][ T6347] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.714670][ T6345] EXT4-fs (loop0): 1 orphan inode deleted
[   88.733348][ T6345] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.734773][ T6347] ext4 filesystem being mounted at /196/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   88.756027][ T6345] SELinux: (dev loop0, type ext4) getxattr errno 5
[   88.763776][ T6345] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.826642][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.853527][ T6355] SELinux:  Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[   88.865907][ T6355] loop4: detected capacity change from 0 to 1024
[   88.978927][ T6355] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.993382][ T6357] SELinux:  Context system_u:object_r:auditd_initrc_exec_t:s0 is not valid (left unmapped).
[   89.033912][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.232091][ T6370] loop4: detected capacity change from 0 to 512
[   89.240273][ T6370] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=f040e01c, mo2=0002]
[   89.248384][ T6370] System zones: 1-12
[   89.253648][ T6370] EXT4-fs error (device loop4): __ext4_iget:4952: inode #11: block 1: comm syz.4.1042: invalid block
[   89.264838][ T6370] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.1042: couldn't read orphan inode 11 (err -117)
[   89.278160][ T6370] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.293262][    C0] hrtimer: interrupt took 27439 ns
[   89.343121][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.375596][ T6378] loop2: detected capacity change from 0 to 512
[   89.382604][ T6378] EXT4-fs: Ignoring removed oldalloc option
[   89.390964][ T6375] sch_tbf: peakrate 6 is lower than or equals to rate 705765376 !
[   89.404545][ T6378] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.1046: Parent and EA inode have the same ino 15
[   89.432855][ T6378] EXT4-fs (loop2): Remounting filesystem read-only
[   89.439450][ T6378] EXT4-fs warning (device loop2): ext4_evict_inode:259: couldn't mark inode dirty (err -5)
[   89.449904][ T6384] A link change request failed with some changes committed already. Interface veth1_to_batadv may have been left with an inconsistent configuration, please check.
[   89.449903][ T6378] EXT4-fs (loop2): 1 orphan inode deleted
[   89.473057][ T6378] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.485307][ T6378] SELinux: (dev loop2, type ext4) getxattr errno 5
[   89.496558][ T6378] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.512349][ T6386] __nla_validate_parse: 11 callbacks suppressed
[   89.512368][ T6386] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1048'.
[   89.563148][ T6391] FAULT_INJECTION: forcing a failure.
[   89.563148][ T6391] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   89.576560][ T6391] CPU: 1 UID: 0 PID: 6391 Comm: syz.2.1049 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   89.587379][ T6391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   89.597528][ T6391] Call Trace:
[   89.600825][ T6391]  <TASK>
[   89.603771][ T6391]  dump_stack_lvl+0xf2/0x150
[   89.608397][ T6391]  dump_stack+0x15/0x20
[   89.612612][ T6391]  should_fail_ex+0x223/0x230
[   89.617363][ T6391]  should_fail_alloc_page+0xfd/0x110
[   89.622733][ T6391]  __alloc_pages_noprof+0x109/0x340
[   89.627953][ T6391]  probe_event_enable+0x4fa/0x790
[   89.633070][ T6391]  ? __pfx_uprobe_perf_filter+0x10/0x10
[   89.638649][ T6391]  trace_uprobe_register+0x8e/0x3c0
[   89.643911][ T6391]  perf_trace_event_init+0x360/0x7c0
[   89.644848][ T6393] loop4: detected capacity change from 0 to 128
[   89.649398][ T6391]  perf_uprobe_init+0xf9/0x140
[   89.660559][ T6391]  perf_uprobe_event_init+0xe2/0x140
[   89.665917][ T6391]  perf_try_init_event+0xcb/0x4f0
[   89.670987][ T6391]  ? perf_event_alloc+0xabf/0x1750
[   89.676158][ T6391]  perf_event_alloc+0xaca/0x1750
[   89.681216][ T6391]  __se_sys_perf_event_open+0x5e8/0x21f0
[   89.686938][ T6391]  ? proc_fail_nth_write+0x12a/0x150
[   89.692391][ T6391]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   89.698245][ T6391]  ? __fget_files+0x1d4/0x210
[   89.702978][ T6391]  __x64_sys_perf_event_open+0x67/0x80
[   89.708477][ T6391]  x64_sys_call+0x18d7/0x2d60
[   89.713175][ T6391]  do_syscall_64+0xc9/0x1c0
[   89.717698][ T6391]  ? clear_bhb_loop+0x55/0xb0
[   89.722492][ T6391]  ? clear_bhb_loop+0x55/0xb0
[   89.727255][ T6391]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.733174][ T6391] RIP: 0033:0x7fd6eb48dff9
[   89.737642][ T6391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.757285][ T6391] RSP: 002b:00007fd6ea101038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[   89.765867][ T6391] RAX: ffffffffffffffda RBX: 00007fd6eb645f80 RCX: 00007fd6eb48dff9
[   89.773848][ T6391] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000140
[   89.781883][ T6391] RBP: 00007fd6ea101090 R08: 0000000000000009 R09: 0000000000000000
[   89.789871][ T6391] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[   89.797848][ T6391] R13: 0000000000000000 R14: 00007fd6eb645f80 R15: 00007fff98092018
[   89.805903][ T6391]  </TASK>
[   89.878406][ T6401] FAULT_INJECTION: forcing a failure.
[   89.878406][ T6401] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   89.891552][ T6401] CPU: 0 UID: 0 PID: 6401 Comm: syz.3.1055 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   89.902369][ T6401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   89.912438][ T6401] Call Trace:
[   89.915813][ T6401]  <TASK>
[   89.918829][ T6401]  dump_stack_lvl+0xf2/0x150
[   89.923560][ T6401]  dump_stack+0x15/0x20
[   89.927747][ T6401]  should_fail_ex+0x223/0x230
[   89.932488][ T6401]  should_fail+0xb/0x10
[   89.936735][ T6401]  should_fail_usercopy+0x1a/0x20
[   89.941784][ T6401]  _copy_from_iter+0xd3/0xd20
[   89.947146][ T6401]  ? kmalloc_reserve+0x16e/0x190
[   89.952107][ T6401]  ? __virt_addr_valid+0x1ed/0x250
[   89.957317][ T6401]  ? __check_object_size+0x364/0x520
[   89.962653][ T6401]  skb_copy_datagram_from_iter+0xb3/0x460
[   89.968435][ T6401]  ? skb_put+0xba/0x100
[   89.969393][ T6404] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in;
[   89.969393][ T6404]    program syz.0.1056 not setting count and/or reply_len properly
[   89.972615][ T6401]  tcp_send_rcvq+0x193/0x2c0
[   89.994056][ T6401]  tcp_sendmsg_locked+0x2626/0x2700
[   89.999271][ T6401]  ? number+0x729/0xa90
[   90.003494][ T6401]  ? __rcu_read_unlock+0x4e/0x70
[   90.008467][ T6401]  ? avc_has_perm_noaudit+0x1cc/0x210
[   90.013871][ T6401]  ? avc_has_perm+0xd4/0x160
[   90.018517][ T6401]  ? _raw_spin_unlock_bh+0x36/0x40
[   90.023742][ T6401]  ? __pfx_tcp_sendmsg+0x10/0x10
[   90.028789][ T6401]  tcp_sendmsg+0x30/0x50
[   90.033057][ T6401]  inet_sendmsg+0x77/0xd0
[   90.037512][ T6401]  __sock_sendmsg+0x102/0x180
[   90.042195][ T6401]  ____sys_sendmsg+0x312/0x410
[   90.046982][ T6401]  __sys_sendmmsg+0x259/0x500
[   90.051748][ T6401]  __x64_sys_sendmmsg+0x57/0x70
[   90.056752][ T6401]  x64_sys_call+0xa49/0x2d60
[   90.061381][ T6401]  do_syscall_64+0xc9/0x1c0
[   90.065921][ T6401]  ? clear_bhb_loop+0x55/0xb0
[   90.070700][ T6401]  ? clear_bhb_loop+0x55/0xb0
[   90.075437][ T6401]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.081367][ T6401] RIP: 0033:0x7f20fc95dff9
[   90.085885][ T6401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.105560][ T6401] RSP: 002b:00007f20fb5d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   90.114032][ T6401] RAX: ffffffffffffffda RBX: 00007f20fcb15f80 RCX: 00007f20fc95dff9
[   90.122075][ T6401] RDX: 0000000000000002 RSI: 0000000020000500 RDI: 0000000000000003
[   90.130089][ T6401] RBP: 00007f20fb5d7090 R08: 0000000000000000 R09: 0000000000000000
[   90.138099][ T6401] R10: 0000000004004441 R11: 0000000000000246 R12: 0000000000000001
[   90.146102][ T6401] R13: 0000000000000000 R14: 00007f20fcb15f80 R15: 00007ffdfacf8ac8
[   90.154237][ T6401]  </TASK>
[   90.209884][ T6412] loop0: detected capacity change from 0 to 512
[   90.218084][ T6412] EXT4-fs: Ignoring removed oldalloc option
[   90.236376][ T6412] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.1060: Parent and EA inode have the same ino 15
[   90.249709][ T6412] EXT4-fs (loop0): Remounting filesystem read-only
[   90.256537][ T6412] EXT4-fs warning (device loop0): ext4_evict_inode:259: couldn't mark inode dirty (err -5)
[   90.267910][ T6412] EXT4-fs (loop0): 1 orphan inode deleted
[   90.274075][ T6412] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   90.286971][ T6412] SELinux: (dev loop0, type ext4) getxattr errno 5
[   90.295240][ T6412] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.330016][ T6420] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1062'.
[   90.607570][ T6434] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1061'.
[   90.851472][ T6439] smc: net device bond0 applied user defined pnetid SYZ0
[   90.881935][   T29] kauditd_printk_skb: 394 callbacks suppressed
[   90.881977][   T29] audit: type=1400 audit(1728913408.062:3473): avc:  denied  { create } for  pid=6440 comm="syz.4.1069" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[   90.908288][   T29] audit: type=1400 audit(1728913408.062:3474): avc:  denied  { sys_admin } for  pid=6440 comm="syz.4.1069" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[   90.942895][ T6436] smc: net device bond0 erased user defined pnetid SYZ0
[   91.002093][ T6446] netlink: 116 bytes leftover after parsing attributes in process `syz.2.1070'.
[   91.138634][ T6425] syz.0.1065 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[   91.149808][ T6425] CPU: 1 UID: 0 PID: 6425 Comm: syz.0.1065 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   91.160524][ T6425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   91.170704][ T6425] Call Trace:
[   91.173997][ T6425]  <TASK>
[   91.176996][ T6425]  dump_stack_lvl+0xf2/0x150
[   91.181635][ T6425]  dump_stack+0x15/0x20
[   91.185810][ T6425]  dump_header+0x83/0x2d0
[   91.190312][ T6425]  oom_kill_process+0x341/0x4c0
[   91.195213][ T6425]  out_of_memory+0x9af/0xbe0
[   91.199879][ T6425]  ? css_next_descendant_pre+0x11c/0x140
[   91.205578][ T6425]  mem_cgroup_out_of_memory+0x13e/0x190
[   91.211195][ T6425]  try_charge_memcg+0x51b/0x810
[   91.216162][ T6425]  charge_memcg+0x50/0xc0
[   91.220545][ T6425]  mem_cgroup_swapin_charge_folio+0xd0/0x150
[   91.226575][ T6425]  __read_swap_cache_async+0x236/0x480
[   91.232061][ T6425]  swap_cluster_readahead+0x276/0x3f0
[   91.237585][ T6425]  swapin_readahead+0xe4/0x6f0
[   91.242464][ T6425]  ? __filemap_get_folio+0x420/0x5b0
[   91.247783][ T6425]  ? __lruvec_stat_mod_folio+0xdb/0x120
[   91.253407][ T6425]  ? swap_cache_get_folio+0x77/0x210
[   91.258746][ T6425]  do_swap_page+0x2af/0x23e0
[   91.263785][ T6425]  ? __rcu_read_lock+0x36/0x50
[   91.268642][ T6425]  ? pte_offset_map_nolock+0x124/0x1d0
[   91.274129][ T6425]  handle_mm_fault+0x8c5/0x2a80
[   91.279081][ T6425]  exc_page_fault+0x3b9/0x650
[   91.283884][ T6425]  asm_exc_page_fault+0x26/0x30
[   91.288925][ T6425] RIP: 0033:0x7faf68ce1ab8
[   91.293540][ T6425] Code: 31 d2 48 f7 f1 48 01 d8 49 39 c4 4c 0f 42 e0 83 3d e8 5f 2e 00 00 0f 8e 99 fd ff ff e8 51 e4 fe ff 49 39 c4 72 64 0f 1f 40 00 <69> 3d d6 3b e1 00 e8 03 00 00 48 8d 1d b7 44 2e 00 e8 82 c4 12 00
[   91.313236][ T6425] RSP: 002b:00007ffcf7ce1420 EFLAGS: 00010202
[   91.319364][ T6425] RAX: 0000000000015dc2 RBX: 00007faf68fc7a80 RCX: 0000000000015ba8
[   91.327469][ T6425] RDX: 000000000000021a RSI: 00007ffcf7ce1400 RDI: 0000000000000001
[   91.335458][ T6425] RBP: 00007faf68fc7a80 R08: 000000002012ffef R09: 7fffffffffffffff
[   91.343537][ T6425] R10: 00007faf69b060b8 R11: 00007faf69b06080 R12: 0000000000015ebd
[   91.351783][ T6425] R13: 00007ffcf7ce1520 R14: 0000000000000032 R15: ffffffffffffffff
[   91.359890][ T6425]  </TASK>
[   91.363026][ T6425] memory: usage 307200kB, limit 307200kB, failcnt 10459
[   91.369990][ T6425] memory+swap: usage 301256kB, limit 9007199254740988kB, failcnt 0
[   91.378289][ T6425] kmem: usage 294060kB, limit 9007199254740988kB, failcnt 0
[   91.385740][ T6425] Memory cgroup stats for /syz0:
[   91.388617][ T6425] cache 442368
[   91.397529][ T6425] rss 4096
[   91.400566][ T6425] shmem 0
[   91.403607][ T6425] mapped_file 442368
[   91.407613][ T6425] dirty 442368
[   91.410996][ T6425] writeback 4096
[   91.414620][ T6425] workingset_refault_anon 2
[   91.419161][ T6425] workingset_refault_file 0
[   91.423673][ T6425] swap 4562944
[   91.427167][ T6425] swapcached 8192
[   91.430969][ T6425] pgpgin 71331
[   91.434383][ T6425] pgpgout 71221
[   91.437978][ T6425] pgfault 74390
[   91.441527][ T6425] pgmajfault 10
[   91.445012][ T6425] inactive_anon 0
[   91.448694][ T6425] active_anon 8192
[   91.452420][ T6425] inactive_file 0
[   91.456070][ T6425] active_file 442368
[   91.460068][ T6425] unevictable 0
[   91.463534][ T6425] hierarchical_memory_limit 314572800
[   91.469493][ T6425] hierarchical_memsw_limit 9223372036854771712
[   91.475672][ T6425] total_cache 442368
[   91.479614][ T6425] total_rss 4096
[   91.483166][ T6425] total_shmem 0
[   91.486688][ T6425] total_mapped_file 442368
[   91.491153][ T6425] total_dirty 442368
[   91.495272][ T6425] total_writeback 4096
[   91.499449][ T6425] total_workingset_refault_anon 2
[   91.504539][ T6425] total_workingset_refault_file 0
[   91.509576][ T6425] total_swap 4562944
[   91.513515][ T6425] total_swapcached 8192
[   91.517758][ T6425] total_pgpgin 71331
[   91.521662][ T6425] total_pgpgout 71221
[   91.525689][ T6425] total_pgfault 74390
[   91.529681][ T6425] total_pgmajfault 10
[   91.533680][ T6425] total_inactive_anon 0
[   91.537863][ T6425] total_active_anon 8192
[   91.542195][ T6425] total_inactive_file 0
[   91.546385][ T6425] total_active_file 442368
[   91.551059][ T6425] total_unevictable 0
[   91.555094][ T6425] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.1065,pid=6425,uid=0
[   91.569817][ T6425] Memory cgroup out of memory: Killed process 6425 (syz.0.1065) total-vm:87116kB, anon-rss:612kB, file-rss:16164kB, shmem-rss:0kB, UID:0 pgtables:108kB oom_score_adj:1000
[   91.662168][   T29] audit: type=1400 audit(1728913408.782:3475): avc:  denied  { listen } for  pid=6454 comm="syz.2.1074" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   91.681822][   T29] audit: type=1400 audit(1728913408.782:3476): avc:  denied  { getopt } for  pid=6454 comm="syz.2.1074" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   91.703366][   T29] audit: type=1400 audit(1728913408.791:3477): avc:  denied  { bind } for  pid=6454 comm="syz.2.1074" lport=37015 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   91.723888][   T29] audit: type=1400 audit(1728913408.791:3478): avc:  denied  { name_bind } for  pid=6454 comm="syz.2.1074" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[   91.744745][   T29] audit: type=1400 audit(1728913408.791:3479): avc:  denied  { node_bind } for  pid=6454 comm="syz.2.1074" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1
[   91.773734][   T29] audit: type=1326 audit(1728913408.893:3480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6460 comm="syz.2.1076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000
[   91.798017][   T29] audit: type=1326 audit(1728913408.893:3481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6460 comm="syz.2.1076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000
[   91.821557][   T29] audit: type=1326 audit(1728913408.893:3482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6460 comm="syz.2.1076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000
[   91.943142][ T6468] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in;
[   91.943142][ T6468]    program syz.3.1077 not setting count and/or reply_len properly
[   92.001006][ T6466] ==================================================================
[   92.009153][ T6466] BUG: KCSAN: data-race in __d_lookup_rcu / __dentry_kill
[   92.016309][ T6466] 
[   92.018647][ T6466] read to 0xffff888113d9e3d0 of 8 bytes by task 6465 on cpu 1:
[   92.026209][ T6466]  __d_lookup_rcu+0x105/0x2a0
[   92.030924][ T6466]  lookup_fast+0x8e/0x2a0
[   92.035275][ T6466]  path_openat+0x41e/0x1fa0
[   92.039809][ T6466]  do_filp_open+0xf7/0x200
[   92.044259][ T6466]  io_openat2+0x280/0x3a0
[   92.048628][ T6466]  io_issue_sqe+0x181/0xcc0
[   92.053170][ T6466]  io_submit_sqes+0x6c3/0x1090
[   92.057955][ T6466]  __se_sys_io_uring_enter+0x1ce/0x17b0
[   92.063519][ T6466]  __x64_sys_io_uring_enter+0x78/0x90
[   92.068921][ T6466]  x64_sys_call+0x2567/0x2d60
[   92.073638][ T6466]  do_syscall_64+0xc9/0x1c0
[   92.078165][ T6466]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.084097][ T6466] 
[   92.086443][ T6466] write to 0xffff888113d9e3d0 of 8 bytes by task 6466 on cpu 0:
[   92.094217][ T6466]  __dentry_kill+0x13e/0x4c0
[   92.098848][ T6466]  dput+0x5c/0xd0
[   92.102507][ T6466]  step_into+0x21a/0x810
[   92.106814][ T6466]  path_openat+0x1234/0x1fa0
[   92.111431][ T6466]  do_filp_open+0xf7/0x200
[   92.115922][ T6466]  io_openat2+0x280/0x3a0
[   92.120349][ T6466]  io_issue_sqe+0x181/0xcc0
[   92.124862][ T6466]  io_wq_submit_work+0x474/0x5f0
[   92.129806][ T6466]  io_worker_handle_work+0x486/0x9d0
[   92.135115][ T6466]  io_wq_worker+0x286/0x820
[   92.139638][ T6466]  ret_from_fork+0x4b/0x60
[   92.144074][ T6466]  ret_from_fork_asm+0x1a/0x30
[   92.148855][ T6466] 
[   92.151183][ T6466] Reported by Kernel Concurrency Sanitizer on:
[   92.157335][ T6466] CPU: 0 UID: 0 PID: 6466 Comm: iou-wrk-6465 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
[   92.168198][ T6466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   92.178261][ T6466] ==================================================================
[   92.198625][ T6463] loop2: detected capacity change from 0 to 256