last executing test programs:

19.133981861s ago: executing program 3 (id=97):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = epoll_create1(0x0)
r2 = socket$pppoe(0x18, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000))
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r3, 0x545c, 0x200000000000000)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x300)

18.2831506s ago: executing program 3 (id=111):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0xd146, 0x0, 0x3, 0x288}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r1, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='0'], 0x30}})
io_uring_enter(r2, 0x3516, 0xddd3, 0x4, 0x0, 0x0) (fail_nth: 3)

18.197859006s ago: executing program 3 (id=114):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0x3}, 0x18)
lstat(&(0x7f0000002580)='./file0\x00', 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000000)={0x0, 0x2, 0x0, 0x1})

18.197337477s ago: executing program 3 (id=115):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="180200000400000000000000000000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
modify_ldt$write(0x1, &(0x7f0000000e00)={0x6, 0x20000000, 0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000500))
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f00000003c0)={0x28, 0x0, 0x1ffffd8ef, @my=0x0}, 0x10)
connect$vsock_stream(r3, &(0x7f00000002c0)={0x28, 0x0, 0x2710, @local}, 0x10)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x4, 0x0)
read$msr(r4, &(0x7f0000002700)=""/102392, 0x18ff8)
socket$inet6(0xa, 0x80002, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1218af400000ce0000000000ed000000000b0200", @ANYRES32=r5, @ANYBLOB="0000000001000000b708000000000e007b8af8ff00000000bfa1e7000000000007020000f8ffffffb7030000080000a518b4004d790af630850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
mkdir(&(0x7f0000000200)='./file0\x00', 0x50)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, 0x0)
pipe2$9p(&(0x7f0000000240)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000300), 0x2200080, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r8}, 0x2c, {[{@noextend}]}})
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000240)={<r9=>r1, 0x401, 0xfffffffffffffffd, 0x7})
ioctl$AUTOFS_DEV_IOCTL_READY(r9, 0xc0189376, &(0x7f0000000340)={{0x1, 0x1, 0x18, r3, {0x40000000}}, './file0\x00'})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0x18, 0x0, &(0x7f00000006c0)="427ceb06c363ea07fcd5c8af1ace5878c7236d0f3cea66ba", 0x0, 0xcb0f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x9}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2000042, &(0x7f0000002240)={[{@nombcache}, {@oldalloc}, {@inlinecrypt}, {@delalloc}, {@mblk_io_submit}, {@delalloc}, {@noload}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@lazytime}]}, 0x3, 0x4ea, &(0x7f00000006c0)="$eJzs3UtvG1sdAPD/OPa9yW3AuYVFqURb+lCKoE7S9BGxKK3EY1UJUfZpSJwoihNXidM2UQXuJwChCpBYsWKDxAdAQv0ICKkS7FiwAlWQ0gUbZDR+tI1jh+TWjdvk95NO58w59fz/x4/xnJlRHMCRdSYibkbEQERciIh8sz3TLFFtlPT/vdh6NJuWJGq1O/9MImm2tW/zWPNhqe9/N+KHyc64axubSzOlUnF1e/PmpcXlmYXiQnFlcnLi2tT1qatT43scSZLdrXc4Im586+XPf/Kb79z4w9cf/G36Hxd/lKZ1t9nfaRy90Bh6LgZbDdV3EaV/0vdNtj5CAAA+BOcj4nhEnI2Ir0Y+BmLXw2gAAADgA1T75vDHrSoAAABwOGXq98YmmULzft/hyGQKhcY9vF+MTzKl8lrla/Pl9ZW5xj20I5HLzC+WiuPNe4VHIpek6xP1+uv1y23rkxHxaUQ8yQ+l6/U+AAAA4GAca5v/v8w35v8AAADAIeNiPAAAABx+5v8AAABw+Jn/AwAAwKH2vdu301J7sfWo/jsAc/c31pfK9y/NFdeWCsvrs4XZ8uq9wkK5vFAqFgb+//ZK5fK9K7Gy/nCskl2rjK1tbE4vl9dXKtP13/WeLh4/gDEBAAAA2316+ulfkoiofmOoXlIfNftyfc0MeI8k2baGu1/pUyZAT+zhlP52Z9bfTSLAgWv/TgeODnN8IGlvaDswGOx2qPDH/cdyzAEAAP0x+iXX/+GoyvQ7AaBvftrvBIC+cS4ejq7c/u8ABA6ZHdf/2wx269jz9f9abV8JAQAAPTfcWFSjeS1wODKZQuHVZcFkfrFUHI+Iz0fEn/O5j9P1iT7mCwAAAAAAAAAAAAAAAAAAAAAAAAAfolotiRoAAABwqEVk/p40f/9rNH9+uP38wEfJf/L1ZUQ8+NWdXzycqVRWJ9L2f71qr/yy2X65H2cwAAAA4CjK7drbmqe35vEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Esvth7NtspBxn1+K4ZipFP8bAzWl4ORi4hP/p1E9o3HJREx0IP41ccRcaJT/CRNK0aaWbTHz0TEUJ/jH+tBfDjKnt6KiJudPn+ZOFNfdv78ZZvlbT2/Vf+Qd4zf2v8NdNn/fW6PMU4++91Y1/iPI05mO+9/WvGTLvHP7TH+3R9sbnbrq/06YrTj90+yLdZYZfne2NrG5qXF5ZmF4kJxZXJy4trU9amrU+Nj84ulYvPfjjF+9uXfV590HX+mvnwzfmucI40Mf9xt/Of3OP7/Pnu49YVGNbczfsTFc51f/xP1ZefnP31PXGh+D6T9o616tVF/06nf/ulUt9zS+HNdnv/G65+vdRv/xb0Nf8eYAYD+WtvYXJoplYqrB1A5e6V3G0wOKGeVLpXB9yONg658+6230zocfpvt/LVn40rnDJ27+rxjAgAAeu71QX+/MwEAAAAAAAAAAAAAAAAAAICj6zP98bDT+3tUe8xqf4YKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALCr/wUAAP//GpnIcw==")
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x1808400, 0x0)

17.741752833s ago: executing program 3 (id=121):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000180)={'vxcan0\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x3e, 0x0, 0xffffffffffffffff, 0x0, '\x00', r1}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1, 0x18, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xc}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7fffffff}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
pipe2$9p(&(0x7f0000001900)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000003c0)='writeback_bdi_register\x00', r7}, 0x18)
r8 = dup(r6)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r8])
r9 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000080)='nv\x00', 0x3)
r10 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r10, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)={0x60, 0x1403, 0x1, 0x0, 0x25dfdbfb, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'bridge0\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'vxcan1\x00'}}]}, 0x60}, 0x1, 0x0, 0x0, 0x200c08a5}, 0x8000)
futex(&(0x7f0000000240)=0x1000, 0x5, 0x0, 0x0, &(0x7f0000000140)=0x2, 0x35000000)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="fbc04dce9f5b1f954b20622a000800", @ANYRES16=r9, @ANYBLOB="0003000000000000000001000000"], 0x14}}, 0x48000)

17.501421963s ago: executing program 3 (id=126):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES64=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe2$watch_queue(0x0, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000180)=@keyring={'key_or_keyring:', r2})
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000000)={0x20000005, <r4=>0x0}, 0x42)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000340)={r4}, 0x4)

17.455496286s ago: executing program 32 (id=126):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES64=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe2$watch_queue(0x0, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000180)=@keyring={'key_or_keyring:', r2})
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000000)={0x20000005, <r4=>0x0}, 0x42)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000340)={r4}, 0x4)

6.452428151s ago: executing program 5 (id=256):
openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x400100, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)={0x28, r3, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f"], 0x48)
r5 = socket$netlink(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r6, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r7 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000240)={'team0\x00', <r8=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)={0x58, r7, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [{{0x8, 0x1, r8}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffbfff9}}}]}}]}, 0x58}, 0x1, 0x1000000, 0x0, 0x24004000}, 0x24040840)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', r8, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
socket$packet(0x11, 0xa, 0x300)
syz_emit_ethernet(0x66, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd60a24b9f00302b00fe8000000000000000000000000000bbfe8000000000000000000000000000aa3a02020100000000ff01000000000000000000e8ffffff004e220000001890780400"/102], 0x0)

2.896367207s ago: executing program 1 (id=317):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x17, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x2, 0x0, 0x0, 0xffffffff}, [@printk={@ld}, @call={0x85, 0x0, 0x0, 0x7d}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
lseek(r1, 0x5, 0x4)
getdents(r1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r2}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x17, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x2, 0x0, 0x0, 0xffffffff}, [@printk={@ld}, @call={0x85, 0x0, 0x0, 0x7d}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) (async)
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0) (async)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) (async)
lseek(r1, 0x5, 0x4) (async)
getdents(r1, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r2}, 0x10) (async)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) (async)

2.49780475s ago: executing program 1 (id=325):
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a0103fb99e0a483cbc972020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076757468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}, 0x1, 0x0, 0x0, 0x4000094}, 0x8040)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb904}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038014000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a30"], 0x84}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000)

2.447917493s ago: executing program 1 (id=327):
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0xba520000, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)

2.383854008s ago: executing program 1 (id=329):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x48, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)=ANY=[]) (fail_nth: 1)

2.351949631s ago: executing program 1 (id=331):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
close(r2)
prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='\\\x00')
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
rseq(&(0x7f0000000040), 0x20, 0x0, 0x0)
rseq(&(0x7f0000000040)={0x0, 0x0, 0x0, 0x2}, 0xfcb4, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x2000000000, 0x3, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
sigaltstack(0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x3, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000100000000b708000000070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000044f76a055e36791140d194187bb30c608bf4d0e88966bbc79343b7f15c3fbbfe5bbdffa3fdce5e2042bd953dd4f69ab6bb10562869c746770503958b40fe6ddfa1d37e019335790ac2f047233eb2eea9ec5eb0f049ad006de4a522eabea8ba28062513454f99bc3e5180572131ef617a3596d8bb5d4479e6d251d2e3e01c32842592c3"], 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000070018110000", @ANYRES32=r4], 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x83508, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1f}, 0xec1, 0x200, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x800, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
preadv(r3, &(0x7f0000000080)=[{&(0x7f0000000040)=""/46, 0x2e}], 0x1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0xe)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r6}, 0x10)
mq_open(&(0x7f0000000a00)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6\xff\x03\x00\x00\x00\x00\x00\x00vs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\x81W\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\xca\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb\x00\x00\x00\x00\x00', 0x42, 0x1f1, 0x0)
mq_unlink(&(0x7f00000000c0)='eth0\x00')
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000200)={'syzkaller0\x00', @random="e5db029ea53c"})
unshare(0x4008080)

1.395121738s ago: executing program 0 (id=344):
process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1)

1.354376912s ago: executing program 0 (id=345):
r0 = getpid()
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f00000000c0)=<r1=>0x0)
r2 = socket$kcm(0xa, 0x1, 0x106)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000), 0x4)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), r3)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
sendmsg$kcm(r2, &(0x7f00000019c0)={&(0x7f0000000080)=@l2tp6={0xa, 0x0, 0x0, @dev, 0x5}, 0x80, 0x0}, 0x24004059)
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='\xac\xed\x00\x00')
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r4}, 0x10)
close(r2)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r5=>r2, {0x4}}, './file0\x00'})
syz_clone3(&(0x7f0000001200)={0x150054900, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)=<r6=>0x0, {0x28}, &(0x7f0000001280)=""/4110, 0x100e, &(0x7f00000010c0)=""/227, &(0x7f0000000180)=[r0, r0, r1, r1, r1], 0x5, {r5}}, 0x58)
process_vm_writev(r6, 0x0, 0x1, 0x0, 0xfffffffffffffede, 0x0)

1.336319123s ago: executing program 0 (id=346):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x800008, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',cache=fscache,aname=@'])

1.333310853s ago: executing program 2 (id=347):
socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
r0 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0xfffffffffffffffe]}, 0x8)
r1 = creat(&(0x7f0000000080)='./file0\x00', 0x248)
close(r1)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r2, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',Tfdno=', @ANYRESHEX=r2, @ANYBLOB=',\x00'])
read(r0, &(0x7f0000000740)=""/384, 0x200008c0)
socket$netlink(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, &(0x7f0000000000), &(0x7f0000000040)=r4}, 0x20)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000540)={{{@in6, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in=@loopback}, 0x0, @in6}}, &(0x7f0000000140)=0xe8)
r8 = getgid()
setfsgid(r8)
write$P9_RGETATTR(r1, &(0x7f0000000680)={0xa0, 0x19, 0x2, {0x2, {0x8, 0x4, 0x2}, 0x10, r7, r8, 0xa, 0x0, 0x7ad, 0x2, 0x4, 0x3, 0x1ff, 0x7fffffff, 0x1, 0x100000000000000, 0x8, 0xfe00000000000000, 0xf5, 0xee, 0xf2}}, 0xa0)
connect$802154_dgram(r6, &(0x7f0000000080)={0x24, @none={0x0, 0x2}}, 0x4)
r9 = gettid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000001640)='kfree\x00'}, 0x10)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000000180)={'syz', 0x0}, &(0x7f0000000200)='.]\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x140, 0x0)
syz_io_uring_setup(0x2421, &(0x7f00000004c0)={0x0, 0x0, 0x482, 0x0, 0xe5}, &(0x7f00000000c0), &(0x7f0000000080))
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
write(0xffffffffffffffff, &(0x7f0000000340), 0x11000)

1.253331619s ago: executing program 0 (id=348):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file1\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT")
r1 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r1, &(0x7f0000000380)=""/40, 0x28)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(r1, 0x82307201, &(0x7f0000000f80)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, 0x0, 0x24000014)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r6, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r4, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x1, 0x803, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newlink={0x40, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x500}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r9}]}, 0x40}, 0x1, 0x0, 0x0, 0x24000804}, 0x8000)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket(0x1, 0x803, 0x0)
getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r12}, @IFLA_MASTER={0x8, 0xa, r12}]}, 0x4c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000003640)='kfree\x00', r2, 0x0, 0x400}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
r13 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000000)={'bridge0\x00'})

1.213049913s ago: executing program 5 (id=349):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b0000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r1, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0900000004000000080000001000000000000000", @ANYRES32, @ANYBLOB="00b800000000000000a74529b4ab0004003ff69a0a0262eefcec01008738560000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
acct(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
io_setup(0x2007, &(0x7f0000000200)=<r4=>0x0)
r5 = eventfd2(0x0, 0x800)
io_submit(r4, 0x1, &(0x7f0000000540)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r5, &(0x7f0000000240)="7a8c06bd91b4f3b7", 0x8, 0x7, 0x0, 0x1, r5}])
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000000), 0x20000328)
r6 = socket$inet6(0x10, 0x2, 0x4)
sendto$inet6(r6, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5ac27a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb942352359a351d1ec0cffc8792cd8000080", 0x4c, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x19, &(0x7f0000000280)=0x9, 0x4)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r7}, 0x0, 0x0}, 0x20)
close(r0)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x6, 0x3, 0x3, 0x5}, {0x4, 0x4, 0x8, 0x800}]})

1.165416066s ago: executing program 5 (id=350):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x2a)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
syz_emit_ethernet(0x7a, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6000000000442f00fe8000000000000000000000000000bbfe8800000000000000000000000000012421"], 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x18)
syz_emit_ethernet(0x6a, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffbbbbbbbbbbbb08004500005c00000000000190780a014102ac1414aa0304907801000000400000000000000000110000ac1e010100000000440100000101640100000c6401010000000000e000000100000006"], 0x0)
mknodat$loop(0xffffffffffffff9c, 0x0, 0x400, 0x1)
mount(&(0x7f00000001c0)=@filename='./file0\x00', 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(0x0, &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, r4)
socket$inet_sctp(0x2, 0x5, 0x84)
keyctl$clear(0x7, r4)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="d8000000580081044e81f782db44b904021d080009000200e8fe55a1180015000600142603600e120900210000000401a80016000a00014006000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7ce", 0x6c}, {&(0x7f0000000ec0)="c9df04cd8ce4f37656ffabb858c02ee95c69ff108ad5b76475bf8916734cbd57c84685f29a99074838097ed28b3d45bd4f24b1ad5ed7661fcf04c5f4e9fbfcebef046540294bb08de607993d1594343d19b89e6da0c4d2f7d7b92a2222268aa59e3113070d539092c09406c9", 0x6c}], 0x2}, 0x24004880)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
r6 = syz_open_procfs(0x0, 0x0)
preadv(r6, 0x0, 0x0, 0x5, 0x9)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x18, &(0x7f00000009c0)=[{&(0x7f0000000140)="d800000018007b29e00212ba0d8105040a601800fe0f040b067c55a1bc000900b80006990600000015000500fe800000000000000300014002000c0901ac04000bd67f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04fb95cae8c9010000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad8ffd5e1cace81ccd40dd601edef3d93452a92307ff0ff0e97031e9f05e9f16e9cb500"/216, 0xd8}], 0x1, 0x0, 0x0, 0x2663}, 0x0)

913.708967ms ago: executing program 1 (id=351):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{}, &(0x7f0000000380), &(0x7f0000000440)}, 0x20)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa101, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='xdp_exception\x00', r2, 0x0, 0xfffffffffffffffc}, 0x18)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r4, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
write$binfmt_aout(r0, &(0x7f0000000100)=ANY=[], 0xff2e)
r5 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x56, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r6}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x52, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r7, 0x0, 0xfffffffffffffffe}, 0x18)
r8 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r8, 0x0)
write$selinux_load(r5, &(0x7f0000000000)=ANY=[], 0x44f0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x3, 0x0, 0x0, "0062ba7d82000000000000000000f7fffeff00"})
r9 = syz_open_pts(r0, 0x8182)
dup3(r9, r0, 0x0)
ioctl$TCGETA(r0, 0x5405, &(0x7f0000000240))
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014"], 0xa8}}, 0x0)

832.105603ms ago: executing program 0 (id=352):
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f0000000300), &(0x7f0000000000)=ANY=[], 0xfe37, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')

825.496284ms ago: executing program 5 (id=353):
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x24)

792.886997ms ago: executing program 5 (id=354):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="18020000fbffffff00ffef000300000085000000bc00000085000000110000009500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe07, 0x0, &(0x7f0000000000)="26f8a0bf423ba61db01dcc101f3755384d7692c9e2b2ef9783f2d275f869933df9e97e0293a94ae8151e914e4cc50504094bc507b970f24b7e23af995eebac104d27b0564ff3985422ed5473ca4b38ff0fa99e1e982204c18e6442f8f95c2227ba69178d9398e4", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
mount$cgroup2(0x0, &(0x7f0000000140)='./cgroup.net/devices.allow\x00', &(0x7f0000000100), 0x8081, &(0x7f0000000500)=ANY=[@ANYBLOB='memory_localevents='])

786.250597ms ago: executing program 0 (id=355):
socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0xfffffffffffffffe]}, 0x8)
read(r0, &(0x7f0000000740)=""/384, 0x200008c0) (fail_nth: 1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
gettid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
request_key(0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_io_uring_setup(0x2421, 0x0, 0x0, 0x0)

721.824382ms ago: executing program 5 (id=356):
socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0xfffffffffffffffe]}, 0x8)
read(r0, &(0x7f0000000740)=""/384, 0x200008c0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
gettid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
request_key(0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_io_uring_setup(0x2421, 0x0, 0x0, 0x0)

476.741112ms ago: executing program 4 (id=357):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000280), &(0x7f00000002c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0300000005"], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syslog(0x2, 0xffffffffffffffff, 0x4b)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0300000004000400040000000a00000000000000", @ANYRES16=0x0, @ANYRESOCT, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="1f0000108f063a2ed93a54d7213100000000deffffffffffffff0000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="1809000000001e0000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x8040, 0x0)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000040)={0x0, 0x0, 0x4, 0x0, 0x0, "ff00f7000000000000000000af88008300"})
r6 = syz_open_pts(r5, 0x141601)
r7 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TCSETSF(r6, 0x5404, &(0x7f0000000080)={0x8, 0x20000000, 0xfffffffc, 0x7fffffd, 0x5, "682341f2fd71a6a76177920ea7e60c0ac7a4a5"})

470.924852ms ago: executing program 2 (id=358):
r0 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = dup(r1)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000000206030000000000fffff0000000000016000300686173683a6e65742c706f72742c6e6574000000050004000000000005000500020000000900020073797a3200000000050001000700000014000780080013400000000008001240"], 0x64}}, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x94) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000640)={0x28, 0x3, 0x6, 0x301, 0x0, 0x0, {0x2, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x40841}, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x1008, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000240)='fib6_table_lookup\x00', r5}, 0x9)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, 0x0, &(0x7f00000002c0)}, 0x20) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, 0x0, &(0x7f00000002c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x408, 0xcd, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000280)='./binderfs2/binder0\x00', 0x0, 0x0) (async)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000280)='./binderfs2/binder0\x00', 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000680)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa0, 0xa0, 0x6, [@fwd={0x1}, @int={0x4, 0x0, 0x0, 0x1, 0x0, 0x7a, 0x0, 0x62, 0x1}, @fwd={0x3}, @union={0x4, 0x2, 0x0, 0x5, 0x0, 0x2, [{0x2, 0x4, 0x10000}, {0x3, 0x5, 0xfffffffd}]}, @int={0x9, 0x0, 0x0, 0x1, 0x0, 0x7, 0x0, 0x73, 0x7}, @typedef={0x7, 0x0, 0x0, 0x8, 0x2}, @fwd={0x5}, @var={0xe, 0x0, 0x0, 0xe, 0x2}, @decl_tag={0x5, 0x0, 0x0, 0x11, 0x2, 0x6}, @func={0xf, 0x0, 0x0, 0xc, 0x3}]}, {0x0, [0x0, 0x2e, 0x2e, 0x61]}}, &(0x7f0000000340)=""/12, 0xbe, 0xc, 0x0, 0xd}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r7}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r7}, 0x10)
r8 = socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r8, 0x84, 0x19, &(0x7f0000001000)={0x0, 0x9}, 0x8)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200}) (async)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r9, 0x89f1, &(0x7f0000000080))

402.828498ms ago: executing program 2 (id=359):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, 0x2}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000000c0)='kfree\x00', r2}, 0x18)
r3 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000072"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
keyctl$restrict_keyring(0xa, r3, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000000)='id:\xff\xffe{')
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000f0f000000000700000a20000000000a01030000000000000000010000000900010073797a310000000040000000030a01020000000000000000010000000900030073797a320000000014000480080002400000000008000140000000050900010073797a31000000003c000000050a01020000000000000000010000000c00024000000000000000010900010073797a3100000000040004800b0007"], 0xc4}}, 0x0)

383.066219ms ago: executing program 4 (id=360):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b0000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r1, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0900000004000000080000001000000000000000", @ANYRES32, @ANYBLOB="00b800000000000000a74529b4ab0004003ff69a0a0262eefcec01008738560000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
acct(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
io_setup(0x2007, &(0x7f0000000200)=<r4=>0x0)
r5 = eventfd2(0x0, 0x800)
io_submit(r4, 0x1, &(0x7f0000000540)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r5, &(0x7f0000000240)="7a8c06bd91b4f3b7", 0x8, 0x7, 0x0, 0x1, r5}])
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000000), 0x20000328)
r6 = socket$inet6(0x10, 0x2, 0x4)
sendto$inet6(r6, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5ac27a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb942352359a351d1ec0cffc8792cd8000080", 0x4c, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x19, &(0x7f0000000280)=0x9, 0x4)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r7}, 0x0, 0x0}, 0x20)
close(r0)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x6, 0x3, 0x3, 0x5}, {0x4, 0x4, 0x8, 0x800}]})

349.004072ms ago: executing program 4 (id=361):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
lstat(0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x70, 0x103301)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)

339.370313ms ago: executing program 2 (id=362):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000e00)={0x0}, 0x18)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)={0x1b, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0xc, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x3}, 0x50)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c0002800800014000000002080002400000000b05000300000000000900010073797a30000000000900020073797a320000000014000000110001"], 0x80}}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r2, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x14, 0x0, 0x14}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x0, 0x0, 0x18, {[@window={0x9, 0xfffffffffffffec4}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0xfd6c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000540)='kfree\x00', r0}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x2, 0xc}, 0x48)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @map_idx_val={0x18, 0x8, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0xf8}, @exit, @alu={0x6, 0x0, 0x3, 0xa, 0x0, 0x2}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000ff0f00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180100000000000000000000000000001812"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='hrtimer_start\x00', r7}, 0x3d)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000200)={r5, r4}, 0xc)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r8, 0x26, &(0x7f0000000000)={0x1})
fcntl$lock(r8, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x80, 0x200000007})

237.887121ms ago: executing program 4 (id=363):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) (fail_nth: 1)

76.924684ms ago: executing program 4 (id=364):
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x24)

62.619725ms ago: executing program 4 (id=365):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x7, 0xfa00, {0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {r1, 0x0, 0x0, 0x30, 0x0, @in={0x2, 0x4e24, @remote}, @ib={0x1b, 0x2, 0x0, {}, 0x0, 0xfffffffffffffffc, 0x6}}}, 0x118)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
write$binfmt_misc(r3, &(0x7f0000000240), 0xfffffecc)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r4}, 0x18)
ioctl$TIOCL_PASTESEL(r3, 0x541c, &(0x7f0000000000))
r6 = fcntl$dupfd(r5, 0x0, r0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x0, 0x4, 0x3, 0xfffffffe, 0x8, r2, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x4, 0x5}, 0x50)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000540)=@bpf_ext={0x1c, 0xd, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x786000, 0x0, 0x0, 0x0, 0x80000001}, [@generic={0x7, 0xf, 0xe, 0x5, 0xdfd5}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}, @jmp={0x5, 0x0, 0x9, 0x9, 0x7, 0x10, 0xfffffffffffffff0}]}, &(0x7f0000000080)='GPL\x00', 0x8, 0x1000, &(0x7f0000000f80)=""/4096, 0x41100, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x1, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x1235b, r6, 0x1, &(0x7f00000004c0)=[r2, r0, r7, 0x1, r2, r2], &(0x7f0000000500)=[{0x0, 0x5, 0x3, 0xc}], 0x10, 0xfffffffd}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffc1d}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000006d40)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd27, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{0x7, 0xffff6bfd, 0x6, 0x9, 0x7}, 0x4, 0x8}, [{0x73, 0x8, 0x3, 0xff, 0x4, 0x9}, {0x6, 0x9, 0x10000, 0xdc0c, 0x8, 0x250db8e3}, {0x80000000, 0x0, 0x8, 0x80000001, 0xffffffff, 0x4735}, {0x400, 0x3, 0x401, 0x2400, 0xd4, 0x6}, {0x3, 0x34a, 0xffffffff, 0x5, 0x32, 0xffff}, {0x0, 0x1, 0x24, 0x0, 0x3, 0x9}, {0x8001, 0x4, 0x1, 0x0, 0x7, 0x600}, {0xdd, 0xfffffff7, 0x80, 0x400, 0x2}, {0xe, 0x7ff, 0x1000, 0x5, 0x96b, 0xae}, {0x9621, 0x3f, 0xffffffff, 0x8, 0x81, 0xf47}, {0x3, 0xc, 0x5, 0x3, 0x3, 0x1a}, {0x1, 0x1, 0xe0000000, 0x3, 0x101, 0x74c}, {0x5, 0x0, 0xf, 0x101, 0x7, 0x3}, {0x9, 0x3, 0x3, 0xb94c, 0x4, 0xc028}, {0xfec00000, 0x7, 0x39, 0x4, 0x2, 0xe88}, {0x7, 0xfffffffb, 0xd03ecc34, 0xffffffff, 0x2, 0xfffffffc}, {0x6, 0xb, 0x7ff, 0x4, 0x5f, 0x686e}, {0x5f74, 0x4, 0xfffffffc, 0x6, 0x6, 0x9}, {0x6, 0x6, 0x7, 0xff, 0x8, 0x7f}, {0x9, 0x0, 0x5, 0x40, 0x0, 0xffffffd9}, {0x8001, 0x40, 0xfffffffe, 0xfffffff7, 0x9, 0xc7d00}, {0xffffffff, 0x5, 0xfffffffa, 0x6, 0x5, 0x6}, {0x80, 0x8, 0x800, 0x10000, 0x7, 0x6}, {0x8, 0x9, 0x9, 0x3, 0x4, 0x8001}, {0x3, 0x5a0e, 0x4, 0x6, 0x6e38efce, 0x81}, {0x8000, 0x2, 0x3, 0x4, 0x200, 0x8}, {0x75970971, 0x9c9c, 0x3, 0x3, 0x6, 0x61a}, {0xfffffffb, 0x8, 0xffffffff, 0x9, 0x2}, {0x1, 0x0, 0x3, 0x9, 0x2}, {0x3, 0x3, 0xc, 0x8001, 0x5, 0x5}, {0xa, 0x8, 0x9, 0xb05, 0x6, 0x401}, {0x9, 0xff, 0x5, 0x7fffffff, 0x5200, 0x7fffffff}, {0x4, 0x40, 0x6, 0x2, 0x4, 0x9}, {0x7, 0x7, 0x5, 0x4, 0x140, 0x97d}, {0x4, 0xfffffffe, 0xfffffffe, 0x16, 0x7fffffff, 0xc0000000}, {0x1, 0xf7d, 0x1, 0x3, 0x24, 0x80000001}, {0xc62, 0x9, 0x9, 0x3, 0x4, 0x1}, {0x7, 0x5, 0x3, 0x81, 0x3, 0xffff8001}, {0xfffffffc, 0x3d, 0x2, 0xf, 0x401, 0x7}, {0x743, 0xb, 0x2, 0x7fffffff, 0xffff1037, 0xa}, {0x5, 0x3, 0x8, 0xf9, 0x6, 0x7af6}, {0x800, 0x0, 0x9, 0x1, 0x3ff, 0x8}, {0x10001, 0xe, 0x9a, 0x8, 0x3fe00000, 0x800}, {0x1, 0x3, 0x5, 0xfdb9, 0x2, 0x7fff}, {0x7fff, 0x8000, 0x9d, 0x1, 0x9, 0x7}, {0x3, 0x8, 0x100, 0x40000, 0x4, 0x7}, {0xc81, 0xff, 0x8, 0x6, 0x80, 0x5}, {0x9, 0x4a, 0x3, 0x7, 0x3, 0x7f}, {0xa, 0x7, 0x2, 0xff, 0x3, 0x6}, {0x8, 0x80000000, 0x66, 0x7c, 0x9, 0x1}, {0x4, 0x0, 0xc000000, 0x6, 0x100, 0x5c94}, {0x4, 0x3, 0xdb8a, 0x7b, 0x100, 0xfffffffa}, {0x80, 0x9, 0x2be0, 0x5, 0x4, 0xb4f}, {0x8, 0x7, 0x9, 0x6, 0x991, 0x38}, {0x80000000, 0x1, 0x408, 0x8, 0x5, 0x8}, {0x6, 0x0, 0x4, 0x5, 0xfffffff7, 0x1}, {0xa9ed, 0x4, 0x8, 0x25a5551e, 0x3, 0x9}, {0x10000, 0x3, 0x9, 0x7, 0xb, 0x8001}, {0x2, 0x2, 0x3ff, 0x4, 0xc9, 0x9}, {0x2, 0x1, 0xf4eb, 0x7, 0x8000, 0xfff}, {0x5175, 0x4, 0x0, 0x0, 0x200}, {0x5, 0x6, 0x8, 0x7, 0x5, 0x7}, {0x1, 0x81, 0x8000, 0x1, 0x1, 0x7}, {0x2, 0x8, 0x5, 0x112, 0x9, 0x2}, {0x100, 0x5, 0x8, 0x3, 0x3, 0xfffffffe}, {0xffffffff, 0x537, 0x2, 0x100, 0x7fffffff, 0x6}, {0x8, 0x7, 0x6, 0x9, 0x1, 0x4}, {0x0, 0x5c, 0x1, 0x851, 0x0, 0xa}, {0x6, 0xfff, 0x1f, 0x1c1, 0x7, 0x2}, {0xfffffffe, 0xb71c, 0x3, 0x7, 0xd6, 0x4}, {0xffff7fff, 0x4, 0x40, 0x401, 0xca, 0x800}, {0x1, 0xd761, 0x4, 0x5, 0x3, 0x37}, {0x4, 0x66ed, 0x3, 0x7fffffff, 0x7, 0x5}, {0x8, 0x81, 0x452, 0x6, 0x80000000, 0x5c0}, {0x9, 0x1, 0x5, 0x1c88301e, 0x8}, {0xf, 0x8, 0x74, 0x1ff, 0xffff505a, 0x6}, {0x6, 0x9, 0x8, 0x7, 0x4, 0x9}, {0x4, 0x1, 0x9, 0x0, 0x9, 0xa19}, {0xff, 0x3, 0xaf4, 0x80000001, 0x7, 0x6}, {0xffff, 0x5, 0x4, 0xbb1, 0xfff}, {0x3, 0xedeb, 0x9, 0xfffffff9, 0x400, 0x7}, {0x7, 0x0, 0x8, 0x7, 0x7, 0xb15e}, {0x8, 0x6, 0x5, 0x3, 0xb188, 0x2}, {0x0, 0x101, 0x2, 0x80000001, 0x0, 0x1ff}, {0x10, 0x8, 0x5, 0x7, 0x8, 0x9}, {0xb, 0xfb, 0x100, 0xfffffff8, 0x0, 0x7f}, {0x2, 0x10001, 0x1, 0x6, 0x6, 0x6}, {0x0, 0x0, 0x0, 0x0, 0x97, 0x800}, {0x9, 0xff, 0x7, 0x2, 0xeb59}, {0x400, 0x68a9, 0xd, 0x80, 0x6, 0x1ff}, {0x6, 0x5, 0x0, 0x8, 0x2, 0x2}, {0x2, 0x9, 0x5e15, 0x9, 0x4, 0xd93}, {0xd9, 0x594, 0x8, 0x7, 0x7, 0x2}, {0xffff, 0x80000001, 0x1, 0xe0, 0x8, 0x3}, {0x8, 0x2, 0x8, 0x3, 0x3202, 0x1}, {0xa9fb, 0x0, 0x9, 0x20000000, 0x200, 0x4}, {0x5, 0x5, 0xa, 0x52, 0xbf6a, 0x2}, {0x6, 0xb7, 0x2, 0xd1, 0x0, 0xffff}, {0x2, 0x3, 0x4, 0xffffe07a, 0xf, 0xff}, {0x7fffffff, 0x97, 0x7fff, 0x40, 0x76b9d3e5, 0xe00}, {0x8, 0x9, 0x80000001, 0xc8, 0x8, 0x4}, {0x9, 0x8000, 0x2, 0x5, 0x8000, 0x2}, {0x7, 0xffffffff, 0x40, 0x0, 0x1, 0xfda}, {0x0, 0x4, 0x401, 0x4e, 0x0, 0x1}, {0x9, 0x9, 0x1, 0x3, 0xf, 0x9}, {0x60, 0x0, 0x41, 0x7f, 0x80000001, 0x3}, {0xffff92e2, 0x4, 0xe, 0x1, 0x4cfe, 0x68c}, {0x6, 0x80, 0x2, 0x4, 0x4, 0x1}, {0x2, 0x1, 0x9a, 0x7, 0x1, 0x5}, {0x9, 0x1000, 0x7, 0x7, 0x19, 0x7}, {0x134a, 0x0, 0xfffffffc, 0x1, 0x1, 0x1577}, {0x1, 0x83, 0x9, 0x5e9, 0x6, 0x7}, {0xb5, 0xcbd, 0x1, 0x10, 0x7fff, 0xcb1}, {0x4, 0x9, 0x1, 0x6, 0x651, 0x8}, {0x4, 0x120000, 0x2, 0x2146, 0xb, 0x80}, {0x10f243f9, 0x2, 0x1, 0x9, 0x101, 0x2}, {0x200, 0x2d, 0x8, 0x7, 0x3, 0xd45}, {0x2a81, 0x1, 0x0, 0x40, 0x4, 0xc3}, {0x1478, 0x5, 0x8, 0x7, 0x4, 0x4}, {0x1, 0x3, 0x6, 0xffff, 0x9, 0x1ff}, {0x0, 0x6, 0x9, 0x5, 0x4, 0x7fffffff}, {0x1, 0x9, 0x2, 0x49, 0x5, 0x2}, {0x1, 0x10001, 0x7, 0xe, 0x3, 0x3}, {0xb4b, 0xf4c1, 0x10, 0x401, 0x1, 0xa0000}, {0x8, 0x1ff, 0x1, 0x800, 0x4, 0x6}, {0xe, 0x5, 0x5, 0x4, 0xcc, 0x4}, {0x8001, 0xe9c, 0x1, 0x2, 0xcc80, 0x6bd}, {0x3, 0x81, 0x80000001, 0x2e000000, 0x8, 0x2}], [{0x0, 0x1}, {0x3}, {0x2, 0x1}, {0x2, 0x1}, {0x3}, {0x5}, {0x2, 0x1}, {0x4, 0x1}, {0x0, 0x1}, {0x3}, {0x0, 0x1}, {0x5}, {0x3}, {0x3, 0x1}, {0x0, 0x1}, {0x5}, {0x1, 0x1}, {0x0, 0x1}, {0x4, 0x1}, {0x1}, {0x4}, {0x3, 0x1}, {0x1, 0x1}, {}, {0x5}, {0x0, 0x1}, {0x0, 0x1}, {0x2}, {0x5}, {0x1}, {}, {0x5, 0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x3, 0x1}, {0x3}, {0x2}, {0x4, 0x1}, {0x4, 0x1}, {0x4, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {0x5}, {0x4, 0x1}, {0x3}, {}, {}, {0x4, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x5, 0x1}, {0x2, 0x1}, {0x7, 0x1}, {0x5}, {}, {0x3, 0x1}, {0x5, 0x1}, {0x3}, {0x2}, {0x3}, {0x1}, {0x4}, {0x4, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x4}, {0x5}, {0x5}, {0x2}, {}, {0x2}, {}, {0x5, 0x1}, {0x2}, {0x5, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x7, 0x1}, {0x4}, {0x4, 0x1}, {0x5, 0x1}, {0xc27aa91fdcffac27}, {0x4, 0x1}, {0x1}, {0x3}, {0x4}, {0x5}, {0x4, 0x1}, {0x0, 0x1}, {}, {0x5}, {0x5}, {0x5}, {0x5, 0x1}, {0x5, 0x1}, {0x0, 0x1}, {0x5, 0x3ac13115a204b034}, {0x5}, {0x1, 0x1}, {}, {0x3, 0x1}, {0x4, 0x1}, {0x2}, {0x1}, {0x5}, {0x3, 0x1}, {0x3, 0x1}, {}, {0x4, 0x1}, {0xf95b5fb1b1edec5e}, {0x4, 0x1}, {}, {0x5, 0x1}, {0x3}, {0x1}, {0x1}, {0x4, 0x1}, {0x5, 0x1}, {}, {0x3, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x5}, {0x0, 0x1}, {0x5, 0x1}, {0x2}, {0x0, 0x1}], 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)

1.67387ms ago: executing program 2 (id=366):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x800000000006}, 0x18)
socket(0x200000000000011, 0x2, 0xe6)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="00000000b90b00"/22, @ANYRES32, @ANYBLOB="0a000100bbbbbbbbbbbb0000"], 0x48}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r3, 0x0, 0xffffffffffffffff}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={0x0, 0x0, 0xfc5f}, 0x28)
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r5, &(0x7f0000000180)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="440000001000370400000000ffffffff00000000", @ANYRES32=r6, @ANYBLOB="0b12050200000000240012800b00010069703667726500001400028008000100", @ANYRES32=r6, @ANYBLOB="0800050003"], 0x44}, 0x1, 0x0, 0x0, 0x48800}, 0x4000010)
sendmmsg$inet(r4, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @local, @multicast1}}}], 0x20}}], 0x1, 0x8000004)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001300)=ANY=[@ANYBLOB="38010000000101040000000000000000020000002c0001801400018008000100ac14143208000200ac1414000c00028005000100000000000600034000020000240002801400018008000100e000000108000200e00000010c0002800500010000000000080007"], 0x138}}, 0x4)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0x88, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x44, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x32}}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @mcast2}}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_DST={0x4}]}, 0x88}}, 0x0)
r9 = socket$tipc(0x1e, 0x5, 0x0)
r10 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r10, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r9, 0x10f, 0x87, &(0x7f0000000000)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r9, &(0x7f0000000400)={&(0x7f0000000500)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x4008030)

0s ago: executing program 2 (id=367):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8000, 0x100000000}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r0 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000000))

kernel console output (not intermixed with test programs):

ry) 
[   31.434077][ T3514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   31.434089][ T3514] Call Trace:
[   31.434096][ T3514]  <TASK>
[   31.434105][ T3514]  __dump_stack+0x1d/0x30
[   31.434135][ T3514]  dump_stack_lvl+0xe8/0x140
[   31.434157][ T3514]  dump_stack+0x15/0x1b
[   31.434176][ T3514]  should_fail_ex+0x265/0x280
[   31.434199][ T3514]  should_fail+0xb/0x20
[   31.434267][ T3514]  should_fail_usercopy+0x1a/0x20
[   31.434292][ T3514]  _copy_from_user+0x1c/0xb0
[   31.434348][ T3514]  __copy_msghdr+0x244/0x300
[   31.434371][ T3514]  ___sys_sendmsg+0x109/0x1d0
[   31.434411][ T3514]  __x64_sys_sendmsg+0xd4/0x160
[   31.434437][ T3514]  x64_sys_call+0x191e/0x2ff0
[   31.434461][ T3514]  do_syscall_64+0xd2/0x200
[   31.434522][ T3514]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   31.434552][ T3514]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   31.434609][ T3514]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   31.434633][ T3514] RIP: 0033:0x7f9f621cebe9
[   31.434652][ T3514] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   31.434672][ T3514] RSP: 002b:00007f9f60c37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   31.434760][ T3514] RAX: ffffffffffffffda RBX: 00007f9f623f5fa0 RCX: 00007f9f621cebe9
[   31.434774][ T3514] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000005
[   31.434905][ T3514] RBP: 00007f9f60c37090 R08: 0000000000000000 R09: 0000000000000000
[   31.434918][ T3514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   31.434932][ T3514] R13: 00007f9f623f6038 R14: 00007f9f623f5fa0 R15: 00007fff43c165e8
[   31.434955][ T3514]  </TASK>
[   31.495552][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   31.685958][ T3522] sch_fq: defrate 4294967295 ignored.
[   31.714358][ T3522] loop4: detected capacity change from 0 to 512
[   31.728040][ T3527] loop1: detected capacity change from 0 to 1024
[   31.734452][ T3522] =======================================================
[   31.734452][ T3522] WARNING: The mand mount option has been deprecated and
[   31.734452][ T3522]          and is ignored by this kernel. Remove the mand
[   31.734452][ T3522]          option from the mount to silence this warning.
[   31.734452][ T3522] =======================================================
[   31.812962][ T3527] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   31.833512][ T3522] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   31.868490][ T3522] ext4 filesystem being mounted at /1/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   31.890181][ T3527] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.18: Allocating blocks 449-513 which overlap fs metadata
[   32.007296][ T3517] netlink: 12 bytes leftover after parsing attributes in process `syz.0.15'.
[   32.028738][ T3526] EXT4-fs (loop1): pa ffff888106eb0070: logic 48, phys. 177, len 21
[   32.036843][ T3526] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[   32.057309][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.117447][ T3538] netlink: 4 bytes leftover after parsing attributes in process `syz.1.19'.
[   32.143628][ T3538] netlink: 4 bytes leftover after parsing attributes in process `syz.1.19'.
[   32.205278][ T3542] random: crng reseeded on system resumption
[   32.238432][ T3542] loop1: detected capacity change from 0 to 1024
[   32.271711][ T3542] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   32.357469][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.357904][ T3542] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm : Allocating blocks 449-513 which overlap fs metadata
[   32.448791][ T3542] SELinux:  Context @ is not valid (left unmapped).
[   32.457443][ T3542] EXT4-fs (loop1): pa ffff888106eb00e0: logic 48, phys. 177, len 21
[   32.465519][ T3542] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[   32.481758][ T3546] loop4: detected capacity change from 0 to 512
[   32.510781][ T3546] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   32.533864][ T3546] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   32.551978][ T3546] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   32.599720][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.782781][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.066040][ T3558] infiniband syz!: set active
[   33.070781][ T3558] infiniband syz!: added team_slave_0
[   33.155888][ T3558] RDS/IB: syz!: added
[   33.160071][ T3558] smc: adding ib device syz! with port count 1
[   33.166571][ T3558] smc:    ib device syz! port 1 has pnetid 
[   33.735904][ T3558] syz.4.24 (3558) used greatest stack depth: 10616 bytes left
[   33.760258][ T3550] netlink: 12 bytes leftover after parsing attributes in process `syz.2.23'.
[   33.763125][ T3567] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[   33.893119][ T3570] syz.4.28 (3570) used greatest stack depth: 9424 bytes left
[   33.940218][ T3572] FAULT_INJECTION: forcing a failure.
[   33.940218][ T3572] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   33.953515][ T3572] CPU: 0 UID: 0 PID: 3572 Comm: syz.2.29 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   33.953545][ T3572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   33.953588][ T3572] Call Trace:
[   33.953594][ T3572]  <TASK>
[   33.953663][ T3572]  __dump_stack+0x1d/0x30
[   33.953686][ T3572]  dump_stack_lvl+0xe8/0x140
[   33.953706][ T3572]  dump_stack+0x15/0x1b
[   33.953724][ T3572]  should_fail_ex+0x265/0x280
[   33.953821][ T3572]  should_fail+0xb/0x20
[   33.953840][ T3572]  should_fail_usercopy+0x1a/0x20
[   33.953902][ T3572]  _copy_to_user+0x20/0xa0
[   33.953929][ T3572]  simple_read_from_buffer+0xb5/0x130
[   33.953954][ T3572]  proc_fail_nth_read+0x10e/0x150
[   33.953981][ T3572]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   33.954007][ T3572]  vfs_read+0x1a8/0x770
[   33.954035][ T3572]  ? __rcu_read_unlock+0x4f/0x70
[   33.954064][ T3572]  ? __fget_files+0x184/0x1c0
[   33.954108][ T3572]  ? __rcu_read_unlock+0x4f/0x70
[   33.954131][ T3572]  ksys_read+0xda/0x1a0
[   33.954154][ T3572]  __x64_sys_read+0x40/0x50
[   33.954176][ T3572]  x64_sys_call+0x27bc/0x2ff0
[   33.954200][ T3572]  do_syscall_64+0xd2/0x200
[   33.954227][ T3572]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   33.954314][ T3572]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   33.954339][ T3572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   33.954361][ T3572] RIP: 0033:0x7fd7532fd5fc
[   33.954378][ T3572] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   33.954458][ T3572] RSP: 002b:00007fd751d5f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   33.954480][ T3572] RAX: ffffffffffffffda RBX: 00007fd753525fa0 RCX: 00007fd7532fd5fc
[   33.954494][ T3572] RDX: 000000000000000f RSI: 00007fd751d5f0a0 RDI: 0000000000000003
[   33.954560][ T3572] RBP: 00007fd751d5f090 R08: 0000000000000000 R09: 0000000000000000
[   33.954573][ T3572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   33.954644][ T3572] R13: 00007fd753526038 R14: 00007fd753525fa0 R15: 00007ffc6886dd98
[   33.954663][ T3572]  </TASK>
[   34.211289][ T3577] FAULT_INJECTION: forcing a failure.
[   34.211289][ T3577] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   34.224454][ T3577] CPU: 1 UID: 0 PID: 3577 Comm: syz.2.31 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   34.224486][ T3577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   34.224500][ T3577] Call Trace:
[   34.224509][ T3577]  <TASK>
[   34.224518][ T3577]  __dump_stack+0x1d/0x30
[   34.224542][ T3577]  dump_stack_lvl+0xe8/0x140
[   34.224571][ T3577]  dump_stack+0x15/0x1b
[   34.224590][ T3577]  should_fail_ex+0x265/0x280
[   34.224613][ T3577]  should_fail+0xb/0x20
[   34.224692][ T3577]  should_fail_usercopy+0x1a/0x20
[   34.224715][ T3577]  _copy_to_user+0x20/0xa0
[   34.224748][ T3577]  simple_read_from_buffer+0xb5/0x130
[   34.224926][ T3577]  proc_fail_nth_read+0x10e/0x150
[   34.224952][ T3577]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   34.224975][ T3577]  vfs_read+0x1a8/0x770
[   34.224999][ T3577]  ? __rcu_read_unlock+0x4f/0x70
[   34.225017][ T3577]  ? __fget_files+0x184/0x1c0
[   34.225043][ T3577]  ksys_read+0xda/0x1a0
[   34.225066][ T3577]  __x64_sys_read+0x40/0x50
[   34.225086][ T3577]  x64_sys_call+0x27bc/0x2ff0
[   34.225169][ T3577]  do_syscall_64+0xd2/0x200
[   34.225198][ T3577]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   34.225222][ T3577]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   34.225249][ T3577]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   34.225306][ T3577] RIP: 0033:0x7fd7532fd5fc
[   34.225323][ T3577] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   34.225381][ T3577] RSP: 002b:00007fd751d5f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   34.225516][ T3577] RAX: ffffffffffffffda RBX: 00007fd753525fa0 RCX: 00007fd7532fd5fc
[   34.225529][ T3577] RDX: 000000000000000f RSI: 00007fd751d5f0a0 RDI: 0000000000000003
[   34.225600][ T3577] RBP: 00007fd751d5f090 R08: 0000000000000000 R09: 0000000000000000
[   34.225613][ T3577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   34.225658][ T3577] R13: 00007fd753526038 R14: 00007fd753525fa0 R15: 00007ffc6886dd98
[   34.225677][ T3577]  </TASK>
[   34.462342][ T3579] loop1: detected capacity change from 0 to 164
[   34.493315][ T3579] rock: directory entry would overflow storage
[   34.499621][ T3579] rock: sig=0x66, size=4, remaining=3
[   34.595080][ T3595] loop3: detected capacity change from 0 to 164
[   34.607199][ T3595] iso9660: Corrupted directory entry in block 4 of inode 1792
[   34.692285][ T3601] loop3: detected capacity change from 0 to 512
[   34.732535][ T3603] FAULT_INJECTION: forcing a failure.
[   34.732535][ T3603] name failslab, interval 1, probability 0, space 0, times 1
[   34.745604][ T3603] CPU: 0 UID: 0 PID: 3603 Comm: syz.2.40 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   34.745630][ T3603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   34.745643][ T3603] Call Trace:
[   34.745650][ T3603]  <TASK>
[   34.745724][ T3603]  __dump_stack+0x1d/0x30
[   34.745747][ T3603]  dump_stack_lvl+0xe8/0x140
[   34.745767][ T3603]  dump_stack+0x15/0x1b
[   34.745784][ T3603]  should_fail_ex+0x265/0x280
[   34.745805][ T3603]  should_failslab+0x8c/0xb0
[   34.745989][ T3603]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   34.746082][ T3603]  ? v9fs_session_init+0x78/0xde0
[   34.746162][ T3603]  kstrdup+0x3e/0xd0
[   34.746184][ T3603]  v9fs_session_init+0x78/0xde0
[   34.746202][ T3603]  ? __rcu_read_unlock+0x4f/0x70
[   34.746233][ T3603]  ? avc_has_perm_noaudit+0x1b1/0x200
[   34.746329][ T3603]  ? should_fail_ex+0xdb/0x280
[   34.746349][ T3603]  ? v9fs_mount+0x51/0x5c0
[   34.746376][ T3603]  ? should_failslab+0x8c/0xb0
[   34.746399][ T3603]  ? __kmalloc_cache_noprof+0x189/0x320
[   34.746434][ T3603]  v9fs_mount+0x67/0x5c0
[   34.746461][ T3603]  ? selinux_capable+0x31/0x40
[   34.746484][ T3603]  ? __pfx_v9fs_mount+0x10/0x10
[   34.746511][ T3603]  legacy_get_tree+0x75/0xd0
[   34.746629][ T3603]  vfs_get_tree+0x54/0x1d0
[   34.746652][ T3603]  do_new_mount+0x207/0x5e0
[   34.746717][ T3603]  ? security_capable+0x83/0x90
[   34.746739][ T3603]  path_mount+0x4a4/0xb20
[   34.746758][ T3603]  ? user_path_at+0x109/0x130
[   34.746790][ T3603]  __se_sys_mount+0x28f/0x2e0
[   34.746810][ T3603]  ? fput+0x8f/0xc0
[   34.746915][ T3603]  __x64_sys_mount+0x67/0x80
[   34.746994][ T3603]  x64_sys_call+0x2b4d/0x2ff0
[   34.747053][ T3603]  do_syscall_64+0xd2/0x200
[   34.747077][ T3603]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   34.747100][ T3603]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   34.747131][ T3603]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   34.747154][ T3603] RIP: 0033:0x7fd7532febe9
[   34.747171][ T3603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   34.747239][ T3603] RSP: 002b:00007fd751d5f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   34.747259][ T3603] RAX: ffffffffffffffda RBX: 00007fd753525fa0 RCX: 00007fd7532febe9
[   34.747271][ T3603] RDX: 0000200000000100 RSI: 0000200000000500 RDI: 0000000000000000
[   34.747291][ T3603] RBP: 00007fd751d5f090 R08: 0000200000000a40 R09: 0000000000000000
[   34.747304][ T3603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   34.747316][ T3603] R13: 00007fd753526038 R14: 00007fd753525fa0 R15: 00007ffc6886dd98
[   34.747335][ T3603]  </TASK>
[   35.026294][ T3601] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.039029][ T3601] ext4 filesystem being mounted at /4/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   35.055614][ T3601] EXT4-fs (loop3): shut down requested (0)
[   35.174860][   T29] kauditd_printk_skb: 219 callbacks suppressed
[   35.174879][   T29] audit: type=1400 audit(1756352794.558:310): avc:  denied  { setopt } for  pid=3598 comm="syz.3.38" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   35.200987][   T29] audit: type=1400 audit(1756352794.558:311): avc:  denied  { read } for  pid=3598 comm="syz.3.38" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   35.224496][   T29] audit: type=1400 audit(1756352794.558:312): avc:  denied  { open } for  pid=3598 comm="syz.3.38" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   35.248548][   T29] audit: type=1400 audit(1756352794.558:313): avc:  denied  { ioctl } for  pid=3598 comm="syz.3.38" path="/dev/sg0" dev="devtmpfs" ino=135 ioctlcmd=0x2275 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   35.314152][ T3614] netlink: 'syz.2.44': attribute type 21 has an invalid length.
[   35.322003][ T3614] netlink: 'syz.2.44': attribute type 1 has an invalid length.
[   35.329669][ T3614] netlink: 144 bytes leftover after parsing attributes in process `syz.2.44'.
[   35.345296][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.362796][ T3616] program syz.4.45 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   35.372335][ T1917] Quota error (device loop3): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync!
[   35.387968][ T3614] netlink: 168 bytes leftover after parsing attributes in process `syz.2.44'.
[   35.423745][ T3622] SELinux:  policydb version 0 does not match my version range 15-35
[   35.427528][   T29] audit: type=1400 audit(1756352794.828:314): avc:  denied  { load_policy } for  pid=3620 comm="syz.3.43" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   35.481141][ T3622] SELinux: failed to load policy
[   35.524472][   T29] audit: type=1400 audit(1756352794.838:315): avc:  denied  { watch watch_reads } for  pid=3613 comm="syz.2.44" path="/15/file0" dev="tmpfs" ino=97 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   35.548252][   T29] audit: type=1400 audit(1756352794.908:316): avc:  denied  { ioctl } for  pid=3620 comm="syz.3.43" path="socket:[5099]" dev="sockfs" ino=5099 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   35.588722][ T3622] hsr_slave_0: left promiscuous mode
[   35.599584][ T3633] loop3: detected capacity change from 0 to 1024
[   35.610555][ T3633] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   35.611274][ T3622] hsr_slave_1: left promiscuous mode
[   35.621740][ T3633] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[   35.631089][ T3633] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   35.648641][   T29] audit: type=1326 audit(1756352794.988:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3620 comm="syz.3.43" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7db04ebe9 code=0x7ffc0000
[   35.671729][ T3616] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   35.671980][   T29] audit: type=1326 audit(1756352794.988:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3620 comm="syz.3.43" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7fd7db04ebe9 code=0x7ffc0000
[   35.706295][ T3616] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   35.714235][ T3633] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #3: comm syz.3.43: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 2, max 15(4), depth 0(0)
[   35.741307][ T3633] EXT4-fs (loop3): no journal found
[   35.746678][ T3633] EXT4-fs (loop3): can't get journal size
[   35.793667][ T3633] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   35.833656][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.531788][ T3648] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   36.541091][ T3648] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   36.570042][ T3652] FAULT_INJECTION: forcing a failure.
[   36.570042][ T3652] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   36.583443][ T3652] CPU: 1 UID: 0 PID: 3652 Comm: syz.1.53 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   36.583475][ T3652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   36.583485][ T3652] Call Trace:
[   36.583492][ T3652]  <TASK>
[   36.583499][ T3652]  __dump_stack+0x1d/0x30
[   36.583572][ T3652]  dump_stack_lvl+0xe8/0x140
[   36.583593][ T3652]  dump_stack+0x15/0x1b
[   36.583611][ T3652]  should_fail_ex+0x265/0x280
[   36.583631][ T3652]  should_fail+0xb/0x20
[   36.583647][ T3652]  should_fail_usercopy+0x1a/0x20
[   36.583762][ T3652]  _copy_to_user+0x20/0xa0
[   36.583793][ T3652]  put_user_ifreq+0x58/0xa0
[   36.583879][ T3652]  sock_ioctl+0x5cc/0x610
[   36.583986][ T3652]  ? __pfx_sock_ioctl+0x10/0x10
[   36.584014][ T3652]  __se_sys_ioctl+0xce/0x140
[   36.584038][ T3652]  __x64_sys_ioctl+0x43/0x50
[   36.584087][ T3652]  x64_sys_call+0x1816/0x2ff0
[   36.584174][ T3652]  do_syscall_64+0xd2/0x200
[   36.584203][ T3652]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   36.584243][ T3652]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   36.584270][ T3652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   36.584289][ T3652] RIP: 0033:0x7f69345debe9
[   36.584384][ T3652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   36.584461][ T3652] RSP: 002b:00007f693303f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   36.584480][ T3652] RAX: ffffffffffffffda RBX: 00007f6934805fa0 RCX: 00007f69345debe9
[   36.584493][ T3652] RDX: 0000200000000080 RSI: 00000000000089f0 RDI: 0000000000000003
[   36.584507][ T3652] RBP: 00007f693303f090 R08: 0000000000000000 R09: 0000000000000000
[   36.584520][ T3652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   36.584534][ T3652] R13: 00007f6934806038 R14: 00007f6934805fa0 R15: 00007fffb02b7a68
[   36.584627][ T3652]  </TASK>
[   36.788394][ T3654] loop3: detected capacity change from 0 to 2048
[   36.811571][ T3658] __nla_validate_parse: 1 callbacks suppressed
[   36.811608][ T3658] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.56'.
[   36.873134][ T3654]  loop3: p2 < > p4
[   36.896010][ T3654] loop3: p4 size 8192 extends beyond EOD, truncated
[   36.989765][ T3654] futex_wake_op: syz.3.54 tries to shift op by -1; fix this program
[   37.249412][ T3727] netlink: 4 bytes leftover after parsing attributes in process `syz.4.59'.
[   37.284105][ T3727] bridge_slave_1: left allmulticast mode
[   37.290019][ T3727] bridge_slave_1: left promiscuous mode
[   37.296069][ T3727] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.305389][ T3727] bridge_slave_0: left allmulticast mode
[   37.311328][ T3727] bridge_slave_0: left promiscuous mode
[   37.317224][ T3727] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.396547][ T3736] netlink: 28 bytes leftover after parsing attributes in process `syz.0.62'.
[   37.405638][ T3736] netlink: 28 bytes leftover after parsing attributes in process `syz.0.62'.
[   37.504596][ T3742] netlink: 60 bytes leftover after parsing attributes in process `syz.0.65'.
[   37.517649][ T3743] FAULT_INJECTION: forcing a failure.
[   37.517649][ T3743] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   37.531030][ T3743] CPU: 0 UID: 0 PID: 3743 Comm: syz.4.63 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   37.531162][ T3743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   37.531175][ T3743] Call Trace:
[   37.531183][ T3743]  <TASK>
[   37.531192][ T3743]  __dump_stack+0x1d/0x30
[   37.531284][ T3743]  dump_stack_lvl+0xe8/0x140
[   37.531302][ T3743]  dump_stack+0x15/0x1b
[   37.531317][ T3743]  should_fail_ex+0x265/0x280
[   37.531336][ T3743]  should_fail+0xb/0x20
[   37.531353][ T3743]  should_fail_usercopy+0x1a/0x20
[   37.531376][ T3743]  _copy_to_user+0x20/0xa0
[   37.531470][ T3743]  simple_read_from_buffer+0xb5/0x130
[   37.531506][ T3743]  proc_fail_nth_read+0x10e/0x150
[   37.531534][ T3743]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   37.531637][ T3743]  vfs_read+0x1a8/0x770
[   37.531659][ T3743]  ? __rcu_read_unlock+0x4f/0x70
[   37.531682][ T3743]  ? __fget_files+0x184/0x1c0
[   37.531783][ T3743]  ksys_read+0xda/0x1a0
[   37.531802][ T3743]  __x64_sys_read+0x40/0x50
[   37.531821][ T3743]  x64_sys_call+0x27bc/0x2ff0
[   37.531839][ T3743]  do_syscall_64+0xd2/0x200
[   37.531904][ T3743]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   37.531929][ T3743]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   37.531956][ T3743]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   37.532015][ T3743] RIP: 0033:0x7f9f621cd5fc
[   37.532030][ T3743] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   37.532101][ T3743] RSP: 002b:00007f9f60c16030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   37.532146][ T3743] RAX: ffffffffffffffda RBX: 00007f9f623f6090 RCX: 00007f9f621cd5fc
[   37.532160][ T3743] RDX: 000000000000000f RSI: 00007f9f60c160a0 RDI: 0000000000000005
[   37.532203][ T3743] RBP: 00007f9f60c16090 R08: 0000000000000000 R09: 0000000000000000
[   37.532215][ T3743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   37.532228][ T3743] R13: 00007f9f623f6128 R14: 00007f9f623f6090 R15: 00007fff43c165e8
[   37.532247][ T3743]  </TASK>
[   37.741183][    C0] hrtimer: interrupt took 200333939 ns
[   37.860807][ T3742] loop0: detected capacity change from 0 to 2048
[   37.870310][ T3755] loop4: detected capacity change from 0 to 1024
[   37.870621][ T3755] SELinux: security_context_str_to_sid (root) failed with errno=-22
[   37.996094][ T3762] netlink: 'syz.3.72': attribute type 3 has an invalid length.
[   38.021142][ T3762] loop3: detected capacity change from 0 to 128
[   38.046886][ T3762] FAT-fs (loop3): Directory bread(block 32) failed
[   38.069932][ T3762] FAT-fs (loop3): Directory bread(block 33) failed
[   38.089903][ T3762] FAT-fs (loop3): Directory bread(block 34) failed
[   38.109833][ T3762] FAT-fs (loop3): Directory bread(block 35) failed
[   38.122988][ T3770] netlink: 'syz.2.75': attribute type 30 has an invalid length.
[   38.147730][ T3762] FAT-fs (loop3): Directory bread(block 36) failed
[   38.164543][ T3742] EXT4-fs (loop0): failed to initialize system zone (-117)
[   38.173955][ T3762] FAT-fs (loop3): Directory bread(block 37) failed
[   38.180677][ T3762] FAT-fs (loop3): Directory bread(block 38) failed
[   38.190083][ T3742] EXT4-fs (loop0): mount failed
[   38.202781][ T3762] FAT-fs (loop3): Directory bread(block 39) failed
[   38.209636][ T3765] FAULT_INJECTION: forcing a failure.
[   38.209636][ T3765] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   38.214295][ T3762] FAT-fs (loop3): Directory bread(block 40) failed
[   38.223199][ T3765] CPU: 0 UID: 0 PID: 3765 Comm: syz.1.73 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   38.223228][ T3765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   38.223239][ T3765] Call Trace:
[   38.223245][ T3765]  <TASK>
[   38.223253][ T3765]  __dump_stack+0x1d/0x30
[   38.223275][ T3765]  dump_stack_lvl+0xe8/0x140
[   38.223309][ T3765]  dump_stack+0x15/0x1b
[   38.223325][ T3765]  should_fail_ex+0x265/0x280
[   38.223346][ T3765]  should_fail+0xb/0x20
[   38.223364][ T3765]  should_fail_usercopy+0x1a/0x20
[   38.223414][ T3765]  _copy_to_user+0x20/0xa0
[   38.223441][ T3765]  simple_read_from_buffer+0xb5/0x130
[   38.223463][ T3765]  proc_fail_nth_read+0x10e/0x150
[   38.223499][ T3765]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   38.223522][ T3765]  vfs_read+0x1a8/0x770
[   38.223542][ T3765]  ? __rcu_read_unlock+0x4f/0x70
[   38.223636][ T3765]  ? __fget_files+0x184/0x1c0
[   38.223682][ T3765]  ksys_read+0xda/0x1a0
[   38.223704][ T3765]  __x64_sys_read+0x40/0x50
[   38.223745][ T3765]  x64_sys_call+0x27bc/0x2ff0
[   38.223765][ T3765]  do_syscall_64+0xd2/0x200
[   38.223791][ T3765]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   38.223814][ T3765]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   38.223904][ T3765]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.223925][ T3765] RIP: 0033:0x7f69345dd5fc
[   38.223941][ T3765] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   38.224003][ T3765] RSP: 002b:00007f693303f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   38.224023][ T3765] RAX: ffffffffffffffda RBX: 00007f6934805fa0 RCX: 00007f69345dd5fc
[   38.224036][ T3765] RDX: 000000000000000f RSI: 00007f693303f0a0 RDI: 0000000000000006
[   38.224048][ T3765] RBP: 00007f693303f090 R08: 0000000000000000 R09: 0000000000000000
[   38.224060][ T3765] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[   38.224101][ T3765] R13: 00007f6934806038 R14: 00007f6934805fa0 R15: 00007fffb02b7a68
[   38.224126][ T3765]  </TASK>
[   38.439832][ T3762] FAT-fs (loop3): Directory bread(block 41) failed
[   38.472786][ T3770] Zero length message leads to an empty skb
[   38.534833][ T3781] netlink: 60 bytes leftover after parsing attributes in process `syz.1.76'.
[   38.550722][ T3762] process 'syz.3.72' launched './file2' with NULL argv: empty string added
[   38.564830][ T3783] FAULT_INJECTION: forcing a failure.
[   38.564830][ T3783] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   38.578220][ T3783] CPU: 0 UID: 0 PID: 3783 Comm: syz.2.77 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   38.578250][ T3783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   38.578261][ T3783] Call Trace:
[   38.578267][ T3783]  <TASK>
[   38.578276][ T3783]  __dump_stack+0x1d/0x30
[   38.578300][ T3783]  dump_stack_lvl+0xe8/0x140
[   38.578393][ T3783]  dump_stack+0x15/0x1b
[   38.578411][ T3783]  should_fail_ex+0x265/0x280
[   38.578501][ T3783]  should_fail+0xb/0x20
[   38.578520][ T3783]  should_fail_usercopy+0x1a/0x20
[   38.578542][ T3783]  _copy_from_user+0x1c/0xb0
[   38.578636][ T3783]  bpf_test_init+0xdf/0x160
[   38.578658][ T3783]  bpf_prog_test_run_xdp+0x274/0x910
[   38.578679][ T3783]  ? kstrtouint+0x76/0xc0
[   38.578697][ T3783]  ? __rcu_read_unlock+0x4f/0x70
[   38.578805][ T3783]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   38.578825][ T3783]  bpf_prog_test_run+0x22a/0x390
[   38.578857][ T3783]  __sys_bpf+0x4b9/0x7b0
[   38.578887][ T3783]  __x64_sys_bpf+0x41/0x50
[   38.578990][ T3783]  x64_sys_call+0x2aea/0x2ff0
[   38.579011][ T3783]  do_syscall_64+0xd2/0x200
[   38.579125][ T3783]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   38.579150][ T3783]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   38.579176][ T3783]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.579226][ T3783] RIP: 0033:0x7fd7532febe9
[   38.579242][ T3783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   38.579260][ T3783] RSP: 002b:00007fd751d5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   38.579338][ T3783] RAX: ffffffffffffffda RBX: 00007fd753525fa0 RCX: 00007fd7532febe9
[   38.579351][ T3783] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[   38.579365][ T3783] RBP: 00007fd751d5f090 R08: 0000000000000000 R09: 0000000000000000
[   38.579440][ T3783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   38.579452][ T3783] R13: 00007fd753526038 R14: 00007fd753525fa0 R15: 00007ffc6886dd98
[   38.579471][ T3783]  </TASK>
[   38.588654][ T3762] syz.3.72: attempt to access beyond end of device
[   38.588654][ T3762] loop3: rw=0, sector=4112, nr_sectors = 4 limit=128
[   38.795788][ T3762] Buffer I/O error on dev loop3, logical block 1028, async page read
[   38.806850][ T3762] syz.3.72: attempt to access beyond end of device
[   38.806850][ T3762] loop3: rw=0, sector=167964, nr_sectors = 4 limit=128
[   38.820384][ T3762] Buffer I/O error on dev loop3, logical block 41991, async page read
[   38.828620][ T3762] FAT-fs (loop3): Filesystem has been set read-only
[   38.835737][ T3762] syz.3.72: attempt to access beyond end of device
[   38.835737][ T3762] loop3: rw=0, sector=4112, nr_sectors = 4 limit=128
[   38.838652][ T3791] gretap1: entered promiscuous mode
[   38.849332][ T3762] Buffer I/O error on dev loop3, logical block 1028, async page read
[   38.874792][ T3793] binfmt_misc: register: failed to install interpreter file ./bus
[   38.883230][ T3786] loop1: detected capacity change from 0 to 2048
[   38.891708][ T3762] syz.3.72: attempt to access beyond end of device
[   38.891708][ T3762] loop3: rw=0, sector=167964, nr_sectors = 4 limit=128
[   38.905386][ T3762] Buffer I/O error on dev loop3, logical block 41991, async page read
[   38.962965][ T3786] EXT4-fs (loop1): failed to initialize system zone (-117)
[   38.990068][ T3801] netlink: 36 bytes leftover after parsing attributes in process `syz.4.84'.
[   38.993311][ T3786] EXT4-fs (loop1): mount failed
[   38.998923][ T3801] netlink: 16 bytes leftover after parsing attributes in process `syz.4.84'.
[   39.012767][ T3801] netlink: 36 bytes leftover after parsing attributes in process `syz.4.84'.
[   39.031166][ T3801] netlink: 36 bytes leftover after parsing attributes in process `syz.4.84'.
[   39.230833][ T3814] FAULT_INJECTION: forcing a failure.
[   39.230833][ T3814] name failslab, interval 1, probability 0, space 0, times 0
[   39.243579][ T3814] CPU: 1 UID: 0 PID: 3814 Comm: syz.3.85 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   39.243608][ T3814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   39.243620][ T3814] Call Trace:
[   39.243627][ T3814]  <TASK>
[   39.243635][ T3814]  __dump_stack+0x1d/0x30
[   39.243657][ T3814]  dump_stack_lvl+0xe8/0x140
[   39.243678][ T3814]  dump_stack+0x15/0x1b
[   39.243696][ T3814]  should_fail_ex+0x265/0x280
[   39.243716][ T3814]  should_failslab+0x8c/0xb0
[   39.243738][ T3814]  kmem_cache_alloc_noprof+0x50/0x310
[   39.243761][ T3814]  ? vm_area_alloc+0x2c/0xb0
[   39.243787][ T3814]  vm_area_alloc+0x2c/0xb0
[   39.243813][ T3814]  mmap_region+0xaa2/0x1630
[   39.243857][ T3814]  do_mmap+0x9b3/0xbe0
[   39.243891][ T3814]  aio_setup_ring+0x504/0x760
[   39.243921][ T3814]  ioctx_alloc+0x2c4/0x4e0
[   39.243944][ T3814]  ? fput+0x8f/0xc0
[   39.243974][ T3814]  __se_sys_io_setup+0x6b/0x1b0
[   39.243999][ T3814]  __x64_sys_io_setup+0x31/0x40
[   39.244021][ T3814]  x64_sys_call+0x2eff/0x2ff0
[   39.244042][ T3814]  do_syscall_64+0xd2/0x200
[   39.244069][ T3814]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   39.244093][ T3814]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   39.244118][ T3814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   39.244139][ T3814] RIP: 0033:0x7fd7db04ebe9
[   39.244156][ T3814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   39.244173][ T3814] RSP: 002b:00007fd7d9a96038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[   39.244195][ T3814] RAX: ffffffffffffffda RBX: 00007fd7db276090 RCX: 00007fd7db04ebe9
[   39.244209][ T3814] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000003
[   39.244220][ T3814] RBP: 00007fd7d9a96090 R08: 0000000000000000 R09: 0000000000000000
[   39.244233][ T3814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   39.244245][ T3814] R13: 00007fd7db276128 R14: 00007fd7db276090 R15: 00007ffc28eb6a88
[   39.244261][ T3814]  </TASK>
[   39.297771][ T3817] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[   39.297771][ T3817]    program syz.0.89 not setting count and/or reply_len properly
[   39.603385][ T3830] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=3830 comm=syz.0.93
[   39.640310][ T3832] netlink: 'syz.0.94': attribute type 4 has an invalid length.
[   39.840606][ T3838] netlink: 'syz.2.96': attribute type 3 has an invalid length.
[   39.850140][ T3838] loop2: detected capacity change from 0 to 128
[   39.871868][ T3838] FAT-fs (loop2): Directory bread(block 32) failed
[   39.885863][ T3838] FAT-fs (loop2): Directory bread(block 33) failed
[   39.892778][ T3838] FAT-fs (loop2): Directory bread(block 34) failed
[   39.899335][ T3838] FAT-fs (loop2): Directory bread(block 35) failed
[   39.907138][ T3838] FAT-fs (loop2): Directory bread(block 36) failed
[   39.914052][ T3838] FAT-fs (loop2): Directory bread(block 37) failed
[   39.920608][ T3838] FAT-fs (loop2): Directory bread(block 38) failed
[   39.944263][ T3838] FAT-fs (loop2): Directory bread(block 39) failed
[   39.959688][ T3838] FAT-fs (loop2): Directory bread(block 40) failed
[   39.975561][ T3838] FAT-fs (loop2): Directory bread(block 41) failed
[   40.055460][ T3838] syz.2.96: attempt to access beyond end of device
[   40.055460][ T3838] loop2: rw=0, sector=4112, nr_sectors = 4 limit=128
[   40.068611][ T3838] Buffer I/O error on dev loop2, logical block 1028, async page read
[   40.085305][ T3838] syz.2.96: attempt to access beyond end of device
[   40.085305][ T3838] loop2: rw=0, sector=167964, nr_sectors = 4 limit=128
[   40.098651][ T3838] Buffer I/O error on dev loop2, logical block 41991, async page read
[   40.114195][ T3838] FAT-fs (loop2): Filesystem has been set read-only
[   40.122309][ T3838] syz.2.96: attempt to access beyond end of device
[   40.122309][ T3838] loop2: rw=0, sector=4112, nr_sectors = 4 limit=128
[   40.135449][ T3838] Buffer I/O error on dev loop2, logical block 1028, async page read
[   40.144702][ T3838] syz.2.96: attempt to access beyond end of device
[   40.144702][ T3838] loop2: rw=0, sector=167964, nr_sectors = 4 limit=128
[   40.157982][ T3838] Buffer I/O error on dev loop2, logical block 41991, async page read
[   40.200109][ T3852] loop4: detected capacity change from 0 to 512
[   40.215847][ T3852] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.100: corrupted in-inode xattr: invalid ea_ino
[   40.229669][ T3852] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.100: couldn't read orphan inode 15 (err -117)
[   40.242959][ T3852] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.259608][   T29] kauditd_printk_skb: 146 callbacks suppressed
[   40.259623][   T29] audit: type=1400 audit(1756352799.658:465): avc:  denied  { setattr } for  pid=3851 comm="syz.4.100" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   40.319556][   T29] audit: type=1400 audit(1756352799.708:466): avc:  denied  { create } for  pid=3851 comm="syz.4.100" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   40.339198][   T29] audit: type=1400 audit(1756352799.708:467): avc:  denied  { ioctl } for  pid=3851 comm="syz.4.100" path="socket:[5464]" dev="sockfs" ino=5464 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   40.399856][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.433686][ T3861] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   40.463139][ T3861] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   40.524985][   T29] audit: type=1400 audit(1756352799.928:468): avc:  denied  { setopt } for  pid=3869 comm="{/}\" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   40.546116][ T3870] loop1: detected capacity change from 0 to 1024
[   40.548318][ T3871] syz_tun: entered allmulticast mode
[   40.572335][   T29] audit: type=1326 audit(1756352799.968:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3866 comm="syz.0.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe96695ebe9 code=0x7ffc0000
[   40.596099][   T29] audit: type=1326 audit(1756352799.968:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3866 comm="syz.0.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe96695ebe9 code=0x7ffc0000
[   40.596855][ T3871] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(14)
[   40.620432][   T29] audit: type=1326 audit(1756352799.968:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3866 comm="syz.0.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7fe96695ebe9 code=0x7ffc0000
[   40.626999][ T3871] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   40.627215][ T3871] vhci_hcd vhci_hcd.0: Device attached
[   40.666050][   T29] audit: type=1326 audit(1756352799.978:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3866 comm="syz.0.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe96695ebe9 code=0x7ffc0000
[   40.689486][   T29] audit: type=1326 audit(1756352799.978:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3866 comm="syz.0.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=94 compat=0 ip=0x7fe96695ebe9 code=0x7ffc0000
[   40.712878][   T29] audit: type=1326 audit(1756352799.978:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3866 comm="syz.0.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe96695ebe9 code=0x7ffc0000
[   40.713877][ T3870] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.778498][ T3873] vhci_hcd: connection closed
[   40.779032][ T3693] vhci_hcd: stop threads
[   40.788271][ T3693] vhci_hcd: release socket
[   40.792727][ T3693] vhci_hcd: disconnect device
[   40.797704][ T3869] syz_tun: left allmulticast mode
[   40.840933][ T3575] vhci_hcd: vhci_device speed not set
[   40.859370][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.938599][ T3898] FAULT_INJECTION: forcing a failure.
[   40.938599][ T3898] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   40.952500][ T3898] CPU: 0 UID: 0 PID: 3898 Comm: syz.0.116 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   40.952528][ T3898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   40.952576][ T3898] Call Trace:
[   40.952583][ T3898]  <TASK>
[   40.952591][ T3898]  __dump_stack+0x1d/0x30
[   40.952615][ T3898]  dump_stack_lvl+0xe8/0x140
[   40.952636][ T3898]  dump_stack+0x15/0x1b
[   40.952653][ T3898]  should_fail_ex+0x265/0x280
[   40.952676][ T3898]  should_fail+0xb/0x20
[   40.952705][ T3898]  should_fail_usercopy+0x1a/0x20
[   40.952728][ T3898]  _copy_from_iter+0xd2/0xe80
[   40.952799][ T3898]  ? rep_movs_alternative+0x4a/0x90
[   40.952817][ T3898]  ? _copy_from_iter+0x170/0xe80
[   40.952845][ T3898]  copy_page_from_iter+0x178/0x2a0
[   40.952950][ T3898]  skb_copy_datagram_from_iter+0x232/0x490
[   40.953067][ T3898]  tun_get_user+0xafa/0x2680
[   40.953105][ T3898]  ? ref_tracker_alloc+0x1f2/0x2f0
[   40.953126][ T3898]  ? selinux_file_permission+0x1e4/0x320
[   40.953145][ T3898]  tun_chr_write_iter+0x15e/0x210
[   40.953253][ T3898]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   40.953280][ T3898]  vfs_write+0x52a/0x960
[   40.953432][ T3898]  ksys_write+0xda/0x1a0
[   40.953455][ T3898]  __x64_sys_write+0x40/0x50
[   40.953610][ T3898]  x64_sys_call+0x27fe/0x2ff0
[   40.953633][ T3898]  do_syscall_64+0xd2/0x200
[   40.953704][ T3898]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   40.953758][ T3898]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   40.953773][ T3898]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   40.953855][ T3898] RIP: 0033:0x7fe96695d69f
[   40.953867][ T3898] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   40.953913][ T3898] RSP: 002b:00007fe9653c7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   40.953927][ T3898] RAX: ffffffffffffffda RBX: 00007fe966b85fa0 RCX: 00007fe96695d69f
[   40.953935][ T3898] RDX: 000000000000fdef RSI: 0000200000000540 RDI: 00000000000000c8
[   40.953943][ T3898] RBP: 00007fe9653c7090 R08: 0000000000000000 R09: 0000000000000000
[   40.953951][ T3898] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000002
[   40.953959][ T3898] R13: 00007fe966b86038 R14: 00007fe966b85fa0 R15: 00007fff40f04ec8
[   40.953979][ T3898]  </TASK>
[   41.194927][ T3899] loop3: detected capacity change from 0 to 512
[   41.203275][ T3899] EXT4-fs: Ignoring removed oldalloc option
[   41.209292][ T3899] EXT4-fs: inline encryption not supported
[   41.215351][ T3899] EXT4-fs: Ignoring removed mblk_io_submit option
[   41.242808][ T3899] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   41.292233][ T3909] syz.0.120 uses obsolete (PF_INET,SOCK_PACKET)
[   41.305675][ T3899] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.115: bg 0: block 64: padding at end of block bitmap is not set
[   41.320806][ T3899] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.115: Failed to acquire dquot type 0
[   41.332989][ T3899] EXT4-fs (loop3): 1 truncate cleaned up
[   41.339093][ T3899] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.365501][ T3899] syz.3.115 (3899) used greatest stack depth: 9264 bytes left
[   41.375271][ T3309] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz-executor: Failed to acquire dquot type 0
[   41.551203][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.568542][ T3693] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.580251][ T3918] syzkaller1: entered promiscuous mode
[   41.585861][ T3918] syzkaller1: entered allmulticast mode
[   41.624051][ T3693] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.689797][ T3929] vlan0: entered promiscuous mode
[   41.717497][ T3693] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.799236][ T3941] vhci_hcd: invalid port number 96
[   41.804479][ T3941] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[   41.813658][ T3693] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.858199][ T3949] __nla_validate_parse: 9 callbacks suppressed
[   41.858216][ T3949] netlink: 8 bytes leftover after parsing attributes in process `syz.1.133'.
[   41.873431][ T3949] netlink: 4 bytes leftover after parsing attributes in process `syz.1.133'.
[   41.891581][ T3693] bridge_slave_1: left allmulticast mode
[   41.897278][ T3693] bridge_slave_1: left promiscuous mode
[   41.903010][ T3693] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.926777][ T3693] bridge_slave_0: left allmulticast mode
[   41.932520][ T3693] bridge_slave_0: left promiscuous mode
[   41.938231][ T3693] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.953956][ T3949] netlink: 4 bytes leftover after parsing attributes in process `syz.1.133'.
[   42.094048][ T3693] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   42.105250][ T3693] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   42.115651][ T3693] bond0 (unregistering): Released all slaves
[   42.319688][ T3965] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   42.328264][ T3965] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   42.416185][ T3693] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   42.423902][ T3693] batman_adv: batadv0: Removing interface: batadv_slave_0
[   42.481147][ T3693] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   42.488678][ T3693] batman_adv: batadv0: Removing interface: batadv_slave_1
[   42.553817][ T3693] veth1_macvtap: left promiscuous mode
[   42.579474][ T3693] veth0_macvtap: left promiscuous mode
[   42.598824][ T3974] loop2: detected capacity change from 0 to 1024
[   42.608714][ T3693] veth1_vlan: left promiscuous mode
[   42.625615][ T3693] veth0_vlan: left promiscuous mode
[   42.634656][ T3974] loop2: detected capacity change from 0 to 512
[   42.721103][ T3693] team0 (unregistering): Port device team_slave_1 removed
[   42.732080][ T3693] team0 (unregistering): Port device team_slave_0 removed
[   42.769359][ T3927] chnl_net:caif_netlink_parms(): no params data found
[   42.829099][ T3927] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.836343][ T3927] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.843638][ T3927] bridge_slave_0: entered allmulticast mode
[   42.850538][ T3927] bridge_slave_0: entered promiscuous mode
[   42.857655][ T3927] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.864793][ T3927] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.873555][ T3927] bridge_slave_1: entered allmulticast mode
[   42.880180][ T3927] bridge_slave_1: entered promiscuous mode
[   42.909688][ T3977] netlink: 'syz.2.140': attribute type 21 has an invalid length.
[   42.919015][ T3977] netlink: 156 bytes leftover after parsing attributes in process `syz.2.140'.
[   42.919035][ T3977] netlink: 4 bytes leftover after parsing attributes in process `syz.2.140'.
[   42.920578][ T3927] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   42.948031][ T3927] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   42.986757][ T3927] team0: Port device team_slave_0 added
[   42.993844][ T3927] team0: Port device team_slave_1 added
[   43.029813][ T3927] batman_adv: batadv0: Adding interface: batadv_slave_0
[   43.036945][ T3927] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   43.063136][ T3927] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   43.114641][ T3927] batman_adv: batadv0: Adding interface: batadv_slave_1
[   43.121926][ T3927] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   43.148410][ T3927] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   43.232506][ T3927] hsr_slave_0: entered promiscuous mode
[   43.238627][ T3927] hsr_slave_1: entered promiscuous mode
[   43.255962][ T3927] debugfs: 'hsr0' already exists in 'hsr'
[   43.261779][ T3927] Cannot create hsr debugfs directory
[   43.272777][ T3693] ------------[ cut here ]------------
[   43.278326][ T3693] WARNING: CPU: 1 PID: 3693 at net/xfrm/xfrm_state.c:3303 xfrm_state_fini+0x179/0x1f0
[   43.288188][ T3693] Modules linked in:
[   43.292171][ T3693] CPU: 1 UID: 0 PID: 3693 Comm: kworker/u8:39 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   43.303660][ T3693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   43.314247][ T3693] Workqueue: netns cleanup_net
[   43.319069][ T3693] RIP: 0010:xfrm_state_fini+0x179/0x1f0
[   43.324686][ T3693] Code: 48 8d bb 30 0e 00 00 e8 25 e2 bc fc 48 8b bb 30 0e 00 00 e8 19 62 c9 fc 5b 41 5e 41 5f 5d c3 cc cc cc cc cc e8 98 24 a2 fc 90 <0f> 0b 90 e9 d9 fe ff ff e8 8a 24 a2 fc 90 0f 0b 90 4c 89 f7 e8 ee
[   43.344371][ T3693] RSP: 0018:ffffc90002207c60 EFLAGS: 00010293
[   43.350550][ T3693] RAX: ffffffff84b5d538 RBX: ffff88810a618000 RCX: ffff88811c0a0000
[   43.358597][ T3693] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88810a618e00
[   43.366692][ T3693] RBP: ffffffff86c8b840 R08: 0001ffff86847f7f R09: 0000000000000000
[   43.366792][ T4009] loop1: detected capacity change from 0 to 256
[   43.374719][ T3693] R10: ffffc90002207be8 R11: 0001c90002207be8 R12: ffffffff86c8b860
[   43.374740][ T3693] R13: ffff88810a618028 R14: ffff88810a618e00 R15: ffff88810a618000
[   43.374754][ T3693] FS:  0000000000000000(0000) GS:ffff8882aef43000(0000) knlGS:0000000000000000
[   43.406193][ T3693] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   43.412933][ T3693] CR2: 00007f693469f5c1 CR3: 000000011a136000 CR4: 00000000003506f0
[   43.421043][ T3693] Call Trace:
[   43.424350][ T3693]  <TASK>
[   43.427300][ T3693]  xfrm_net_exit+0x2d/0x60
[   43.431787][ T3693]  ops_undo_list+0x27b/0x410
[   43.436418][ T3693]  cleanup_net+0x2de/0x4d0
[   43.440895][ T3693]  process_scheduled_works+0x4ce/0x9d0
[   43.446484][ T3693]  worker_thread+0x582/0x770
[   43.451125][ T3693]  kthread+0x486/0x510
[   43.455281][ T3693]  ? finish_task_switch+0xad/0x2b0
[   43.460552][ T3693]  ? __pfx_worker_thread+0x10/0x10
[   43.465785][ T3693]  ? __pfx_kthread+0x10/0x10
[   43.470398][ T3693]  ret_from_fork+0xda/0x150
[   43.475155][ T3693]  ? __pfx_kthread+0x10/0x10
[   43.479822][ T3693]  ret_from_fork_asm+0x1a/0x30
[   43.484881][ T3693]  </TASK>
[   43.488093][ T3693] ---[ end trace 0000000000000000 ]---
[   43.656965][ T4018] tipc: Started in network mode
[   43.661947][ T4018] tipc: Node identity 8e2a59423523, cluster identity 4711
[   43.669367][ T4018] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   43.694464][ T4020] loop1: detected capacity change from 0 to 1764
[   43.736326][ T3927] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   43.762502][ T4014] tipc: Disabling bearer <eth:syzkaller0>
[   43.781071][ T3927] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   43.790646][ T3927] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   43.801409][ T3927] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   43.829029][ T4028] FAULT_INJECTION: forcing a failure.
[   43.829029][ T4028] name failslab, interval 1, probability 0, space 0, times 0
[   43.841824][ T4028] CPU: 0 UID: 0 PID: 4028 Comm: syz.1.152 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   43.841864][ T4028] Tainted: [W]=WARN
[   43.841871][ T4028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   43.841884][ T4028] Call Trace:
[   43.841891][ T4028]  <TASK>
[   43.841899][ T4028]  __dump_stack+0x1d/0x30
[   43.841993][ T4028]  dump_stack_lvl+0xe8/0x140
[   43.842011][ T4028]  dump_stack+0x15/0x1b
[   43.842026][ T4028]  should_fail_ex+0x265/0x280
[   43.842044][ T4028]  should_failslab+0x8c/0xb0
[   43.842123][ T4028]  kmem_cache_alloc_lru_noprof+0x55/0x310
[   43.842149][ T4028]  ? __d_alloc+0x3d/0x340
[   43.842217][ T4028]  ? __memcg_slab_post_alloc_hook+0x44c/0x580
[   43.842301][ T4028]  __d_alloc+0x3d/0x340
[   43.842331][ T4028]  d_alloc_pseudo+0x1e/0x80
[   43.842364][ T4028]  alloc_file_pseudo+0x71/0x160
[   43.842439][ T4028]  ? pidfs_register_pid+0x53/0x180
[   43.842465][ T4028]  sock_alloc_file+0x9c/0x1e0
[   43.842514][ T4028]  __sys_socketpair+0x23d/0x430
[   43.842601][ T4028]  __x64_sys_socketpair+0x52/0x60
[   43.842633][ T4028]  x64_sys_call+0x2bf2/0x2ff0
[   43.842658][ T4028]  do_syscall_64+0xd2/0x200
[   43.842688][ T4028]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   43.842824][ T4028]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   43.842935][ T4028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   43.842960][ T4028] RIP: 0033:0x7f69345e0b3a
[   43.842984][ T4028] Code: 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 35 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   43.843003][ T4028] RSP: 002b:00007f693303ef78 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[   43.843032][ T4028] RAX: ffffffffffffffda RBX: 00007f6934805f00 RCX: 00007f69345e0b3a
[   43.843047][ T4028] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[   43.843061][ T4028] RBP: 00007f693303f090 R08: 0000000000000000 R09: 0000000000000000
[   43.843075][ T4028] R10: 00007f693303ef98 R11: 0000000000000246 R12: 0000000000000004
[   43.843088][ T4028] R13: 00007f6934806038 R14: 00007f6934805fa0 R15: 00007fffb02b7a68
[   43.843109][ T4028]  </TASK>
[   44.078539][ T4022] netlink: 12 bytes leftover after parsing attributes in process `syz.0.150'.
[   44.119074][ T3927] 8021q: adding VLAN 0 to HW filter on device bond0
[   44.132812][ T3927] 8021q: adding VLAN 0 to HW filter on device team0
[   44.143027][ T3710] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.150117][ T3710] bridge0: port 1(bridge_slave_0) entered forwarding state
[   44.170429][ T3927] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   44.180964][ T3927] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   44.202717][ T3710] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.210017][ T3710] bridge0: port 2(bridge_slave_1) entered forwarding state
[   44.230822][ T4045] loop0: detected capacity change from 0 to 512
[   44.245450][ T4045] EXT4-fs error (device loop0): ext4_xattr_inode_iget:442: comm syz.0.155: error while reading EA inode 32 err=-116
[   44.258164][ T4045] EXT4-fs (loop0): Remounting filesystem read-only
[   44.264778][ T4045] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   44.277971][ T4045] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   44.280606][ T3927] 8021q: adding VLAN 0 to HW filter on device batadv0
[   44.295338][ T4045] EXT4-fs (loop0): 1 orphan inode deleted
[   44.302453][ T4045] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.315639][ T4045] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.406056][ T3927] veth0_vlan: entered promiscuous mode
[   44.414030][ T3927] veth1_vlan: entered promiscuous mode
[   44.430079][ T3927] veth0_macvtap: entered promiscuous mode
[   44.437624][ T3927] veth1_macvtap: entered promiscuous mode
[   44.447946][ T3927] batman_adv: batadv0: Interface activated: batadv_slave_0
[   44.459312][ T3927] batman_adv: batadv0: Interface activated: batadv_slave_1
[   44.469913][   T12] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   44.480635][   T12] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   44.493135][   T12] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   44.507444][   T12] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   44.645194][ T4081] FAULT_INJECTION: forcing a failure.
[   44.645194][ T4081] name failslab, interval 1, probability 0, space 0, times 0
[   44.658187][ T4081] CPU: 0 UID: 0 PID: 4081 Comm: syz.0.161 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   44.658223][ T4081] Tainted: [W]=WARN
[   44.658230][ T4081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   44.658242][ T4081] Call Trace:
[   44.658248][ T4081]  <TASK>
[   44.658255][ T4081]  __dump_stack+0x1d/0x30
[   44.658279][ T4081]  dump_stack_lvl+0xe8/0x140
[   44.658365][ T4081]  dump_stack+0x15/0x1b
[   44.658382][ T4081]  should_fail_ex+0x265/0x280
[   44.658414][ T4081]  ? nft_netdev_hook_alloc+0x3b/0x340
[   44.658444][ T4081]  should_failslab+0x8c/0xb0
[   44.658468][ T4081]  __kmalloc_cache_noprof+0x4c/0x320
[   44.658557][ T4081]  ? __nla_validate_parse+0x1652/0x1d00
[   44.658584][ T4081]  nft_netdev_hook_alloc+0x3b/0x340
[   44.658613][ T4081]  nf_tables_parse_netdev_hooks+0xcf/0x570
[   44.658643][ T4081]  nft_flowtable_parse_hook+0x2c6/0x450
[   44.658701][ T4081]  nf_tables_newflowtable+0xced/0x1380
[   44.658744][ T4081]  nfnetlink_rcv+0xb96/0x1690
[   44.658880][ T4081]  netlink_unicast+0x5bd/0x690
[   44.658918][ T4081]  netlink_sendmsg+0x58b/0x6b0
[   44.658944][ T4081]  ? __pfx_netlink_sendmsg+0x10/0x10
[   44.659018][ T4081]  __sock_sendmsg+0x145/0x180
[   44.659055][ T4081]  ____sys_sendmsg+0x31e/0x4e0
[   44.659078][ T4081]  ___sys_sendmsg+0x17b/0x1d0
[   44.659110][ T4081]  __x64_sys_sendmsg+0xd4/0x160
[   44.659137][ T4081]  x64_sys_call+0x191e/0x2ff0
[   44.659218][ T4081]  do_syscall_64+0xd2/0x200
[   44.659276][ T4081]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   44.659306][ T4081]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   44.659334][ T4081]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.659356][ T4081] RIP: 0033:0x7fe96695ebe9
[   44.659371][ T4081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   44.659386][ T4081] RSP: 002b:00007fe9653c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   44.659407][ T4081] RAX: ffffffffffffffda RBX: 00007fe966b85fa0 RCX: 00007fe96695ebe9
[   44.659431][ T4081] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[   44.659445][ T4081] RBP: 00007fe9653c7090 R08: 0000000000000000 R09: 0000000000000000
[   44.659458][ T4081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   44.659471][ T4081] R13: 00007fe966b86038 R14: 00007fe966b85fa0 R15: 00007fff40f04ec8
[   44.659522][ T4081]  </TASK>
[   44.958424][ T4088] atomic_op ffff888104403d28 conn xmit_atomic 0000000000000000
[   45.000639][ T4091] netlink: 16 bytes leftover after parsing attributes in process `syz.4.165'.
[   45.083108][ T4097] netlink: 'syz.5.169': attribute type 29 has an invalid length.
[   45.117256][ T4097] netlink: 'syz.5.169': attribute type 29 has an invalid length.
[   45.163546][ T4103] netlink: 24 bytes leftover after parsing attributes in process `syz.2.171'.
[   45.168243][ T4104] netlink: 'syz.5.169': attribute type 29 has an invalid length.
[   45.205425][ T4089] netlink: 12 bytes leftover after parsing attributes in process `syz.0.164'.
[   45.245004][ T4111] loop4: detected capacity change from 0 to 512
[   45.275492][ T4111] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   45.289315][ T4097] netlink: 64 bytes leftover after parsing attributes in process `syz.5.169'.
[   45.298508][ T4097] tipc: Invalid UDP bearer configuration
[   45.298523][ T4097] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   45.330736][ T4097] netlink: 'syz.5.169': attribute type 29 has an invalid length.
[   45.330779][   T29] kauditd_printk_skb: 506 callbacks suppressed
[   45.330793][   T29] audit: type=1326 audit(1756352804.728:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4115 comm="syz.1.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69345debe9 code=0x7ffc0000
[   45.345310][ T4111] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c11c, mo2=0102]
[   45.368672][   T29] audit: type=1326 audit(1756352804.728:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4115 comm="syz.1.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69345debe9 code=0x7ffc0000
[   45.399908][   T29] audit: type=1326 audit(1756352804.728:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4115 comm="syz.1.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69345debe9 code=0x7ffc0000
[   45.423247][   T29] audit: type=1326 audit(1756352804.728:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4115 comm="syz.1.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69345debe9 code=0x7ffc0000
[   45.447587][   T29] audit: type=1326 audit(1756352804.728:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4115 comm="syz.1.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69345debe9 code=0x7ffc0000
[   45.470827][   T29] audit: type=1326 audit(1756352804.728:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4115 comm="syz.1.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69345debe9 code=0x7ffc0000
[   45.494368][   T29] audit: type=1326 audit(1756352804.728:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4115 comm="syz.1.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7f69345debe9 code=0x7ffc0000
[   45.498057][ T4116] loop1: detected capacity change from 0 to 2048
[   45.517626][   T29] audit: type=1326 audit(1756352804.728:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4115 comm="syz.1.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69345debe9 code=0x7ffc0000
[   45.547348][   T29] audit: type=1326 audit(1756352804.728:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4115 comm="syz.1.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f69345debe9 code=0x7ffc0000
[   45.570813][   T29] audit: type=1326 audit(1756352804.728:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4115 comm="syz.1.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69345debe9 code=0x7ffc0000
[   45.594972][ T4111] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.173: corrupted in-inode xattr: e_value size too large
[   45.611413][ T4118] FAULT_INJECTION: forcing a failure.
[   45.611413][ T4118] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   45.614513][ T4111] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.173: couldn't read orphan inode 15 (err -117)
[   45.624744][ T4118] CPU: 1 UID: 0 PID: 4118 Comm: syz.0.176 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   45.624777][ T4118] Tainted: [W]=WARN
[   45.624783][ T4118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   45.624794][ T4118] Call Trace:
[   45.624861][ T4118]  <TASK>
[   45.624869][ T4118]  __dump_stack+0x1d/0x30
[   45.624890][ T4118]  dump_stack_lvl+0xe8/0x140
[   45.624909][ T4118]  dump_stack+0x15/0x1b
[   45.624945][ T4118]  should_fail_ex+0x265/0x280
[   45.624965][ T4118]  should_fail+0xb/0x20
[   45.624983][ T4118]  should_fail_usercopy+0x1a/0x20
[   45.625045][ T4118]  _copy_from_iter+0xd2/0xe80
[   45.625069][ T4118]  ? __build_skb_around+0x1a0/0x200
[   45.625131][ T4118]  ? __alloc_skb+0x223/0x320
[   45.625248][ T4118]  netlink_sendmsg+0x471/0x6b0
[   45.625305][ T4118]  ? __pfx_netlink_sendmsg+0x10/0x10
[   45.625351][ T4118]  __sock_sendmsg+0x145/0x180
[   45.625377][ T4118]  ____sys_sendmsg+0x31e/0x4e0
[   45.625401][ T4118]  ___sys_sendmsg+0x17b/0x1d0
[   45.625446][ T4118]  __x64_sys_sendmsg+0xd4/0x160
[   45.625471][ T4118]  x64_sys_call+0x191e/0x2ff0
[   45.625495][ T4118]  do_syscall_64+0xd2/0x200
[   45.625520][ T4118]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   45.625543][ T4118]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   45.625567][ T4118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.625662][ T4118] RIP: 0033:0x7fe96695ebe9
[   45.625678][ T4118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.625694][ T4118] RSP: 002b:00007fe9653c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   45.625714][ T4118] RAX: ffffffffffffffda RBX: 00007fe966b85fa0 RCX: 00007fe96695ebe9
[   45.625727][ T4118] RDX: 0000000000000000 RSI: 00002000000037c0 RDI: 0000000000000003
[   45.625740][ T4118] RBP: 00007fe9653c7090 R08: 0000000000000000 R09: 0000000000000000
[   45.625752][ T4118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   45.625835][ T4118] R13: 00007fe966b86038 R14: 00007fe966b85fa0 R15: 00007fff40f04ec8
[   45.625853][ T4118]  </TASK>
[   45.690623][ T4116] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.705052][ T4111] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.724473][ T4124] loop0: detected capacity change from 0 to 1024
[   45.958367][ T4130] mmap: syz.5.179 (4130) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   46.004065][ T4132] vhci_hcd: invalid port number 96
[   46.009391][ T4132] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[   46.030682][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.065251][ T4139] veth0: entered promiscuous mode
[   46.073343][ T4139] netlink: 'syz.1.182': attribute type 3 has an invalid length.
[   46.101785][ T4138] veth0: left promiscuous mode
[   46.207604][ T4140] openvswitch: netlink: Message has 6 unknown bytes.
[   46.455600][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.595667][ T4152] loop4: detected capacity change from 0 to 2048
[   46.629086][ T4152] EXT4-fs (loop4): failed to initialize system zone (-117)
[   46.629120][ T4152] EXT4-fs (loop4): mount failed
[   46.683047][ T4156] netlink: 'syz.1.187': attribute type 13 has an invalid length.
[   46.764068][ T4157] loop1: detected capacity change from 0 to 2048
[   46.767154][ T4156] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.777938][ T4156] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.812033][ T3523]  loop1: p1 < > p4
[   46.816458][ T3523] loop1: p4 size 8388608 extends beyond EOD, truncated
[   46.826783][ T4157]  loop1: p1 < > p4
[   46.827366][ T4157] loop1: p4 size 8388608 extends beyond EOD, truncated
[   46.875016][ T4156] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   46.892366][   T36] IPVS: starting estimator thread 0...
[   46.912605][ T4156] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   46.929146][ T4159] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[   46.984026][ T4161] IPVS: using max 2928 ests per chain, 146400 per kthread
[   46.986304][ T3693] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   47.034985][ T4165] __nla_validate_parse: 1 callbacks suppressed
[   47.035003][ T4165] netlink: 9236 bytes leftover after parsing attributes in process `syz.0.190'.
[   47.129147][ T4159] FAULT_INJECTION: forcing a failure.
[   47.129147][ T4159] name failslab, interval 1, probability 0, space 0, times 0
[   47.129182][ T4159] CPU: 0 UID: 0 PID: 4159 Comm: syz.5.188 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   47.129213][ T4159] Tainted: [W]=WARN
[   47.129220][ T4159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   47.129233][ T4159] Call Trace:
[   47.129241][ T4159]  <TASK>
[   47.129249][ T4159]  __dump_stack+0x1d/0x30
[   47.129273][ T4159]  dump_stack_lvl+0xe8/0x140
[   47.129294][ T4159]  dump_stack+0x15/0x1b
[   47.129311][ T4159]  should_fail_ex+0x265/0x280
[   47.129335][ T4159]  should_failslab+0x8c/0xb0
[   47.129361][ T4159]  kmem_cache_alloc_noprof+0x50/0x310
[   47.129386][ T4159]  ? vm_area_alloc+0x2c/0xb0
[   47.129419][ T4159]  vm_area_alloc+0x2c/0xb0
[   47.129449][ T4159]  mmap_region+0xaa2/0x1630
[   47.129476][ T4159]  ? __pmu_ctx_sched_in+0x8a/0xb0
[   47.129513][ T4159]  do_mmap+0x9b3/0xbe0
[   47.129547][ T4159]  do_shmat+0x59a/0x790
[   47.129582][ T4159]  __x64_sys_shmat+0x61/0xb0
[   47.129615][ T4159]  x64_sys_call+0x2f0a/0x2ff0
[   47.129638][ T4159]  do_syscall_64+0xd2/0x200
[   47.129668][ T4159]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   47.129693][ T4159]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   47.129721][ T4159]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.129744][ T4159] RIP: 0033:0x7f3438c5ebe9
[   47.129762][ T4159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.129779][ T4159] RSP: 002b:00007f34376bf038 EFLAGS: 00000246 ORIG_RAX: 000000000000001e
[   47.129801][ T4159] RAX: ffffffffffffffda RBX: 00007f3438e85fa0 RCX: 00007f3438c5ebe9
[   47.129815][ T4159] RDX: 0000000000005000 RSI: 0000200000ffd000 RDI: 0000000000000000
[   47.129828][ T4159] RBP: 00007f34376bf090 R08: 0000000000000000 R09: 0000000000000000
[   47.129841][ T4159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   47.129855][ T4159] R13: 00007f3438e86038 R14: 00007f3438e85fa0 R15: 00007ffd0cbd3698
[   47.129874][ T4159]  </TASK>
[   47.321404][ T3693] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   47.321658][ T3693] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   47.321761][ T3693] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   47.920457][ T4175] FAULT_INJECTION: forcing a failure.
[   47.920457][ T4175] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   47.947453][ T4175] CPU: 1 UID: 0 PID: 4175 Comm: syz.0.193 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   47.947490][ T4175] Tainted: [W]=WARN
[   47.947497][ T4175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   47.947509][ T4175] Call Trace:
[   47.947516][ T4175]  <TASK>
[   47.947600][ T4175]  __dump_stack+0x1d/0x30
[   47.947625][ T4175]  dump_stack_lvl+0xe8/0x140
[   47.947646][ T4175]  dump_stack+0x15/0x1b
[   47.947663][ T4175]  should_fail_ex+0x265/0x280
[   47.947687][ T4175]  should_fail+0xb/0x20
[   47.947708][ T4175]  should_fail_usercopy+0x1a/0x20
[   47.947786][ T4175]  _copy_from_user+0x1c/0xb0
[   47.947813][ T4175]  bpf_test_init+0xdf/0x160
[   47.947834][ T4175]  bpf_prog_test_run_xdp+0x274/0x910
[   47.947857][ T4175]  ? kstrtouint+0x76/0xc0
[   47.947964][ T4175]  ? __rcu_read_unlock+0x4f/0x70
[   47.947991][ T4175]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   47.948013][ T4175]  bpf_prog_test_run+0x22a/0x390
[   47.948043][ T4175]  __sys_bpf+0x4b9/0x7b0
[   47.948094][ T4175]  __x64_sys_bpf+0x41/0x50
[   47.948119][ T4175]  x64_sys_call+0x2aea/0x2ff0
[   47.948215][ T4175]  do_syscall_64+0xd2/0x200
[   47.948244][ T4175]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   47.948268][ T4175]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   47.948412][ T4175]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.948435][ T4175] RIP: 0033:0x7fe96695ebe9
[   47.948453][ T4175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.948470][ T4175] RSP: 002b:00007fe9653c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   47.948567][ T4175] RAX: ffffffffffffffda RBX: 00007fe966b85fa0 RCX: 00007fe96695ebe9
[   47.948580][ T4175] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[   47.948596][ T4175] RBP: 00007fe9653c7090 R08: 0000000000000000 R09: 0000000000000000
[   47.948608][ T4175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   47.948634][ T4175] R13: 00007fe966b86038 R14: 00007fe966b85fa0 R15: 00007fff40f04ec8
[   47.948652][ T4175]  </TASK>
[   48.401906][ T4189] FAULT_INJECTION: forcing a failure.
[   48.401906][ T4189] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   48.415585][ T4189] CPU: 1 UID: 0 PID: 4189 Comm: syz.1.198 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   48.415676][ T4189] Tainted: [W]=WARN
[   48.415683][ T4189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   48.415696][ T4189] Call Trace:
[   48.415702][ T4189]  <TASK>
[   48.415710][ T4189]  __dump_stack+0x1d/0x30
[   48.415736][ T4189]  dump_stack_lvl+0xe8/0x140
[   48.415757][ T4189]  dump_stack+0x15/0x1b
[   48.415781][ T4189]  should_fail_ex+0x265/0x280
[   48.415804][ T4189]  should_fail+0xb/0x20
[   48.415824][ T4189]  should_fail_usercopy+0x1a/0x20
[   48.415847][ T4189]  _copy_from_iter+0xd2/0xe80
[   48.415875][ T4189]  ? rep_movs_alternative+0x4a/0x90
[   48.415896][ T4189]  ? _copy_from_iter+0x170/0xe80
[   48.415944][ T4189]  copy_page_from_iter+0x178/0x2a0
[   48.415970][ T4189]  skb_copy_datagram_from_iter+0x232/0x490
[   48.416001][ T4189]  tun_get_user+0xafa/0x2680
[   48.416120][ T4189]  ? ref_tracker_alloc+0x1f2/0x2f0
[   48.416146][ T4189]  ? selinux_file_permission+0x1e4/0x320
[   48.416308][ T4189]  tun_chr_write_iter+0x15e/0x210
[   48.416400][ T4189]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   48.416431][ T4189]  vfs_write+0x52a/0x960
[   48.416461][ T4189]  ksys_write+0xda/0x1a0
[   48.416524][ T4189]  __x64_sys_write+0x40/0x50
[   48.416548][ T4189]  x64_sys_call+0x27fe/0x2ff0
[   48.416571][ T4189]  do_syscall_64+0xd2/0x200
[   48.416637][ T4189]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   48.416663][ T4189]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   48.416690][ T4189]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.416717][ T4189] RIP: 0033:0x7f69345debe9
[   48.416734][ T4189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.416753][ T4189] RSP: 002b:00007f693303f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   48.416775][ T4189] RAX: ffffffffffffffda RBX: 00007f6934805fa0 RCX: 00007f69345debe9
[   48.416790][ T4189] RDX: 000000000000fdef RSI: 0000200000000300 RDI: 00000000000000c8
[   48.416803][ T4189] RBP: 00007f693303f090 R08: 0000000000000000 R09: 0000000000000000
[   48.416818][ T4189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.416831][ T4189] R13: 00007f6934806038 R14: 00007f6934805fa0 R15: 00007fffb02b7a68
[   48.416882][ T4189]  </TASK>
[   48.843997][ T4200] loop0: detected capacity change from 0 to 764
[   48.862433][ T4200] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   48.875282][ T4200] FAULT_INJECTION: forcing a failure.
[   48.875282][ T4200] name failslab, interval 1, probability 0, space 0, times 0
[   48.887992][ T4200] CPU: 1 UID: 0 PID: 4200 Comm: syz.0.200 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   48.888086][ T4200] Tainted: [W]=WARN
[   48.888093][ T4200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   48.888106][ T4200] Call Trace:
[   48.888113][ T4200]  <TASK>
[   48.888121][ T4200]  __dump_stack+0x1d/0x30
[   48.888216][ T4200]  dump_stack_lvl+0xe8/0x140
[   48.888234][ T4200]  dump_stack+0x15/0x1b
[   48.888249][ T4200]  should_fail_ex+0x265/0x280
[   48.888306][ T4200]  ? __pfx_isofs_iget5_test+0x10/0x10
[   48.888347][ T4200]  should_failslab+0x8c/0xb0
[   48.888371][ T4200]  kmem_cache_alloc_lru_noprof+0x55/0x310
[   48.888394][ T4200]  ? isofs_alloc_inode+0x34/0x50
[   48.888455][ T4200]  ? rcu_segcblist_enqueue+0x92/0xb0
[   48.888484][ T4200]  ? __pfx_isofs_iget5_test+0x10/0x10
[   48.888517][ T4200]  ? __pfx_isofs_alloc_inode+0x10/0x10
[   48.888565][ T4200]  isofs_alloc_inode+0x34/0x50
[   48.888591][ T4200]  alloc_inode+0x40/0x170
[   48.888613][ T4200]  ? __pfx_isofs_iget5_set+0x10/0x10
[   48.888656][ T4200]  iget5_locked+0x4a/0xa0
[   48.888678][ T4200]  __isofs_iget+0xdc/0x1100
[   48.888726][ T4200]  ? __pfx_isofs_free_inode+0x10/0x10
[   48.888759][ T4200]  ? evict+0x4e8/0x550
[   48.888802][ T4200]  ? iput+0x447/0x5b0
[   48.888825][ T4200]  isofs_get_blocks+0x185/0x490
[   48.888857][ T4200]  isofs_bread+0x5b/0x100
[   48.888962][ T4200]  isofs_lookup+0x1a8/0x930
[   48.889016][ T4200]  lookup_one_qstr_excl+0xc8/0x250
[   48.889056][ T4200]  filename_create+0x149/0x230
[   48.889075][ T4200]  do_mknodat+0xe7/0x610
[   48.889100][ T4200]  __x64_sys_mknodat+0x5e/0x70
[   48.889172][ T4200]  x64_sys_call+0x2ec8/0x2ff0
[   48.889194][ T4200]  do_syscall_64+0xd2/0x200
[   48.889222][ T4200]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   48.889246][ T4200]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   48.889354][ T4200]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.889379][ T4200] RIP: 0033:0x7fe96695ebe9
[   48.889457][ T4200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.889472][ T4200] RSP: 002b:00007fe9653c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000103
[   48.889490][ T4200] RAX: ffffffffffffffda RBX: 00007fe966b85fa0 RCX: 00007fe96695ebe9
[   48.889502][ T4200] RDX: 0000000000000100 RSI: 0000200000000180 RDI: ffffffffffffff9c
[   48.889513][ T4200] RBP: 00007fe9653c7090 R08: 0000000000000000 R09: 0000000000000000
[   48.889567][ T4200] R10: 00000000000006ff R11: 0000000000000246 R12: 0000000000000001
[   48.889578][ T4200] R13: 00007fe966b86038 R14: 00007fe966b85fa0 R15: 00007fff40f04ec8
[   48.889597][ T4200]  </TASK>
[   49.301919][ T4198] netlink: 12 bytes leftover after parsing attributes in process `syz.1.199'.
[   49.412073][ T3397] IPVS: starting estimator thread 0...
[   49.510916][ T4213] IPVS: using max 2928 ests per chain, 146400 per kthread
[   49.541966][ T4219] FAULT_INJECTION: forcing a failure.
[   49.541966][ T4219] name failslab, interval 1, probability 0, space 0, times 0
[   49.554898][ T4219] CPU: 1 UID: 0 PID: 4219 Comm: syz.1.206 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   49.554947][ T4219] Tainted: [W]=WARN
[   49.555069][ T4219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   49.555081][ T4219] Call Trace:
[   49.555087][ T4219]  <TASK>
[   49.555095][ T4219]  __dump_stack+0x1d/0x30
[   49.555117][ T4219]  dump_stack_lvl+0xe8/0x140
[   49.555135][ T4219]  dump_stack+0x15/0x1b
[   49.555151][ T4219]  should_fail_ex+0x265/0x280
[   49.555314][ T4219]  ? sctp_add_bind_addr+0x71/0x1e0
[   49.555385][ T4219]  should_failslab+0x8c/0xb0
[   49.555410][ T4219]  __kmalloc_cache_noprof+0x4c/0x320
[   49.555441][ T4219]  sctp_add_bind_addr+0x71/0x1e0
[   49.555477][ T4219]  sctp_do_bind+0x427/0x4b0
[   49.555510][ T4219]  sctp_connect_new_asoc+0x153/0x3a0
[   49.555544][ T4219]  sctp_sendmsg+0xf10/0x18d0
[   49.555575][ T4219]  ? selinux_socket_sendmsg+0xa1/0x1b0
[   49.555642][ T4219]  ? __pfx_sctp_sendmsg+0x10/0x10
[   49.555668][ T4219]  inet_sendmsg+0xc2/0xd0
[   49.555698][ T4219]  __sock_sendmsg+0x102/0x180
[   49.555727][ T4219]  __sys_sendto+0x268/0x330
[   49.555752][ T4219]  __x64_sys_sendto+0x76/0x90
[   49.555769][ T4219]  x64_sys_call+0x2d05/0x2ff0
[   49.555862][ T4219]  do_syscall_64+0xd2/0x200
[   49.555890][ T4219]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   49.555913][ T4219]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   49.555935][ T4219]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.556023][ T4219] RIP: 0033:0x7f69345debe9
[   49.556039][ T4219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.556076][ T4219] RSP: 002b:00007f693303f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   49.556145][ T4219] RAX: ffffffffffffffda RBX: 00007f6934805fa0 RCX: 00007f69345debe9
[   49.556156][ T4219] RDX: 0000000000034000 RSI: 0000200000000500 RDI: 0000000000000006
[   49.556168][ T4219] RBP: 00007f693303f090 R08: 0000200000000140 R09: 000000000000001c
[   49.556180][ T4219] R10: 000000002000c851 R11: 0000000000000246 R12: 0000000000000001
[   49.556193][ T4219] R13: 00007f6934806038 R14: 00007f6934805fa0 R15: 00007fffb02b7a68
[   49.556216][ T4219]  </TASK>
[   49.947880][ T4235] netlink: 16 bytes leftover after parsing attributes in process `syz.1.208'.
[   49.965308][ T4225] loop1: detected capacity change from 0 to 164
[   50.041817][ T4225] netlink: 36 bytes leftover after parsing attributes in process `syz.1.208'.
[   50.050802][ T4225] unsupported nla_type 10042
[   50.182445][ T4250] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[   50.193821][ T4248] IPVS: stopping master sync thread 4250 ...
[   50.227736][ T4253] 9pnet_fd: Insufficient options for proto=fd
[   50.238791][ T4253] loop1: detected capacity change from 0 to 512
[   50.253673][ T4255] netlink: 28 bytes leftover after parsing attributes in process `syz.4.218'.
[   50.253727][ T4253] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[   50.262783][ T4255] netlink: 28 bytes leftover after parsing attributes in process `syz.4.218'.
[   50.272367][ T4253] System zones: 0-2, 18-18, 34-34
[   50.312844][ T4253] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.219: bg 0: block 248: padding at end of block bitmap is not set
[   50.327877][ T4253] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.219: Failed to acquire dquot type 1
[   50.342531][ T4253] EXT4-fs (loop1): 1 truncate cleaned up
[   50.342553][   T29] kauditd_printk_skb: 195 callbacks suppressed
[   50.342568][   T29] audit: type=1326 audit(1756352809.748:1180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4256 comm="syz.2.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7532febe9 code=0x7ffc0000
[   50.348666][ T4253] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.390761][ T4253] ext4 filesystem being mounted at /44/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   50.433801][ T4253] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.460615][ T4246] netlink: 'syz.0.213': attribute type 21 has an invalid length.
[   50.466185][ T4253] openvswitch: netlink: Message has 6 unknown bytes.
[   50.482626][ T4246] netlink: 156 bytes leftover after parsing attributes in process `syz.0.213'.
[   50.491935][ T4246] netlink: 4 bytes leftover after parsing attributes in process `syz.0.213'.
[   50.505354][   T29] audit: type=1326 audit(1756352809.758:1181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4256 comm="syz.2.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fd7532febe9 code=0x7ffc0000
[   50.528903][   T29] audit: type=1326 audit(1756352809.758:1182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4256 comm="syz.2.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7532febe9 code=0x7ffc0000
[   50.552562][   T29] audit: type=1326 audit(1756352809.758:1183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4256 comm="syz.2.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fd7532febe9 code=0x7ffc0000
[   50.576493][   T29] audit: type=1326 audit(1756352809.758:1184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4256 comm="syz.2.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7532febe9 code=0x7ffc0000
[   50.600883][   T29] audit: type=1326 audit(1756352809.758:1185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4256 comm="syz.2.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd7532febe9 code=0x7ffc0000
[   50.624302][   T29] audit: type=1326 audit(1756352809.758:1186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4256 comm="syz.2.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7532febe9 code=0x7ffc0000
[   50.647849][   T29] audit: type=1326 audit(1756352809.758:1187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4256 comm="syz.2.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fd7532febe9 code=0x7ffc0000
[   50.671667][   T29] audit: type=1326 audit(1756352809.758:1188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4256 comm="syz.2.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7532febe9 code=0x7ffc0000
[   50.695061][   T29] audit: type=1326 audit(1756352809.758:1189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4256 comm="syz.2.220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fd7532febe9 code=0x7ffc0000
[   50.962369][ T4273] Driver unsupported XDP return value 0 on prog  (id 234) dev N/A, expect packet loss!
[   50.979787][ T4280] capability: warning: `syz.1.224' uses 32-bit capabilities (legacy support in use)
[   51.113822][ T4282] netlink: 16 bytes leftover after parsing attributes in process `syz.5.227'.
[   51.130620][ T4282] loop5: detected capacity change from 0 to 164
[   51.145087][ T4282] netlink: 36 bytes leftover after parsing attributes in process `syz.5.227'.
[   51.170376][ T4293] FAULT_INJECTION: forcing a failure.
[   51.170376][ T4293] name failslab, interval 1, probability 0, space 0, times 0
[   51.183391][ T4293] CPU: 1 UID: 0 PID: 4293 Comm: syz.1.229 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   51.183460][ T4293] Tainted: [W]=WARN
[   51.183467][ T4293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   51.183480][ T4293] Call Trace:
[   51.183487][ T4293]  <TASK>
[   51.183496][ T4293]  __dump_stack+0x1d/0x30
[   51.183590][ T4293]  dump_stack_lvl+0xe8/0x140
[   51.183609][ T4293]  dump_stack+0x15/0x1b
[   51.183626][ T4293]  should_fail_ex+0x265/0x280
[   51.183649][ T4293]  should_failslab+0x8c/0xb0
[   51.183730][ T4293]  kmem_cache_alloc_node_noprof+0x57/0x320
[   51.183821][ T4293]  ? __alloc_skb+0x101/0x320
[   51.183839][ T4293]  __alloc_skb+0x101/0x320
[   51.183918][ T4293]  ? audit_log_start+0x365/0x6c0
[   51.184030][ T4293]  audit_log_start+0x380/0x6c0
[   51.184062][ T4293]  audit_seccomp+0x48/0x100
[   51.184090][ T4293]  ? __seccomp_filter+0x68c/0x10d0
[   51.184119][ T4293]  __seccomp_filter+0x69d/0x10d0
[   51.184145][ T4293]  ? copy_regset_to_user+0x143/0x180
[   51.184167][ T4293]  ? kfree+0xd9/0x320
[   51.184204][ T4293]  __secure_computing+0x82/0x150
[   51.184321][ T4293]  syscall_trace_enter+0xcf/0x1e0
[   51.184420][ T4293]  do_syscall_64+0xac/0x200
[   51.184447][ T4293]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   51.184470][ T4293]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   51.184496][ T4293]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.184572][ T4293] RIP: 0033:0x7f69345dd5fc
[   51.184591][ T4293] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   51.184645][ T4293] RSP: 002b:00007f693303f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   51.184664][ T4293] RAX: ffffffffffffffda RBX: 00007f6934805fa0 RCX: 00007f69345dd5fc
[   51.184676][ T4293] RDX: 000000000000000f RSI: 00007f693303f0a0 RDI: 0000000000000004
[   51.184687][ T4293] RBP: 00007f693303f090 R08: 0000000000000000 R09: 0000000000000000
[   51.184698][ T4293] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000002
[   51.184786][ T4293] R13: 00007f6934806038 R14: 00007f6934805fa0 R15: 00007fffb02b7a68
[   51.184806][ T4293]  </TASK>
[   51.503600][ T4303] bridge0: entered promiscuous mode
[   51.508860][ T4303] bridge0: entered allmulticast mode
[   51.516656][ T4303] team0: Port device bridge0 added
[   51.574198][ T4307] loop4: detected capacity change from 0 to 512
[   51.613320][ T4307] EXT4-fs (loop4): orphan cleanup on readonly fs
[   51.619941][ T4307] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   51.647252][ T4307] EXT4-fs (loop4): Cannot turn on quotas: error -117
[   51.670471][ T4307] EXT4-fs (loop4): 1 truncate cleaned up
[   51.677520][ T4307] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   51.721026][ T4307] EXT4-fs error (device loop4): ext4_lookup:1791: inode #2: comm syz.4.234: deleted inode referenced: 12
[   51.806894][ T4307] EXT4-fs (loop4): Remounting filesystem read-only
[   51.824785][ T4321] loop2: detected capacity change from 0 to 2048
[   51.874252][ T4321] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.900810][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.937585][ T4333] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4333 comm=syz.4.241
[   52.037632][ T4339] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.049215][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.070953][ T4342] FAULT_INJECTION: forcing a failure.
[   52.070953][ T4342] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   52.084273][ T4342] CPU: 0 UID: 0 PID: 4342 Comm: syz.2.245 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   52.084305][ T4342] Tainted: [W]=WARN
[   52.084312][ T4342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   52.084375][ T4342] Call Trace:
[   52.084424][ T4342]  <TASK>
[   52.084432][ T4342]  __dump_stack+0x1d/0x30
[   52.084454][ T4342]  dump_stack_lvl+0xe8/0x140
[   52.084471][ T4342]  dump_stack+0x15/0x1b
[   52.084485][ T4342]  should_fail_ex+0x265/0x280
[   52.084541][ T4342]  should_fail+0xb/0x20
[   52.084579][ T4342]  should_fail_usercopy+0x1a/0x20
[   52.084598][ T4342]  strncpy_from_user+0x25/0x230
[   52.084622][ T4342]  ? __kmalloc_cache_noprof+0x189/0x320
[   52.084655][ T4342]  getname_flags+0x230/0x3b0
[   52.084729][ T4342]  __x64_sys_mknodat+0x4f/0x70
[   52.084752][ T4342]  x64_sys_call+0x2ec8/0x2ff0
[   52.084775][ T4342]  do_syscall_64+0xd2/0x200
[   52.084816][ T4342]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   52.084839][ T4342]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   52.084864][ T4342]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.084958][ T4342] RIP: 0033:0x7fd7532febe9
[   52.084977][ T4342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.084996][ T4342] RSP: 002b:00007fd751d5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000103
[   52.085019][ T4342] RAX: ffffffffffffffda RBX: 00007fd753525fa0 RCX: 00007fd7532febe9
[   52.085038][ T4342] RDX: 0000000000000002 RSI: 00002000000104c0 RDI: ffffffffffffffff
[   52.085050][ T4342] RBP: 00007fd751d5f090 R08: 0000000000000000 R09: 0000000000000000
[   52.085060][ T4342] R10: 0000000000000704 R11: 0000000000000246 R12: 0000000000000001
[   52.085118][ T4342] R13: 00007fd753526038 R14: 00007fd753525fa0 R15: 00007ffc6886dd98
[   52.085138][ T4342]  </TASK>
[   52.276252][ T4340] netlink: 'syz.0.243': attribute type 21 has an invalid length.
[   52.289707][ T4340] __nla_validate_parse: 2 callbacks suppressed
[   52.289724][ T4340] netlink: 156 bytes leftover after parsing attributes in process `syz.0.243'.
[   52.305390][ T4340] netlink: 4 bytes leftover after parsing attributes in process `syz.0.243'.
[   52.319527][ T4339] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.355203][ T4349] loop1: detected capacity change from 0 to 128
[   52.363540][ T4349] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   52.376212][ T4347] netlink: 84 bytes leftover after parsing attributes in process `syz.4.248'.
[   52.385706][ T4349] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   52.423542][ T4339] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.436327][ T4349] lo speed is unknown, defaulting to 1000
[   52.443268][ T4349] lo speed is unknown, defaulting to 1000
[   52.449229][ T4349] lo speed is unknown, defaulting to 1000
[   52.463964][ T4349] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   52.472396][ T4349] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   52.484282][ T4339] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.495379][ T4356] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   52.507540][ T4349] lo speed is unknown, defaulting to 1000
[   52.513885][ T4349] lo speed is unknown, defaulting to 1000
[   52.524071][ T4349] lo speed is unknown, defaulting to 1000
[   52.530309][ T4349] lo speed is unknown, defaulting to 1000
[   52.559431][   T12] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   52.581540][ T4349] lo speed is unknown, defaulting to 1000
[   52.587394][   T12] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   52.603101][   T12] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   52.613136][   T12] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   52.686753][ T4369] netlink: 16 bytes leftover after parsing attributes in process `syz.2.257'.
[   52.697025][ T4367] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.745962][ T4367] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.761317][ T4374] netlink: 256 bytes leftover after parsing attributes in process `syz.2.259'.
[   52.785684][ T4367] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.809863][ T4363] netlink: 12 bytes leftover after parsing attributes in process `syz.4.254'.
[   52.863132][ T4381] netlink: 'syz.2.261': attribute type 1 has an invalid length.
[   52.864093][ T4371] program syz.1.258 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   52.872455][ T4367] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.874249][ T4381] loop9: detected capacity change from 0 to 7
[   52.899372][ T3523] Buffer I/O error on dev loop9, logical block 0, async page read
[   52.907715][ T3523] Buffer I/O error on dev loop9, logical block 0, async page read
[   52.915696][ T3523]  loop9: unable to read partition table
[   52.922838][ T4381] Buffer I/O error on dev loop9, logical block 0, async page read
[   52.930788][ T4381] Buffer I/O error on dev loop9, logical block 0, async page read
[   52.938664][ T4381]  loop9: unable to read partition table
[   52.947280][ T4381] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   52.947280][ T4381] 
) failed (rc=-5)
[   52.961340][ T3523] Buffer I/O error on dev loop9, logical block 0, async page read
[   52.974170][ T3523] Buffer I/O error on dev loop9, logical block 0, async page read
[   52.995660][ T3523] Buffer I/O error on dev loop9, logical block 0, async page read
[   53.007507][ T3523] Buffer I/O error on dev loop9, logical block 0, async page read
[   53.024071][ T3523] Buffer I/O error on dev loop9, logical block 0, async page read
[   53.085431][ T4400] FAULT_INJECTION: forcing a failure.
[   53.085431][ T4400] name failslab, interval 1, probability 0, space 0, times 0
[   53.088708][ T4398] loop8: detected capacity change from 0 to 16384
[   53.098437][ T4400] CPU: 0 UID: 0 PID: 4400 Comm: syz.2.269 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   53.098480][ T4400] Tainted: [W]=WARN
[   53.098486][ T4400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   53.098498][ T4400] Call Trace:
[   53.098506][ T4400]  <TASK>
[   53.098513][ T4400]  __dump_stack+0x1d/0x30
[   53.098535][ T4400]  dump_stack_lvl+0xe8/0x140
[   53.098577][ T4400]  dump_stack+0x15/0x1b
[   53.098593][ T4400]  should_fail_ex+0x265/0x280
[   53.098613][ T4400]  should_failslab+0x8c/0xb0
[   53.098637][ T4400]  kmem_cache_alloc_noprof+0x50/0x310
[   53.098664][ T4400]  ? __kernfs_new_node+0x6d/0x350
[   53.098757][ T4400]  ? avc_has_perm+0xf7/0x180
[   53.098779][ T4400]  __kernfs_new_node+0x6d/0x350
[   53.098800][ T4400]  ? kernfs_iop_getattr+0x203/0x220
[   53.098821][ T4400]  ? vfs_getattr_nosec+0x1bd/0x1e0
[   53.098863][ T4400]  kernfs_new_node+0xd0/0x140
[   53.098887][ T4400]  kernfs_create_dir_ns+0x44/0xe0
[   53.098913][ T4400]  internal_create_group+0x2bb/0x9e0
[   53.098936][ T4400]  ? blk_validate_limits+0xaec/0xc40
[   53.098986][ T4400]  sysfs_create_group+0x1f/0x30
[   53.099050][ T4400]  loop_configure+0x7eb/0x9c0
[   53.099076][ T4400]  lo_ioctl+0x5aa/0x1240
[   53.099104][ T4400]  ? avc_has_extended_perms+0x73d/0x940
[   53.099144][ T4400]  ? blkdev_common_ioctl+0xad6/0x1ad0
[   53.099257][ T4400]  ? do_vfs_ioctl+0x866/0xe10
[   53.099283][ T4400]  ? selinux_file_ioctl+0x308/0x3a0
[   53.099303][ T4400]  ? __pfx_lo_ioctl+0x10/0x10
[   53.099330][ T4400]  ? __pfx_blkdev_ioctl+0x10/0x10
[   53.099351][ T4400]  blkdev_ioctl+0x34f/0x440
[   53.099407][ T4400]  __se_sys_ioctl+0xce/0x140
[   53.099425][ T4400]  __x64_sys_ioctl+0x43/0x50
[   53.099535][ T4400]  x64_sys_call+0x1816/0x2ff0
[   53.099556][ T4400]  do_syscall_64+0xd2/0x200
[   53.099581][ T4400]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   53.099682][ T4400]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   53.099750][ T4400]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.099771][ T4400] RIP: 0033:0x7fd7532febe9
[   53.099787][ T4400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.099804][ T4400] RSP: 002b:00007fd751d5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   53.099834][ T4400] RAX: ffffffffffffffda RBX: 00007fd753525fa0 RCX: 00007fd7532febe9
[   53.099847][ T4400] RDX: 0000200000001600 RSI: 0000000000004c0a RDI: 0000000000000006
[   53.099860][ T4400] RBP: 00007fd751d5f090 R08: 0000000000000000 R09: 0000000000000000
[   53.099871][ T4400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.099883][ T4400] R13: 00007fd753526038 R14: 00007fd753525fa0 R15: 00007ffc6886dd98
[   53.099900][ T4400]  </TASK>
[   53.105311][ T4400] loop9: detected capacity change from 0 to 7
[   53.403302][ T4407] netlink: 'syz.0.272': attribute type 21 has an invalid length.
[   53.426690][ T3523] Buffer I/O error on dev loop9, logical block 0, async page read
[   53.451845][ T3523]  loop9: unable to read partition table
[   53.477078][ T4400]  loop9: unable to read partition table
[   53.483000][ T4400] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   53.483000][ T4400] 
) failed (rc=-5)
[   53.641938][ T4428] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   53.663232][ T4421] netlink: 1080 bytes leftover after parsing attributes in process `syz.0.278'.
[   53.679001][ T4418] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(14)
[   53.685678][ T4418] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   53.693472][ T4418] vhci_hcd vhci_hcd.0: Device attached
[   53.699694][ T4426] loop4: detected capacity change from 0 to 8192
[   53.708149][ T4418] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4418 comm=syz.2.277
[   53.756692][ T4426] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4426 comm=syz.4.281
[   53.758109][ T4427] lo speed is unknown, defaulting to 1000
[   53.769363][ T4426] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4426 comm=syz.4.281
[   53.778416][ T4429] vhci_hcd: connection closed
[   53.800961][ T3667] vhci_hcd: stop threads
[   53.810362][ T3667] vhci_hcd: release socket
[   53.815035][ T3667] vhci_hcd: disconnect device
[   53.890115][ T4435] loop4: detected capacity change from 0 to 512
[   53.896560][ T3383] vhci_hcd: vhci_device speed not set
[   53.902673][ T4435] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   53.915757][ T4435] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   53.927040][ T4435] EXT4-fs (loop4): 1 truncate cleaned up
[   53.933316][ T4435] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.968549][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.006889][ T4440] netlink: 256 bytes leftover after parsing attributes in process `syz.4.284'.
[   54.060334][ T4448] netlink: 'syz.1.286': attribute type 3 has an invalid length.
[   54.070053][ T4448] veth0: entered promiscuous mode
[   54.075862][ T4450] tipc: Started in network mode
[   54.080820][ T4450] tipc: Node identity 9629437db999, cluster identity 4711
[   54.088162][ T4450] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   54.094852][ T4447] veth0: left promiscuous mode
[   54.099872][ T4450] syzkaller0: entered promiscuous mode
[   54.105654][ T4450] syzkaller0: entered allmulticast mode
[   54.115415][ T4450] tipc: Resetting bearer <eth:syzkaller0>
[   54.130217][ T4452] FAULT_INJECTION: forcing a failure.
[   54.130217][ T4452] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   54.143523][ T4452] CPU: 1 UID: 0 PID: 4452 Comm: syz.1.288 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   54.143566][ T4452] Tainted: [W]=WARN
[   54.143573][ T4452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   54.143585][ T4452] Call Trace:
[   54.143593][ T4452]  <TASK>
[   54.143602][ T4452]  __dump_stack+0x1d/0x30
[   54.143695][ T4452]  dump_stack_lvl+0xe8/0x140
[   54.143716][ T4452]  dump_stack+0x15/0x1b
[   54.143730][ T4452]  should_fail_ex+0x265/0x280
[   54.143749][ T4452]  should_fail+0xb/0x20
[   54.143765][ T4452]  should_fail_usercopy+0x1a/0x20
[   54.143841][ T4452]  _copy_from_user+0x1c/0xb0
[   54.143870][ T4452]  bpf_test_init+0xdf/0x160
[   54.143943][ T4452]  bpf_prog_test_run_xdp+0x274/0x910
[   54.143966][ T4452]  ? __rcu_read_unlock+0x4f/0x70
[   54.144026][ T4452]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   54.144048][ T4452]  bpf_prog_test_run+0x22a/0x390
[   54.144078][ T4452]  __sys_bpf+0x4b9/0x7b0
[   54.144184][ T4452]  __x64_sys_bpf+0x41/0x50
[   54.144206][ T4452]  x64_sys_call+0x2aea/0x2ff0
[   54.144224][ T4452]  do_syscall_64+0xd2/0x200
[   54.144253][ T4452]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   54.144267][ T4452]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   54.144293][ T4452]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.144306][ T4452] RIP: 0033:0x7f69345debe9
[   54.144317][ T4452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.144329][ T4452] RSP: 002b:00007f693303f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   54.144342][ T4452] RAX: ffffffffffffffda RBX: 00007f6934805fa0 RCX: 00007f69345debe9
[   54.144423][ T4452] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[   54.144431][ T4452] RBP: 00007f693303f090 R08: 0000000000000000 R09: 0000000000000000
[   54.144438][ T4452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.144446][ T4452] R13: 00007f6934806038 R14: 00007f6934805fa0 R15: 00007fffb02b7a68
[   54.144457][ T4452]  </TASK>
[   54.147215][ T4438] netlink: 'syz.0.282': attribute type 21 has an invalid length.
[   54.159329][ T4450] usb usb8: usbfs: process 4450 (syz.4.287) did not claim interface 0 before use
[   54.177397][ T4438] netlink: 156 bytes leftover after parsing attributes in process `syz.0.282'.
[   54.196051][ T4454] netlink: 256 bytes leftover after parsing attributes in process `syz.1.289'.
[   54.385391][ T4449] tipc: Resetting bearer <eth:syzkaller0>
[   54.393111][ T4449] tipc: Disabling bearer <eth:syzkaller0>
[   54.429253][ T4461] loop2: detected capacity change from 0 to 512
[   54.438215][ T4461] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   54.453209][ T4461] EXT4-fs (loop2): orphan cleanup on readonly fs
[   54.453367][ T4461] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:517: comm syz.2.292: Block bitmap for bg 0 marked uninitialized
[   54.453611][ T4461] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   54.453966][ T4461] EXT4-fs (loop2): 1 orphan inode deleted
[   54.454376][ T4461] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   54.456043][ T4461] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[   54.457353][ T4461] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   54.458594][ T4461] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:517: comm syz.2.292: Block bitmap for bg 0 marked uninitialized
[   54.495033][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.595931][ T4469] lo speed is unknown, defaulting to 1000
[   54.902749][   T47] I/O error, dev loop5, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 2
[   54.907750][ T4480] veth0: entered promiscuous mode
[   54.937815][ T4480] netlink: 'syz.4.298': attribute type 3 has an invalid length.
[   54.945715][ T4479] veth0: left promiscuous mode
[   55.088910][ T4494] loop2: detected capacity change from 0 to 1024
[   55.097177][ T4494] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   55.097212][ T4494] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   55.101098][ T4494] JBD2: no valid journal superblock found
[   55.124238][ T4494] EXT4-fs (loop2): Could not load journal inode
[   55.169234][ T4497] tipc: Started in network mode
[   55.169257][ T4497] tipc: Node identity 66e764a5f43f, cluster identity 4711
[   55.169368][ T4497] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   55.169614][ T4497] syzkaller0: entered promiscuous mode
[   55.169631][ T4497] syzkaller0: entered allmulticast mode
[   55.174701][ T4497] tipc: Resetting bearer <eth:syzkaller0>
[   55.181980][ T4496] tipc: Resetting bearer <eth:syzkaller0>
[   55.207374][ T4499] FAULT_INJECTION: forcing a failure.
[   55.207374][ T4499] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   55.231779][ T4499] CPU: 0 UID: 0 PID: 4499 Comm: syz.0.306 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   55.231809][ T4499] Tainted: [W]=WARN
[   55.231816][ T4499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   55.231862][ T4499] Call Trace:
[   55.231869][ T4499]  <TASK>
[   55.231877][ T4499]  __dump_stack+0x1d/0x30
[   55.231976][ T4499]  dump_stack_lvl+0xe8/0x140
[   55.232006][ T4499]  dump_stack+0x15/0x1b
[   55.232022][ T4499]  should_fail_ex+0x265/0x280
[   55.232042][ T4499]  should_fail+0xb/0x20
[   55.232120][ T4499]  should_fail_usercopy+0x1a/0x20
[   55.232144][ T4499]  _copy_from_iter+0xd2/0xe80
[   55.232171][ T4499]  ? __build_skb_around+0x1a0/0x200
[   55.232204][ T4499]  ? __alloc_skb+0x223/0x320
[   55.232246][ T4499]  netlink_sendmsg+0x471/0x6b0
[   55.232341][ T4499]  ? __pfx_netlink_sendmsg+0x10/0x10
[   55.232400][ T4499]  __sock_sendmsg+0x145/0x180
[   55.232427][ T4499]  ____sys_sendmsg+0x31e/0x4e0
[   55.232453][ T4499]  ___sys_sendmsg+0x17b/0x1d0
[   55.232490][ T4499]  __x64_sys_sendmsg+0xd4/0x160
[   55.232563][ T4499]  x64_sys_call+0x191e/0x2ff0
[   55.232583][ T4499]  do_syscall_64+0xd2/0x200
[   55.232658][ T4499]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   55.232742][ T4499]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   55.232769][ T4499]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.232804][ T4499] RIP: 0033:0x7fe96695ebe9
[   55.232822][ T4499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.232838][ T4499] RSP: 002b:00007fe9653c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   55.232857][ T4499] RAX: ffffffffffffffda RBX: 00007fe966b85fa0 RCX: 00007fe96695ebe9
[   55.232868][ T4499] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000009
[   55.232879][ T4499] RBP: 00007fe9653c7090 R08: 0000000000000000 R09: 0000000000000000
[   55.232890][ T4499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.232901][ T4499] R13: 00007fe966b86038 R14: 00007fe966b85fa0 R15: 00007fff40f04ec8
[   55.232937][ T4499]  </TASK>
[   55.307092][ T4496] tipc: Disabling bearer <eth:syzkaller0>
[   55.375320][ T4501] lo speed is unknown, defaulting to 1000
[   55.775043][ T4509] veth0: entered promiscuous mode
[   55.777082][ T4509] netlink: 'syz.0.310': attribute type 3 has an invalid length.
[   55.777933][ T4508] veth0: left promiscuous mode
[   55.833235][   T29] kauditd_printk_skb: 406 callbacks suppressed
[   55.833252][   T29] audit: type=1400 audit(1756352815.238:1591): avc:  denied  { mount } for  pid=4505 comm="syz.2.309" name="/" dev="ramfs" ino=8748 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   55.876705][   T29] audit: type=1400 audit(1756352815.278:1592): avc:  denied  { bind } for  pid=4513 comm="syz.0.312" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   55.876839][   T29] audit: type=1400 audit(1756352815.278:1593): avc:  denied  { listen } for  pid=4513 comm="syz.0.312" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   55.958069][ T4514] syzkaller0: entered promiscuous mode
[   55.958092][ T4514] syzkaller0: entered allmulticast mode
[   55.960544][   T29] audit: type=1326 audit(1756352815.358:1594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4487 comm="syz.4.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9f621c5ba7 code=0x7ffc0000
[   55.961203][   T29] audit: type=1326 audit(1756352815.358:1595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4487 comm="syz.4.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9f6216ade9 code=0x7ffc0000
[   55.961228][   T29] audit: type=1326 audit(1756352815.358:1596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4487 comm="syz.4.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f621cebe9 code=0x7ffc0000
[   55.966122][   T29] audit: type=1326 audit(1756352815.358:1597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4487 comm="syz.4.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f621cebe9 code=0x7ffc0000
[   56.111468][   T29] audit: type=1400 audit(1756352815.518:1598): avc:  denied  { mount } for  pid=4518 comm="syz.4.315" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   56.170595][   T29] audit: type=1400 audit(1756352815.568:1599): avc:  denied  { create } for  pid=4523 comm="syz.0.316" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=irda_socket permissive=1
[   56.190855][   T29] audit: type=1400 audit(1756352815.568:1600): avc:  denied  { lock } for  pid=4518 comm="syz.4.315" path="socket:[8768]" dev="sockfs" ino=8768 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   56.256763][ T4530] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   56.275953][ T4530] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   56.361935][ T4540] capability: warning: `syz.2.322' uses deprecated v2 capabilities in a way that may be insecure
[   56.375160][ T4540] FAULT_INJECTION: forcing a failure.
[   56.375160][ T4540] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   56.388429][ T4540] CPU: 1 UID: 0 PID: 4540 Comm: syz.2.322 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   56.388520][ T4540] Tainted: [W]=WARN
[   56.388527][ T4540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   56.388540][ T4540] Call Trace:
[   56.388601][ T4540]  <TASK>
[   56.388609][ T4540]  __dump_stack+0x1d/0x30
[   56.388634][ T4540]  dump_stack_lvl+0xe8/0x140
[   56.388656][ T4540]  dump_stack+0x15/0x1b
[   56.388694][ T4540]  should_fail_ex+0x265/0x280
[   56.388713][ T4540]  should_fail+0xb/0x20
[   56.388763][ T4540]  should_fail_usercopy+0x1a/0x20
[   56.388789][ T4540]  _copy_to_user+0x20/0xa0
[   56.388821][ T4540]  simple_read_from_buffer+0xb5/0x130
[   56.388847][ T4540]  proc_fail_nth_read+0x10e/0x150
[   56.388891][ T4540]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   56.388916][ T4540]  vfs_read+0x1a8/0x770
[   56.388939][ T4540]  ? __rcu_read_unlock+0x4f/0x70
[   56.388963][ T4540]  ? __fget_files+0x184/0x1c0
[   56.388992][ T4540]  ksys_read+0xda/0x1a0
[   56.389045][ T4540]  __x64_sys_read+0x40/0x50
[   56.389070][ T4540]  x64_sys_call+0x27bc/0x2ff0
[   56.389165][ T4540]  do_syscall_64+0xd2/0x200
[   56.389190][ T4540]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   56.389224][ T4540]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   56.389262][ T4540]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.389286][ T4540] RIP: 0033:0x7fd7532fd5fc
[   56.389304][ T4540] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   56.389345][ T4540] RSP: 002b:00007fd751d5f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   56.389365][ T4540] RAX: ffffffffffffffda RBX: 00007fd753525fa0 RCX: 00007fd7532fd5fc
[   56.389376][ T4540] RDX: 000000000000000f RSI: 00007fd751d5f0a0 RDI: 0000000000000008
[   56.389388][ T4540] RBP: 00007fd751d5f090 R08: 0000000000000000 R09: 0000000000000000
[   56.389401][ T4540] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001
[   56.389415][ T4540] R13: 00007fd753526038 R14: 00007fd753525fa0 R15: 00007ffc6886dd98
[   56.389434][ T4540]  </TASK>
[   56.695742][ T4554] loop2: detected capacity change from 0 to 512
[   56.704635][ T4554] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   56.716694][ T4554] EXT4-fs (loop2): 1 truncate cleaned up
[   56.717581][ T4557] program syz.1.329 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   56.723815][ T4554] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.775528][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.810966][ T4565] loop2: detected capacity change from 0 to 512
[   56.826179][ T4565] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.839126][ T4565] ext4 filesystem being mounted at /78/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.871014][ T4565] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   56.902134][ T4571] program syz.2.330 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   56.932595][ T4565] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   56.995452][ T4565] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.033649][ T4570] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4570 comm=syz.0.333
[   57.068207][ T4565] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.128745][ T3659] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.154987][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.165345][ T3659] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.188529][ T3659] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.208621][ T4582] FAULT_INJECTION: forcing a failure.
[   57.208621][ T4582] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   57.221902][ T4582] CPU: 1 UID: 0 PID: 4582 Comm: syz.0.337 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   57.221935][ T4582] Tainted: [W]=WARN
[   57.221941][ T4582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   57.221952][ T4582] Call Trace:
[   57.221958][ T4582]  <TASK>
[   57.221973][ T4582]  __dump_stack+0x1d/0x30
[   57.221998][ T4582]  dump_stack_lvl+0xe8/0x140
[   57.222068][ T4582]  dump_stack+0x15/0x1b
[   57.222083][ T4582]  should_fail_ex+0x265/0x280
[   57.222187][ T4582]  should_fail+0xb/0x20
[   57.222204][ T4582]  should_fail_usercopy+0x1a/0x20
[   57.222228][ T4582]  _copy_from_user+0x1c/0xb0
[   57.222259][ T4582]  bpf_test_init+0xdf/0x160
[   57.222341][ T4582]  bpf_prog_test_run_xdp+0x274/0x910
[   57.222363][ T4582]  ? kstrtouint+0x76/0xc0
[   57.222380][ T4582]  ? __rcu_read_unlock+0x4f/0x70
[   57.222407][ T4582]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   57.222535][ T4582]  bpf_prog_test_run+0x22a/0x390
[   57.222570][ T4582]  __sys_bpf+0x4b9/0x7b0
[   57.222672][ T4582]  __x64_sys_bpf+0x41/0x50
[   57.222734][ T4582]  x64_sys_call+0x2aea/0x2ff0
[   57.222759][ T4582]  do_syscall_64+0xd2/0x200
[   57.222786][ T4582]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   57.222806][ T4582]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   57.222863][ T4582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.222888][ T4582] RIP: 0033:0x7fe96695ebe9
[   57.222907][ T4582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.222927][ T4582] RSP: 002b:00007fe9653c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   57.223014][ T4582] RAX: ffffffffffffffda RBX: 00007fe966b85fa0 RCX: 00007fe96695ebe9
[   57.223029][ T4582] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[   57.223044][ T4582] RBP: 00007fe9653c7090 R08: 0000000000000000 R09: 0000000000000000
[   57.223058][ T4582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   57.223072][ T4582] R13: 00007fe966b86038 R14: 00007fe966b85fa0 R15: 00007fff40f04ec8
[   57.223089][ T4582]  </TASK>
[   57.290926][ T3659] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   57.532914][ T4603] FAULT_INJECTION: forcing a failure.
[   57.532914][ T4603] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   57.546076][ T4603] CPU: 0 UID: 0 PID: 4603 Comm: syz.0.344 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   57.546131][ T4603] Tainted: [W]=WARN
[   57.546138][ T4603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   57.546152][ T4603] Call Trace:
[   57.546158][ T4603]  <TASK>
[   57.546174][ T4603]  __dump_stack+0x1d/0x30
[   57.546245][ T4603]  dump_stack_lvl+0xe8/0x140
[   57.546267][ T4603]  dump_stack+0x15/0x1b
[   57.546282][ T4603]  should_fail_ex+0x265/0x280
[   57.546301][ T4603]  should_fail+0xb/0x20
[   57.546319][ T4603]  should_fail_usercopy+0x1a/0x20
[   57.546399][ T4603]  _copy_to_user+0x20/0xa0
[   57.546436][ T4603]  simple_read_from_buffer+0xb5/0x130
[   57.546481][ T4603]  proc_fail_nth_read+0x10e/0x150
[   57.546512][ T4603]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   57.546542][ T4603]  vfs_read+0x1a8/0x770
[   57.546640][ T4603]  ? __rcu_read_unlock+0x4f/0x70
[   57.546665][ T4603]  ? __fget_files+0x184/0x1c0
[   57.546723][ T4603]  ksys_read+0xda/0x1a0
[   57.546743][ T4603]  __x64_sys_read+0x40/0x50
[   57.546763][ T4603]  x64_sys_call+0x27bc/0x2ff0
[   57.546838][ T4603]  do_syscall_64+0xd2/0x200
[   57.546870][ T4603]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   57.546955][ T4603]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   57.546977][ T4603]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.546996][ T4603] RIP: 0033:0x7fe96695d5fc
[   57.547061][ T4603] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   57.547077][ T4603] RSP: 002b:00007fe9653c7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   57.547097][ T4603] RAX: ffffffffffffffda RBX: 00007fe966b85fa0 RCX: 00007fe96695d5fc
[   57.547111][ T4603] RDX: 000000000000000f RSI: 00007fe9653c70a0 RDI: 0000000000000003
[   57.547125][ T4603] RBP: 00007fe9653c7090 R08: 0000000000000000 R09: 0000000000000000
[   57.547139][ T4603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   57.547153][ T4603] R13: 00007fe966b86038 R14: 00007fe966b85fa0 R15: 00007fff40f04ec8
[   57.547197][ T4603]  </TASK>
[   57.863345][ T4612] 9pnet_fd: Insufficient options for proto=fd
[   57.865544][ T3667] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.913683][ T3667] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.952231][ T3667] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.967552][ T4614] netlink: 'syz.0.348': attribute type 1 has an invalid length.
[   57.971541][ T4621] netlink: 'syz.5.350': attribute type 2 has an invalid length.
[   57.983059][ T4621] netlink: 'syz.5.350': attribute type 1 has an invalid length.
[   57.990801][ T4621] __nla_validate_parse: 4 callbacks suppressed
[   57.990816][ T4621] netlink: 152 bytes leftover after parsing attributes in process `syz.5.350'.
[   58.012777][ T4614] 8021q: adding VLAN 0 to HW filter on device bond1
[   58.022711][ T3667] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   58.033970][ T4623] gretap1: entered promiscuous mode
[   58.043219][ T4623] bond1: (slave gretap1): making interface the new active one
[   58.053148][ T4623] bond1: (slave gretap1): Enslaving as an active interface with an up link
[   58.062992][ T4624] loop5: detected capacity change from 0 to 1024
[   58.075694][ T4614] macvlan2: entered promiscuous mode
[   58.081205][ T4614] macvlan2: entered allmulticast mode
[   58.087740][ T4614] bond1: entered promiscuous mode
[   58.103148][ T4614] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   58.138793][ T4614] bond1: (slave macvlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[   58.165441][ T4624] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   58.176408][ T4624] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   58.206583][ T4614] bond1: left promiscuous mode
[   58.219638][ T4624] JBD2: no valid journal superblock found
[   58.225541][ T4624] EXT4-fs (loop5): Could not load journal inode
[   58.255763][ T4621] IPv6: Can't replace route, no match found
[   58.335555][ T4631] cgroup2: Unexpected value for 'memory_localevents'
[   58.544260][ T4640] SELinux: ebitmap: truncated map
[   58.549978][ T4640] SELinux: failed to load policy
[   58.656394][ T4644] loop2: detected capacity change from 0 to 512
[   58.673174][ T4644] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.686306][ T4644] ext4 filesystem being mounted at /84/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.714404][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.815978][ T4655] hub 2-0:1.0: USB hub found
[   58.820894][ T4655] hub 2-0:1.0: 8 ports detected
[   58.842436][ T4659] FAULT_INJECTION: forcing a failure.
[   58.842436][ T4659] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   58.855819][ T4659] CPU: 1 UID: 0 PID: 4659 Comm: syz.4.363 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   58.855843][ T4659] Tainted: [W]=WARN
[   58.855847][ T4659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   58.855913][ T4659] Call Trace:
[   58.855917][ T4659]  <TASK>
[   58.855923][ T4659]  __dump_stack+0x1d/0x30
[   58.856006][ T4659]  dump_stack_lvl+0xe8/0x140
[   58.856158][ T4659]  dump_stack+0x15/0x1b
[   58.856170][ T4659]  should_fail_ex+0x265/0x280
[   58.856186][ T4659]  should_fail+0xb/0x20
[   58.856197][ T4659]  should_fail_usercopy+0x1a/0x20
[   58.856231][ T4659]  _copy_from_user+0x1c/0xb0
[   58.856257][ T4659]  __sys_bpf+0x178/0x7b0
[   58.856277][ T4659]  __x64_sys_bpf+0x41/0x50
[   58.856338][ T4659]  x64_sys_call+0x2aea/0x2ff0
[   58.856404][ T4659]  do_syscall_64+0xd2/0x200
[   58.856496][ T4659]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   58.856511][ T4659]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   58.856526][ T4659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.856540][ T4659] RIP: 0033:0x7f9f621cebe9
[   58.856552][ T4659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.856564][ T4659] RSP: 002b:00007f9f60c37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   58.856577][ T4659] RAX: ffffffffffffffda RBX: 00007f9f623f5fa0 RCX: 00007f9f621cebe9
[   58.856586][ T4659] RDX: 0000000000000048 RSI: 0000200000000540 RDI: 0000000000000000
[   58.856593][ T4659] RBP: 00007f9f60c37090 R08: 0000000000000000 R09: 0000000000000000
[   58.856601][ T4659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.856609][ T4659] R13: 00007f9f623f6038 R14: 00007f9f623f5fa0 R15: 00007fff43c165e8
[   58.856675][ T4659]  </TASK>
[   59.083624][ T4665] netlink: 40 bytes leftover after parsing attributes in process `syz.2.366'.
[   59.086556][ T4665] netlink: 204 bytes leftover after parsing attributes in process `syz.2.366'.
[   59.130853][ T4663] ==================================================================
[   59.138991][ T4663] BUG: KCSAN: data-race in n_tty_receive_char / n_tty_write
[   59.139028][ T4663] 
[   59.139035][ T4663] write to 0xffffc9000136f028 of 8 bytes by task 4666 on cpu 1:
[   59.157041][ T4663]  n_tty_receive_char+0x437/0x6a0
[   59.157073][ T4663]  n_tty_receive_buf_standard+0x473/0x2f10
[   59.167894][ T4632] FAULT_INJECTION: forcing a failure.
[   59.167894][ T4632] name failslab, interval 1, probability 0, space 0, times 0
[   59.167926][ T4663]  n_tty_receive_buf_common+0x805/0xbe0
[   59.167929][ T4632] CPU: 1 UID: 0 PID: 4632 Comm: syz.0.355 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   59.167960][ T4663]  n_tty_receive_buf2+0x33/0x40
[   59.167971][ T4632] Tainted: [W]=WARN
[   59.167983][ T4663]  tty_ldisc_receive_buf+0x66/0xf0
[   59.168010][ T4663]  paste_selection+0x333/0x490
[   59.168026][ T4632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   59.168039][ T4632] Call Trace:
[   59.168046][ T4632]  <TASK>
[   59.168041][ T4663]  tioclinux+0x3b5/0x460
[   59.168054][ T4632]  __dump_stack+0x1d/0x30
[   59.168072][ T4663]  vt_ioctl+0x75f/0x1880
[   59.168077][ T4632]  dump_stack_lvl+0xe8/0x140
[   59.168099][ T4663]  tty_ioctl+0x7db/0xb80
[   59.168122][ T4663]  __se_sys_ioctl+0xce/0x140
[   59.168137][ T4663]  __x64_sys_ioctl+0x43/0x50
[   59.168168][ T4632]  dump_stack+0x15/0x1b
[   59.168167][ T4663]  x64_sys_call+0x1816/0x2ff0
[   59.168188][ T4632]  should_fail_ex+0x265/0x280
[   59.168202][ T4663]  do_syscall_64+0xd2/0x200
[   59.168210][ T4632]  should_failslab+0x8c/0xb0
[   59.168233][ T4663]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.168237][ T4632]  kmem_cache_alloc_noprof+0x50/0x310
[   59.168256][ T4663] 
[   59.168263][ T4663] read to 0xffffc9000136f028 of 8 bytes by task 4663 on cpu 0:
[   59.168279][ T4663]  n_tty_write+0x14f/0xb50
[   59.168297][ T4663]  file_tty_write+0x370/0x690
[   59.168311][ T4632]  ? taskstats_exit+0x297/0x6a0
[   59.168327][ T4663]  tty_write+0x25/0x30
[   59.168356][ T4663]  vfs_write+0x52a/0x960
[   59.168344][ T4632]  taskstats_exit+0x297/0x6a0
[   59.168376][ T4663]  ksys_write+0xda/0x1a0
[   59.168391][ T4632]  do_exit+0x3fc/0x15c0
[   59.168399][ T4663]  __x64_sys_write+0x40/0x50
[   59.168423][ T4663]  x64_sys_call+0x27fe/0x2ff0
[   59.168426][ T4632]  do_group_exit+0xff/0x140
[   59.168446][ T4663]  do_syscall_64+0xd2/0x200
[   59.168458][ T4632]  ? get_signal+0xe51/0xf70
[   59.168476][ T4663]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.168495][ T4663] 
[   59.168499][ T4663] value changed: 0x000000000000003c -> 0x0000000000000079
[   59.168509][ T4663] 
[   59.168513][ T4663] Reported by Kernel Concurrency Sanitizer on:
[   59.168524][ T4663] CPU: 0 UID: 0 PID: 4663 Comm: syz.4.365 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   59.168551][ T4663] Tainted: [W]=WARN
[   59.168558][ T4663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   59.168571][ T4663] ==================================================================
[   59.168566][ T4632]  get_signal+0xe59/0xf70
[   59.168604][ T4632]  arch_do_signal_or_restart+0x96/0x480
[   59.168629][ T4632]  exit_to_user_mode_loop+0x7a/0x100
[   59.168696][ T4632]  do_syscall_64+0x1d6/0x200
[   59.168721][ T4632]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   59.168745][ T4632]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   59.168769][ T4632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.168864][ T4632] RIP: 0033:0x7fe96695ebe9
[   59.168881][ T4632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.168955][ T4632] RSP: 002b:00007fe9653c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   59.168977][ T4632] RAX: fffffffffffffe00 RBX: 00007fe966b85fa0 RCX: 00007fe96695ebe9
[   59.168990][ T4632] RDX: 00000000200008c0 RSI: 0000200000000740 RDI: 0000000000000004
[   59.169001][ T4632] RBP: 00007fe9653c7090 R08: 0000000000000000 R09: 0000000000000000
[   59.169012][ T4632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.169023][ T4632] R13: 00007fe966b86038 R14: 00007fe966b85fa0 R15: 00007fff40f04ec8
[   59.169039][ T4632]  </TASK>