last executing test programs:

46.557317045s ago: executing program 0 (id=608):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0xc3072, 0xffffffffffffffff, 0x0) (async)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) (async)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000100)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x8020)

46.18554918s ago: executing program 0 (id=611):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)={0x3, 0x4, 0x4, 0xa, 0x0, r0, 0x3f, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x3, 0x0, @void, @value, @void, @value}, 0x50)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000002140)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff0200}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
dup3(r2, 0xffffffffffffffff, 0x80000)
fcntl$notify(r1, 0x402, 0x8000003d)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x1, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0x0, 0x0, &(0x7f0000000000), 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x81}, 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f0000000bc0)="0100000200373a4541062101a59ea940d2cb0b36b8f5020000a00000050000000000eb000000a5e5be21c44e328e68f3922af8", 0x33, r6)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x3c, 0x0, 0x8, 0x201, 0x0, 0x0, {0xa, 0x0, 0x6}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x5}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @sctp=[@CTA_TIMEOUT_SCTP_HEARTBEAT_SENT={0x8, 0x8, 0x1, 0x0, 0x7f}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040001}, 0x80)

46.1638023s ago: executing program 0 (id=614):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)={0x24, 0x3e, 0x107, 0xfffffffc, 0x25dfdbfe, {0x1, 0x7c}, [@nested={0xd, 0x4, 0x0, 0x1, [@generic='6', @typed={0x8, 0xb5, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

46.102813021s ago: executing program 0 (id=617):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000680)='./file0/../file0/../file0/../file0\x00', 0x0, 0x1333404, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
r3 = perf_event_open(&(0x7f0000000380)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20064, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xece7, 0x0, @perf_bp={0x0, 0x4}, 0x2840, 0x0, 0x1007, 0x0, 0x4, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='kfree\x00', r5}, 0x18)
mmap$perf(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x11, r3, 0x0)
perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc7d7}, 0x0, 0x0, r3, 0xa)
r6 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000240), r1)
sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000800)=ANY=[@ANYBLOB="84010000", @ANYRES16=r6, @ANYBLOB="010000000000000000000100000304000480080002000100000008000100000000000400088058010c8054010b800800090000000000080009000000000008000a"], 0x184}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$nfs(&(0x7f00000000c0)='/.//', &(0x7f0000000300)='./file0\x00', 0x0, 0x2009000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000004c0)='./file0\x00', 0x804000, &(0x7f0000000400)={[{@abort}]}, 0x1, 0x607, &(0x7f00000005c0)="$eJzs3c9vFdUeAPDv3P6gpbzXQl7ee7zFo4kxkCgtLWCIcQFbQxr8ETdurLQgUqChNVo0oSS4MTFuDDFx5UL8F1wpkS0rXblw48qQEDUsTbxmpjOlvb23cPtraufzSS73zJw7PWe4/d5z5vScuQFU1mD6Ty1if0RMJxH9yfxiXmfkmYMLr3v4+wdn00cS9forvyaR5PuK1yf5c19+cE9EfP9dEvs6VpY7M3ft4vjU1OTVfHt49tL08MzctcMXLo2fnzw/eXn0udETx48dPzFypK3z6cqfrzfJO33z7Xf7Pxp7/cvP/0hGvvppLImT8WL+wqXnsVEGYzD7P0lWZvWduLXRpZWjI/89WfoWJ50lVoi2FO9fGjf/if7oiEdvXn98+FKplQM2VT2JqNfr9aLdrAOV0SPmobKKfkBxbZ9dBy+5fquV0CcBtsaDUwsDAMviP9O5MDYYPdnYwO6HydKPhWxMq72Rueb2RMS9u2M3z90duxmbNA4HNDd/IyL+2yz+kyz+B6InBrL4ry2L/7RfcCZ/Tve/vMbyG4eKxT9snYX471k1/qNF/L+xJP7fXGP5g4+Sb/Uui//etZ4SAAAAAAAAVNadUxHxbLO//9cW5/9Ek/k/fRFxcgPKH2zYXvn3/9r9DSgGaOLBqYgXGuf/ZmrF7N+Bjjz1j2w+QFdy7sLU5JGI+GdEHIquXen2yCplHP5432et8gbz+X/FIy3/Xj4XMK/H/c5dy4+ZGJ8dX+95AxEPbkT8r+n832Sx/U+atP/p58H0E5ax7+nbZ1rlPT7+gc1S/yLiYNP2/9FdK5LV788xnPUHhotewUr/f/+Tb1qVv9b4d4sJWL+0/d+9evwPJEvv1zPTfhlH5zrrrfLW2v/vTl7NbjnTne97b3x29upIRHdyuiPdu2z/aPt1hp2oiIciXtL4P/TU6uN/zfr/vREx33Cnp+S35WuKC//+s+/nVvXR/4fypPE/0Vb7335i9PbAt63Kf7L2/1jW1h/K9xj/gwW3ijDtXr6/STh2Nsva6voCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwE5Qi4g9kdSGFtO12tBQRF9E/Ct216auzMw+c+7KO5cn0rzs+/9rxTf99i9sJ8X3/w8s2R5t2D4aEXsj4tOO3mx76OyVqYmyTx4AAAAAAAAAAAAAAAAAAAC2ib4W6/9Tv3SUXTtg03WWXQGgJF83i/8fyqgJsPW0/1Bd4h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/gHAAAAAIAdZe+BOz8mETH/fG/2SHXneV2l1gzYbLWyKwCUxi1+oLpM/YHqco0PJI/J72l50OOOXM302XUcDAAAAAAAAAAAAACVc3C/9f9QVdb/Q3Wtff2/OwfA312x/v9AyfUAtp5rfCDtCqy2kr/p+v/Metb/AwAAAAAAAAAAAADtmJm7dnF8amryaluJnohYkVWv16+nP3ItP3A7JF7bHtXYxER3457iLSu7YjskUUyF3y71aUgUa/2e7KjSPpIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAGfwUAAP//AiwaKw==")
syslog(0x3, 0x0, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x80, 0x0)
renameat2(r8, &(0x7f0000000380)='./file0\x00', r8, &(0x7f0000000200)='./bus\x00', 0x4)
syslog(0x2, &(0x7f0000000c00)=""/247, 0xf7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2)
creat(&(0x7f0000000080)='./file0\x00', 0x14a)

45.966390863s ago: executing program 0 (id=620):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r2, 0x5, &(0x7f00000005c0)='\x00H\xeb', 0x0, r2)
fsconfig$FSCONFIG_SET_BINARY(r2, 0x2, &(0x7f0000000580)='\xa3\x04\x00', &(0x7f00000003c0)="c5", 0x1)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000080)='kfree\x00', &(0x7f0000000180)='\xfa.-\x00', 0x0)
close(r2)

45.770143515s ago: executing program 0 (id=626):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x65, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff0180040008003950323030"], 0x15)
r4 = dup(r3)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
creat(&(0x7f0000000380)='./file0\x00', 0x80)

45.735981915s ago: executing program 32 (id=626):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x65, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff0180040008003950323030"], 0x15)
r4 = dup(r3)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
creat(&(0x7f0000000380)='./file0\x00', 0x80)

36.072114371s ago: executing program 5 (id=738):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x70)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
write$binfmt_script(r1, &(0x7f00000000c0)={'#! ', './file0', [], 0xa, "6455d828ef"}, 0x10)
setsockopt$inet_sctp_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000100)=0x9, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x9, 0xa5d4}, 0x4c58, 0x0, 0x0, 0x1, 0x8000000000000008, 0x2, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000680)='sched_switch\x00'}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000008c80)=ANY=[@ANYBLOB="2c00000026000506"], 0x2c}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r4, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000280)=[0xc, 0x5], 0x0, 0x0, 0x2}}, 0x40)
close_range(r0, 0xffffffffffffffff, 0x0)

35.38233727s ago: executing program 5 (id=744):
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f0000000440)=ANY=[], 0x1, 0x1268, &(0x7f0000002500)="$eJzs3U9rI2UcB/Bf2vTv2qbquroL4oNeFCFue/DkpcguiAWl2gUVhFmbamialCYUIuLWkyfBlyHq0ZsgvoFevHgWBJFePO5BHGmT1aZJu7ptU5HP5zIPzzzfeWYyzMCE+TF7L32+sb7WLK9lrRgpFKK4ORbFuylSjMRodOzEc7d+/OnJN956+9XFpaUbyyndXHxz/sWU0uxT373z0ddPf9+6dOub2W8nYnfu3b3fFn7evbJ7de+Pr6LaTNVmqjdaKUu3G41WdrtWSavV5no5pddrlaxZSdV6s7LVs36t1tjcbKesvjozvblVaTZTVm+n9Uo7tQqptdVO2ftZtZ7K5XKamQ5OY+XLu3meR+T5WIxHnuf5VEzHpXgoZmI2SjEXD8cj8WhcjsfiSjweT8TVg1EXvd8AAAAAAAAAAAAAAAAAAADw/3Kf+v+C+n8AAAAAAAAAAAAAAAAAAAA4f0fr/4sRvv8PAAAAAAAAAAAAAAAAAAAAQ3af7/8fqf9/Xv0/AAAAAAAAAAAAAAAAAAAAnIfJzmI5pcmIjU+3V7ZXOstO/+JaVKMWlbgepfg9Dqr/Ozrtm68s3bieDszFCxt3uvk72yujvfn5sVLMFQbm5zv51JufiOnD+YUoxeXB8y8MzE/Gs8/s5z/p5MtRih/ei0bUYjWi0D36g/zH8ym9/NrSVG/+2v64Y42e82kBAACAs1ROf+l/ft/pDhq4vrOq+3yeuiMLJ/w/cOT5vBjXihd11NzTbH+4ntVqla0HbIwfv53x0225r1GIiCwO98xO/7K8P/mZTfGgjdGhTjp28phTnNMo/gd+zDNo/PrFoZ7JGO7sI91LIqvt3z//WSp28vxcd2zgxThxUur4e0ZhCPclhuPvk37RewIAAAAAAAAAAMC/MfDtv6mI6Hsf8IO+nnuvh/fG+7d8/OyfDeEIAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mQHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFcBAAD///ME0UM=")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000f4)
mkdir(&(0x7f0000000040)='.\x02\x00', 0xe88022b11028290f)
r1 = perf_event_open(&(0x7f0000000040)={0x6, 0x94, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x3)
mmap$perf(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x11, r1, 0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x307, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x4, 0x400008, 0x8000, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, r1, 0x3)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x4e21, @loopback}}, 0xfffffffc, 0x0, 0x400, 0x0, 0x30}, 0x9c)
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0xcc03, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
shutdown(r3, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000a50000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket$caif_stream(0x25, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000400), 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002b40)=ANY=[@ANYBLOB="020500000000000000100000000000082de243ffd6044000"/36], 0x24, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
removexattr(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=@known='system.posix_acl_access\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendmmsg$inet(r4, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000000)="92", 0x1}], 0x1}, 0x1000000}], 0x2, 0x0)

34.434885332s ago: executing program 5 (id=755):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x200, 0xfffffffd}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000140)={0x42, 0xf5, 0x1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
close(r1)
socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000200)='kfree\x00', r4, 0x0, 0xfffffffffffffffd}, 0x18)
ioctl$TUNSETIFF(r0, 0x400454da, &(0x7f0000000080)={'batadv0\x00'})
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454da, &(0x7f0000000140)={'batadv0\x00'})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000100)={'pimreg0\x00', 0x1})

34.199555155s ago: executing program 5 (id=757):
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x5, 0x9, 0x0, 0x0, 0x0, 0x2d, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x60, 0x7, 0x8000000000000001, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r0}, 0x18)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syslog(0x3, 0x0, 0x0)
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0xdc, &(0x7f0000000700)={[{@minixdf}, {@abort}, {@grpquota}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@dioread_lock}, {@resuid}, {@data_journal}]}, 0x1, 0x47b, &(0x7f0000000e80)="$eJzs3M1vFOUfAPDvbFv4AT/tYvCFF6WKRqKxhYLKwQMYTTxoYqIHPNa2EKRQQ2sihEg1Bo+GRKM349HEv8CTXox6MvGqd0NCDBeQ05jZnWG3y7506cK27OeTTPo8M8/0eb6debrPM0+nAQyssYj4NCL+HxF/RsRoRCSNBcaqX65fPT/979Xz00mk6Vv/JJVy166eny6KFudtKTJL1fzOJvUunD13cmpubvZMnp9YPPX+xMLZc8+dODV1fPb47OnJQ4cOHtj/4guTz68giqGOJbI2Xdvx0fyu7a+9c+mN6aOX3v31+yQPLxri6JGxdgef6nFl/XZfXToZ7mND6ErWc7LLNVLp/6MxFLWLNxqvftLXxgF3VJqm6cbWh5dS4B6WxIpL3tmGAHdZ8UGfzX+L7S4NPdaEK0eqE6As7uv5Vj0yHKW8zEjD/LaXstnW0aUb32Rb3JnnEAAAy/x4pPr11vFfKR6qK3c4XxsqR8TWusWNbRHxYESl7MMR8UiX9Tcuktw6/ild7vJbdiUb/72Ur20tH/8Vo78oD+W5bAxYrlscuz8i9sbIxmMn5mb3t6njp1f++LzVsbG68V+2ZfUXY8G8HZeHGx7QzUwtTt1WsE1c+Thix3Cz+JObKwFZyNsjYsfuuhM3rLyOE898t6vVsc7xt9GDdab024inq9d/KRriLyTt1ycn/hdzs/smsrtgX9M6fvv94put6u82/q1f1+ZsvZBd/81N7/+b8ZfTobr12oXu67j412ct5zS3e/9vSN6upIvb8MOpxcUz+yM2JK/n+w/X9k/Wzi3yRfks/r17mvf/B6L2k9gZEdlN/GhEPBYRu/O2Px4RT0TEnjbx//Lyk+8t23GjNvle1f3fA1n8Mx2uf1K/Xn8biaGTP/+wrNJyLbmy63+wktqb76n8/vuqfVwrbeDqf4IAAACw9pUqf/uflMZvpkul8fHq38tvi82lufmFxWePzX9weqb6jkA5RkrFk67q8+CRpHj+Wa7LTzbkD+TPjb8Y2lTJj0/Pz830O3gYcFtq/T+p7/+Zvzu/VgOsd97XgsGl/8Pg0v9hcOn/MLCavf+/qVOZ1MNBuCc0+/y/0Id2AHef8T8Mrm77f3Vy0ObfhgHrhs9/GFz6Pwyk1bzXv8pE8e8Hm5Yp1h/60bCOiTTtVGa43ekXmoe8zhJRanUoHa1eu363sJvEl2ujGWso0cdfSgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD30XwAAAP//UBTs6A==")
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000080)=@sg0, 0xee01, &(0x7f00000000c0)='./file0\x00')
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), r2)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000007c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010026bd6000000000002d9300000c00018008000100", @ANYRES32=r1], 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x20040814)
perf_event_open(&(0x7f00000002c0)={0x0, 0x80, 0x5c, 0x1, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_config_ext, 0x8000, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000380)='mmap_lock_acquire_returned\x00', r5, 0x0, 0x94b9}, 0x18)
openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'gretap0\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c00010005000000030000000800", @ANYRES32=r7, @ANYBLOB='\b'], 0xb4}}, 0x0)
read(r8, &(0x7f0000000040)=""/132, 0x84)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000d80), 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
chdir(&(0x7f0000000200)='./file0\x00')
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r10, &(0x7f0000000000), 0x208e24b)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

33.768975861s ago: executing program 5 (id=763):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r0 = syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f00000001c0)='./bus\x00', 0x2110008, &(0x7f0000000200)={[], [{@smackfshat={'smackfshat', 0x3d, '\x14'}}, {@func={'func', 0x3d, 'KEXEC_KERNEL_CHECK'}}, {@uid_lt}]}, 0x67, 0x52b, &(0x7f00000014c0)="$eJzs3V9rLGcZAPBnNrvHk3NymlS90IK12krOQc9u0tg2eFEriF4V1HpfY7IJIZtsyG7ak1BMDn4AQUQFr/TGG8EPIEjBGy9FKOi1oqKInuqFF9qR2Z1Nc5L913aTTZPfDybzvjPvzPO8G2Z2ZmeYCeDKeiIiXoiIt9I0vRMR0/n0Qj7EYXvI2r354LXlbEgiTV/6RxJJPq2zriQf38wXux4RX/tyxDeT03Ebe/sbS7VadSevV5qb25XG3v7d9c2ltepadWthYf7ZxecWn1mcG0k/b0XE81/8y/e/89MvPf/Lz7z6x5f/dvtbWVpT+fzj/XiHiv1mtrtean0WxxfYeZfBLqJiq4e5yW4tJk5NuX/GOQEA0F12jP/BiPhkRNyJ6ZjofzgLAAAAvA+ln5+K/yYRaXfXekwHAAAA3kcKrXtgk0I5vxdgKgqFcrl9D++H40ahVm80P71a391aad8rOxOlwup6rTqX3ys8E6Ukq8+3ym/Xnz5RX4iIRyPie9OTrXp5uV5bGfePHwAAAHBF3Dxx/v/v6fb5f8fBOJMDAAAARmdm3AkAAAAAZ27Y8/8bZ5wHAAAAcHZc/wcAAIBL7SsvvpgNaef91yuv7O1u1F+5u1JtbJQ3d5fLy/Wd7fJavb7Wembf5qD11er17c/G1u69SrPaaFYae9djs7671Xx5/aFXYAMAAADn6NGPv/77JCIOPzfZGjLXhlt0yGbARVU8KiX5uMtm/YdH2uM/n1NSwLmYGHcCwNgUx50AMDalcScAjF0yYH7Pm3d+k48/Mdp8AACA0Zv9aO/r/4W+Sx72nw1ceDZiuLpc/4erq3X9f9g7eR0swKVSGnQE0HebPxhxNsA4vOfr/wOl6TtKCAAAGLmp1pAUysVOvVAolyNutV4LUEpW12vVuYh4JCJ+N136QFafb7VMBp4zAAAAAAAAAAAAAAAAAAAAAAAAAABtaZpECgAAAFxqEYW/Jr9qP8t/dvqpqZO/D1xL/jMd+StCX/3RSz+4t9Rs7sxn0/95NL35w3z60+P4BQMAAACuhAEv8H9Y5zy9cx4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKP05oPXljvDecb9+xciYqZb/GJcb42vRykibvwrieKx5ZKImBhB/Mnsz0e6xU+ytI5Cdos/OYL4h/f7xo/D/FPoFv/mCOLDVfZ6tv95odv2V4gnWuPu218x4qH6u9V7/xdH+7+JHtv/rSFjPPbGzys949+PeKx4Kv5BFqETP+kR/8kh43/j6/v7vealP46Y7fr9k3SaZHvIqDQ3tyuNvf2765tLa9W16tbCwvyzi88tPrM4V1ldr1Xzv11jfPdjv3irX/9v9Ig/M6D/T51a27WuMf73xr0HH2oXS93i336yS/xf/yRvcTp+If/u+1RezubPdsqH7fJxj//st4/36/9Kj/4P+v/f7rXSE+589dt/GrIpAHAOGnv7G0u1WnXn0hays/QhG2dHZxciZ4XzKRyMdIVpmqbZNvUe1pPERfhYWoVx75kAAIBRe/ugf9yZAAAAAAAAAAAAAAAAAAAAwNV1Ho8TOxnz8KiUjOIR2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/H/AAAA///s19ky")
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r2 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r4=>0x0})
bind$can_j1939(r3, &(0x7f0000000100)={0x1d, r4, 0x1, {0x2, 0x1, 0x4}, 0x2}, 0x18)
setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000500)="19e260f93e7f54efe6450b3ece580baa42d82235d465eb39e3f2ce853ca5a030ade195d53276c0a625ffe7ac6070ba72a3c3695d6d86fef59ac667d61a0e8dd8ce8eff3125d8f940d2dd7fc57e4c93d7cb195d083e227eef6789ce6333285a5793e97268b3092beb9ba02713ed2c", 0x6e}, {0x0}], 0x2}, 0x4040841)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32=<r5=>0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x18, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r6}, 0x10)
r7 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
write$UHID_INPUT(r7, 0x0, 0x0)
write$binfmt_register(r2, &(0x7f0000000440)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x0, 0x3a, '=\x00\x04\x00\x00\x8b\x02\x00\x00\x00', 0x3a, '', 0x3a, './file2', 0x3a, [0x43]}, 0x32)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESOCT=0x0, @ANYBLOB, @ANYRESOCT=r1, @ANYRESOCT=r7, @ANYRESOCT=r5, @ANYRES32=r3, @ANYRES16=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000f00)='kfree\x00', r8}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
r11 = dup(r10)
setsockopt$IPT_SO_SET_REPLACE(r11, 0x4000000000000, 0x4, 0x0, 0x0)
r12 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000480), 0x1a1040, 0x0)
ioctl$AUTOFS_IOC_FAIL(r12, 0x4c80, 0x7000000)

33.1013469s ago: executing program 5 (id=773):
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x51, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x10, &(0x7f0000000600), 0x1, 0x58a, &(0x7f0000000b40)="$eJzs3V1rHFUcB+D/2d2kL2lNKoLWXhgo2IKaNGlFEcEW650XvhS8KhiTtJRu29BEsLViC/Ub6AcQvBNEvCwiRb3x1jvBDyDFIm1uvFuZzUy6bXfTvGw6tfM8sM2cORnOmSy/npmzM7MBVNZo9k8tYndEzKWI4Y66RuSVo0u/d/vWpenFW5emU7Ra7/+TIuXrit9P+c+hfOOtEfH7zymerN/f7vyFi6enms3Z83l5fOHM3Pj8hYsvnTozdXL25OzZyYlXJl4+dHDy0IG+7OfOiPh17Gjj6ok393w//c2uz3/89lqKw7Ejr+/cj34ZjdHlv0mn7O/6ar8bK0k935/Otzg1SuwQa1K8fwMR8XQMRz3uvHnD8cW7pXYO2FStFNECKirJP1RUcRyQnf8Wr3KPSICH5eaRpQmA22lpbm9xOf+NpbnB2NqeG9i+mKJzWidFRD9m5rI25p5Pw9krNmkeDuju8pWIeKbb+J/a2Rxpz+Jn+a/dlf9aRLyT/8zWv7fO9kfvKcs/PDwbyf+HHfn/aJ3tyz8AAAAAAAD0z/UjEfFit8//asvX/0SX63+GIuJwH9p/8Od/tRt9aAbo4uaRiNcjorj2b7Ej/7mRel7a2b4eYCCdONWcPRART0TE/hjYkpUnVmhjdM9vAz3rOq7/y15Z+8W1gHk/bjS23L3NzNTC1Eb2GVhy80rEs41u+U/L43/qMv5nY//cKttoHX3jl151D84/sFlaX0fs6zr+33lyRVr5+Rzj7eOB8eKo4H6fHr/2Q6/25R/Kk43/21fO/0jqfF7P/Nrb+OzvPzeQ/+7H/4PpWPuRM4P5uk+mFhbOT0QMprfvXz+59j7D46jIQ5GXLP/793Y//1/p+H9bRFxeZZvHfnrraq864z+UJ8v/zJrG/7Uv7P3gq397tb+68f9Qe0zfn68x/wcrW21Ay+4nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwf1SJiR6Ta2PJyrTY2FjEUEU/F9lrz3PzCCyfOfXx2Jqtrf/9/rfim3+Glciq+/3+kozx5T/lgROyKiC/r29rlselzzZmydx4AAAAAAAAAAAAAAAAAAAAeEUM97v/P/FUvu3fApmuU3QGgNPIP1SX/UF3yD9Ul/1Bd8g/VJf9QXfIP1SX/UF311nfHy+4DAAAAAADQN7ueu/5HiojLr21rvzKDed1AqT0DNtvhsjsAlMYjfqC6XPoH1eUcH0gPqN+67i0BAAAAAAAAAAAAgH7Zt9v9/1BVtbI7AJSm9/3/ngwAjzv3/0N1OccH3P8PAAAAAAAAAAAAAI+++QsXT081m7Pn17uwZWObW7BQnYVIfUjcQ1oo+38mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg8F8AAAD//8rF+L8=")

33.009329311s ago: executing program 33 (id=773):
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x51, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x10, &(0x7f0000000600), 0x1, 0x58a, &(0x7f0000000b40)="$eJzs3V1rHFUcB+D/2d2kL2lNKoLWXhgo2IKaNGlFEcEW650XvhS8KhiTtJRu29BEsLViC/Ub6AcQvBNEvCwiRb3x1jvBDyDFIm1uvFuZzUy6bXfTvGw6tfM8sM2cORnOmSy/npmzM7MBVNZo9k8tYndEzKWI4Y66RuSVo0u/d/vWpenFW5emU7Ra7/+TIuXrit9P+c+hfOOtEfH7zymerN/f7vyFi6enms3Z83l5fOHM3Pj8hYsvnTozdXL25OzZyYlXJl4+dHDy0IG+7OfOiPh17Gjj6ok393w//c2uz3/89lqKw7Ejr+/cj34ZjdHlv0mn7O/6ar8bK0k935/Otzg1SuwQa1K8fwMR8XQMRz3uvHnD8cW7pXYO2FStFNECKirJP1RUcRyQnf8Wr3KPSICH5eaRpQmA22lpbm9xOf+NpbnB2NqeG9i+mKJzWidFRD9m5rI25p5Pw9krNmkeDuju8pWIeKbb+J/a2Rxpz+Jn+a/dlf9aRLyT/8zWv7fO9kfvKcs/PDwbyf+HHfn/aJ3tyz8AAAAAAAD0z/UjEfFit8//asvX/0SX63+GIuJwH9p/8Od/tRt9aAbo4uaRiNcjorj2b7Ej/7mRel7a2b4eYCCdONWcPRART0TE/hjYkpUnVmhjdM9vAz3rOq7/y15Z+8W1gHk/bjS23L3NzNTC1Eb2GVhy80rEs41u+U/L43/qMv5nY//cKttoHX3jl151D84/sFlaX0fs6zr+33lyRVr5+Rzj7eOB8eKo4H6fHr/2Q6/25R/Kk43/21fO/0jqfF7P/Nrb+OzvPzeQ/+7H/4PpWPuRM4P5uk+mFhbOT0QMprfvXz+59j7D46jIQ5GXLP/793Y//1/p+H9bRFxeZZvHfnrraq864z+UJ8v/zJrG/7Uv7P3gq397tb+68f9Qe0zfn68x/wcrW21Ay+4nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwf1SJiR6Ta2PJyrTY2FjEUEU/F9lrz3PzCCyfOfXx2Jqtrf/9/rfim3+Glciq+/3+kozx5T/lgROyKiC/r29rlselzzZmydx4AAAAAAAAAAAAAAAAAAAAeEUM97v/P/FUvu3fApmuU3QGgNPIP1SX/UF3yD9Ul/1Bd8g/VJf9QXfIP1SX/UF311nfHy+4DAAAAAADQN7ueu/5HiojLr21rvzKDed1AqT0DNtvhsjsAlMYjfqC6XPoH1eUcH0gPqN+67i0BAAAAAAAAAAAAgH7Zt9v9/1BVtbI7AJSm9/3/ngwAjzv3/0N1OccH3P8PAAAAAAAAAAAAAI+++QsXT081m7Pn17uwZWObW7BQnYVIfUjcQ1oo+38mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg8F8AAAD//8rF+L8=")

1.790543477s ago: executing program 6 (id=1211):
r0 = socket(0x10, 0x3, 0x0)
recvmmsg(r0, &(0x7f000000ad00)=[{{0x0, 0x0, &(0x7f00000036c0)=[{0x0}, {0x0}], 0x2}, 0x80000001}], 0x1, 0x40000000, &(0x7f000000af80))
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000180)={[{@delalloc}, {@noload}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r3 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000380)=0x7ffd)
ioctl$PPPIOCSPASS(r4, 0x40107447, &(0x7f0000000180)={0x20, 0x0})
r5 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
ftruncate(r5, 0x2007ffb)
write$binfmt_misc(r3, &(0x7f0000000640)="5b99", 0x2)
sendfile(r3, r5, 0x0, 0x1000000201005)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000c80)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x468, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x43c, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x25cf, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0xfffffffc, 0x8, 0x0, 0x0, 0xffffff69, 0x0, 0x0, 0x7, 0x0, 0x0, 0x10000, 0x0, 0xfffffffd, 0x0, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x8, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0xfffffffa, 0x7fffffff, 0x9, 0x10, 0x0, 0x7, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b2, 0x0, 0x0, 0x6, 0x10, 0x0, 0x0, 0xfffffeff, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8, 0x0, 0x0, 0x0, 0x100000, 0xfff, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x7, 0xd4, 0xc, 0x5, 0x0, 0x0, 0x0, 0x3032, 0x0, 0x1, 0x4, 0x6, 0x8, 0x0, 0x1, 0x0, 0xfffffffc, 0x0, 0x0, 0x8, 0x0, 0x1, 0x20000000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x3ff, 0xfffffffc, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3429, 0x4, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x9, 0x0, 0x0, 0x40000000, 0x0, 0x2, 0x0, 0x0, 0x9, 0x0, 0x0, 0x4, 0x10000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0xf4cd]}, @TCA_TBF_RATE64={0xc}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x2, 0x0, 0x5, 0x0, 0x0, 0x40}}}]}}]}, 0x468}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
write(r0, &(0x7f0000000140)="240000001e005f0214fffffffffffff8070000001d00000000000004050009000d000000", 0x24)

1.465538651s ago: executing program 4 (id=1216):
r0 = socket(0x1e, 0x6, 0x0)
r1 = socket(0x1e, 0x2, 0xffffd479)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x7, 0xfffffef0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000080)='9p_protocol_dump\x00', r2, 0x0, 0xffffffffffffffff}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000080)='9p_protocol_dump\x00', r3, 0x0, 0xffffffffffffffff}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x5400, 0x0)
pwritev2(0xffffffffffffffff, &(0x7f0000000480)=[{&(0x7f0000000000)="85", 0x1}], 0x1, 0x1200, 0x30, 0x3)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x143a82, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000380)='.\x00', 0xffffffd3)
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x120)
r5 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r5, &(0x7f0000000280)={&(0x7f0000000040), 0x10, 0x0}, 0x0)
setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000440)=ANY=[@ANYBLOB="6202020900000000fc02000055bf20dfe2d247e12efe88000000002f6e010120df18f2512d4f"], 0x18)
pipe2(&(0x7f0000001cc0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000140), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r7])
bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES8=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x21, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r8}, 0x10)
dup3(r1, r0, 0x0)

1.309743463s ago: executing program 2 (id=1220):
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], 0x0, 0x7, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010300000000030000001c0000000c00018008000100", @ANYRES32=r3], 0x20}}, 0x40006)

1.309085513s ago: executing program 4 (id=1221):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000180), &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = mq_open(&(0x7f0000000080)='!selin\xdb\xa1\x02\xbf\xd9l\xd7\xcd\xc0uxse\xee\x0e\xcd\xce6\xbf\xfa;\xb9-a\xb8\xef\x8de\x14\xbc\x9ej\xa1q\xa2\xa5\t\x98\x8a\x8f>\xba', 0x6e93ebbbcc088cf2, 0x0, &(0x7f0000000300)={0x0, 0x1, 0xec})
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00'}, 0x10)
mq_timedsend(r2, 0x0, 0x0, 0x9, 0x0)

1.278760134s ago: executing program 2 (id=1222):
perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x5d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mincore(&(0x7f0000ff5000/0x4000)=nil, 0x4000, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000200)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = syz_io_uring_setup(0x43d8, &(0x7f0000000000)={0x0, 0x7c87, 0x40, 0x0, 0x39}, &(0x7f0000000080), &(0x7f00000001c0))
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000900)={&(0x7f0000003000)={[{0x0, 0x0, 0x1}]}, 0x1, 0x3}, 0x1)

1.207955184s ago: executing program 4 (id=1223):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0200b1f56b1876a800b60004000600080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000100)={r0}, 0x4)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000008c0))
capset(&(0x7f0000000940)={0x19980330}, &(0x7f0000000980)={0x1, 0x8, 0x6, 0x9, 0x8000, 0x1})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='fscache_access\x00', 0xffffffffffffffff, 0x0, 0x8}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
get_robust_list(0x0, &(0x7f0000000400)=0x0, &(0x7f00000004c0))
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x18, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00 \x00\x00\x00\x00\"\x00\x00\x00\x00\x00\x00\x00\x00 \x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r5}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setreuid(0x0, 0xee01)
statx(0xffffffffffffffff, &(0x7f0000000b00)='./file0\x00', 0x4000, 0x80, &(0x7f0000001080)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
statx(0xffffffffffffffff, &(0x7f0000000c40)='./file0\x00', 0x6000, 0x800, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, <r9=>0x0})
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000001180)={{{@in=@empty, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}}, {{@in=@private}, 0x0, @in6=@mcast2}}, &(0x7f0000000840)=0xe8)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mount$9p_fd(0x0, &(0x7f0000000a00)='./file0\x00', &(0x7f0000000a40), 0x20800, &(0x7f0000000f80)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@access_user}, {@version_L}], [{@uid_eq}, {@uid_gt={'uid>', r8}}, {@audit}, {@dont_measure}, {@obj_type={'obj_type', 0x3d, '!%/::[]\''}}, {@flag='silent'}, {@euid_gt={'euid>', r9}}, {@uid_lt={'uid<', r10}}]}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

1.207172785s ago: executing program 2 (id=1224):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="170000000000000004"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001400)={{r1}, 0x0, &(0x7f00000013c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
fstat(0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3, 0x0, 0xfffffffffffffffe}, 0x18)
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r4, 0x107, 0x14, &(0x7f0000000000)=0x930d, 0x4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000500)={'erspan0\x00', <r5=>0x0})
sendto$packet(r4, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @multicast}, 0x14)

1.160623975s ago: executing program 2 (id=1225):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00'}, 0x10)
syz_emit_ethernet(0x66, &(0x7f0000000800)={@broadcast, @random="6487a2bed3d6", @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x6c, 0x0, @private}}}}}, 0x0)

1.122216536s ago: executing program 4 (id=1226):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/rt_acct\x00')
r2 = socket(0x18, 0x3, 0x0)
sendfile(r2, r1, 0x0, 0x8)

1.121274296s ago: executing program 2 (id=1227):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x80000000000}, 0x18)
r2 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r2, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f00000000c0)=ANY=[@ANYBLOB="e0000002ac1414aa000000000a"], 0x1c)

1.072914847s ago: executing program 4 (id=1228):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x70)
write$binfmt_script(r1, &(0x7f00000000c0)={'#! ', './file0', [], 0xa, 'dU'}, 0xd)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000680)='sched_switch\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r3, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000280)=[0xc, 0x5], 0x0, 0x0, 0x2}}, 0x40)
close_range(r0, 0xffffffffffffffff, 0x0)

825.588999ms ago: executing program 2 (id=1229):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x2, 0x0, @local, 0x2}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000300)=0x8)
setsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000100)={r3, 0x200}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080), 0xae8442, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000880)={0x0, 0x0, 0x2b, 0x0, 0x0, 0x40000007, 0x10000, @value=r4}, 0x28)
r5 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
fallocate(r5, 0x0, 0x0, 0x1001f0)
fallocate(r5, 0x3, 0xf00, 0x10000)
copy_file_range(r5, 0x0, r5, &(0x7f00000000c0)=0xc615, 0x39ea, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='f2fs_map_blocks\x00', r5, 0x0, 0x1}, 0xfffffffffffffd7e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000003, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xcdc}}, 0x0)
r6 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000001c0)='!=u&00\t&&')
openat$random(0xffffffffffffff9c, &(0x7f000000fe80), 0x40800, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)

817.87217ms ago: executing program 4 (id=1232):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
r1 = epoll_create1(0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000080)={0xa0028000})
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x36)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
sched_setscheduler(0x0, 0x2, 0x0)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="009c3206ebdd707d9a000000"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
r4 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r4, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x23456})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
io_uring_enter(r4, 0x47f6, 0x0, 0x2, 0x0, 0x0)
ptrace$getregset(0x4204, r3, 0x4, &(0x7f0000000100)={&(0x7f0000000640)=""/195, 0xc3})
inotify_init()
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)

796.79335ms ago: executing program 1 (id=1233):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r5, r2, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000340)=ANY=[@ANYBLOB="6ea88d319b8caaaaaaaaaa1348004500001c000000000011907800000000bfffffff00434e2200089078"], 0x0)

718.677431ms ago: executing program 6 (id=1234):
perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x5d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mincore(&(0x7f0000ff5000/0x4000)=nil, 0x4000, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000200)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = syz_io_uring_setup(0x43d8, &(0x7f0000000000)={0x0, 0x7c87, 0x40, 0x0, 0x39}, &(0x7f0000000080), &(0x7f00000001c0))
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000900)={&(0x7f0000003000)={[{0x0, 0x0, 0x1}]}, 0x1, 0x3}, 0x1)

695.529311ms ago: executing program 1 (id=1235):
unshare(0x20000400)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae000000"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0x7}, 0x18)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007009300000000000c0001"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

656.181202ms ago: executing program 1 (id=1236):
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x8)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x22001040)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff})
r2 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r2, 0x0, 0x0)
fchdir(r5)
open(&(0x7f00000003c0)='.\x00', 0x800, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
syz_open_dev$sg(&(0x7f00000004c0), 0x0, 0x20c02)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r6 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x8, 0xc0100, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_bp={0x0, 0x13}, 0xc00, 0xffffffff, 0x6, 0x4, 0x6, 0x1, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000001001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r8 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000001900)={0x6, [], 0x3, "54b594ecdf07b9"})
pwritev2(r8, 0x0, 0x0, 0x7c00, 0x0, 0x3)
ioctl$PERF_EVENT_IOC_SET_BPF(r6, 0x40042408, r7)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x503, &(0x7f0000000fc0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSG0EmKPILUhcaModhzFTmlCD+mZKxKVOMGRP4BzT9y5IHrjUg5I/IhADRIHoxlPUje1m6hJ7Gz8+UijeW/e1N/vazrvxS+NXwBD62pE7EbEWETcjojp7HouO+KT9pHc93Tv/tL+3v2lXLRan/0zl7Yn16LjzySuZK9ZjIgffS/ip7kX4za2d9YWq9XKZlafbdY2ZhvbOzdWa4srlZXKerm8ML8w99HND8tn1td3amNZ6atP/rj7rZ8naU1lVzr7cZbaXS8cxkmMRsQPziPYAIxk/RkbdCK8knxEvBkR76bP/3SMpF9NAOAya7WmozXdWQcALrt8ugaWy5eytYCpyOdLpfYa3lsxma/WG83rd+pb68vttbKZKOTvrFYrc9la4UwUckl9Pi0/q5eP1G9GxBsR8cvxibReWqpXlwf5jQ8ADLErR+b//4y3538A4JIrDjoBAKDvzP8AMHzM/wAwfMz/ADB82vP/xKDTAAD6yPt/ABg+5n8AGCo//PTT5GjtZ59/vXx3e2utfvfGcqWxVqptLZWW6psbpZV6fSX9zJ7aca9Xrdc35j+IrXsz395oNGcb2zu3avWt9eat9HO9b1UK6V27fegZANDLG+88epxLZuSPJ9IjOvZyKAw0M+C85QedADAwI4NOABgYu33B8DrFe3zLA3BJdNmi9znFbr8g1Gq1WueXEnDOrn3J+j8Mq471f/8LGIaM9X8YXtb/YXi1WrmT7vkfJ70RALjYrPEDPX7+/2Z2/l32w4GfLB+94+F5ZgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX28H+v6VsL/CpyOdLpYjXImImCrk7q9XKXES8HhF/Hi+MJ/X5AecMAJxW/m+5bP+va9PvTz3X9PaVw+JYRPzs15/96t5is7n5p4ix3L/GD643H2bXy/3PHgA43sE8nZ473sg/3bu/dHD0M5+/fzciiu34+3tjsX8YfzRG03MxChEx+e9cVm/LdaxdnMbug4j4Yrf+52IqXQNp73x6NH4S+7W+xs8/Fz+ftrXPyd/FF84gFxg2j5Lx55Nuz18+rqbn7s9/MR2hTi8b/5KXWtpPx8Bn8Q/Gv5Ee49/Vk8b44A/fb5cmXmx7EPHl0YiD2Psd489B/FyP+O+fMP5fvvL2u73aWr+JuBbd43fGmm3WNmYb2zs3VmuLK5WVynq5vDC/MPfRzQ/Ls+ka9Wzv2eAfH19/vVdb0v/JHvGLx/T/6yfs/2//d/vHX3tJ/G++1y1+Pt56SfxkTvzGCeMvTv6+2Kstib/co//Hff2vnzD+k7/uvLBtOAAwOI3tnbXFarWy+TkqPE6+pxl8Ggr9LyT/ZC9AGl0L3+lXrLHo3vSL99rP9JGmVuuVYvUaMc5i1Q24CA4f+oj476CTAQAAAAAAAAAAAAAAuurHbywNuo8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcXv8PAAD//+a4zis=")
setreuid(0xffffffffffffffff, 0xee00)

495.942974ms ago: executing program 3 (id=1239):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x3, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @random="50a245d5cde0", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x32, 0x0, @empty, @broadcast}, @timestamp_reply={0x11}}}}}, 0x0)
mincore(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0)

252.390137ms ago: executing program 3 (id=1240):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000060850000071123900000000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f0000000400)=ANY=[@ANYBLOB="64000000150001002abd7000fedbdf25ac1414aa000000000000000000000000fe8800000000000000000000000001014e2400004e2500000a0010a011000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="000001000200000008001f00"], 0x64}, 0x1, 0x0, 0x0, 0x2843ca8725c9de81}, 0x4000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000005c0)='ib_mad_send_done_handler\x00', r0, 0x0, 0x8000000000003}, 0x18)
r3 = perf_event_open(&(0x7f0000000140)={0x3, 0x80, 0x40, 0x1, 0x0, 0xff, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x2, @perf_config_ext={0x9, 0x6}, 0x1000, 0x5dd8, 0x8, 0x5, 0x0, 0x8, 0xfff9, 0x0, 0x4, 0x0, 0x5}, 0x0, 0xf, 0xffffffffffffffff, 0x2)
r4 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0e0e000000000000000000003f6c000000002000", @ANYRES32=0x1], 0x48)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r5}, 0x10)
r6 = io_uring_setup(0xefe, &(0x7f0000000080)={0x0, 0xd9d8, 0x8})
io_uring_register$IORING_REGISTER_FILES(r6, 0x1e, &(0x7f0000000000)=[r6], 0x1)
fcntl$getownex(r2, 0x10, &(0x7f0000000700))
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = socket(0x2c, 0x3, 0x0)
setsockopt$sock_int(r9, 0x1, 0x2e, 0x0, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), r9)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r10, &(0x7f00000003c0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYRES64=r10, @ANYRESOCT=r3], 0x90}, 0x1, 0x0, 0x0, 0x40011}, 0x8044)
r11 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r11, 0x1, r9, &(0x7f0000000100)={0xc017be1b})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r8}, 0x18)
write$UHID_INPUT(r4, &(0x7f00000016c0)={0x8, {"44786569080ea7db4a6967b14b261433394f0364852fd059f70568d53d7f5ca1976c326706cdfe04008cc3be06592a5f9b0771b70cbcea958a2842865f55fea59fde27851e382bfb068c2dc43f0f98e6a024ea9cdd25e108266c48293a7052270992b46f1e8d94be4eda1fbe25be067f636367240bcceae8faae5facdeeeb5754ee066b309e859c53bcfe2039221d6a56b45e8cc8527275a0f1066293dba19da60f24e83073e3468f90e5fd74fcd2fb5fb9ca49245b3c8f68d16c6dbb2f346fae04daaee90203e72c1a5308d276ed230dfc823cf69f48250a089e9c5e4c61c944b196d81dcdc80babd5f1b03c123b89104ef1e1428c4b760373a2d664b781f9b4d55f2e899dd29f23e2ce1311edeab3466c8b095e024316ed7283d4afb6116d8db629d19a05696127105ed16230279d98bc50ad83a1be49d37d8c2ebdaa0b102ed80f467cbb49a709b8869806aea1e6d602a54856847d3b9d429830ff71eb00d4357e155b0dceaec3c2758fb31962415413a71b6bf3daec1de2c889226dd3a5173c4183bb0272273cc9e451e4e9a4b88467ca61c87092bc71797c7ce2d21ecb8f4ef7d8ee1ffc6f3c756bc062b7aa675f4e86da83889c0d71a95a7548be81419f7a6f798433af24681a0296eed34cc95798f99485fef8e94f05d8135c7aacbcd899a49b99ba6f5e63f5669e74ba6ca5fbccd311094d900bf629d63f5666ce01d6e2d8b45f7cfca14e2ad9fe64d83f98f82358fcfc498b7225fb89d19c26acb3a60caba54b430f29902bc73fd34a7b76f5204fa1e822da69422885e5f109c25326bc50ea413865399ba61b6fa2c2434c5319870b812f98825a30c3319c47e0163e6c5935c930f221d233cdace360c51ea5c47bb67858036e2f1a4fd967a8e37bb8274a17784be41af4da1eb8feb503dd559e47b25f89abcad9c0e24a5734c40ea666e01c554b2053154455c07dec6078cdddf8b5bb3c308ed60107ff6767ea1b008a9588b36cc470fb13953cc129167777d5eca02642e22ecf5e14c075da2aa1a75df42a330b8b5ca63d26013569e4f36127266cfe1c20104f6a67fa6a265802a510b51394ec941f9cec175b3c39522dbb913c0d0f9c0c5582aa98952da947edadd2d241fef020a78c88f45c487949baa028399234937819323ec8257c4513b0389c085d7fb03e864f33e8c2082c82e2a228ad93769cbe78ad4e8c701724bc0821a238109953cecc652843d51f870b3672b965b7480c47efa466087d62f4ce52d4cfa615cbd1b93a7e7dfbb2098f467c2818d4cdc93685b78870f8dc52f9d532b564e4c47d9920b5836068f8f8f92baa114baf36a0c286cd95bd75553258ed34be4bf353c379eaf4415b90bb18c9a94e3ea7a6017c9e48d263b3acc7aaa4de3da3c96997a2a86a1ee8b3aff9aa2a82af1961cfcc9ac5b80cd612ba18e34425744268f0048cea7b6c95ab2acab2148db7513bfb489c20fa05c8f7516009bd7af1981b1ab030aec0747f854187687a629f7697775830f7d97fbd549c40c6f526225454c3d34ca3e1dc0e98cd3cefd8fb0f8d1bad119b0fbc34b015733f38d63e69d58adcfd10634dfc93873ce15856cdb42b7aaf346a14c5f4b7eef9d00bcc4aa1432e5ea10a5735e80b6ba5ebb7de7bc38314719e48964b0b630463fcbbdbd26d3878f326062e60215da3e09b9e9646285c3c6065f4162b8af646920540d91f6a067a81687792e458f1636a58b60777930939f26babc6e80a1e9124f863fc35616578cf2e4d50a93dbc826cab7cae7223dbfb8bb9215e7343dfdafe073e7e393915f98e1517cb18dd512bd327f553bcf3524b2eab30bd79517d9daa92329c2f9e31f6c4bea560a1e5296e2412892034e2d774cb310322dd8fc28455b751931c19fd7ab1aa63cc448fbcd365d1aabbe897497ac1b1ef7cb431467683376337eba010422f320e2f2f5910d760bf688af3e9fb0187dc992cc8c0a73c1c6a9a90446b970dbc9e249acc527dac3b42595576ead98cb0934472606816c3811220cb9ea45f8b61e14e772c9a4f4bc67c294ece7485d61c79b2b4a71d6fda1407c05aae67da845cf9b9b2d290a33a2bb18c4c1f82136c21c974cf7288cf09d0cd5d745a4c62af4fbe4d64f156881a533e87ba786d7a3a468854d31831bea55ecfa541e12788b0cff952521406a438d3e6f06a184a74c5302ee79e98be8ac6711580e2987b3f459ee2251bb1caad1e58b35bebea5e35d7f8314cee430598d625deb7576de8bc311c7de97d41b633728e0fe1d432257bcd475c602bd91a9266ec5925d0203af0497f4eac6ae949ec7141354bf0ff3cec0b8acb52f834e84062377a7ce38c8c0515c1c88b59a13855e8b384d50d3fcaf30e65fd860e0a79b709fd02377f77cb4f9d500d37365e7ef0d40070fb2bdb1bcffcad0ce0fabbdcafb28aff4257b893ff62c33cdcf0a13a94accb7c6e8e1ed9d279b8b71e8fa78a7fad1a277dd6fd62b0621d2c10bab78df474f598abc937ed60d44d88548860545aec071f0a6a27a0e67d504cb6c4f465d59f40ed65eb7a3d63f926b41f7ddd0a4d364e14c00fc41eb4f62da7b1cbf78a11f52f271cf87591a531a13aa90d15c06bd206bcaf914d4fd704f64591f62bff880571a27d398b39e437ea3ddc5cb121913179cc8e1b0d582f09d25f1788f92a36759ee1bce2d372761ef4b00c25bc56e7870373d16b8f3123a0ba203c04dd5e567484b0aab1d65400d056d4eb58e963bcbba00517f1173d45b4a8c9b9da8db75d1ceba7be2006c146014f4f89fb67a4e5840b63b8d6cbeb5dff3eab3c1043dca41071f38a4631b3a5874f6c5995c15876b107661ca2e9a5d79f17ed41dad21536baef638ce4c1c6ef710551ae8112ce51858726643a7d9778d2b58c0f8112afa02158206dd8debd7702e712f15de2544ff9a70138044344c1c0f2e066f20e804478e7ca60ef91e78ae6cfa2773454c693f2b28cab7744d840e4ffeeafaa639ddabf008e67180eb78a1d8d5b18ba27eaa4d6d516e46e6113faa4314c8fe053656a75287a26a665821d5f28c9fda04783f0b78b1fd4455e12c8050129cbbde06965303a6f6fbbc9c5192be2071e7f0a76248c433c08089a82852d4e30422d1f2ce63acb91e95a2692fa8d1118f582e5202e49760177de5b071ab55ffbaa6335441626b94764a813a7f6e8ca91936108943edb9aeed706d246c9774fdac5fade27412a35dc634c6deca43d8cadfb4c54892f33bd16e2f4b001544f8e3c880cf013a261f682423f563d9415dfa686cb6dc2622b209a78167cde104a3fb413a29876f11b66058f56de25ce7a7801601e7c8e2d5ea055a15e4242599802e05d2ec2493b898b6e45e354b5bc8e7d5477000ece89d1de1ae88eb8f534ea5a44200d1ffd89e5b43b025e9bd50d115850ca5ceaa09ba899f879fac52a884b06ea95e53a59792fdea81849d6f354794fba36e18e4c3b7bfcea00bd0b90ca1f6173fd3a6e828ba62ec06593428eca7f5b2a9d034eb06e5ff749bcf6a2459cdcec28a1eead2b95cd2b22e45b50d1260f655c1166ca1cdb29aa9ab2e3d94748b108f69670bf5f08b39c3590bd5ad317104c2b23bf6e9ae2e13f4dcd8a89b3a15d0736787903a1a60adb7b46f9c5f612a38f0827efa1d597bdc5af691e1ab43cc2b10bc6da9811d2d42eaae0b9ca12555fb69959e50b0f38087172b878fca5b4e667b9ec4233b3491cc22d4a631531c35ee9b1617ffd13cec2afef98c37acd88620a8ce589afbeefd2023be3c73c3ff81c0d5b9202616fe720f6fc4f45a35d95f001cf42d8ed2f298372fad81bd2400157fd7e2eeaabce5c3bac8a2f5d2227e84467ef549a8f590b4c0a64020f7495ae476a7a3e1525135950bd032ec6a73d22fbbbeb0af068a92596da2df01278cfa4c596d9d8e972add320dcff68326e18d62739311a01c02f5d15891a567ca8f2632ab8176590e6e3db4bffa43e3b3fe00065409e5842dc44c5ae7318a7e41d7430b275fcc96d9931fb2c1c53499200d0bb629f397b6d33c80c51053a478cb6119cf764547ccf6ec6fd7db2f5b1b3008399952a7c94280c4c297dd4e4cf2655a0e34194530640db52e6f633b5220a647971418b71be5183af75c544e21eff011ed368189148435c01da007c8a4250a55c7a37d0110e3a89627b5d3686531d7b71d80e0171edcf570a8dc9e914592a6e2be814384aacf133e757d799f26d7412dea655a8deef6359093ae956f2e2cb04a98ff89b9a875e02af091d9bcf61ba9ba45e8b4c8647f5a10451bf8f5428b53d010aaba03ccf1342fbcdb1c8f5494f25b28225d16022984dfbab49ff89c7520d6301c4aeb551d4236289fa1c653770b9fa5f5b8feda197034aa4ccf8200f4a39ba512ceb17eb76893eff165ef0aeaa7326e020ceb090358a1ee1b6ebc81e20c40ec295edfac53c2e678a89a343b31c962793e5c05e2c02c2ff3d58cba26f58d9f70dea780cdc19f2816dc2617aaef7f0771d0059b36160371b5d4b64bdf039a33dd19473df6bd0553ed608bb5d341c730aac20c139f60939b16afccfeeff4fc320683fc7fdc41172a0275ff723777e5c217ac1c599ca9a0502a9f7c732b5e8419b40b0e28e689f1248eb4d154aca2efafcb58d542d9cf8bdf9cff019db05150821a4605a8f5f2524ca87c4ba676ffb053e58f829df177ae19f276a3be8527b671e06fa1535faa1f15937a5ae01993bf7bbba7c4edcca76e77cc3470d3b2beebddcf61b369ade0a4028d17efae8428809de7ff7f6b3f15e146c5fcc15c7231cc3495e1951d8b25064d7246ac13234c71337397abd539bac1ff9b38a3de18ee30c968ce47418a10847989da07163967ccd0ab973d7417a654bedbd7a15bb1cbfc8bbe9bc49c5209528336c6285bc3ab64b402545e8e0aecaa742ac990e7d1044900cafd6ad65620245633f4fd19f0554f0a661fc82de3e9f7469965b15293ddbe7dd73063383fb4e398ac7fee9d631b70724f369422ac1b4a0fc5967c767ab6f7b7534959e5268165b3946f6766cf87096e03fb5d2385eb63fb29460d91381de26ed528142c6c05b523976c15ca96c654a1d63afc8f49953bb3c329e9890cc9de577a44606d63add25e09a6f067ef5c7831c6842918e807f0e91e850c313ad8f89148a2024c5d74449e21e18c16f0658df557f3f898471005c002123f48894423a250be8201f27bf1ea9f3cfef655238ed5bf21cc225bfa452fc5595d080bdd0372e27949bb2b803a43af40c7ac4658fd6b8dca86cda0aaab409fa582a93dd0ec50de61330ae2ccd3231dc4fecb199a66c33f26024d96824f172cbfaf230e7df5bfe90ea095ee82120e23c07d5b4113e52f4edccc994e4226996d63cacea1fd4e4e8b97748be0b26e376f504c50b741e7a2795f5cf946ba1d7b62616e575bccba0ff1ff7a39649c15657028b944081edffa1bf181b0d60d56e0c313e041291adf09ace462e3193bb9ca67957d952cfb79aaaf5087393cee8c6e5e0a43a1b840df9377cb2d1f0a3a5499656a2c8331eb2cde20ca40f4c30b8e3714c5a0113da7d66d64f84658426726993b5df259dc48bfdf4914ac4fa961f3be1f1010b1b441015e37728b7a0200fdd247b508e1308b7aea7162e589d10cc7ff40719c3ade128d934d23e812f3a6f81d874bb8a5f6af035fe88a366cc5a3cc6e5bc0a216b94964cf9187688c5d1afbd9f234d6e88bdb4ea0572683b73c4240ede6c51c2e263e9ea3cb12791ea3a1c65d5f95be8d7a06b251a2e9257e778b279801ff381d540142b29f", 0x1000}}, 0x1006)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0))
r12 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000640)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, r12, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
close_range(r7, 0xffffffffffffffff, 0x0)

173.905648ms ago: executing program 3 (id=1241):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) (async)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000188500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000004c0)='kmem_cache_free\x00', r2}, 0x10) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async)
getsockname$tipc(r0, &(0x7f0000000280)=@name, &(0x7f00000002c0)=0x10) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r4, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x50) (async)
fcntl$setlease(r0, 0x400, 0x2) (async)
write$binfmt_misc(r0, &(0x7f00000001c0)="0025ed8762498fc2f2f052c0e7af60f7dac3efce4062e9e109c7f04a76e92d3ae328c2e44bbb6003494e52ec155504b96e5b32ac31a40c457f0cf8660d1c7fd79a01d8227188cccaff6013423a21d2fd3b88c1292e0fd8fc7a8cad2ccc7b83a9e549e4f6184a3144fe864711fa1428f2ab225fb854d59ee3adccca0fadec6181848a39e1da7439390e1bd1", 0x8b)

173.554888ms ago: executing program 3 (id=1242):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x70)
write$binfmt_script(r1, &(0x7f00000000c0)={'#! ', './file0', [], 0xa, 'dU'}, 0xd)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000680)='sched_switch\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r3, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000280)=[0xc, 0x5], 0x0, 0x0, 0x2}}, 0x40)
close_range(r0, 0xffffffffffffffff, 0x0)

149.407668ms ago: executing program 6 (id=1243):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = socket$phonet(0x23, 0x2, 0x1)
connect$pppl2tp(r0, &(0x7f0000000040)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x8002, 0x0, 0x0, 0x0, {0xa, 0x0, 0xfffffffe, @private1, 0x826f}}}, 0x32)

128.531699ms ago: executing program 6 (id=1244):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r2, 0x5, &(0x7f00000005c0)='\x00H\xeb', 0x0, r2)
fsconfig$FSCONFIG_SET_BINARY(r2, 0x2, &(0x7f0000000580)='\xa3\x04\x00', 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000080)='kfree\x00', &(0x7f0000000180)='\xfa.-\x00', 0x0)
close(r2)

96.087649ms ago: executing program 1 (id=1245):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r5, r2, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000340)=ANY=[@ANYBLOB="6ea88d319b8caaaaaaaaaa1348004500001c000000000011907800000000bfffffff00434e2200089078"], 0x0)

95.428789ms ago: executing program 3 (id=1246):
unshare(0x20000400)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae000000"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0x7}, 0x18)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007009300000000000c0001"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

79.255589ms ago: executing program 1 (id=1247):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x80000000000}, 0x18)
r2 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r2, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f00000000c0)=ANY=[@ANYBLOB="e0000002ac1414aa0000000003"], 0x1c)

57.554859ms ago: executing program 1 (id=1248):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x10001, 0x8}, 0xc8101339d8526c63}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
getpid()
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
setreuid(0xee00, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xdd)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = gettid()
pipe2$9p(&(0x7f0000000500), 0x800)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x2000)
read(r4, &(0x7f0000000200)=""/209, 0x128)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r4, 0x4040534e, &(0x7f0000000080)={0x335, @time={0x80, 0xff}})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0x40045304, &(0x7f0000000300)={0xfffffffb, 0x2, 0x1, 'queue0\x00'})
tkill(r3, 0x7)
r5 = getuid()
setuid(r5)
setns(0xffffffffffffffff, 0x24020000)
sendmsg$IPSET_CMD_HEADER(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x28, 0xc, 0x6, 0x201, 0x0, 0x0, {0xa, 0x0, 0x7}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000540)={0x0, r2}, 0x8)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x402280, 0x0)
recvmsg$can_j1939(r7, &(0x7f00000004c0)={&(0x7f0000000280)=@caif=@rfm, 0x80, &(0x7f0000000080)=[{&(0x7f00000012c0)=""/4096, 0x1000}], 0x1, &(0x7f0000000340)=""/213, 0xd5}, 0x1)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r6}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r8 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r8, &(0x7f0000000580)=@id={0x1e, 0x3, 0x2, {0x4e20, 0x3}}, 0x3d)

57.10383ms ago: executing program 6 (id=1249):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/rt_acct\x00')
r2 = socket(0x18, 0x3, 0x0)
sendfile(r2, r1, 0x0, 0x8)

30.04924ms ago: executing program 6 (id=1250):
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f0000000440)=ANY=[], 0x1, 0x1268, &(0x7f0000002500)="$eJzs3U9rI2UcB/Bf2vTv2qbquroL4oNeFCFue/DkpcguiAWl2gUVhFmbamialCYUIuLWkyfBlyHq0ZsgvoFevHgWBJFePO5BHGmT1aZJu7ptU5HP5zIPzzzfeWYyzMCE+TF7L32+sb7WLK9lrRgpFKK4ORbFuylSjMRodOzEc7d+/OnJN956+9XFpaUbyyndXHxz/sWU0uxT373z0ddPf9+6dOub2W8nYnfu3b3fFn7evbJ7de+Pr6LaTNVmqjdaKUu3G41WdrtWSavV5no5pddrlaxZSdV6s7LVs36t1tjcbKesvjozvblVaTZTVm+n9Uo7tQqptdVO2ftZtZ7K5XKamQ5OY+XLu3meR+T5WIxHnuf5VEzHpXgoZmI2SjEXD8cj8WhcjsfiSjweT8TVg1EXvd8AAAAAAAAAAAAAAAAAAADw/3Kf+v+C+n8AAAAAAAAAAAAAAAAAAAA4f0fr/4sRvv8PAAAAAAAAAAAAAAAAAAAAQ3af7/8fqf9/Xv0/AAAAAAAAAAAAAAAAAAAAnIfJzmI5pcmIjU+3V7ZXOstO/+JaVKMWlbgepfg9Dqr/Ozrtm68s3bieDszFCxt3uvk72yujvfn5sVLMFQbm5zv51JufiOnD+YUoxeXB8y8MzE/Gs8/s5z/p5MtRih/ei0bUYjWi0D36g/zH8ym9/NrSVG/+2v64Y42e82kBAACAs1ROf+l/ft/pDhq4vrOq+3yeuiMLJ/w/cOT5vBjXihd11NzTbH+4ntVqla0HbIwfv53x0225r1GIiCwO98xO/7K8P/mZTfGgjdGhTjp28phTnNMo/gd+zDNo/PrFoZ7JGO7sI91LIqvt3z//WSp28vxcd2zgxThxUur4e0ZhCPclhuPvk37RewIAAAAAAAAAAMC/MfDtv6mI6Hsf8IO+nnuvh/fG+7d8/OyfDeEIAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mQHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFcBAAD///ME0UM=")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000f4)
mkdir(&(0x7f0000000040)='.\x02\x00', 0xe88022b11028290f)
r1 = perf_event_open(&(0x7f0000000040)={0x6, 0x94, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x3)
mmap$perf(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x11, r1, 0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x307, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x4, 0x400008, 0x8000, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, r1, 0x3)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff4e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x4e21, @loopback}}, 0xfffffffc, 0x0, 0x400, 0x0, 0x30}, 0x9c)
bind$inet6(r3, 0x0, 0x0)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0xcc03, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
shutdown(r3, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000a50000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket$caif_stream(0x25, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000400), 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002b40)=ANY=[@ANYBLOB="020500000000000000100000000000082de243ffd6044000"/36], 0x24, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
removexattr(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=@known='system.posix_acl_access\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendmmsg$inet(r4, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000000)="92", 0x1}], 0x1}, 0x1000000}], 0x2, 0x0)

0s ago: executing program 3 (id=1251):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x5, 0x0, 0x0, 0x41100, 0x65, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff7, @void, @value}, 0x94)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r2)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
creat(&(0x7f0000000380)='./file0\x00', 0x80)

kernel console output (not intermixed with test programs):

ute Engine, BIOS Google 04/19/2025
[   85.548526][ T5828] Call Trace:
[   85.548553][ T5828]  <TASK>
[   85.548563][ T5828]  __dump_stack+0x1d/0x30
[   85.548589][ T5828]  dump_stack_lvl+0xe8/0x140
[   85.548614][ T5828]  dump_stack+0x15/0x1b
[   85.548635][ T5828]  should_fail_ex+0x265/0x280
[   85.548675][ T5828]  should_fail+0xb/0x20
[   85.548735][ T5828]  should_fail_usercopy+0x1a/0x20
[   85.548756][ T5828]  _copy_to_iter+0xcf/0xdd0
[   85.548793][ T5828]  ? chacha_block_generic+0x245/0x270
[   85.548901][ T5828]  get_random_bytes_user+0x12d/0x290
[   85.548946][ T5828]  ? import_ubuf+0xe8/0x120
[   85.548969][ T5828]  __x64_sys_getrandom+0xcf/0x1a0
[   85.549010][ T5828]  x64_sys_call+0x2bb4/0x2fb0
[   85.549042][ T5828]  do_syscall_64+0xd0/0x1a0
[   85.549067][ T5828]  ? clear_bhb_loop+0x25/0x80
[   85.549093][ T5828]  ? clear_bhb_loop+0x25/0x80
[   85.549154][ T5828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.549170][ T5378] EXT4-fs error (device loop5): ext4_empty_dir:3077: inode #11: comm syz-executor: invalid size
[   85.549180][ T5828] RIP: 0033:0x7fb92fb7e969
[   85.549200][ T5828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.549221][ T5828] RSP: 002b:00007fb92e1e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000013e
[   85.549245][ T5828] RAX: ffffffffffffffda RBX: 00007fb92fda5fa0 RCX: 00007fb92fb7e969
[   85.549270][ T5828] RDX: 0000000000000000 RSI: 00000000ffffff9a RDI: 0000200000000240
[   85.549286][ T5828] RBP: 00007fb92e1e7090 R08: 0000000000000000 R09: 0000000000000000
[   85.549379][ T5828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   85.549395][ T5828] R13: 0000000000000000 R14: 00007fb92fda5fa0 R15: 00007ffeeb5062f8
[   85.549420][ T5828]  </TASK>
[   85.747277][ T5830] loop4: detected capacity change from 0 to 512
[   85.765296][ T5830] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.780699][ T5830] ext4 filesystem being mounted at /159/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.825122][ T3312] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   85.879722][    C1] vcan0: j1939_tp_rxtimer: 0xffff888118616400: abort rx timeout. Force session deactivation
[   85.933951][   T29] kauditd_printk_skb: 200 callbacks suppressed
[   85.933985][   T29] audit: type=1400 audit(1746443065.160:2430): avc:  denied  { write } for  pid=5841 comm="syz.1.771" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   85.984903][ T5378] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.047264][ T5846] FAULT_INJECTION: forcing a failure.
[   86.047264][ T5846] name failslab, interval 1, probability 0, space 0, times 0
[   86.059950][ T5846] CPU: 1 UID: 0 PID: 5846 Comm: syz.1.772 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   86.060003][ T5846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   86.060026][ T5846] Call Trace:
[   86.060033][ T5846]  <TASK>
[   86.060043][ T5846]  __dump_stack+0x1d/0x30
[   86.060068][ T5846]  dump_stack_lvl+0xe8/0x140
[   86.060087][ T5846]  dump_stack+0x15/0x1b
[   86.060102][ T5846]  should_fail_ex+0x265/0x280
[   86.060210][ T5846]  ? sctp_auth_asoc_copy_shkeys+0xfa/0x330
[   86.060331][ T5846]  should_failslab+0x8c/0xb0
[   86.060374][ T5846]  __kmalloc_cache_noprof+0x4c/0x320
[   86.060402][ T5846]  sctp_auth_asoc_copy_shkeys+0xfa/0x330
[   86.060505][ T5846]  sctp_association_new+0xde5/0x1200
[   86.060550][ T5846]  sctp_connect_new_asoc+0x1a8/0x3a0
[   86.060643][ T5846]  sctp_sendmsg+0xf10/0x18d0
[   86.060725][ T5846]  ? selinux_socket_sendmsg+0x141/0x1b0
[   86.060753][ T5846]  ? __pfx_sctp_sendmsg+0x10/0x10
[   86.060782][ T5846]  inet_sendmsg+0xc2/0xd0
[   86.060880][ T5846]  __sock_sendmsg+0x102/0x180
[   86.060909][ T5846]  ____sys_sendmsg+0x345/0x4e0
[   86.060930][ T5846]  ___sys_sendmsg+0x17b/0x1d0
[   86.060979][ T5846]  __sys_sendmmsg+0x178/0x300
[   86.061044][ T5846]  __x64_sys_sendmmsg+0x57/0x70
[   86.061140][ T5846]  x64_sys_call+0x2f2f/0x2fb0
[   86.061200][ T5846]  do_syscall_64+0xd0/0x1a0
[   86.061256][ T5846]  ? clear_bhb_loop+0x25/0x80
[   86.061284][ T5846]  ? clear_bhb_loop+0x25/0x80
[   86.061309][ T5846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.061369][ T5846] RIP: 0033:0x7fbe4d80e969
[   86.061386][ T5846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.061411][ T5846] RSP: 002b:00007fbe4be77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   86.061452][ T5846] RAX: ffffffffffffffda RBX: 00007fbe4da35fa0 RCX: 00007fbe4d80e969
[   86.061467][ T5846] RDX: 0000000000000001 RSI: 00002000000016c0 RDI: 0000000000000005
[   86.061478][ T5846] RBP: 00007fbe4be77090 R08: 0000000000000000 R09: 0000000000000000
[   86.061490][ T5846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.061504][ T5846] R13: 0000000000000000 R14: 00007fbe4da35fa0 R15: 00007fff020803c8
[   86.061527][ T5846]  </TASK>
[   86.340801][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.394138][   T51] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.449226][   T29] audit: type=1400 audit(1746443065.670:2431): avc:  denied  { sqpoll } for  pid=5859 comm="syz.4.778" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   86.489041][ T5865] FAULT_INJECTION: forcing a failure.
[   86.489041][ T5865] name failslab, interval 1, probability 0, space 0, times 0
[   86.491015][   T29] audit: type=1400 audit(1746443065.710:2432): avc:  denied  { mount } for  pid=5864 comm="syz.3.780" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[   86.501800][ T5865] CPU: 1 UID: 0 PID: 5865 Comm: syz.3.780 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   86.501843][ T5865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   86.501860][ T5865] Call Trace:
[   86.501869][ T5865]  <TASK>
[   86.501880][ T5865]  __dump_stack+0x1d/0x30
[   86.501907][ T5865]  dump_stack_lvl+0xe8/0x140
[   86.501934][ T5865]  dump_stack+0x15/0x1b
[   86.502017][ T5865]  should_fail_ex+0x265/0x280
[   86.502059][ T5865]  should_failslab+0x8c/0xb0
[   86.502100][ T5865]  __kvmalloc_node_noprof+0x126/0x4d0
[   86.502127][ T5865]  ? xt_alloc_entry_offsets+0x48/0x50
[   86.502162][ T5865]  ? __rcu_read_unlock+0x4f/0x70
[   86.502214][ T5865]  ? refill_obj_stock+0x155/0x220
[   86.502243][ T5865]  xt_alloc_entry_offsets+0x48/0x50
[   86.502278][ T5865]  translate_table+0xa9/0x1070
[   86.502309][ T5865]  ? __memcg_slab_post_alloc_hook+0x464/0x5a0
[   86.502405][ T5865]  ? should_fail_ex+0xdb/0x280
[   86.502589][ T5865]  ? _copy_from_user+0x89/0xb0
[   86.502619][ T5865]  do_ip6t_set_ctl+0x678/0x840
[   86.502648][ T5865]  ? kstrtoull+0x111/0x140
[   86.502747][ T5865]  ? __rcu_read_unlock+0x4f/0x70
[   86.502780][ T5865]  nf_setsockopt+0x196/0x1b0
[   86.502938][ T5865]  ipv6_setsockopt+0x11a/0x130
[   86.502965][ T5865]  tcp_setsockopt+0x95/0xb0
[   86.503070][ T5865]  sock_common_setsockopt+0x66/0x80
[   86.503106][ T5865]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   86.503141][ T5865]  __sys_setsockopt+0x181/0x200
[   86.503203][ T5865]  __x64_sys_setsockopt+0x64/0x80
[   86.503246][ T5865]  x64_sys_call+0x2bd5/0x2fb0
[   86.503305][ T5865]  do_syscall_64+0xd0/0x1a0
[   86.503335][ T5865]  ? clear_bhb_loop+0x25/0x80
[   86.503364][ T5865]  ? clear_bhb_loop+0x25/0x80
[   86.503409][ T5865]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.503435][ T5865] RIP: 0033:0x7fb92fb7e969
[   86.503488][ T5865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.503512][ T5865] RSP: 002b:00007fb92e1e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   86.503606][ T5865] RAX: ffffffffffffffda RBX: 00007fb92fda5fa0 RCX: 00007fb92fb7e969
[   86.503623][ T5865] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 000000000000000a
[   86.503639][ T5865] RBP: 00007fb92e1e7090 R08: 0000000000000660 R09: 0000000000000000
[   86.503654][ T5865] R10: 0000200000000680 R11: 0000000000000246 R12: 0000000000000001
[   86.503669][ T5865] R13: 0000000000000000 R14: 00007fb92fda5fa0 R15: 00007ffeeb5062f8
[   86.503693][ T5865]  </TASK>
[   86.546022][ T5852] lo speed is unknown, defaulting to 1000
[   86.623089][   T29] audit: type=1400 audit(1746443065.840:2433): avc:  denied  { write } for  pid=5843 comm="syz.2.774" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   86.659854][ T5877] loop4: detected capacity change from 0 to 8192
[   86.752727][ T5844] loop2: detected capacity change from 0 to 128
[   86.826791][   T51] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.925003][ T5883] loop3: detected capacity change from 0 to 2048
[   86.931732][ T5883] ext4: Unknown parameter 'nouser_xattr'
[   86.943607][   T51] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.970103][ T5883] netlink: 'syz.3.784': attribute type 12 has an invalid length.
[   86.978260][ T5883] netlink: 'syz.3.784': attribute type 12 has an invalid length.
[   86.999013][   T51] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.099991][ T5877] FAT-fs (loop4): error, corrupted directory (invalid entries)
[   87.107762][ T5877] FAT-fs (loop4): Filesystem has been set read-only
[   87.118395][ T5884] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[   87.154814][ T5852] chnl_net:caif_netlink_parms(): no params data found
[   87.200488][ T5896] loop2: detected capacity change from 0 to 512
[   87.201816][   T51] bridge_slave_1: left allmulticast mode
[   87.212550][   T51] bridge_slave_1: left promiscuous mode
[   87.218257][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.322880][   T51] bridge_slave_0: left allmulticast mode
[   87.328682][   T51] bridge_slave_0: left promiscuous mode
[   87.334522][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.348254][ T5896] Quota error (device loop2): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[   87.358564][ T5896] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[   87.368582][ T5896] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.788: Failed to acquire dquot type 1
[   87.382186][ T5896] EXT4-fs (loop2): 1 truncate cleaned up
[   87.393925][ T5905] loop4: detected capacity change from 0 to 512
[   87.407445][ T5896] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.420214][ T5896] ext4 filesystem being mounted at /171/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.425476][ T5905] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.790: bg 0: block 131: padding at end of block bitmap is not set
[   87.547295][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   87.565890][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.576687][ T5905] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   87.588609][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   87.600991][ T5905] EXT4-fs (loop4): 1 truncate cleaned up
[   87.621278][   T51] bond0 (unregistering): Released all slaves
[   87.629252][ T5905] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.681136][ T5852] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.688319][ T5852] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.701200][ T5852] bridge_slave_0: entered allmulticast mode
[   87.708255][ T5852] bridge_slave_0: entered promiscuous mode
[   87.718208][ T5852] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.725482][ T5852] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.732798][ T5852] bridge_slave_1: entered allmulticast mode
[   87.741680][ T5852] bridge_slave_1: entered promiscuous mode
[   87.781797][ T5852] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.799929][ T5852] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   87.818710][ T5908] lo speed is unknown, defaulting to 1000
[   87.843108][   T51] hsr_slave_0: left promiscuous mode
[   87.850562][   T51] hsr_slave_1: left promiscuous mode
[   87.856979][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   87.864627][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[   87.879443][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   87.887267][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[   87.902319][   T51] veth1_macvtap: left promiscuous mode
[   87.909501][   T51] veth0_macvtap: left promiscuous mode
[   87.915662][   T51] veth1_vlan: left promiscuous mode
[   87.925238][   T51] veth0_vlan: left promiscuous mode
[   88.000070][   T51] team0 (unregistering): Port device team_slave_1 removed
[   88.009841][   T51] team0 (unregistering): Port device team_slave_0 removed
[   88.052475][ T5916] netlink: 8 bytes leftover after parsing attributes in process `syz.2.792'.
[   88.062583][ T5920] netlink: 8 bytes leftover after parsing attributes in process `syz.1.794'.
[   88.063064][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.102734][ T5852] team0: Port device team_slave_0 added
[   88.110539][ T5852] team0: Port device team_slave_1 added
[   88.140984][ T5926] FAULT_INJECTION: forcing a failure.
[   88.140984][ T5926] name failslab, interval 1, probability 0, space 0, times 0
[   88.153757][ T5926] CPU: 1 UID: 0 PID: 5926 Comm: syz.1.797 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   88.153783][ T5926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   88.153820][ T5926] Call Trace:
[   88.153829][ T5926]  <TASK>
[   88.153839][ T5926]  __dump_stack+0x1d/0x30
[   88.153906][ T5926]  dump_stack_lvl+0xe8/0x140
[   88.153925][ T5926]  dump_stack+0x15/0x1b
[   88.153941][ T5926]  should_fail_ex+0x265/0x280
[   88.154038][ T5926]  should_failslab+0x8c/0xb0
[   88.154076][ T5926]  kmem_cache_alloc_node_noprof+0x57/0x320
[   88.154116][ T5926]  ? __alloc_skb+0x101/0x320
[   88.154145][ T5926]  __alloc_skb+0x101/0x320
[   88.154205][ T5926]  _sctp_make_chunk+0x59/0x210
[   88.154293][ T5926]  sctp_make_strreset_req+0xa9/0x3a0
[   88.154403][ T5926]  sctp_send_reset_streams+0x4c2/0x880
[   88.154427][ T5926]  ? _raw_spin_unlock_bh+0x36/0x40
[   88.154454][ T5926]  sctp_setsockopt_reset_streams+0x173/0x210
[   88.154500][ T5926]  sctp_setsockopt+0x8eb/0xe30
[   88.154539][ T5926]  sock_common_setsockopt+0x66/0x80
[   88.154628][ T5926]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   88.154677][ T5926]  __sys_setsockopt+0x181/0x200
[   88.154715][ T5926]  __x64_sys_setsockopt+0x64/0x80
[   88.154770][ T5926]  x64_sys_call+0x2bd5/0x2fb0
[   88.154807][ T5926]  do_syscall_64+0xd0/0x1a0
[   88.154859][ T5926]  ? clear_bhb_loop+0x25/0x80
[   88.154881][ T5926]  ? clear_bhb_loop+0x25/0x80
[   88.154907][ T5926]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.154928][ T5926] RIP: 0033:0x7fbe4d80e969
[   88.154972][ T5926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.154994][ T5926] RSP: 002b:00007fbe4be77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   88.155017][ T5926] RAX: ffffffffffffffda RBX: 00007fbe4da35fa0 RCX: 00007fbe4d80e969
[   88.155032][ T5926] RDX: 0000000000000077 RSI: 0000000000000084 RDI: 0000000000000006
[   88.155047][ T5926] RBP: 00007fbe4be77090 R08: 000000000001000f R09: 0000000000000000
[   88.155058][ T5926] R10: 0000200000000640 R11: 0000000000000246 R12: 0000000000000001
[   88.155069][ T5926] R13: 0000000000000000 R14: 00007fbe4da35fa0 R15: 00007fff020803c8
[   88.155087][ T5926]  </TASK>
[   88.385435][ T5924] netlink: 16 bytes leftover after parsing attributes in process `syz.2.796'.
[   88.401062][ T5852] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.408137][ T5852] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.413491][ T5924] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   88.434081][ T5852] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.458649][ T5928] loop3: detected capacity change from 0 to 512
[   88.489556][ T5852] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.496637][ T5852] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.506818][ T5931] loop1: detected capacity change from 0 to 8192
[   88.522579][ T5852] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.575887][ T5928] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.622279][ T5928] ext4 filesystem being mounted at /159/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.690111][ T5852] hsr_slave_0: entered promiscuous mode
[   88.709304][ T5940] loop4: detected capacity change from 0 to 512
[   88.716683][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.732907][ T5852] hsr_slave_1: entered promiscuous mode
[   88.763612][ T5852] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   88.771206][ T5852] Cannot create hsr debugfs directory
[   88.779005][ T5939] FAT-fs (loop1): error, corrupted directory (invalid entries)
[   88.786829][ T5939] FAT-fs (loop1): Filesystem has been set read-only
[   88.813048][ T5931] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[   88.944467][ T5940] EXT4-fs error (device loop4): ext4_quota_enable:7126: comm syz.4.801: inode #64: comm syz.4.801: iget: illegal inode #
[   88.973699][ T5940] EXT4-fs error (device loop4): ext4_quota_enable:7129: comm syz.4.801: Bad quota inode: 64, type: 2
[   89.085873][ T5940] EXT4-fs warning (device loop4): ext4_enable_quotas:7170: Failed to enable quota tracking (type=2, err=-117, ino=64). Please run e2fsck to fix.
[   89.115703][ T5953] lo speed is unknown, defaulting to 1000
[   89.342628][ T5940] EXT4-fs (loop4): mount failed
[   89.366184][ T5955] netlink: 'syz.1.804': attribute type 1 has an invalid length.
[   89.529782][ T5852] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   89.628203][ T5852] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   89.975566][ T5852] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   89.989918][ T5852] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   90.194183][ T5959] lo speed is unknown, defaulting to 1000
[   90.266458][   T29] audit: type=1400 audit(1746443069.490:2434): avc:  denied  { setopt } for  pid=5962 comm="syz.3.807" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   90.421915][   T29] audit: type=1400 audit(1746443069.510:2435): avc:  denied  { connect } for  pid=5962 comm="syz.3.807" lport=135 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   90.485387][ T5852] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.495992][ T5971] smc: net device bond0 applied user defined pnetid SYZ0
[   90.504451][ T5852] 8021q: adding VLAN 0 to HW filter on device team0
[   90.505250][ T5971] smc: net device bond0 erased user defined pnetid SYZ0
[   90.514306][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.525137][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.536223][ T5972] loop4: detected capacity change from 0 to 512
[   90.536671][  T311] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.549637][  T311] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.557064][ T5971] loop3: detected capacity change from 0 to 512
[   90.577619][ T5972] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.597964][ T5972] ext4 filesystem being mounted at /166/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   90.599608][ T5852] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   90.611685][ T5971] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   90.619279][ T5852] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   90.651102][ T5971] EXT4-fs (loop3): 1 truncate cleaned up
[   90.657346][ T5971] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   90.672007][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.721419][ T5852] 8021q: adding VLAN 0 to HW filter on device batadv0
[   90.765438][ T5985] xt_hashlimit: size too large, truncated to 1048576
[   90.820043][ T5992] netlink: 8 bytes leftover after parsing attributes in process `syz.2.812'.
[   90.841019][ T5990] netlink: 'syz.4.813': attribute type 1 has an invalid length.
[   90.883333][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.936464][   T29] audit: type=1400 audit(1746443070.160:2436): avc:  denied  { ioctl } for  pid=5983 comm="syz.1.814" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=13420 ioctlcmd=0x7437 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   91.139209][ T6011] loop3: detected capacity change from 0 to 2048
[   91.161221][ T5852] veth0_vlan: entered promiscuous mode
[   91.176604][ T3460]  loop3: p1 < > p4
[   91.181172][ T3460] loop3: p4 size 8388608 extends beyond EOD, truncated
[   91.192442][ T5852] veth1_vlan: entered promiscuous mode
[   91.253141][ T6016] lo speed is unknown, defaulting to 1000
[   91.368749][ T6011] loop_reread_partitions: partition scan of loop3 () failed (rc=-16)
[   91.451173][ T5852] veth0_macvtap: entered promiscuous mode
[   91.518547][ T5852] veth1_macvtap: entered promiscuous mode
[   91.607672][ T5852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.618191][ T5852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.628089][ T5852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.638541][ T5852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.648391][ T5852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.658920][ T5852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.668852][ T5852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.679330][ T5852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.750342][ T5852] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.758809][ T5852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   91.769339][ T5852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.779207][ T5852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   91.789942][ T5852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.799903][ T5852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   91.810355][ T5852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.820338][ T5852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   91.830814][ T5852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.851971][ T3006]  loop3: p1 < > p4
[   91.856397][ T3006] loop3: p4 size 8388608 extends beyond EOD, truncated
[   91.906347][ T5852] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.926508][ T6024] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6024 comm=syz.2.822
[   91.986911][   T29] audit: type=1400 audit(1746443071.210:2437): avc:  denied  { write } for  pid=6030 comm="syz.3.825" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   92.022027][ T5852] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.031002][ T5852] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.039928][ T5852] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.048718][ T5852] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.058307][ T3299] udevd[3299]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   92.077689][ T3460] udevd[3460]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   92.083430][   T29] audit: type=1400 audit(1746443071.240:2438): avc:  denied  { getopt } for  pid=6028 comm="syz.2.826" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   92.107059][   T29] audit: type=1400 audit(1746443071.240:2439): avc:  denied  { setattr } for  pid=6028 comm="syz.2.826" name="NETLINK" dev="sockfs" ino=13474 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   92.157737][   T29] audit: type=1400 audit(1746443071.370:2440): avc:  denied  { setopt } for  pid=6037 comm="syz.2.829" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   92.175844][ T6027] netlink: 8 bytes leftover after parsing attributes in process `syz.1.824'.
[   92.208142][   T29] audit: type=1400 audit(1746443071.430:2441): avc:  denied  { bind } for  pid=6030 comm="syz.3.825" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   92.277049][ T6044] loop4: detected capacity change from 0 to 512
[   92.305278][ T6044] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.831: bg 0: block 131: padding at end of block bitmap is not set
[   92.365743][ T6044] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   92.385199][ T6052] loop2: detected capacity change from 0 to 2048
[   92.407084][ T6044] EXT4-fs (loop4): 1 truncate cleaned up
[   92.413603][ T6044] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   92.435387][ T6052] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.464544][   T29] audit: type=1400 audit(1746443071.680:2442): avc:  denied  { mount } for  pid=6058 comm="syz.1.835" name="/" dev="ramfs" ino=13566 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   92.498124][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.525689][   T29] audit: type=1326 audit(1746443071.740:2443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6055 comm="syz.3.836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb92fb7e969 code=0x7ffc0000
[   92.549315][   T29] audit: type=1326 audit(1746443071.740:2444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6055 comm="syz.3.836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb92fb7e969 code=0x7ffc0000
[   92.572713][   T29] audit: type=1326 audit(1746443071.740:2445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6055 comm="syz.3.836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7fb92fb7e969 code=0x7ffc0000
[   92.596088][   T29] audit: type=1326 audit(1746443071.740:2446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6055 comm="syz.3.836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb92fb7e969 code=0x7ffc0000
[   92.653111][ T6056] loop3: detected capacity change from 0 to 128
[   92.744816][ T6056] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   92.807848][ T6071] loop1: detected capacity change from 0 to 512
[   92.830273][ T6056] ext4 filesystem being mounted at /168/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.867652][ T6071] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.839: bg 0: block 131: padding at end of block bitmap is not set
[   92.876307][ T6077] netlink: 20 bytes leftover after parsing attributes in process `syz.4.842'.
[   92.900331][ T6071] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   92.910765][ T6078] netlink: 8 bytes leftover after parsing attributes in process `syz.6.840'.
[   92.931118][ T6071] EXT4-fs (loop1): 1 truncate cleaned up
[   92.943257][ T6071] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   92.980905][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.044036][ T6084] FAULT_INJECTION: forcing a failure.
[   93.044036][ T6084] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   93.057251][ T6084] CPU: 1 UID: 0 PID: 6084 Comm: syz.1.844 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   93.057286][ T6084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   93.057313][ T6084] Call Trace:
[   93.057320][ T6084]  <TASK>
[   93.057329][ T6084]  __dump_stack+0x1d/0x30
[   93.057355][ T6084]  dump_stack_lvl+0xe8/0x140
[   93.057379][ T6084]  dump_stack+0x15/0x1b
[   93.057449][ T6084]  should_fail_ex+0x265/0x280
[   93.057488][ T6084]  should_fail+0xb/0x20
[   93.057520][ T6084]  should_fail_usercopy+0x1a/0x20
[   93.057541][ T6084]  _copy_from_iter+0xcf/0xdd0
[   93.057646][ T6084]  ? __build_skb_around+0x1a0/0x200
[   93.057683][ T6084]  ? __alloc_skb+0x223/0x320
[   93.057721][ T6084]  netlink_sendmsg+0x471/0x6b0
[   93.057764][ T6084]  ? __pfx_netlink_sendmsg+0x10/0x10
[   93.057826][ T6084]  __sock_sendmsg+0x142/0x180
[   93.057858][ T6084]  ____sys_sendmsg+0x31e/0x4e0
[   93.057886][ T6084]  ___sys_sendmsg+0x17b/0x1d0
[   93.057986][ T6084]  __x64_sys_sendmsg+0xd4/0x160
[   93.058013][ T6084]  x64_sys_call+0x2999/0x2fb0
[   93.058040][ T6084]  do_syscall_64+0xd0/0x1a0
[   93.058068][ T6084]  ? clear_bhb_loop+0x25/0x80
[   93.058093][ T6084]  ? clear_bhb_loop+0x25/0x80
[   93.058133][ T6084]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.058161][ T6084] RIP: 0033:0x7fbe4d80e969
[   93.058179][ T6084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.058197][ T6084] RSP: 002b:00007fbe4be77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   93.058215][ T6084] RAX: ffffffffffffffda RBX: 00007fbe4da35fa0 RCX: 00007fbe4d80e969
[   93.058230][ T6084] RDX: 0000000000000080 RSI: 0000200000003fc0 RDI: 0000000000000007
[   93.058296][ T6084] RBP: 00007fbe4be77090 R08: 0000000000000000 R09: 0000000000000000
[   93.058365][ T6084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.058377][ T6084] R13: 0000000000000000 R14: 00007fbe4da35fa0 R15: 00007fff020803c8
[   93.058395][ T6084]  </TASK>
[   93.282979][ T6089] netlink: 'syz.3.847': attribute type 1 has an invalid length.
[   93.557408][ T6125] loop6: detected capacity change from 0 to 512
[   93.583965][ T6127] FAULT_INJECTION: forcing a failure.
[   93.583965][ T6127] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   93.597127][ T6127] CPU: 0 UID: 0 PID: 6127 Comm: syz.2.862 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   93.597217][ T6127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   93.597233][ T6127] Call Trace:
[   93.597241][ T6127]  <TASK>
[   93.597249][ T6127]  __dump_stack+0x1d/0x30
[   93.597270][ T6127]  dump_stack_lvl+0xe8/0x140
[   93.597292][ T6127]  dump_stack+0x15/0x1b
[   93.597309][ T6127]  should_fail_ex+0x265/0x280
[   93.597381][ T6127]  should_fail+0xb/0x20
[   93.597409][ T6127]  should_fail_usercopy+0x1a/0x20
[   93.597426][ T6127]  _copy_from_user+0x1c/0xb0
[   93.597448][ T6127]  ___sys_sendmsg+0xc1/0x1d0
[   93.597534][ T6127]  __x64_sys_sendmsg+0xd4/0x160
[   93.597556][ T6127]  x64_sys_call+0x2999/0x2fb0
[   93.597628][ T6127]  do_syscall_64+0xd0/0x1a0
[   93.597650][ T6127]  ? clear_bhb_loop+0x25/0x80
[   93.597671][ T6127]  ? clear_bhb_loop+0x25/0x80
[   93.597691][ T6127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.597714][ T6127] RIP: 0033:0x7f407703e969
[   93.597738][ T6127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.597829][ T6127] RSP: 002b:00007f40756a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   93.597852][ T6127] RAX: ffffffffffffffda RBX: 00007f4077265fa0 RCX: 00007f407703e969
[   93.597864][ T6127] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 000000000000000a
[   93.597879][ T6127] RBP: 00007f40756a7090 R08: 0000000000000000 R09: 0000000000000000
[   93.597894][ T6127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.597909][ T6127] R13: 0000000000000000 R14: 00007f4077265fa0 R15: 00007ffd0de2f578
[   93.597932][ T6127]  </TASK>
[   93.601689][ T6125] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2
[   93.782291][ T6125] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2
[   93.792924][ T6132] $Hÿ: renamed from bond0 (while UP)
[   93.793395][ T6125] EXT4-fs (loop6): 1 truncate cleaned up
[   93.810018][ T6132] $Hÿ: entered promiscuous mode
[   93.813917][ T6134] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=64 sclass=netlink_route_socket pid=6134 comm=syz.2.866
[   93.815242][ T6132] bond_slave_0: entered promiscuous mode
[   93.833487][ T6132] bond_slave_1: entered promiscuous mode
[   93.854402][ T6125] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters
[   93.931876][ T6144] FAULT_INJECTION: forcing a failure.
[   93.931876][ T6144] name failslab, interval 1, probability 0, space 0, times 0
[   93.944640][ T6144] CPU: 0 UID: 0 PID: 6144 Comm: syz.2.870 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   93.944684][ T6144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   93.944701][ T6144] Call Trace:
[   93.944707][ T6144]  <TASK>
[   93.944717][ T6144]  __dump_stack+0x1d/0x30
[   93.944742][ T6144]  dump_stack_lvl+0xe8/0x140
[   93.944760][ T6144]  dump_stack+0x15/0x1b
[   93.944775][ T6144]  should_fail_ex+0x265/0x280
[   93.944805][ T6144]  should_failslab+0x8c/0xb0
[   93.944833][ T6144]  kmem_cache_alloc_noprof+0x50/0x310
[   93.944869][ T6144]  ? mas_alloc_nodes+0x265/0x520
[   93.944900][ T6144]  mas_alloc_nodes+0x265/0x520
[   93.944930][ T6144]  mas_preallocate+0x456/0x680
[   93.944961][ T6144]  commit_merge+0x364/0x6f0
[   93.944992][ T6144]  vma_expand+0x1d0/0x370
[   93.945017][ T6144]  vma_merge_new_range+0x296/0x310
[   93.945046][ T6144]  copy_vma+0x27e/0x560
[   93.945092][ T6144]  move_vma+0x429/0xd10
[   93.945117][ T6144]  ? selinux_mmap_addr+0x99/0xb0
[   93.945148][ T6144]  ? security_mmap_addr+0x5f/0x70
[   93.945176][ T6144]  mremap_to+0x4d8/0x510
[   93.945197][ T6144]  __se_sys_mremap+0x549/0x6f0
[   93.945220][ T6144]  ? ksys_write+0x16e/0x1a0
[   93.945245][ T6144]  __x64_sys_mremap+0x67/0x80
[   93.945266][ T6144]  x64_sys_call+0x2ba9/0x2fb0
[   93.945289][ T6144]  do_syscall_64+0xd0/0x1a0
[   93.945316][ T6144]  ? clear_bhb_loop+0x25/0x80
[   93.945342][ T6144]  ? clear_bhb_loop+0x25/0x80
[   93.945368][ T6144]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.945388][ T6144] RIP: 0033:0x7f407703e969
[   93.945404][ T6144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.945426][ T6144] RSP: 002b:00007f40756a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[   93.945449][ T6144] RAX: ffffffffffffffda RBX: 00007f4077265fa0 RCX: 00007f407703e969
[   93.945464][ T6144] RDX: 0000000000002000 RSI: 0000000000003000 RDI: 0000200000001000
[   93.945480][ T6144] RBP: 00007f40756a7090 R08: 0000200000009000 R09: 0000000000000000
[   93.945495][ T6144] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000002
[   93.945509][ T6144] R13: 0000000000000000 R14: 00007f4077265fa0 R15: 00007ffd0de2f578
[   93.945531][ T6144]  </TASK>
[   94.261418][ T6157] FAULT_INJECTION: forcing a failure.
[   94.261418][ T6157] name failslab, interval 1, probability 0, space 0, times 0
[   94.274188][ T6157] CPU: 1 UID: 0 PID: 6157 Comm: syz.3.875 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   94.274300][ T6157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   94.274315][ T6157] Call Trace:
[   94.274371][ T6157]  <TASK>
[   94.274380][ T6157]  __dump_stack+0x1d/0x30
[   94.274408][ T6157]  dump_stack_lvl+0xe8/0x140
[   94.274426][ T6157]  dump_stack+0x15/0x1b
[   94.274441][ T6157]  should_fail_ex+0x265/0x280
[   94.274479][ T6157]  should_failslab+0x8c/0xb0
[   94.274559][ T6157]  kmem_cache_alloc_node_noprof+0x57/0x320
[   94.274598][ T6157]  ? __alloc_skb+0x101/0x320
[   94.274626][ T6157]  ? __rtnl_unlock+0x95/0xb0
[   94.274666][ T6157]  __alloc_skb+0x101/0x320
[   94.274701][ T6157]  netlink_ack+0xfd/0x500
[   94.274733][ T6157]  netlink_rcv_skb+0x192/0x220
[   94.274768][ T6157]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   94.274819][ T6157]  rtnetlink_rcv+0x1c/0x30
[   94.274844][ T6157]  netlink_unicast+0x59e/0x670
[   94.274882][ T6157]  netlink_sendmsg+0x58b/0x6b0
[   94.274925][ T6157]  ? __pfx_netlink_sendmsg+0x10/0x10
[   94.274961][ T6157]  __sock_sendmsg+0x142/0x180
[   94.274985][ T6157]  ____sys_sendmsg+0x31e/0x4e0
[   94.275007][ T6157]  ___sys_sendmsg+0x17b/0x1d0
[   94.275109][ T6157]  __x64_sys_sendmsg+0xd4/0x160
[   94.275138][ T6157]  x64_sys_call+0x2999/0x2fb0
[   94.275163][ T6157]  do_syscall_64+0xd0/0x1a0
[   94.275237][ T6157]  ? clear_bhb_loop+0x25/0x80
[   94.275264][ T6157]  ? clear_bhb_loop+0x25/0x80
[   94.275291][ T6157]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.275317][ T6157] RIP: 0033:0x7fb92fb7e969
[   94.275335][ T6157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.275386][ T6157] RSP: 002b:00007fb92e1e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   94.275403][ T6157] RAX: ffffffffffffffda RBX: 00007fb92fda5fa0 RCX: 00007fb92fb7e969
[   94.275418][ T6157] RDX: 0000000000008000 RSI: 0000200000000040 RDI: 0000000000000003
[   94.275429][ T6157] RBP: 00007fb92e1e7090 R08: 0000000000000000 R09: 0000000000000000
[   94.275441][ T6157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.275452][ T6157] R13: 0000000000000000 R14: 00007fb92fda5fa0 R15: 00007ffeeb5062f8
[   94.275498][ T6157]  </TASK>
[   94.585846][ T6161] netlink: 16 bytes leftover after parsing attributes in process `syz.1.877'.
[   94.621775][ T6161] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   94.683518][ T6167] loop2: detected capacity change from 0 to 2048
[   94.703924][ T6163] loop3: detected capacity change from 0 to 2048
[   94.740666][ T6166] netlink: 12 bytes leftover after parsing attributes in process `syz.2.879'.
[   94.778583][ T6166] netlink: 24 bytes leftover after parsing attributes in process `syz.2.879'.
[   94.791194][ T3299] Alternate GPT is invalid, using primary GPT.
[   94.797530][ T3299]  loop3: p1 p2 p3
[   94.852676][ T6163] Alternate GPT is invalid, using primary GPT.
[   94.859085][ T6163]  loop3: p1 p2 p3
[   94.865925][ T6177] loop2: detected capacity change from 0 to 512
[   94.894831][ T6178] xt_CT: You must specify a L4 protocol and not use inversions on it
[   94.947897][ T3299] udevd[3299]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   94.968845][ T5413] udevd[5413]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[   94.989853][ T3460] udevd[3460]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   95.024268][ T3299] udevd[3299]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   95.035889][ T3460] udevd[3460]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   95.054705][ T5413] udevd[5413]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[   95.314914][ T6195] loop1: detected capacity change from 0 to 8192
[   95.359567][ T6195] vfat: Unknown parameter ''
[   95.513929][ T6200] lo speed is unknown, defaulting to 1000
[   95.903521][ T6203] netlink: 'syz.4.892': attribute type 1 has an invalid length.
[   95.986842][ T6209] FAULT_INJECTION: forcing a failure.
[   95.986842][ T6209] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   96.000156][ T6209] CPU: 0 UID: 0 PID: 6209 Comm: syz.6.893 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   96.000185][ T6209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   96.000196][ T6209] Call Trace:
[   96.000203][ T6209]  <TASK>
[   96.000212][ T6209]  __dump_stack+0x1d/0x30
[   96.000233][ T6209]  dump_stack_lvl+0xe8/0x140
[   96.000311][ T6209]  dump_stack+0x15/0x1b
[   96.000331][ T6209]  should_fail_ex+0x265/0x280
[   96.000369][ T6209]  should_fail+0xb/0x20
[   96.000396][ T6209]  should_fail_usercopy+0x1a/0x20
[   96.000465][ T6209]  _copy_from_user+0x1c/0xb0
[   96.000491][ T6209]  memdup_user+0x5e/0xd0
[   96.000577][ T6209]  strndup_user+0x68/0xb0
[   96.000600][ T6209]  perf_uprobe_init+0x48/0x150
[   96.000663][ T6209]  perf_uprobe_event_init+0xea/0x150
[   96.000700][ T6209]  perf_try_init_event+0xd0/0x540
[   96.000735][ T6209]  ? perf_event_alloc+0xab1/0x15c0
[   96.000779][ T6209]  perf_event_alloc+0xabc/0x15c0
[   96.000890][ T6209]  __se_sys_perf_event_open+0x4e1/0x1170
[   96.000917][ T6209]  ? __rcu_read_unlock+0x4f/0x70
[   96.000955][ T6209]  __x64_sys_perf_event_open+0x67/0x80
[   96.000984][ T6209]  x64_sys_call+0x27ec/0x2fb0
[   96.001078][ T6209]  do_syscall_64+0xd0/0x1a0
[   96.001105][ T6209]  ? clear_bhb_loop+0x25/0x80
[   96.001127][ T6209]  ? clear_bhb_loop+0x25/0x80
[   96.001190][ T6209]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.001217][ T6209] RIP: 0033:0x7fbd8610e969
[   96.001235][ T6209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.001275][ T6209] RSP: 002b:00007fbd84777038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[   96.001294][ T6209] RAX: ffffffffffffffda RBX: 00007fbd86335fa0 RCX: 00007fbd8610e969
[   96.001306][ T6209] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 00002000000004c0
[   96.001351][ T6209] RBP: 00007fbd84777090 R08: 0000000000000000 R09: 0000000000000000
[   96.001363][ T6209] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[   96.001374][ T6209] R13: 0000000000000000 R14: 00007fbd86335fa0 R15: 00007fff8c28ca48
[   96.001393][ T6209]  </TASK>
[   96.297006][ T6211] IPv6: Can't replace route, no match found
[   96.352327][ T6211] 9pnet_fd: Insufficient options for proto=fd
[   96.378422][ T6208] SELinux:  Context system_u:object_r:tmp_t:s0 is not valid (left unmapped).
[   96.392079][ T6215] loop3: detected capacity change from 0 to 8192
[   96.417745][ T6219] loop6: detected capacity change from 0 to 512
[   96.434261][ T6215] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   96.435400][ T6217] loop1: detected capacity change from 0 to 128
[   96.469371][ T6221] netlink: 16 bytes leftover after parsing attributes in process `syz.4.900'.
[   96.516748][ T6219] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   96.528412][ T6221] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   96.583687][ T6217] ext4 filesystem being mounted at /193/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   96.609254][ T6229] loop4: detected capacity change from 0 to 1024
[   96.661162][ T6229] lo speed is unknown, defaulting to 1000
[   96.697915][ T6240] loop6: detected capacity change from 0 to 512
[   96.722444][ T6240] EXT4-fs (loop6): revision level too high, forcing read-only mode
[   96.733106][ T6240] EXT4-fs (loop6): orphan cleanup on readonly fs
[   96.733588][ T6240] EXT4-fs warning (device loop6): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   96.742324][ T6240] EXT4-fs (loop6): Cannot turn on quotas: error -22
[   96.784301][ T6240] EXT4-fs error (device loop6): ext4_orphan_get:1391: inode #16: comm syz.6.907: invalid fast symlink length 9000
[   96.803529][ T6240] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.907: couldn't read orphan inode 16 (err -117)
[   96.826816][ T6247] 9pnet: Could not find request transport: r
[   96.925190][ T6254] netlink: 8 bytes leftover after parsing attributes in process `syz.3.911'.
[   97.043360][ T6258] FAULT_INJECTION: forcing a failure.
[   97.043360][ T6258] name failslab, interval 1, probability 0, space 0, times 0
[   97.056160][ T6258] CPU: 0 UID: 0 PID: 6258 Comm: syz.6.914 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   97.056278][ T6258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   97.056294][ T6258] Call Trace:
[   97.056302][ T6258]  <TASK>
[   97.056386][ T6258]  __dump_stack+0x1d/0x30
[   97.056409][ T6258]  dump_stack_lvl+0xe8/0x140
[   97.056431][ T6258]  dump_stack+0x15/0x1b
[   97.056452][ T6258]  should_fail_ex+0x265/0x280
[   97.056490][ T6258]  should_failslab+0x8c/0xb0
[   97.056574][ T6258]  __kmalloc_noprof+0xa5/0x3e0
[   97.056596][ T6258]  ? kobject_get_path+0x92/0x1c0
[   97.056683][ T6258]  kobject_get_path+0x92/0x1c0
[   97.056709][ T6258]  kobject_uevent_env+0x1da/0x570
[   97.056760][ T6258]  kobject_uevent+0x1d/0x30
[   97.056829][ T6258]  __kobject_del+0x88/0x190
[   97.056854][ T6258]  kobject_put+0x127/0x190
[   97.056886][ T6258]  net_rx_queue_update_kobjects+0x477/0x520
[   97.056980][ T6258]  netdev_unregister_kobject+0xbf/0x270
[   97.057050][ T6258]  unregister_netdevice_many_notify+0x129a/0x16a0
[   97.057076][ T6258]  unregister_netdevice_queue+0x1f5/0x220
[   97.057112][ T6258]  __tun_detach+0x7db/0xad0
[   97.057166][ T6258]  ? __pfx_tun_chr_close+0x10/0x10
[   97.057196][ T6258]  tun_chr_close+0x5a/0x100
[   97.057290][ T6258]  __fput+0x298/0x650
[   97.057313][ T6258]  fput_close_sync+0x6e/0x120
[   97.057330][ T6258]  __x64_sys_close+0x56/0xf0
[   97.057349][ T6258]  x64_sys_call+0x2747/0x2fb0
[   97.057375][ T6258]  do_syscall_64+0xd0/0x1a0
[   97.057455][ T6258]  ? clear_bhb_loop+0x25/0x80
[   97.057506][ T6258]  ? clear_bhb_loop+0x25/0x80
[   97.057536][ T6258]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.057636][ T6258] RIP: 0033:0x7fbd8610e969
[   97.057654][ T6258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.057670][ T6258] RSP: 002b:00007fbd84777038 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[   97.057688][ T6258] RAX: ffffffffffffffda RBX: 00007fbd86335fa0 RCX: 00007fbd8610e969
[   97.057749][ T6258] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[   97.057764][ T6258] RBP: 00007fbd84777090 R08: 0000000000000000 R09: 0000000000000000
[   97.057776][ T6258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   97.057787][ T6258] R13: 0000000000000000 R14: 00007fbd86335fa0 R15: 00007fff8c28ca48
[   97.057808][ T6258]  </TASK>
[   97.305252][ T6262] FAULT_INJECTION: forcing a failure.
[   97.305252][ T6262] name failslab, interval 1, probability 0, space 0, times 0
[   97.318127][ T6262] CPU: 0 UID: 0 PID: 6262 Comm: syz.1.913 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   97.318156][ T6262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   97.318168][ T6262] Call Trace:
[   97.318175][ T6262]  <TASK>
[   97.318182][ T6262]  __dump_stack+0x1d/0x30
[   97.318236][ T6262]  dump_stack_lvl+0xe8/0x140
[   97.318260][ T6262]  dump_stack+0x15/0x1b
[   97.318277][ T6262]  should_fail_ex+0x265/0x280
[   97.318308][ T6262]  should_failslab+0x8c/0xb0
[   97.318344][ T6262]  kmem_cache_alloc_node_noprof+0x57/0x320
[   97.318509][ T6262]  ? __alloc_skb+0x101/0x320
[   97.318583][ T6262]  ? xas_load+0x413/0x430
[   97.318603][ T6262]  __alloc_skb+0x101/0x320
[   97.318631][ T6262]  netlink_dump+0x148/0x7f0
[   97.318733][ T6262]  ? __kfree_skb+0x109/0x150
[   97.318764][ T6262]  ? nlmon_xmit+0x4f/0x60
[   97.318787][ T6262]  __netlink_dump_start+0x43e/0x520
[   97.318886][ T6262]  ? __pfx_rtnl_dump_all+0x10/0x10
[   97.318913][ T6262]  rtnetlink_rcv_msg+0x552/0x6d0
[   97.318957][ T6262]  ? __pfx_rtnl_dump_all+0x10/0x10
[   97.318982][ T6262]  ? __pfx_rtnl_dumpit+0x10/0x10
[   97.319041][ T6262]  ? __pfx_rtnl_dump_all+0x10/0x10
[   97.319067][ T6262]  netlink_rcv_skb+0x120/0x220
[   97.319182][ T6262]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   97.319237][ T6262]  rtnetlink_rcv+0x1c/0x30
[   97.319261][ T6262]  netlink_unicast+0x59e/0x670
[   97.319291][ T6262]  netlink_sendmsg+0x58b/0x6b0
[   97.319375][ T6262]  ? __pfx_netlink_sendmsg+0x10/0x10
[   97.319415][ T6262]  __sock_sendmsg+0x142/0x180
[   97.319448][ T6262]  sock_write_iter+0x165/0x1b0
[   97.319481][ T6262]  ? __pfx_sock_write_iter+0x10/0x10
[   97.319514][ T6262]  vfs_write+0x49d/0x8d0
[   97.319549][ T6262]  ksys_write+0xda/0x1a0
[   97.319580][ T6262]  __x64_sys_write+0x40/0x50
[   97.319611][ T6262]  x64_sys_call+0x2cdd/0x2fb0
[   97.319648][ T6262]  do_syscall_64+0xd0/0x1a0
[   97.319676][ T6262]  ? clear_bhb_loop+0x25/0x80
[   97.319701][ T6262]  ? clear_bhb_loop+0x25/0x80
[   97.319729][ T6262]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.319770][ T6262] RIP: 0033:0x7fbe4d80e969
[   97.319787][ T6262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.319865][ T6262] RSP: 002b:00007fbe4be77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   97.319886][ T6262] RAX: ffffffffffffffda RBX: 00007fbe4da35fa0 RCX: 00007fbe4d80e969
[   97.319963][ T6262] RDX: 0000000000000024 RSI: 0000200000000000 RDI: 0000000000000006
[   97.319975][ T6262] RBP: 00007fbe4be77090 R08: 0000000000000000 R09: 0000000000000000
[   97.319987][ T6262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.319998][ T6262] R13: 0000000000000000 R14: 00007fbe4da35fa0 R15: 00007fff020803c8
[   97.320015][ T6262]  </TASK>
[   97.657540][ T6269] lo speed is unknown, defaulting to 1000
[   97.877801][   T29] kauditd_printk_skb: 255 callbacks suppressed
[   97.877817][   T29] audit: type=1326 audit(1746443077.100:2702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6272 comm="syz.1.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe4d80e969 code=0x7ffc0000
[   97.925815][ T6276] FAULT_INJECTION: forcing a failure.
[   97.925815][ T6276] name failslab, interval 1, probability 0, space 0, times 0
[   97.938594][ T6276] CPU: 1 UID: 0 PID: 6276 Comm: syz.3.918 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   97.938643][ T6276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   97.938655][ T6276] Call Trace:
[   97.938663][ T6276]  <TASK>
[   97.938672][ T6276]  __dump_stack+0x1d/0x30
[   97.938698][ T6276]  dump_stack_lvl+0xe8/0x140
[   97.938722][ T6276]  dump_stack+0x15/0x1b
[   97.938743][ T6276]  should_fail_ex+0x265/0x280
[   97.938908][ T6276]  should_failslab+0x8c/0xb0
[   97.938945][ T6276]  __kmalloc_cache_node_noprof+0x54/0x320
[   97.938972][ T6276]  ? __get_vm_area_node+0x106/0x1c0
[   97.939000][ T6276]  __get_vm_area_node+0x106/0x1c0
[   97.939084][ T6276]  __vmalloc_node_range_noprof+0x26a/0xdf0
[   97.939111][ T6276]  ? bpf_check+0xe0/0xcc10
[   97.939213][ T6276]  ? __alloc_frozen_pages_noprof+0x15f/0x360
[   97.939249][ T6276]  ? bpf_check+0xe0/0xcc10
[   97.939304][ T6276]  vzalloc_noprof+0x5e/0x70
[   97.939332][ T6276]  ? bpf_check+0xe0/0xcc10
[   97.939359][ T6276]  bpf_check+0xe0/0xcc10
[   97.939403][ T6276]  ? page_counter_charge+0x207/0x230
[   97.939491][ T6276]  ? __rcu_read_unlock+0x4f/0x70
[   97.939510][ T6276]  ? obj_cgroup_charge_pages+0x136/0x1a0
[   97.939571][ T6276]  ? __rcu_read_unlock+0x4f/0x70
[   97.939596][ T6276]  ? __memcg_kmem_charge_page+0xd1/0x170
[   97.939624][ T6276]  ? __alloc_frozen_pages_noprof+0x188/0x360
[   97.939740][ T6276]  ? alloc_pages_bulk_noprof+0x4b7/0x540
[   97.939815][ T6276]  ? __refill_stock+0x96/0xd0
[   97.939845][ T6276]  ? _find_next_zero_bit+0x64/0xa0
[   97.939878][ T6276]  ? pcpu_block_update+0x232/0x3b0
[   97.939906][ T6276]  ? _find_next_zero_bit+0x29/0xa0
[   97.939963][ T6276]  ? pcpu_block_refresh_hint+0x157/0x170
[   97.940000][ T6276]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[   97.940035][ T6276]  ? cgroup_rstat_updated+0xa3/0x510
[   97.940068][ T6276]  ? __mod_memcg_state+0x11e/0x270
[   97.940147][ T6276]  ? __rcu_read_unlock+0x4f/0x70
[   97.940172][ T6276]  ? pcpu_memcg_post_alloc_hook+0x15b/0x1c0
[   97.940207][ T6276]  ? should_fail_ex+0xdb/0x280
[   97.940323][ T6276]  ? selinux_bpf_prog_load+0x36/0xf0
[   97.940358][ T6276]  ? should_failslab+0x8c/0xb0
[   97.940411][ T6276]  ? __kmalloc_cache_noprof+0x189/0x320
[   97.940432][ T6276]  ? selinux_bpf_prog_load+0xbf/0xf0
[   97.940468][ T6276]  ? security_bpf_prog_load+0x2c/0xa0
[   97.940533][ T6276]  bpf_prog_load+0xedd/0x1070
[   97.940579][ T6276]  ? security_bpf+0x2b/0x90
[   97.940683][ T6276]  __sys_bpf+0x51d/0x790
[   97.940738][ T6276]  __x64_sys_bpf+0x41/0x50
[   97.940770][ T6276]  x64_sys_call+0x2478/0x2fb0
[   97.940823][ T6276]  do_syscall_64+0xd0/0x1a0
[   97.940843][ T6276]  ? clear_bhb_loop+0x25/0x80
[   97.940866][ T6276]  ? clear_bhb_loop+0x25/0x80
[   97.940893][ T6276]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.940961][ T6276] RIP: 0033:0x7fb92fb7e969
[   97.940975][ T6276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.940992][ T6276] RSP: 002b:00007fb92e1e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   97.941013][ T6276] RAX: ffffffffffffffda RBX: 00007fb92fda5fa0 RCX: 00007fb92fb7e969
[   97.941070][ T6276] RDX: 0000000000000094 RSI: 0000200000000440 RDI: 0000000000000005
[   97.941084][ T6276] RBP: 00007fb92e1e7090 R08: 0000000000000000 R09: 0000000000000000
[   97.941168][ T6276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   97.941181][ T6276] R13: 0000000000000000 R14: 00007fb92fda5fa0 R15: 00007ffeeb5062f8
[   97.941223][ T6276]  </TASK>
[   97.941232][ T6276] syz.3.918: vmalloc error: size 1520, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null)
[   98.048252][   T29] audit: type=1326 audit(1746443077.130:2703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6272 comm="syz.1.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7fbe4d80e969 code=0x7ffc0000
[   98.051866][ T6276] ,cpuset=/
[   98.057522][   T29] audit: type=1326 audit(1746443077.130:2704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6272 comm="syz.1.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe4d80e969 code=0x7ffc0000
[   98.062593][ T6276] ,mems_allowed=0
[   98.068145][   T29] audit: type=1326 audit(1746443077.130:2705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6272 comm="syz.1.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe4d80e969 code=0x7ffc0000
[   98.074179][ T6276] 
[   98.079710][   T29] audit: type=1326 audit(1746443077.130:2706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6272 comm="syz.1.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbe4d80e969 code=0x7ffc0000
[   98.084396][ T6276] CPU: 1 UID: 0 PID: 6276 Comm: syz.3.918 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[   98.084505][ T6276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   98.084521][ T6276] Call Trace:
[   98.084530][ T6276]  <TASK>
[   98.084540][ T6276]  __dump_stack+0x1d/0x30
[   98.084568][ T6276]  dump_stack_lvl+0xe8/0x140
[   98.084593][ T6276]  dump_stack+0x15/0x1b
[   98.084615][ T6276]  warn_alloc+0x12b/0x1a0
[   98.084712][ T6276]  ? __get_vm_area_node+0x106/0x1c0
[   98.084748][ T6276]  __vmalloc_node_range_noprof+0x28e/0xdf0
[   98.084781][ T6276]  ? __alloc_frozen_pages_noprof+0x15f/0x360
[   98.084876][ T6276]  ? bpf_check+0xe0/0xcc10
[   98.084905][ T6276]  vzalloc_noprof+0x5e/0x70
[   98.084934][ T6276]  ? bpf_check+0xe0/0xcc10
[   98.084961][ T6276]  bpf_check+0xe0/0xcc10
[   98.085024][ T6276]  ? page_counter_charge+0x207/0x230
[   98.085051][ T6276]  ? __rcu_read_unlock+0x4f/0x70
[   98.085077][ T6276]  ? obj_cgroup_charge_pages+0x136/0x1a0
[   98.085105][ T6276]  ? __rcu_read_unlock+0x4f/0x70
[   98.085131][ T6276]  ? __memcg_kmem_charge_page+0xd1/0x170
[   98.085253][ T6276]  ? __alloc_frozen_pages_noprof+0x188/0x360
[   98.085335][ T6276]  ? alloc_pages_bulk_noprof+0x4b7/0x540
[   98.085440][ T6276]  ? __refill_stock+0x96/0xd0
[   98.085474][ T6276]  ? _find_next_zero_bit+0x64/0xa0
[   98.085582][ T6276]  ? pcpu_block_update+0x232/0x3b0
[   98.085618][ T6276]  ? _find_next_zero_bit+0x29/0xa0
[   98.085722][ T6276]  ? pcpu_block_refresh_hint+0x157/0x170
[   98.085760][ T6276]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[   98.085797][ T6276]  ? cgroup_rstat_updated+0xa3/0x510
[   98.085860][ T6276]  ? __mod_memcg_state+0x11e/0x270
[   98.085968][ T6276]  ? __rcu_read_unlock+0x4f/0x70
[   98.085993][ T6276]  ? pcpu_memcg_post_alloc_hook+0x15b/0x1c0
[   98.086029][ T6276]  ? should_fail_ex+0xdb/0x280
[   98.086082][ T6276]  ? selinux_bpf_prog_load+0x36/0xf0
[   98.086238][ T6276]  ? should_failslab+0x8c/0xb0
[   98.086275][ T6276]  ? __kmalloc_cache_noprof+0x189/0x320
[   98.086308][ T6276]  ? selinux_bpf_prog_load+0xbf/0xf0
[   98.086386][ T6276]  ? security_bpf_prog_load+0x2c/0xa0
[   98.086493][ T6276]  bpf_prog_load+0xedd/0x1070
[   98.086541][ T6276]  ? security_bpf+0x2b/0x90
[   98.086642][ T6276]  __sys_bpf+0x51d/0x790
[   98.086705][ T6276]  __x64_sys_bpf+0x41/0x50
[   98.086737][ T6276]  x64_sys_call+0x2478/0x2fb0
[   98.086845][ T6276]  do_syscall_64+0xd0/0x1a0
[   98.086920][ T6276]  ? clear_bhb_loop+0x25/0x80
[   98.086948][ T6276]  ? clear_bhb_loop+0x25/0x80
[   98.086976][ T6276]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.087003][ T6276] RIP: 0033:0x7fb92fb7e969
[   98.087023][ T6276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.087058][ T6276] RSP: 002b:00007fb92e1e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   98.087081][ T6276] RAX: ffffffffffffffda RBX: 00007fb92fda5fa0 RCX: 00007fb92fb7e969
[   98.087140][ T6276] RDX: 0000000000000094 RSI: 0000200000000440 RDI: 0000000000000005
[   98.087156][ T6276] RBP: 00007fb92e1e7090 R08: 0000000000000000 R09: 0000000000000000
[   98.087172][ T6276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   98.087187][ T6276] R13: 0000000000000000 R14: 00007fb92fda5fa0 R15: 00007ffeeb5062f8
[   98.087212][ T6276]  </TASK>
[   98.087235][ T6276] Mem-Info:
[   98.089493][   T29] audit: type=1326 audit(1746443077.130:2707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6272 comm="syz.1.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe4d80e969 code=0x7ffc0000
[   98.094732][ T6276] active_anon:26963 inactive_anon:1 isolated_anon:0
[   98.094732][ T6276]  active_file:23582 inactive_file:2066 isolated_file:0
[   98.094732][ T6276]  unevictable:0 dirty:178 writeback:0
[   98.094732][ T6276]  slab_reclaimable:3222 slab_unreclaimable:14479
[   98.094732][ T6276]  mapped:29611 shmem:16777 pagetables:895
[   98.094732][ T6276]  sec_pagetables:0 bounce:0
[   98.094732][ T6276]  kernel_misc_reclaimable:0
[   98.094732][ T6276]  free:1847403 free_pcp:22001 free_cma:0
[   98.099784][   T29] audit: type=1326 audit(1746443077.130:2708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6272 comm="syz.1.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbe4d80e969 code=0x7ffc0000
[   98.105429][ T6276] Node 0 active_anon:107852kB inactive_anon:4kB active_file:94328kB inactive_file:8264kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:118444kB dirty:712kB writeback:0kB shmem:67108kB writeback_tmp:0kB kernel_stack:2832kB pagetables:3580kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   98.111500][   T29] audit: type=1326 audit(1746443077.130:2709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6272 comm="syz.1.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe4d80e969 code=0x7ffc0000
[   98.116797][ T6276] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   98.121913][   T29] audit: type=1326 audit(1746443077.130:2710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6272 comm="syz.1.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fbe4d80e969 code=0x7ffc0000
[   98.126867][ T6276] lowmem_reserve[]: 0
[   98.132775][   T29] audit: type=1326 audit(1746443077.130:2711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6272 comm="syz.1.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe4d80e969 code=0x7ffc0000
[   98.137528][ T6276]  2884 7863
[   98.322040][ T6282] SELinux: syz.4.924 (6282) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   98.323293][ T6276]  7863
[   98.323309][ T6276] Node 0 DMA32 free:2947240kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953568kB mlocked:0kB bounce:0kB free_pcp:6328kB local_pcp:3532kB free_cma:0kB
[   98.993941][ T6276] lowmem_reserve[]: 0 0 4978 4978
[   98.999031][ T6276] Node 0 Normal free:4425820kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:108200kB inactive_anon:4kB active_file:94328kB inactive_file:8264kB unevictable:0kB writepending:712kB present:5242880kB managed:5098244kB mlocked:0kB bounce:0kB free_pcp:81424kB local_pcp:50468kB free_cma:0kB
[   99.029271][ T6276] lowmem_reserve[]: 0 0 0 0
[   99.033993][ T6276] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   99.046876][ T6276] Node 0 DMA32: 4*4kB (M) 1*8kB (M) 1*16kB (M) 4*32kB (M) 2*64kB (M) 3*128kB (M) 4*256kB (M) 3*512kB (M) 3*1024kB (M) 4*2048kB (M) 716*4096kB (M) = 2947240kB
[   99.063220][ T6276] Node 0 Normal: 263*4kB (ME) 498*8kB (UME) 253*16kB (UME) 141*32kB (UME) 49*64kB (UME) 50*128kB (UM) 110*256kB (UM) 96*512kB (UME) 64*1024kB (UM) 18*2048kB (UME) 1031*4096kB (UM) = 4425820kB
[   99.082637][ T6276] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   99.091998][ T6276] 42424 total pagecache pages
[   99.096732][ T6276] 1 pages in swap cache
[   99.100878][ T6276] Free swap  = 124992kB
[   99.105087][ T6276] Total swap = 124996kB
[   99.109255][ T6276] 2097051 pages RAM
[   99.113103][ T6276] 0 pages HighMem/MovableOnly
[   99.117966][ T6276] 80258 pages reserved
[   99.226072][ T6303] SELinux: failed to load policy
[   99.358255][ T6301] loop6: detected capacity change from 0 to 8192
[   99.488017][ T6313] lo speed is unknown, defaulting to 1000
[   99.550946][ T6312] loop2: detected capacity change from 0 to 8192
[   99.643672][ T6315] loop1: detected capacity change from 0 to 128
[   99.820496][ T6315] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   99.976238][   T31] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   99.988698][ T6324] netlink: 16 bytes leftover after parsing attributes in process `syz.6.938'.
[  100.034145][ T6324] geneve0: entered allmulticast mode
[  100.040823][ T6329] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  100.052801][ T6312] FAT-fs (loop2): error, corrupted directory (invalid entries)
[  100.060530][ T6312] FAT-fs (loop2): Filesystem has been set read-only
[  100.093297][ T6320] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  100.258532][ T6351] 9pnet_fd: Insufficient options for proto=fd
[  100.318339][ T6355] netlink: 292 bytes leftover after parsing attributes in process `syz.3.952'.
[  100.330898][ T6357] netlink: 16 bytes leftover after parsing attributes in process `syz.6.953'.
[  100.348889][ T6357] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  100.359612][ T6363] FAULT_INJECTION: forcing a failure.
[  100.359612][ T6363] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.372793][ T6363] CPU: 1 UID: 0 PID: 6363 Comm: syz.4.955 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  100.372825][ T6363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  100.372840][ T6363] Call Trace:
[  100.372847][ T6363]  <TASK>
[  100.372855][ T6363]  __dump_stack+0x1d/0x30
[  100.372887][ T6363]  dump_stack_lvl+0xe8/0x140
[  100.372910][ T6363]  dump_stack+0x15/0x1b
[  100.373025][ T6363]  should_fail_ex+0x265/0x280
[  100.373060][ T6363]  should_fail+0xb/0x20
[  100.373129][ T6363]  should_fail_usercopy+0x1a/0x20
[  100.373149][ T6363]  _copy_to_user+0x20/0xa0
[  100.373221][ T6363]  simple_read_from_buffer+0xb5/0x130
[  100.373272][ T6363]  proc_fail_nth_read+0x100/0x140
[  100.373301][ T6363]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  100.373326][ T6363]  vfs_read+0x19d/0x6f0
[  100.373350][ T6363]  ? __rcu_read_unlock+0x4f/0x70
[  100.373439][ T6363]  ? __fget_files+0x184/0x1c0
[  100.373475][ T6363]  ? __sys_bind+0x1f9/0x2a0
[  100.373506][ T6363]  ksys_read+0xda/0x1a0
[  100.373549][ T6363]  __x64_sys_read+0x40/0x50
[  100.373574][ T6363]  x64_sys_call+0x2d77/0x2fb0
[  100.373602][ T6363]  do_syscall_64+0xd0/0x1a0
[  100.373624][ T6363]  ? clear_bhb_loop+0x25/0x80
[  100.373645][ T6363]  ? clear_bhb_loop+0x25/0x80
[  100.373684][ T6363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.373705][ T6363] RIP: 0033:0x7f619f58d37c
[  100.373781][ T6363] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  100.373866][ T6363] RSP: 002b:00007f619dbf7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  100.373891][ T6363] RAX: ffffffffffffffda RBX: 00007f619f7b5fa0 RCX: 00007f619f58d37c
[  100.373903][ T6363] RDX: 000000000000000f RSI: 00007f619dbf70a0 RDI: 0000000000000005
[  100.373916][ T6363] RBP: 00007f619dbf7090 R08: 0000000000000000 R09: 0000000000000000
[  100.373968][ T6363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.373980][ T6363] R13: 0000000000000000 R14: 00007f619f7b5fa0 R15: 00007ffecd5ce808
[  100.373999][ T6363]  </TASK>
[  100.583584][ T6355] syz.3.952 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  100.620170][ T6369] netlink: 8 bytes leftover after parsing attributes in process `syz.3.958'.
[  100.651849][ T6369] loop3: detected capacity change from 0 to 512
[  100.778937][ T6374] loop1: detected capacity change from 0 to 8192
[  100.782606][ T6380] netlink: 4 bytes leftover after parsing attributes in process `syz.2.963'.
[  100.818680][ T6369] lo speed is unknown, defaulting to 1000
[  100.826307][ T6380] bridge_slave_1: left allmulticast mode
[  100.831987][ T6380] bridge_slave_1: left promiscuous mode
[  100.837779][ T6380] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.966260][ T6380] bridge_slave_0: left allmulticast mode
[  100.971984][ T6380] bridge_slave_0: left promiscuous mode
[  100.977726][ T6380] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.058306][ T6386] macsec0: entered promiscuous mode
[  101.063719][ T6386] macsec0: entered allmulticast mode
[  101.069027][ T6386] veth1_macvtap: entered allmulticast mode
[  101.097484][ T6389] netlink: 8 bytes leftover after parsing attributes in process `syz.4.965'.
[  101.106610][ T6389] IPVS: Error joining to the multicast group
[  101.117863][ T6374] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  101.125519][ T6374] FAT-fs (loop1): Filesystem has been set read-only
[  101.136890][ T6385] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  101.189219][ T6396] netlink: 16 bytes leftover after parsing attributes in process `syz.4.968'.
[  101.199868][ T6396] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  101.309933][ T6407] loop3: detected capacity change from 0 to 1024
[  101.335724][ T6414] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  101.337745][ T6407] EXT4-fs mount: 12 callbacks suppressed
[  101.337763][ T6407] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: none.
[  101.403828][ T6417] netlink: 8 bytes leftover after parsing attributes in process `syz.1.977'.
[  101.417457][ T6414] batman_adv: batadv0: Removing interface: batadv_slave_1
[  101.452305][ T6407] wireguard0: entered promiscuous mode
[  101.457962][ T6407] wireguard0: entered allmulticast mode
[  101.570114][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  101.587260][ T6438] loop2: detected capacity change from 0 to 1024
[  101.614953][ T6438] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  101.624792][ T6438] EXT4-fs (loop2): group descriptors corrupted!
[  101.688689][ T6446] netlink: 'syz.4.988': attribute type 1 has an invalid length.
[  101.767123][ T6447] lo speed is unknown, defaulting to 1000
[  101.978648][ T6455] netlink: 256 bytes leftover after parsing attributes in process `syz.3.989'.
[  102.098486][ T6463] FAULT_INJECTION: forcing a failure.
[  102.098486][ T6463] name failslab, interval 1, probability 0, space 0, times 0
[  102.111287][ T6463] CPU: 0 UID: 0 PID: 6463 Comm: syz.3.992 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  102.111320][ T6463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  102.111336][ T6463] Call Trace:
[  102.111344][ T6463]  <TASK>
[  102.111352][ T6463]  __dump_stack+0x1d/0x30
[  102.111377][ T6463]  dump_stack_lvl+0xe8/0x140
[  102.111401][ T6463]  dump_stack+0x15/0x1b
[  102.111420][ T6463]  should_fail_ex+0x265/0x280
[  102.111459][ T6463]  should_failslab+0x8c/0xb0
[  102.111495][ T6463]  kmem_cache_alloc_noprof+0x50/0x310
[  102.111530][ T6463]  ? vm_area_alloc+0x2c/0xb0
[  102.111555][ T6463]  vm_area_alloc+0x2c/0xb0
[  102.111580][ T6463]  mmap_region+0x81f/0x1470
[  102.111636][ T6463]  do_mmap+0x9de/0xc20
[  102.111670][ T6463]  vm_mmap_pgoff+0x17a/0x2e0
[  102.111698][ T6463]  ksys_mmap_pgoff+0xc2/0x310
[  102.111739][ T6463]  ? __x64_sys_mmap+0x49/0x70
[  102.111768][ T6463]  x64_sys_call+0x1602/0x2fb0
[  102.111792][ T6463]  do_syscall_64+0xd0/0x1a0
[  102.111816][ T6463]  ? clear_bhb_loop+0x25/0x80
[  102.111841][ T6463]  ? clear_bhb_loop+0x25/0x80
[  102.111868][ T6463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.111892][ T6463] RIP: 0033:0x7fb92fb7e9a3
[  102.111908][ T6463] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[  102.111928][ T6463] RSP: 002b:00007fb92e1e6d68 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  102.111949][ T6463] RAX: ffffffffffffffda RBX: 0000000000000633 RCX: 00007fb92fb7e9a3
[  102.111964][ T6463] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[  102.111978][ T6463] RBP: 0000200000000002 R08: 00000000ffffffff R09: 0000000000000000
[  102.111993][ T6463] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000004
[  102.112008][ T6463] R13: 00007fb92e1e6dec R14: 00007fb92e1e6df0 R15: 00007ffeeb5062f8
[  102.112034][ T6463]  </TASK>
[  102.204294][ T6472] serio: Serial port ptm0
[  102.309659][ T6477] SELinux:  Context system_u:object_r:kmsg_device_t:s0 is not valid (left unmapped).
[  102.445707][ T6485] netlink: 8 bytes leftover after parsing attributes in process `syz.1.999'.
[  102.488229][ T6490] netlink: 'syz.4.1001': attribute type 1 has an invalid length.
[  102.502551][ T6487] loop3: detected capacity change from 0 to 256
[  102.522862][ T6493] netlink: 'syz.1.1003': attribute type 1 has an invalid length.
[  102.565605][ T6487] FAT-fs (loop3): error, corrupted file size (i_pos 196, 2097152)
[  102.573571][ T6487] FAT-fs (loop3): Filesystem has been set read-only
[  102.590389][ T6487] FAT-fs (loop3): error, corrupted file size (i_pos 196, 2097152)
[  102.739041][ T6514] loop2: detected capacity change from 0 to 1024
[  102.760093][ T6512] loop3: detected capacity change from 0 to 256
[  102.827198][ T6512] syz.3.1012: attempt to access beyond end of device
[  102.827198][ T6512] loop3: rw=2049, sector=256, nr_sectors = 12 limit=256
[  102.842515][ T6514] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: none.
[  103.008828][ T6514] wireguard0: entered promiscuous mode
[  103.014466][ T6514] wireguard0: entered allmulticast mode
[  103.035449][ T6524] lo speed is unknown, defaulting to 1000
[  103.286352][ T6527] lo speed is unknown, defaulting to 1000
[  103.393222][   T29] kauditd_printk_skb: 510 callbacks suppressed
[  103.393238][   T29] audit: type=1326 audit(1746443082.590:3222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6513 comm="syz.2.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f407703e969 code=0x7ffc0000
[  103.422931][   T29] audit: type=1326 audit(1746443082.590:3223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6513 comm="syz.2.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f407703e969 code=0x7ffc0000
[  103.446391][   T29] audit: type=1326 audit(1746443082.610:3224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6513 comm="syz.2.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7f407703e969 code=0x7ffc0000
[  103.469716][   T29] audit: type=1326 audit(1746443082.610:3225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6513 comm="syz.2.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f407703e969 code=0x7ffc0000
[  103.493222][   T29] audit: type=1326 audit(1746443082.610:3226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6513 comm="syz.2.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f407703e969 code=0x7ffc0000
[  103.632042][   T29] audit: type=1326 audit(1746443082.740:3227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6513 comm="syz.2.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f407703e969 code=0x7ffc0000
[  103.655564][   T29] audit: type=1326 audit(1746443082.750:3228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6513 comm="syz.2.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f407703e969 code=0x7ffc0000
[  103.679071][   T29] audit: type=1326 audit(1746443082.750:3229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6513 comm="syz.2.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f407703e969 code=0x7ffc0000
[  103.702551][   T29] audit: type=1326 audit(1746443082.750:3230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6513 comm="syz.2.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f407703e969 code=0x7ffc0000
[  103.725976][   T29] audit: type=1326 audit(1746443082.750:3231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6513 comm="syz.2.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f407703e969 code=0x7ffc0000
[  103.785455][ T6534] netlink: 'syz.6.1015': attribute type 1 has an invalid length.
[  103.827145][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  103.868723][ T6538] loop4: detected capacity change from 0 to 128
[  103.917733][ T6538] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  103.936563][ T6537] lo speed is unknown, defaulting to 1000
[  103.942740][ T6538] ext4 filesystem being mounted at /211/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  104.027551][ T6538] FAULT_INJECTION: forcing a failure.
[  104.027551][ T6538] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  104.040627][ T6538] CPU: 1 UID: 0 PID: 6538 Comm: syz.4.1020 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  104.040735][ T6538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  104.040813][ T6538] Call Trace:
[  104.040821][ T6538]  <TASK>
[  104.040831][ T6538]  __dump_stack+0x1d/0x30
[  104.040855][ T6538]  dump_stack_lvl+0xe8/0x140
[  104.040936][ T6538]  dump_stack+0x15/0x1b
[  104.040956][ T6538]  should_fail_ex+0x265/0x280
[  104.040996][ T6538]  should_fail+0xb/0x20
[  104.041082][ T6538]  should_fail_usercopy+0x1a/0x20
[  104.041099][ T6538]  copy_to_user_nofault+0x7f/0x120
[  104.041226][ T6538]  bpf_probe_write_user+0x83/0xc0
[  104.041332][ T6538]  bpf_prog_19072b5a3fcf5d64+0x41/0x45
[  104.041352][ T6538]  bpf_trace_run4+0x114/0x1d0
[  104.041377][ T6538]  __traceiter_sched_switch+0x3c/0x60
[  104.041404][ T6538]  __schedule+0xa0c/0xb20
[  104.041450][ T6538]  ? __cond_resched+0x4e/0x90
[  104.041479][ T6538]  __cond_resched+0x4e/0x90
[  104.041506][ T6538]  __kvmalloc_node_noprof+0x11c/0x4d0
[  104.041558][ T6538]  ? nf_tables_newchain+0x1371/0x1880
[  104.041597][ T6538]  nf_tables_newchain+0x1371/0x1880
[  104.041695][ T6538]  ? get_random_u32+0x17f/0x230
[  104.041740][ T6538]  ? __nla_parse+0x40/0x60
[  104.041765][ T6538]  nfnetlink_rcv+0xb96/0x1690
[  104.041828][ T6538]  netlink_unicast+0x59e/0x670
[  104.041916][ T6538]  netlink_sendmsg+0x58b/0x6b0
[  104.041955][ T6538]  ? __pfx_netlink_sendmsg+0x10/0x10
[  104.042015][ T6538]  __sock_sendmsg+0x142/0x180
[  104.042080][ T6538]  ____sys_sendmsg+0x31e/0x4e0
[  104.042107][ T6538]  ___sys_sendmsg+0x17b/0x1d0
[  104.042149][ T6538]  __x64_sys_sendmsg+0xd4/0x160
[  104.042171][ T6538]  x64_sys_call+0x2999/0x2fb0
[  104.042191][ T6538]  do_syscall_64+0xd0/0x1a0
[  104.042282][ T6538]  ? clear_bhb_loop+0x25/0x80
[  104.042309][ T6538]  ? clear_bhb_loop+0x25/0x80
[  104.042331][ T6538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.042369][ T6538] RIP: 0033:0x7f619f58e969
[  104.042382][ T6538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.042404][ T6538] RSP: 002b:00007f619dbf7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  104.042504][ T6538] RAX: ffffffffffffffda RBX: 00007f619f7b5fa0 RCX: 00007f619f58e969
[  104.042520][ T6538] RDX: 0000000000000000 RSI: 000020000000c2c0 RDI: 0000000000000006
[  104.042554][ T6538] RBP: 00007f619dbf7090 R08: 0000000000000000 R09: 0000000000000000
[  104.042566][ T6538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  104.042580][ T6538] R13: 0000000000000000 R14: 00007f619f7b5fa0 R15: 00007ffecd5ce808
[  104.042605][ T6538]  </TASK>
[  104.412175][ T3305] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  104.432488][ T6549] lo speed is unknown, defaulting to 1000
[  104.675207][ T6566] hub 9-0:1.0: USB hub found
[  104.681337][ T6566] hub 9-0:1.0: 8 ports detected
[  104.686680][ T6566] FAULT_INJECTION: forcing a failure.
[  104.686680][ T6566] name failslab, interval 1, probability 0, space 0, times 0
[  104.699342][ T6566] CPU: 0 UID: 0 PID: 6566 Comm: syz.6.1027 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  104.699375][ T6566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  104.699390][ T6566] Call Trace:
[  104.699397][ T6566]  <TASK>
[  104.699410][ T6566]  __dump_stack+0x1d/0x30
[  104.699435][ T6566]  dump_stack_lvl+0xe8/0x140
[  104.699457][ T6566]  dump_stack+0x15/0x1b
[  104.699477][ T6566]  should_fail_ex+0x265/0x280
[  104.699531][ T6566]  ? usb_hub_create_port_device+0x4f/0x760
[  104.699607][ T6566]  should_failslab+0x8c/0xb0
[  104.699646][ T6566]  __kmalloc_cache_noprof+0x4c/0x320
[  104.699671][ T6566]  usb_hub_create_port_device+0x4f/0x760
[  104.699698][ T6566]  ? usb_alloc_urb+0x42/0xc0
[  104.699739][ T6566]  hub_probe+0x13ce/0x1680
[  104.699839][ T6566]  usb_probe_interface+0x43b/0x680
[  104.699868][ T6566]  ? __pfx_usb_probe_interface+0x10/0x10
[  104.699896][ T6566]  really_probe+0x1bc/0x5a0
[  104.699970][ T6566]  __driver_probe_device+0x121/0x190
[  104.699995][ T6566]  driver_probe_device+0x37/0x2f0
[  104.700025][ T6566]  __device_attach_driver+0x205/0x310
[  104.700048][ T6566]  ? __pfx___device_attach_driver+0x10/0x10
[  104.700084][ T6566]  bus_for_each_drv+0x1bd/0x230
[  104.700118][ T6566]  __device_attach+0x1c7/0x290
[  104.700197][ T6566]  device_attach+0x17/0x20
[  104.700218][ T6566]  proc_ioctl+0x2f7/0x400
[  104.700248][ T6566]  proc_ioctl_default+0x71/0xa0
[  104.700282][ T6566]  usbdev_ioctl+0xe97/0x1710
[  104.700307][ T6566]  ? __pfx_usbdev_ioctl+0x10/0x10
[  104.700330][ T6566]  __se_sys_ioctl+0xcb/0x140
[  104.700354][ T6566]  __x64_sys_ioctl+0x43/0x50
[  104.700395][ T6566]  x64_sys_call+0x19a8/0x2fb0
[  104.700415][ T6566]  do_syscall_64+0xd0/0x1a0
[  104.700435][ T6566]  ? clear_bhb_loop+0x25/0x80
[  104.700460][ T6566]  ? clear_bhb_loop+0x25/0x80
[  104.700485][ T6566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.700525][ T6566] RIP: 0033:0x7fbd8610e969
[  104.700541][ T6566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.700558][ T6566] RSP: 002b:00007fbd84777038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  104.700578][ T6566] RAX: ffffffffffffffda RBX: 00007fbd86335fa0 RCX: 00007fbd8610e969
[  104.700593][ T6566] RDX: 0000200000000000 RSI: 00000000c0105512 RDI: 0000000000000003
[  104.700608][ T6566] RBP: 00007fbd84777090 R08: 0000000000000000 R09: 0000000000000000
[  104.700619][ T6566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  104.700663][ T6566] R13: 0000000000000000 R14: 00007fbd86335fa0 R15: 00007fff8c28ca48
[  104.700717][ T6566]  </TASK>
[  104.954276][ T6566] hub 9-0:1.0: couldn't create port1 device.
[  104.960413][ T6566] hub 9-0:1.0: config failed, out of memory (err -12)
[  104.977004][ T6570] netlink: 'syz.1.1029': attribute type 1 has an invalid length.
[  104.986200][ T6569] lo speed is unknown, defaulting to 1000
[  105.142842][ T6586] __nla_validate_parse: 6 callbacks suppressed
[  105.142862][ T6586] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1037'.
[  105.218942][ T6586] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  105.481210][ T6603] lo speed is unknown, defaulting to 1000
[  105.862755][ T6606] lo speed is unknown, defaulting to 1000
[  106.332935][ T6616] FAULT_INJECTION: forcing a failure.
[  106.332935][ T6616] name failslab, interval 1, probability 0, space 0, times 0
[  106.345662][ T6616] CPU: 0 UID: 0 PID: 6616 Comm: syz.6.1048 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  106.345695][ T6616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  106.345787][ T6616] Call Trace:
[  106.345794][ T6616]  <TASK>
[  106.345803][ T6616]  __dump_stack+0x1d/0x30
[  106.345827][ T6616]  dump_stack_lvl+0xe8/0x140
[  106.345845][ T6616]  dump_stack+0x15/0x1b
[  106.345863][ T6616]  should_fail_ex+0x265/0x280
[  106.345954][ T6616]  should_failslab+0x8c/0xb0
[  106.345989][ T6616]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  106.346016][ T6616]  ? security_set_bools+0x85/0x340
[  106.346085][ T6616]  kmemdup_noprof+0x2b/0x70
[  106.346108][ T6616]  security_set_bools+0x85/0x340
[  106.346144][ T6616]  sel_commit_bools_write+0x1ea/0x270
[  106.346164][ T6616]  vfs_writev+0x3eb/0x870
[  106.346233][ T6616]  ? __pfx_sel_commit_bools_write+0x10/0x10
[  106.346259][ T6616]  ? mutex_lock+0xd/0x30
[  106.346290][ T6616]  do_writev+0xe7/0x210
[  106.346329][ T6616]  __x64_sys_writev+0x45/0x50
[  106.346425][ T6616]  x64_sys_call+0x2006/0x2fb0
[  106.346451][ T6616]  do_syscall_64+0xd0/0x1a0
[  106.346478][ T6616]  ? clear_bhb_loop+0x25/0x80
[  106.346570][ T6616]  ? clear_bhb_loop+0x25/0x80
[  106.346596][ T6616]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.346623][ T6616] RIP: 0033:0x7fbd8610e969
[  106.346642][ T6616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.346673][ T6616] RSP: 002b:00007fbd84777038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  106.346742][ T6616] RAX: ffffffffffffffda RBX: 00007fbd86335fa0 RCX: 00007fbd8610e969
[  106.346758][ T6616] RDX: 0000000000000002 RSI: 00002000000025c0 RDI: 0000000000000005
[  106.346773][ T6616] RBP: 00007fbd84777090 R08: 0000000000000000 R09: 0000000000000000
[  106.346808][ T6616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.346846][ T6616] R13: 0000000000000000 R14: 00007fbd86335fa0 R15: 00007fff8c28ca48
[  106.346867][ T6616]  </TASK>
[  106.627371][ T6624] netlink: 'syz.2.1050': attribute type 1 has an invalid length.
[  106.651675][ T6620] loop6: detected capacity change from 0 to 8192
[  106.667620][ T6628] netlink: 'syz.2.1054': attribute type 7 has an invalid length.
[  106.675472][ T6628] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1054'.
[  106.721634][ T6628] loop2: detected capacity change from 0 to 1024
[  106.736801][ T6623] loop4: detected capacity change from 0 to 8192
[  106.745809][ T6628] EXT4-fs: Ignoring removed oldalloc option
[  106.762051][ T6626] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1053'.
[  106.772825][ T6628] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  106.806407][ T6628] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.969522][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.097624][ T6620] FAT-fs (loop6): error, corrupted directory (invalid entries)
[  107.105458][ T6620] FAT-fs (loop6): Filesystem has been set read-only
[  107.154592][ T6632] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  107.299062][ T6657] lo speed is unknown, defaulting to 1000
[  107.532663][ T6656] loop3: detected capacity change from 0 to 8192
[  107.645866][ T6623] FAT-fs (loop4): error, corrupted directory (invalid entries)
[  107.653503][ T6623] FAT-fs (loop4): Filesystem has been set read-only
[  107.683499][ T6639] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  107.765376][ T6665] smc: net device bond0 applied user defined pnetid SYZ0
[  107.781669][ T6665] smc: net device bond0 erased user defined pnetid SYZ0
[  107.791601][ T6665] loop1: detected capacity change from 0 to 512
[  107.803988][ T6665] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  107.824248][ T6665] EXT4-fs (loop1): 1 truncate cleaned up
[  107.835260][ T6665] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.029636][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.042795][ T6656] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  108.042820][ T6656] FAT-fs (loop3): Filesystem has been set read-only
[  108.063670][ T6664] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  108.240207][ T6690] loop1: detected capacity change from 0 to 8192
[  108.272946][ T6706] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1077'.
[  108.301241][ T6707] loop6: detected capacity change from 0 to 512
[  108.322977][ T6707] EXT4-fs (loop6): bad geometry: block count 4110302976 exceeds size of device (256 blocks)
[  108.367219][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811816ae00: rx timeout, send abort
[  108.409478][   T29] kauditd_printk_skb: 409 callbacks suppressed
[  108.409495][   T29] audit: type=1400 audit(1746443087.630:3641): avc:  denied  { create } for  pid=6715 comm="syz.6.1086" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  108.450556][   T29] audit: type=1400 audit(1746443087.630:3642): avc:  denied  { read write } for  pid=6715 comm="syz.6.1086" name="rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  108.473877][   T29] audit: type=1400 audit(1746443087.630:3643): avc:  denied  { open } for  pid=6715 comm="syz.6.1086" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  108.498069][   T29] audit: type=1400 audit(1746443087.630:3644): avc:  denied  { write } for  pid=6715 comm="syz.6.1086" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  108.498159][   T29] audit: type=1400 audit(1746443087.630:3645): avc:  denied  { nlmsg_write } for  pid=6715 comm="syz.6.1086" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  108.498187][   T29] audit: type=1326 audit(1746443087.630:3646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6716 comm="syz.2.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f407703e969 code=0x7ffc0000
[  108.498249][   T29] audit: type=1326 audit(1746443087.630:3647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6716 comm="syz.2.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f407703e969 code=0x7ffc0000
[  108.498280][   T29] audit: type=1326 audit(1746443087.630:3648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6716 comm="syz.2.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f407703e969 code=0x7ffc0000
[  108.498412][   T29] audit: type=1326 audit(1746443087.630:3649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6716 comm="syz.2.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f407703e969 code=0x7ffc0000
[  108.498462][   T29] audit: type=1326 audit(1746443087.630:3650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6716 comm="syz.2.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f407703e969 code=0x7ffc0000
[  108.601269][ T6727] netlink: 'syz.3.1088': attribute type 13 has an invalid length.
[  108.634340][ T6710] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  108.634364][ T6710] FAT-fs (loop1): Filesystem has been set read-only
[  108.638676][ T6690] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  108.680037][ T6727] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.680253][ T6727] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.811063][ T6740] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(5)
[  108.811094][ T6740] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  108.811134][ T6740] vhci_hcd vhci_hcd.0: Device attached
[  108.816943][ T6727] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  108.834992][ T6740] vhci_hcd vhci_hcd.0: pdev(6) rhport(1) sockfd(7)
[  108.868009][ T6740] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  108.868101][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811816b600: rx timeout, send abort
[  108.868143][ T6740] vhci_hcd vhci_hcd.0: Device attached
[  108.879417][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811816ae00: abort rx timeout. Force session deactivation
[  108.881155][ T6727] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  108.925550][ T6743] vhci_hcd: connection closed
[  108.930695][ T6745] vhci_hcd: connection closed
[  108.937059][ T6023] vhci_hcd: stop threads
[  108.946090][ T6023] vhci_hcd: release socket
[  108.950520][ T6023] vhci_hcd: disconnect device
[  108.971805][ T6023] vhci_hcd: stop threads
[  108.976144][ T6023] vhci_hcd: release socket
[  108.980579][ T6023] vhci_hcd: disconnect device
[  109.000678][ T6742] loop1: detected capacity change from 0 to 512
[  109.031524][   T23] vhci_hcd: vhci_device speed not set
[  109.049791][ T6742] EXT4-fs (loop1): too many log groups per flexible block group
[  109.057625][ T6748] loop3: detected capacity change from 0 to 8192
[  109.057641][ T6742] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  109.075441][ T6742] EXT4-fs (loop1): mount failed
[  109.092695][ T6727] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  109.101751][ T6727] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  109.110754][ T6727] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  109.119809][ T6727] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  109.276585][ T6761] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1095'.
[  109.368147][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811816b600: abort rx timeout. Force session deactivation
[  109.499171][ T6758] lo speed is unknown, defaulting to 1000
[  109.669170][ T6765] lo speed is unknown, defaulting to 1000
[  110.151682][ T6775] netlink: 'syz.6.1102': attribute type 1 has an invalid length.
[  110.161281][ T6777] FAULT_INJECTION: forcing a failure.
[  110.161281][ T6777] name failslab, interval 1, probability 0, space 0, times 0
[  110.174108][ T6777] CPU: 0 UID: 0 PID: 6777 Comm: syz.2.1100 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  110.174134][ T6777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  110.174180][ T6777] Call Trace:
[  110.174186][ T6777]  <TASK>
[  110.174195][ T6777]  __dump_stack+0x1d/0x30
[  110.174222][ T6777]  dump_stack_lvl+0xe8/0x140
[  110.174242][ T6777]  dump_stack+0x15/0x1b
[  110.174257][ T6777]  should_fail_ex+0x265/0x280
[  110.174288][ T6777]  should_failslab+0x8c/0xb0
[  110.174374][ T6777]  kmem_cache_alloc_node_noprof+0x57/0x320
[  110.174425][ T6777]  ? __alloc_skb+0x101/0x320
[  110.174525][ T6777]  __alloc_skb+0x101/0x320
[  110.174563][ T6777]  netlink_alloc_large_skb+0xba/0xf0
[  110.174638][ T6777]  netlink_sendmsg+0x3cf/0x6b0
[  110.174680][ T6777]  ? __pfx_netlink_sendmsg+0x10/0x10
[  110.174799][ T6777]  __sock_sendmsg+0x142/0x180
[  110.174825][ T6777]  ____sys_sendmsg+0x31e/0x4e0
[  110.174853][ T6777]  ___sys_sendmsg+0x17b/0x1d0
[  110.174945][ T6777]  __x64_sys_sendmsg+0xd4/0x160
[  110.174967][ T6777]  x64_sys_call+0x2999/0x2fb0
[  110.174987][ T6777]  do_syscall_64+0xd0/0x1a0
[  110.175007][ T6777]  ? clear_bhb_loop+0x25/0x80
[  110.175040][ T6777]  ? clear_bhb_loop+0x25/0x80
[  110.175118][ T6777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.175139][ T6777] RIP: 0033:0x7f407703e969
[  110.175152][ T6777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.175174][ T6777] RSP: 002b:00007f40756a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  110.175233][ T6777] RAX: ffffffffffffffda RBX: 00007f4077265fa0 RCX: 00007f407703e969
[  110.175259][ T6777] RDX: 0000000000000000 RSI: 0000200000001200 RDI: 0000000000000003
[  110.175274][ T6777] RBP: 00007f40756a7090 R08: 0000000000000000 R09: 0000000000000000
[  110.175289][ T6777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.175304][ T6777] R13: 0000000000000000 R14: 00007f4077265fa0 R15: 00007ffd0de2f578
[  110.175327][ T6777]  </TASK>
[  110.392449][ T6779] loop3: detected capacity change from 0 to 128
[  111.083675][ T6784] lo speed is unknown, defaulting to 1000
[  111.103647][ T6796] lo speed is unknown, defaulting to 1000
[  111.271951][ T6812] loop1: detected capacity change from 0 to 1024
[  111.278907][ T6812] EXT4-fs: Ignoring removed bh option
[  111.284643][ T6812] EXT4-fs: inline encryption not supported
[  111.290520][ T6812] EXT4-fs: Ignoring removed i_version option
[  111.369648][ T6812] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  111.422805][ T6816] lo speed is unknown, defaulting to 1000
[  111.625184][ T6812] EXT4-fs error (device loop1): ext4_map_blocks:675: inode #3: block 2: comm syz.1.1114: lblock 2 mapped to illegal pblock 2 (length 1)
[  111.662274][ T6812] EXT4-fs error (device loop1): ext4_map_blocks:675: inode #3: block 48: comm syz.1.1114: lblock 0 mapped to illegal pblock 48 (length 1)
[  111.715728][ T6812] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.1114: Failed to acquire dquot type 0
[  111.731538][ T6812] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  111.750069][ T6820] netlink: 'syz.3.1117': attribute type 1 has an invalid length.
[  111.758201][ T6812] EXT4-fs error (device loop1): ext4_evict_inode:259: inode #11: comm syz.1.1114: mark_inode_dirty error
[  111.783618][ T6812] EXT4-fs warning (device loop1): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[  111.795432][ T6812] EXT4-fs (loop1): 1 orphan inode deleted
[  111.801732][ T6812] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.813940][ T2386] EXT4-fs error (device loop1): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:6: lblock 1 mapped to illegal pblock 1 (length 1)
[  111.829172][ T2386] EXT4-fs error (device loop1): ext4_release_dquot:6971: comm kworker/u8:6: Failed to release dquot type 0
[  111.900606][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.910239][ T3306] EXT4-fs error (device loop1): __ext4_get_inode_loc:4450: comm syz-executor: Invalid inode table block 1 in block_group 0
[  111.931976][ T3306] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  111.945927][ T3306] EXT4-fs error (device loop1): ext4_quota_off:7219: inode #3: comm syz-executor: mark_inode_dirty error
[  111.997490][ T6825] lo speed is unknown, defaulting to 1000
[  112.350740][ T6831] FAULT_INJECTION: forcing a failure.
[  112.350740][ T6831] name failslab, interval 1, probability 0, space 0, times 0
[  112.363470][ T6831] CPU: 0 UID: 0 PID: 6831 Comm: syz.1.1119 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  112.363548][ T6831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  112.363563][ T6831] Call Trace:
[  112.363570][ T6831]  <TASK>
[  112.363621][ T6831]  __dump_stack+0x1d/0x30
[  112.363648][ T6831]  dump_stack_lvl+0xe8/0x140
[  112.363670][ T6831]  dump_stack+0x15/0x1b
[  112.363690][ T6831]  should_fail_ex+0x265/0x280
[  112.363720][ T6831]  should_failslab+0x8c/0xb0
[  112.363821][ T6831]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  112.363947][ T6831]  ? __d_alloc+0x3d/0x350
[  112.363978][ T6831]  __d_alloc+0x3d/0x350
[  112.364014][ T6831]  ? strlen+0x19/0x40
[  112.364044][ T6831]  d_alloc_pseudo+0x1e/0x80
[  112.364110][ T6831]  alloc_file_pseudo+0x71/0x160
[  112.364200][ T6831]  __shmem_file_setup+0x1b9/0x1f0
[  112.364262][ T6831]  shmem_file_setup+0x3b/0x50
[  112.364292][ T6831]  __se_sys_memfd_create+0x2c3/0x590
[  112.364321][ T6831]  __x64_sys_memfd_create+0x31/0x40
[  112.364402][ T6831]  x64_sys_call+0x122f/0x2fb0
[  112.364427][ T6831]  do_syscall_64+0xd0/0x1a0
[  112.364451][ T6831]  ? clear_bhb_loop+0x25/0x80
[  112.364473][ T6831]  ? clear_bhb_loop+0x25/0x80
[  112.364539][ T6831]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.364582][ T6831] RIP: 0033:0x7fbe4d80e969
[  112.364596][ T6831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.364614][ T6831] RSP: 002b:00007fbe4be76e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  112.364636][ T6831] RAX: ffffffffffffffda RBX: 00000000000004f2 RCX: 00007fbe4d80e969
[  112.364717][ T6831] RDX: 00007fbe4be76ef0 RSI: 0000000000000000 RDI: 00007fbe4d891444
[  112.364729][ T6831] RBP: 0000200000000600 R08: 00007fbe4be76bb7 R09: 00007fbe4be76e40
[  112.364740][ T6831] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000
[  112.364751][ T6831] R13: 00007fbe4be76ef0 R14: 00007fbe4be76eb0 R15: 00002000000002c0
[  112.364773][ T6831]  </TASK>
[  112.778384][ T6848] netlink: 'syz.1.1130': attribute type 1 has an invalid length.
[  112.787404][ T6852] netlink: 'syz.6.1129': attribute type 1 has an invalid length.
[  112.906798][ T6855] lo speed is unknown, defaulting to 1000
[  113.163641][ T6858] loop6: detected capacity change from 0 to 2048
[  113.254411][ T6864] FAULT_INJECTION: forcing a failure.
[  113.254411][ T6864] name failslab, interval 1, probability 0, space 0, times 0
[  113.267293][ T6864] CPU: 0 UID: 0 PID: 6864 Comm: syz.1.1136 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  113.267324][ T6864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  113.267338][ T6864] Call Trace:
[  113.267347][ T6864]  <TASK>
[  113.267356][ T6864]  __dump_stack+0x1d/0x30
[  113.267380][ T6864]  dump_stack_lvl+0xe8/0x140
[  113.267401][ T6864]  dump_stack+0x15/0x1b
[  113.267420][ T6864]  should_fail_ex+0x265/0x280
[  113.267526][ T6864]  should_failslab+0x8c/0xb0
[  113.267729][ T6864]  __kvmalloc_node_noprof+0x126/0x4d0
[  113.267898][ T6864]  ? bpf_jit_binary_pack_alloc+0x137/0x260
[  113.267938][ T6864]  bpf_jit_binary_pack_alloc+0x137/0x260
[  113.267973][ T6864]  ? __pfx_jit_fill_hole+0x10/0x10
[  113.268076][ T6864]  bpf_int_jit_compile+0x567/0xd40
[  113.268116][ T6864]  ? __pfx___bpf_prog_ret0_warn+0x10/0x10
[  113.268159][ T6864]  bpf_prog_select_runtime+0x445/0x5e0
[  113.268230][ T6864]  bpf_prepare_filter+0xb7d/0xbd0
[  113.268271][ T6864]  bpf_prog_create+0xd4/0x130
[  113.268304][ T6864]  ? __pfx_ppp_ioctl+0x10/0x10
[  113.268396][ T6864]  ppp_get_filter+0x113/0x160
[  113.268422][ T6864]  ppp_ioctl+0xb93/0x11c0
[  113.268444][ T6864]  ? __fget_files+0x184/0x1c0
[  113.268534][ T6864]  ? __pfx_ppp_ioctl+0x10/0x10
[  113.268557][ T6864]  __se_sys_ioctl+0xcb/0x140
[  113.268582][ T6864]  __x64_sys_ioctl+0x43/0x50
[  113.268605][ T6864]  x64_sys_call+0x19a8/0x2fb0
[  113.268630][ T6864]  do_syscall_64+0xd0/0x1a0
[  113.268735][ T6864]  ? clear_bhb_loop+0x25/0x80
[  113.268834][ T6864]  ? clear_bhb_loop+0x25/0x80
[  113.268859][ T6864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.268883][ T6864] RIP: 0033:0x7fbe4d80e969
[  113.268900][ T6864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.268920][ T6864] RSP: 002b:00007fbe4be77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  113.269001][ T6864] RAX: ffffffffffffffda RBX: 00007fbe4da35fa0 RCX: 00007fbe4d80e969
[  113.269014][ T6864] RDX: 0000200000000180 RSI: 0000000040107447 RDI: 0000000000000003
[  113.269029][ T6864] RBP: 00007fbe4be77090 R08: 0000000000000000 R09: 0000000000000000
[  113.269042][ T6864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  113.269056][ T6864] R13: 0000000000000000 R14: 00007fbe4da35fa0 R15: 00007fff020803c8
[  113.269126][ T6864]  </TASK>
[  113.515855][ T6858] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.535843][   T29] kauditd_printk_skb: 113 callbacks suppressed
[  113.535881][   T29] audit: type=1400 audit(1746443092.760:3761): avc:  denied  { read write open } for  pid=6857 comm="syz.6.1133" path="/55/file1/bus" dev="loop6" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  113.613641][ T5852] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.664260][   T29] audit: type=1400 audit(1746443092.880:3762): avc:  denied  { name_connect } for  pid=6875 comm="syz.2.1141" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  113.714499][ T6876] loop2: detected capacity change from 0 to 512
[  113.794699][ T6876] Quota error (device loop2): v2_read_file_info: Can't read info structure
[  113.804459][ T6876] EXT4-fs warning (device loop2): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  113.837471][ T6876] EXT4-fs (loop2): mount failed
[  113.881662][   T29] audit: type=1400 audit(1746443093.100:3763): avc:  denied  { create } for  pid=6875 comm="syz.2.1141" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  113.901419][   T29] audit: type=1400 audit(1746443093.100:3764): avc:  denied  { read } for  pid=6875 comm="syz.2.1141" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  113.991325][ T6889] lo speed is unknown, defaulting to 1000
[  114.159471][ T6893] netlink: 'syz.6.1145': attribute type 1 has an invalid length.
[  114.312886][ T6895] loop2: detected capacity change from 0 to 512
[  114.316476][   T29] audit: type=1400 audit(1746443093.490:3765): avc:  denied  { getopt } for  pid=6894 comm="syz.2.1147" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  114.339541][   T29] audit: type=1400 audit(1746443093.530:3766): avc:  denied  { read append } for  pid=6897 comm="syz.3.1148" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  114.363806][   T29] audit: type=1400 audit(1746443093.530:3767): avc:  denied  { open } for  pid=6897 comm="syz.3.1148" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  114.430135][ T6901] 9pnet: Could not find request transport: t
[  114.434498][ T6898] program syz.3.1148 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  114.448617][   T29] audit: type=1400 audit(1746443093.670:3768): avc:  denied  { kexec_image_load } for  pid=6900 comm="syz.6.1149" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  114.473368][ T6895] EXT4-fs (loop2): 1 orphan inode deleted
[  114.473844][ T6895] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.474144][ T6895] ext4 filesystem being mounted at /254/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  114.477405][ T6895] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1147'.
[  114.501044][   T29] audit: type=1400 audit(1746443093.700:3769): avc:  denied  { append } for  pid=6894 comm="syz.2.1147" path="/254/file1/cpu.stat" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  114.517444][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.691938][ T6923] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1157'.
[  114.708098][ T6920] bridge0: entered promiscuous mode
[  114.718851][ T6920] macvlan3: entered promiscuous mode
[  114.728246][ T6920] bridge0: port 1(macvlan3) entered blocking state
[  114.734891][ T6920] bridge0: port 1(macvlan3) entered disabled state
[  114.746475][ T6932] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  114.763637][ T6920] macvlan3: entered allmulticast mode
[  114.769082][ T6920] bridge0: entered allmulticast mode
[  114.777352][ T6920] macvlan3: left allmulticast mode
[  114.782530][ T6920] bridge0: left allmulticast mode
[  114.789491][ T6936] netlink: 'syz.1.1160': attribute type 1 has an invalid length.
[  114.795194][ T6920] bridge0: left promiscuous mode
[  114.894451][ T6942] netlink: 'syz.6.1164': attribute type 3 has an invalid length.
[  114.902237][ T6942] netlink: 666 bytes leftover after parsing attributes in process `syz.6.1164'.
[  114.960856][ T6942] loop6: detected capacity change from 0 to 512
[  114.998381][ T6942] EXT4-fs (loop6): too many log groups per flexible block group
[  115.006310][ T6942] EXT4-fs (loop6): failed to initialize mballoc (-12)
[  115.028556][ T6956] loop2: detected capacity change from 0 to 2048
[  115.048279][ T6942] EXT4-fs (loop6): mount failed
[  115.048328][ T6969] netlink: 'syz.3.1172': attribute type 1 has an invalid length.
[  115.060277][ T6956] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.132665][ T6978] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1175'.
[  115.144050][ T6978] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  115.207350][ T6982] lo speed is unknown, defaulting to 1000
[  115.229218][ T6984] loop6: detected capacity change from 0 to 512
[  115.250972][ T6988] FAULT_INJECTION: forcing a failure.
[  115.250972][ T6988] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  115.264302][ T6988] CPU: 1 UID: 0 PID: 6988 Comm: syz.4.1177 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  115.264333][ T6988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  115.264348][ T6988] Call Trace:
[  115.264356][ T6988]  <TASK>
[  115.264364][ T6988]  __dump_stack+0x1d/0x30
[  115.264388][ T6988]  dump_stack_lvl+0xe8/0x140
[  115.264470][ T6988]  dump_stack+0x15/0x1b
[  115.264490][ T6988]  should_fail_ex+0x265/0x280
[  115.264525][ T6988]  should_fail_alloc_page+0xf2/0x100
[  115.264575][ T6988]  __alloc_frozen_pages_noprof+0xff/0x360
[  115.264619][ T6988]  alloc_pages_mpol+0xb3/0x250
[  115.264642][ T6988]  folio_alloc_mpol_noprof+0x39/0x80
[  115.264665][ T6988]  shmem_get_folio_gfp+0x3cf/0xd40
[  115.264759][ T6988]  ? cgroup_rstat_updated+0xa3/0x510
[  115.264854][ T6988]  shmem_fault+0xf6/0x250
[  115.264932][ T6988]  __do_fault+0xb9/0x200
[  115.264962][ T6988]  handle_mm_fault+0xeff/0x2ae0
[  115.264996][ T6988]  ? check_vma_flags+0x315/0x340
[  115.265102][ T6988]  __get_user_pages+0xde2/0x1d20
[  115.265141][ T6988]  faultin_page_range+0x10f/0x5b0
[  115.265311][ T6988]  madvise_do_behavior+0x113/0x24a0
[  115.265343][ T6988]  ? __rcu_read_unlock+0x4f/0x70
[  115.265365][ T6988]  ? proc_fail_nth_write+0x12d/0x160
[  115.265392][ T6988]  ? __rcu_read_unlock+0x4f/0x70
[  115.265528][ T6988]  ? __fget_files+0x184/0x1c0
[  115.265620][ T6988]  ? down_read+0x77/0xe0
[  115.265658][ T6988]  __x64_sys_madvise+0xc9/0x100
[  115.265698][ T6988]  x64_sys_call+0x2455/0x2fb0
[  115.265719][ T6988]  do_syscall_64+0xd0/0x1a0
[  115.265817][ T6988]  ? clear_bhb_loop+0x25/0x80
[  115.265839][ T6988]  ? clear_bhb_loop+0x25/0x80
[  115.265860][ T6988]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.265882][ T6988] RIP: 0033:0x7f619f58e969
[  115.265897][ T6988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.266024][ T6988] RSP: 002b:00007f619dbd6038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  115.266043][ T6988] RAX: ffffffffffffffda RBX: 00007f619f7b6080 RCX: 00007f619f58e969
[  115.266055][ T6988] RDX: 0000000000000017 RSI: 0000000000c00304 RDI: 0000200000000000
[  115.266067][ T6988] RBP: 00007f619dbd6090 R08: 0000000000000000 R09: 0000000000000000
[  115.266079][ T6988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  115.266091][ T6988] R13: 0000000000000000 R14: 00007f619f7b6080 R15: 00007ffecd5ce808
[  115.266125][ T6988]  </TASK>
[  115.268692][ T6989] FAULT_INJECTION: forcing a failure.
[  115.268692][ T6989] name failslab, interval 1, probability 0, space 0, times 0
[  115.294681][ T6982] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1177'.
[  115.295953][ T6989] CPU: 0 UID: 0 PID: 6989 Comm: syz.1.1180 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  115.295990][ T6989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  115.296006][ T6989] Call Trace:
[  115.296015][ T6989]  <TASK>
[  115.296024][ T6989]  __dump_stack+0x1d/0x30
[  115.296051][ T6989]  dump_stack_lvl+0xe8/0x140
[  115.296077][ T6989]  dump_stack+0x15/0x1b
[  115.296100][ T6989]  should_fail_ex+0x265/0x280
[  115.296273][ T6989]  should_failslab+0x8c/0xb0
[  115.296363][ T6989]  kmem_cache_alloc_noprof+0x50/0x310
[  115.296406][ T6989]  ? __kernfs_new_node+0x6d/0x350
[  115.296440][ T6989]  __kernfs_new_node+0x6d/0x350
[  115.296469][ T6989]  ? kernfs_next_descendant_post+0xd3/0x110
[  115.296561][ T6989]  ? up_write+0x18/0x60
[  115.296588][ T6989]  ? kernfs_activate+0x90/0xa0
[  115.296617][ T6989]  ? kernfs_add_one+0x212/0x280
[  115.296664][ T6989]  kernfs_new_node+0xd0/0x140
[  115.296697][ T6989]  __kernfs_create_file+0x4b/0x180
[  115.296735][ T6989]  ? __pfx_dev_attr_show+0x10/0x10
[  115.296771][ T6989]  ? __pfx_dev_attr_store+0x10/0x10
[  115.296844][ T6989]  sysfs_add_file_mode_ns+0x132/0x1c0
[  115.296896][ T6989]  sysfs_create_file_ns+0xd9/0x120
[  115.296937][ T6989]  device_create_file+0xa3/0x110
[  115.296966][ T6989]  device_add+0x32e/0x770
[  115.297020][ T6989]  wakeup_source_sysfs_add+0x13a/0x1b0
[  115.297052][ T6989]  wakeup_source_register+0xfd/0x240
[  115.297096][ T6989]  ep_insert+0x7fe/0xd10
[  115.297163][ T6989]  do_epoll_ctl+0x6c3/0x870
[  115.297243][ T6989]  __x64_sys_epoll_ctl+0xcb/0x100
[  115.297279][ T6989]  x64_sys_call+0x26ef/0x2fb0
[  115.297448][ T6989]  do_syscall_64+0xd0/0x1a0
[  115.297481][ T6989]  ? clear_bhb_loop+0x25/0x80
[  115.297509][ T6989]  ? clear_bhb_loop+0x25/0x80
[  115.297536][ T6989]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.297606][ T6989] RIP: 0033:0x7fbe4d80e969
[  115.297625][ T6989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.297649][ T6989] RSP: 002b:00007fbe4be77038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  115.297672][ T6989] RAX: ffffffffffffffda RBX: 00007fbe4da35fa0 RCX: 00007fbe4d80e969
[  115.297754][ T6989] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000000000000005
[  115.297841][ T6989] RBP: 00007fbe4be77090 R08: 0000000000000000 R09: 0000000000000000
[  115.297856][ T6989] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000002
[  115.297877][ T6989] R13: 0000000000000000 R14: 00007fbe4da35fa0 R15: 00007fff020803c8
[  115.297902][ T6989]  </TASK>
[  115.300586][ T6956] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.318860][ T6986] lo speed is unknown, defaulting to 1000
[  115.348886][ T6994] loop2: detected capacity change from 0 to 256
[  115.640241][ T7002] netlink: 'syz.1.1184': attribute type 1 has an invalid length.
[  115.653192][ T6984] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[  115.809783][ T6994] vfat: Unknown parameter '0x0000000000000000'
[  115.838892][ T6984] System zones: 0-2, 18-18, 34-34
[  115.846980][ T6984] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.1178: bg 0: block 248: padding at end of block bitmap is not set
[  115.866184][ T6984] EXT4-fs error (device loop6): ext4_acquire_dquot:6935: comm syz.6.1178: Failed to acquire dquot type 1
[  116.039776][ T6984] EXT4-fs (loop6): 1 truncate cleaned up
[  116.056663][ T7008] loop2: detected capacity change from 0 to 256
[  116.111711][ T7016] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1187'.
[  116.122987][ T6984] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.168996][ T7008] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  116.248606][ T6984] ext4 filesystem being mounted at /61/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  116.360861][ T7023] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  116.388364][ T7028] IPVS: sync thread started: state = MASTER, mcast_ifn = team_slave_1, syncid = 3, id = 0
[  116.408619][ T7025] loop1: detected capacity change from 0 to 1024
[  116.425021][ T7025] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.468699][ T7035] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1192'.
[  116.493090][ T7037] rdma_op ffff888102165d80 conn xmit_rdma 0000000000000000
[  116.551354][ T5852] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.566149][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.587963][ T7045] netlink: 'syz.6.1196': attribute type 1 has an invalid length.
[  116.656106][ T7048] loop1: detected capacity change from 0 to 2048
[  116.669740][ T7048] EXT4-fs: Ignoring removed bh option
[  116.719514][ T7048] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.781055][ T7061] netlink: 'syz.3.1204': attribute type 1 has an invalid length.
[  116.883291][ T7065] lo speed is unknown, defaulting to 1000
[  116.972959][ T7066] wg2: entered promiscuous mode
[  116.977938][ T7066] wg2: entered allmulticast mode
[  117.290905][ T7075] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1209'.
[  117.335703][ T7075] bond2: entered promiscuous mode
[  117.341204][ T7075] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  117.382064][ T7075] bond2: left promiscuous mode
[  117.394738][ T7085] loop6: detected capacity change from 0 to 2048
[  117.431347][ T7087] loop4: detected capacity change from 0 to 512
[  117.450632][ T7087] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  117.460696][ T7087] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  117.482444][ T7085] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.618732][ T7095] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  117.706887][ T3782] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  117.723957][ T3782] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  117.736349][ T3782] EXT4-fs (loop1): This should not happen!! Data will be lost
[  117.736349][ T3782] 
[  117.746080][ T3782] EXT4-fs (loop1): Total free blocks count 0
[  117.752078][ T3782] EXT4-fs (loop1): Free/Dirty block details
[  117.758031][ T3782] EXT4-fs (loop1): free_blocks=2415919104
[  117.763810][ T3782] EXT4-fs (loop1): dirty_blocks=8224
[  117.769235][ T3782] EXT4-fs (loop1): Block reservation details
[  117.775259][ T3782] EXT4-fs (loop1): i_reserved_data_blocks=514
[  117.797874][   T51] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 2048 with error 28
[  117.904485][ T7115] capability: warning: `syz.4.1223' uses 32-bit capabilities (legacy support in use)
[  118.014414][ T7125] FAULT_INJECTION: forcing a failure.
[  118.014414][ T7125] name failslab, interval 1, probability 0, space 0, times 0
[  118.027425][ T7125] CPU: 1 UID: 0 PID: 7125 Comm: syz.1.1219 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  118.027453][ T7125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  118.027466][ T7125] Call Trace:
[  118.027482][ T7125]  <TASK>
[  118.027488][ T7125]  __dump_stack+0x1d/0x30
[  118.027640][ T7125]  dump_stack_lvl+0xe8/0x140
[  118.027663][ T7125]  dump_stack+0x15/0x1b
[  118.027684][ T7125]  should_fail_ex+0x265/0x280
[  118.027779][ T7125]  should_failslab+0x8c/0xb0
[  118.027814][ T7125]  __kmalloc_noprof+0xa5/0x3e0
[  118.027855][ T7125]  ? bpf_test_init+0xa9/0x160
[  118.027893][ T7125]  bpf_test_init+0xa9/0x160
[  118.027997][ T7125]  bpf_prog_test_run_xdp+0x274/0x8f0
[  118.028082][ T7125]  ? __rcu_read_unlock+0x4f/0x70
[  118.028113][ T7125]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  118.028239][ T7125]  bpf_prog_test_run+0x207/0x390
[  118.028270][ T7125]  __sys_bpf+0x3dc/0x790
[  118.028306][ T7125]  __x64_sys_bpf+0x41/0x50
[  118.028402][ T7125]  x64_sys_call+0x2478/0x2fb0
[  118.028429][ T7125]  do_syscall_64+0xd0/0x1a0
[  118.028456][ T7125]  ? clear_bhb_loop+0x25/0x80
[  118.028483][ T7125]  ? clear_bhb_loop+0x25/0x80
[  118.028509][ T7125]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.028529][ T7125] RIP: 0033:0x7fbe4d80e969
[  118.028625][ T7125] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.028646][ T7125] RSP: 002b:00007fbe4be77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  118.028668][ T7125] RAX: ffffffffffffffda RBX: 00007fbe4da35fa0 RCX: 00007fbe4d80e969
[  118.028681][ T7125] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  118.028692][ T7125] RBP: 00007fbe4be77090 R08: 0000000000000000 R09: 0000000000000000
[  118.028703][ T7125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.028764][ T7125] R13: 0000000000000000 R14: 00007fbe4da35fa0 R15: 00007fff020803c8
[  118.028787][ T7125]  </TASK>
[  118.259222][ T7132] netlink: 'syz.1.1230': attribute type 1 has an invalid length.
[  118.330094][   T51] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  118.363309][   T51] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 897 with error 28
[  118.375927][   T51] EXT4-fs (loop6): This should not happen!! Data will be lost
[  118.375927][   T51] 
[  118.385820][   T51] EXT4-fs (loop6): Total free blocks count 0
[  118.391934][   T51] EXT4-fs (loop6): Free/Dirty block details
[  118.397875][   T51] EXT4-fs (loop6): free_blocks=2415919504
[  118.403695][   T51] EXT4-fs (loop6): dirty_blocks=912
[  118.409075][   T51] EXT4-fs (loop6): Block reservation details
[  118.415215][   T51] EXT4-fs (loop6): i_reserved_data_blocks=57
[  118.419237][ T7141] netlink: 'syz.1.1235': attribute type 1 has an invalid length.
[  118.480950][ T5852] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.515329][ T7143] loop1: detected capacity change from 0 to 2048
[  118.557857][   T29] kauditd_printk_skb: 315 callbacks suppressed
[  118.557874][   T29] audit: type=1400 audit(1746443097.780:4081): avc:  denied  { add_name } for  pid=7142 comm="syz.1.1236" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  118.598687][ T7143] loop1: detected capacity change from 0 to 512
[  118.617503][   T29] audit: type=1400 audit(1746443097.810:4082): avc:  denied  { create } for  pid=7142 comm="syz.1.1236" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:configfs_t tclass=file permissive=1
[  118.637654][   T29] audit: type=1326 audit(1746443097.810:4083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7142 comm="syz.1.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe4d80e969 code=0x7ffc0000
[  118.661204][   T29] audit: type=1326 audit(1746443097.810:4084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7142 comm="syz.1.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fbe4d80e969 code=0x7ffc0000
[  118.684951][   T29] audit: type=1326 audit(1746443097.810:4085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7142 comm="syz.1.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fbe4d80e9a3 code=0x7ffc0000
[  118.708664][   T29] audit: type=1326 audit(1746443097.820:4086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7142 comm="syz.1.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fbe4d80d41f code=0x7ffc0000
[  118.732058][   T29] audit: type=1326 audit(1746443097.820:4087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7142 comm="syz.1.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fbe4d80e9f7 code=0x7ffc0000
[  118.755705][   T29] audit: type=1326 audit(1746443097.820:4088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7142 comm="syz.1.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbe4d80d2d0 code=0x7ffc0000
[  118.779259][   T29] audit: type=1326 audit(1746443097.820:4089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7142 comm="syz.1.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbe4d80e56b code=0x7ffc0000
[  118.802668][   T29] audit: type=1326 audit(1746443097.830:4090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7142 comm="syz.1.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fbe4d80d5ca code=0x7ffc0000
[  118.860875][ T7156] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1240'.
[  119.066995][ T7175] netlink: 'syz.3.1246': attribute type 1 has an invalid length.
[  119.140618][ T7178] loop6: detected capacity change from 0 to 8192
[  119.173169][ T7178] ==================================================================
[  119.181306][ T7178] BUG: KCSAN: data-race in _copy_to_iter / fat_mirror_bhs
[  119.188458][ T7178] 
[  119.190789][ T7178] read to 0xffff88812d580000 of 1024 bytes by task 3460 on cpu 0:
[  119.198602][ T7178]  _copy_to_iter+0x12d/0xdd0
[  119.203204][ T7178]  copy_page_to_iter+0x171/0x2b0
[  119.208148][ T7178]  filemap_read+0x413/0x990
[  119.212666][ T7178]  blkdev_read_iter+0x22d/0x2e0
[  119.217539][ T7178]  vfs_read+0x5ca/0x6f0
[  119.221711][ T7178]  ksys_read+0xda/0x1a0
[  119.225880][ T7178]  __x64_sys_read+0x40/0x50
[  119.230395][ T7178]  x64_sys_call+0x2d77/0x2fb0
[  119.235082][ T7178]  do_syscall_64+0xd0/0x1a0
[  119.239600][ T7178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.245509][ T7178] 
[  119.247831][ T7178] write to 0xffff88812d580200 of 512 bytes by task 7178 on cpu 1:
[  119.255644][ T7178]  fat_mirror_bhs+0x1df/0x320
[  119.260340][ T7178]  fat_alloc_clusters+0x98b/0xa80
[  119.265380][ T7178]  fat_get_block+0x258/0x5e0
[  119.269988][ T7178]  __block_write_begin_int+0x419/0xf70
[  119.275461][ T7178]  cont_write_begin+0x5a3/0x8e0
[  119.280346][ T7178]  fat_write_begin+0x4f/0xe0
[  119.284944][ T7178]  cont_write_begin+0x198/0x8e0
[  119.289808][ T7178]  fat_write_begin+0x4f/0xe0
[  119.294403][ T7178]  generic_cont_expand_simple+0xad/0x150
[  119.300046][ T7178]  fat_cont_expand+0x3e/0x170
[  119.304739][ T7178]  fat_fallocate+0x177/0x1c0
[  119.309363][ T7178]  vfs_fallocate+0x410/0x450
[  119.313968][ T7178]  __x64_sys_fallocate+0x7a/0xd0
[  119.318923][ T7178]  x64_sys_call+0x2b88/0x2fb0
[  119.323747][ T7178]  do_syscall_64+0xd0/0x1a0
[  119.328260][ T7178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.334185][ T7178] 
[  119.336518][ T7178] Reported by Kernel Concurrency Sanitizer on:
[  119.342671][ T7178] CPU: 1 UID: 0 PID: 7178 Comm: syz.6.1250 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  119.353370][ T7178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  119.363537][ T7178] ==================================================================
[  119.531484][ T7178] FAT-fs (loop6): error, corrupted directory (invalid entries)
[  119.539126][ T7178] FAT-fs (loop6): Filesystem has been set read-only
[  119.547933][ T7186] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 0)