last executing test programs:

5.392365966s ago: executing program 3 (id=441):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000005c0)={@val={0x6}, @void, @eth={@multicast, @remote, @val={@val, {0x8100, 0x0, 0x0, 0x2}}, {@ipv4={0x800, @gre={{0x6, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x2f, 0x0, @remote, @remote, {[@lsrr={0x83, 0x3, 0x50}]}}, {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b, 0x0, 0x6400}, {}, {}, {}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x2, {0x0, 0x2}}}}}}}}}, 0x76)

5.283188979s ago: executing program 3 (id=443):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
io_submit(0x0, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000006840)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000000f20000000000a01010000000000000000050000000900010073797a31000000002c0000000c0a010300000000eafb6e8005000000040003800900010073797a3100000000080004407f"], 0xd0}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = syz_io_uring_setup(0x1632, &(0x7f00000000c0)={0x0, 0xe7e, 0x100, 0x3, 0x32c}, &(0x7f0000000140), &(0x7f0000000180))
syz_io_uring_setup(0x3676, &(0x7f000000a9c0)={0x0, 0x7cf, 0x20, 0x0, 0x0, 0x0, r3}, &(0x7f00000002c0), 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200))
socket$packet(0x11, 0x2, 0x300)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000283d0020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001100)={&(0x7f0000001500)='mm_page_alloc\x00', r4}, 0x10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000280)={0xa, 0x2, 0x0, @loopback, 0x9}, 0x1c)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r6}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000f8ffffff000000850000000320d99a0b2830b00000009500"/79], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
sendto$inet6(r5, &(0x7f00000000c0)="044aac2f202c5feda71e039a57a93088fdcce4afe28aac61837792741a190670ccbe1a2b00aa77a87d56a3f12c7920ad02928a5dac14e5b896f000fcf6521928480be9af82613a5c661f4110adba358afd8b5b4ef1702051e393ede2698112a1f1bdf1d0f568546ed322ab4c53545bd2cd6e48522f0c154cb3c6864dc30ae921db100f1ee97a234503338f8fdf356472da0c7ab62f274f34", 0xadf29f33fb903ae1, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001940)=@newtaction={0xe98, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{}, 0x97, 0x0, [{}, {0x0, 0x0, 0xfffffffc}]}, [{0x3}, {}, {}, {}, {}, {0x448eade7}, {0x0, 0x0, 0x80000000}, {}, {0x20000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {0x2}, {}, {0xfffffffc}, {0x0, 0xe}, {}, {}, {0x0, 0x4, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {}, {0x0, 0x0, 0x0, 0xb2d}, {}, {}, {}, {}, {}, {}, {0xfffffffe}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x4000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x444cd0f4}, {}, {}, {}, {}, {0x0, 0x10}, {}, {}, {0x2, 0x0, 0x0, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x20000000}, {}, {}, {}, {}, {0x1, 0x0, 0x0, 0x3}, {}, {0x9}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb}, {0x0, 0x0, 0x0, 0x0, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0xff, 0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xe10}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xb}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000700)=ANY=[@ANYBLOB="e8000000", @ANYRES16=r9, @ANYBLOB="a18327bd7000fddbdf25050000000800", @ANYBLOB="cc000e80c2000200"], 0xe8}, 0x1, 0x0, 0x0, 0x2004c800}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$igmp6(0xa, 0x3, 0x2)

4.386011092s ago: executing program 3 (id=454):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786cab00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000004000000850000007d00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x7, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getuid()
newfstatat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x1000)
r2 = perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x35, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x80000000, 0x0, 0x803}, 0x0, 0xffffffffffffffff, r1, 0x2)
io_uring_setup(0x7975, &(0x7f00000002c0)={0x0, 0x5df7, 0x40, 0x0, 0x328})
r3 = openat$binfmt_register(0xffffff9c, &(0x7f0000001240), 0x1, 0x0)
write$binfmt_register(r3, &(0x7f0000001280)={0x3a, 'syz0', 0x3a, 'E', 0x3a, 0xf0, 0x3a, 'datacow', 0x3a, '\\-%#!\\\\\'', 0x3a, './file0', 0x3a, [0x5]}, 0x37)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
setsockopt$inet6_tcp_TLS_TX(r4, 0x6, 0x1, &(0x7f0000000640)=@gcm_256={{0x304}, "9c3afa366d8785e7", "ffbbf5c855baf15144be1b57d87318307dde61a973ed91377f16633de871aa60", "1d807945", "af67a787694a1891"}, 0x38)
ioctl$FS_IOC_ENABLE_VERITY(r2, 0x40806685, &(0x7f0000000540)={0x1, 0x3, 0x1000, 0x15, &(0x7f0000000180)="22417e403e523721fe0c858ae939acdb087125f505", 0x33, 0x0, &(0x7f00000001c0)="4a682ace29de39bbd7ead659587a752f449e0c1a143ce947ba12128ca74accd13ff777a183dc21d4ddbf9be81faf463ed4bd6a"})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r5}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
writev(0xffffffffffffffff, &(0x7f00000025c0), 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410884, &(0x7f0000000300)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@auto_da_alloc}, {@nomblk_io_submit}, {@user_xattr}, {@nodioread_nolock}, {@jqfmt_vfsv0}, {@discard}]}, 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
creat(&(0x7f0000003840)='./bus\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r8, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef9cc093fce47d85272036dc78388e3dc177e9b496", "f28359738e229a4c66810000000000d3000dd602000000005cf7ce1fc986bcdf", [0xffffffffffffffff]})
write$cgroup_type(r7, &(0x7f0000000000), 0x180600)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
open$dir(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000004c0)={[{@resuid}, {@init_itable}, {@minixdf}, {@noblock_validity}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==")

4.267193686s ago: executing program 3 (id=455):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)

4.05710371s ago: executing program 3 (id=460):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r5}, 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x40)
syz_emit_ethernet(0x5a, &(0x7f0000000340)={@multicast, @remote, @val={@void}, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "ec7ab49f42266b558197758939c3a67064eb2413deb6d588b153902f5348321b2aa24fcea6549a091e651e6c1d3053eef4b8f189054244df8c1353433e834d4c"}}}}, 0x0)

2.657115383s ago: executing program 2 (id=478):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b000000000000000000000000000400000000", @ANYRES32=0x0, @ANYBLOB="000000000000000000007dc6a35394004652f5fd3832278cef41db432a8b334d6204e0ed48ec98df9ad7a3092763ff8a3d05bea5047b4459c84096dfc500000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000280)=ANY=[@ANYRESOCT=r0, @ANYRES32=r1, @ANYRES8=<r2=>r1], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1}, 0x0, &(0x7f0000000040)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
socket$kcm(0x11, 0xa, 0x300)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000007818000001000000feffff7f00030000", @ANYRES32=0x1, @ANYBLOB="0200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0500000005000000040000000300"/28], 0x50)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="000068e8e2a9b72dc7e900b319ac8df1a33dd52e4fd407b7c357e9e393cdd8c7085ffa", @ANYRES32=r4, @ANYRES64=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
r6 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r6, &(0x7f0000001040)=[{{&(0x7f00000001c0)={0x2, 0xfffe, @multicast1}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000200)="a9050000000074640000000000003552bde5c064c6", 0x15}, {&(0x7f0000000540)="174640b6d80fb2eedc81ba60ccbb9d", 0xf}], 0x2}}, {{&(0x7f00000004c0)={0x2, 0xfffc, @multicast1}, 0x10, &(0x7f00000002c0)=[{&(0x7f0000000140)="5825be57aff9352b356be67ca2746357d17879ae", 0x14}, {0x0}], 0x2}}, {{&(0x7f00000005c0)={0x2, 0x4e24, @rand_addr=0x64010101}, 0x10, &(0x7f0000000a00)=[{&(0x7f00000008c0)="fb1468e7b39dfd533dfb94facc135946ccce9d321eab2045346c31f7d78469e43a05435e40eae7653e025c3689350f56562cba641a6594d0710d79a5ee7d87006b88f708daafcd22d6e59f8a61", 0x4d}, {&(0x7f0000000940)="1ea07a608f7f0b3238f02521f14906aea0d32faf1b77ba1d416c7a4edc5e1c99e093", 0x22}, {&(0x7f0000000980)="c4479c4e657e14339cb3b4930bc8cfe55a7a80de587b648b77e6baf94fa8b7def6591b2c1b656cd8d4a520b5e98d0bfad01f2ae015e1f223edab5d12977df946052bba2d49b737f49f4a8fe8a9a05273b0048a002a050c9c", 0x58}], 0x3, &(0x7f0000000e80)=[@ip_ttl={{0x14, 0x0, 0x2, 0x10}}, @ip_ttl={{0x14, 0x0, 0x2, 0x8}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast1, @private=0xa010101}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x5}}, @ip_retopts={{0xa8, 0x0, 0x7, {[@timestamp_addr={0x44, 0x1c, 0x2c, 0x1, 0x6, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4}, {@multicast2, 0x2}, {@dev={0xac, 0x14, 0x14, 0x2d}, 0x7}]}, @cipso={0x86, 0x47, 0x3, [{0x5, 0xa, "923045debc90bf9f"}, {0x5, 0x8, "2442f437a1bd"}, {0x6, 0x11, "6495c42e2c7170e312257187ab17a3"}, {0x5, 0x8, "4f9b1901b85c"}, {0x1, 0xc, "9cfbbbaf285fa73ebf24"}, {0x0, 0xa, "1a39d732c5986fcf"}]}, @cipso={0x86, 0x32, 0xffffffffffffffff, [{0x6, 0x10, "e90c1ca8fe3eb0baa2f03568b495"}, {0x3, 0x11, "58c47be7b562e9d264e7a7553f802c"}, {0x5, 0xb, "2ee3e8d5d7f71d54b7"}]}]}}}, @ip_retopts={{0x38, 0x0, 0x7, {[@end, @ra={0x94, 0x4}, @ssrr={0x89, 0x7, 0x5c, [@multicast2]}, @noop, @end, @ssrr={0x89, 0xf, 0x4e, [@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @rand_addr=0x64010102]}, @rr={0x7, 0x7, 0xd2, [@loopback]}, @generic={0x94, 0x4, "ccea"}]}}}], 0x148}}], 0x3, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000100)={0x0, 0x0, 0x10}, 0xc)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0xffffffffffffffb0, r5, {0x4}}, './file1\x00'})
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000406a057b03000000000001090224000100000000090400000103000200092100003301220500070000000000000007"], 0x0)
fcntl$getown(r7, 0x9)
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0)
mkdir(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="18bf0032000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007ba1000000000000070180000000ffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYBLOB="7383c37acc0cc03d8b11deb9d7a3a58a3c2642328975aa046eb93eed31cb95b50c3007edb2024c9c243a51d5ac588308eb994cb08ff91ed1044cfd74ddd0f8bd1dda91ec6411e19a046ccadff8a50cffb4f066fcf28aee60ddd97885f123f6f66a26ace6242ffd38b6ffc6261dad879be6127e8eb30c15bad58a891785", @ANYBLOB="00010000a17c0d27b3048e0fda4e000080f65fd4060000000000004c8c833d3e39dde3127a33767dbe1d935daf019447b7f34dc8938fd3320d70019300000000000000004cf5744f4ed85519a9270e3504a712435320b66ac5b13095f0fff3131418ee3647292477eea2504aa39673b6cb4d9d9d2bdc84107a564d0fc586256328ef200fdaaaa8a8349f96a61e74082951cc95d0c5294b251b8d89f1e1a369176f7ce120547b00222ea736f6961b0c18432066d4132c3625fe532dc8fda67a6584857b6b4e900362a84bf4f460e2acf2290888dfd85aabe39c4168ba386c9911e5bbc464148f6864793751a64bce3679dee9ea18c8a443a9a4a7c4e6e3e6500b472b5cda6d2227b5a3b2bede5007c796077a74c2d76c3899e012577e9eff94b07528c8742ba49f0d3b276934715241d890a0e94cda47922b5dba3202396d10daff2b4e517a88cf87c71ffb74cb9c76ef"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000740)='rxrpc_skb\x00', r3, 0x0, 0x8001}, 0xffffffffffffff31)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000780)=ANY=[@ANYBLOB="5000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b000100697036746e6c00001800028014000300fe80000000000000000000000000000008000a00", @ANYRES32], 0x50}}, 0x0)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r9, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
syz_emit_ethernet(0x4a, &(0x7f0000000500)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x31}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a9646", 0xd, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x7}}}}}}}, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='kfree\x00', r10}, 0x10)

2.357342968s ago: executing program 0 (id=484):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket(0xa, 0x40000000002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000880)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x2, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000021000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000400000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff020000000300000000000000ffff0000000000000000000000000000000062726983676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000d8010000d801000010020000636f6d6d656e7400000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073746174697374696300000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e3000e575dd73000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a8000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff00000000"]}, 0x3c0)
unlinkat(0xffffffffffffff9c, &(0x7f00000007c0)='./file1\x00', 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r4, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000202"], 0x18)

2.273938178s ago: executing program 0 (id=486):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="000000000000000000007dc6a35394004652f5fd3832278cef41db432a8b334d62", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000280)=ANY=[@ANYRESOCT=r0, @ANYRES32=r1, @ANYRES8=<r2=>r1], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1}, 0x0, &(0x7f0000000040)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
socket$kcm(0x11, 0xa, 0x300)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000007818000001000000feffff7f00030000", @ANYRES32=0x1, @ANYBLOB="0200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0500000005000000040000000300"/28], 0x50)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="000068e8e2a9b72dc7e900b319ac8df1a33dd52e4fd407b7c357e9e393cdd8c7085ffa", @ANYRES32=r4, @ANYRES64=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
r6 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r6, &(0x7f0000001040)=[{{&(0x7f00000001c0)={0x2, 0xfffe, @multicast1}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000200)="a9050000000074640000000000003552bde5c064c6", 0x15}, {&(0x7f0000000540)="174640b6d80fb2eedc81ba60ccbb9d", 0xf}], 0x2}}, {{&(0x7f00000004c0)={0x2, 0xfffc, @multicast1}, 0x10, &(0x7f00000002c0)=[{&(0x7f0000000140)="5825be57aff9352b356be67ca2746357d17879ae", 0x14}, {0x0}], 0x2}}, {{&(0x7f00000005c0)={0x2, 0x4e24, @rand_addr=0x64010101}, 0x10, &(0x7f0000000a00)=[{&(0x7f00000008c0)="fb1468e7b39dfd533dfb94facc135946ccce9d321eab2045346c31f7d78469e43a05435e40eae7653e025c3689350f56562cba641a6594d0710d79a5ee7d87006b88f708daafcd22d6e59f8a61", 0x4d}, {&(0x7f0000000940)="1ea07a608f7f0b3238f02521f14906aea0d32faf1b77ba1d416c7a4edc5e1c99e093", 0x22}, {&(0x7f0000000980)="c4479c4e657e14339cb3b4930bc8cfe55a7a80de587b648b77e6baf94fa8b7def6591b2c1b656cd8d4a520b5e98d0bfad01f2ae015e1f223edab5d12977df946052bba2d49b737f49f4a8fe8a9a05273b0048a002a050c9c", 0x58}], 0x3, &(0x7f0000000e80)=[@ip_ttl={{0x14, 0x0, 0x2, 0x10}}, @ip_ttl={{0x14, 0x0, 0x2, 0x8}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast1, @private=0xa010101}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x5}}, @ip_retopts={{0xa8, 0x0, 0x7, {[@timestamp_addr={0x44, 0x1c, 0x2c, 0x1, 0x6, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4}, {@multicast2, 0x2}, {@dev={0xac, 0x14, 0x14, 0x2d}, 0x7}]}, @cipso={0x86, 0x47, 0x3, [{0x5, 0xa, "923045debc90bf9f"}, {0x5, 0x8, "2442f437a1bd"}, {0x6, 0x11, "6495c42e2c7170e312257187ab17a3"}, {0x5, 0x8, "4f9b1901b85c"}, {0x1, 0xc, "9cfbbbaf285fa73ebf24"}, {0x0, 0xa, "1a39d732c5986fcf"}]}, @cipso={0x86, 0x32, 0xffffffffffffffff, [{0x6, 0x10, "e90c1ca8fe3eb0baa2f03568b495"}, {0x3, 0x11, "58c47be7b562e9d264e7a7553f802c"}, {0x5, 0xb, "2ee3e8d5d7f71d54b7"}]}]}}}, @ip_retopts={{0x38, 0x0, 0x7, {[@end, @ra={0x94, 0x4}, @ssrr={0x89, 0x7, 0x5c, [@multicast2]}, @noop, @end, @ssrr={0x89, 0xf, 0x4e, [@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @rand_addr=0x64010102]}, @rr={0x7, 0x7, 0xd2, [@loopback]}, @generic={0x94, 0x4, "ccea"}]}}}], 0x148}}], 0x3, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000100)={0x0, 0x0, 0x10}, 0xc)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0xffffffffffffffb0, r5, {0x4}}, './file1\x00'})
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000406a057b03000000000001090224000100000000090400000103000200092100003301220500070000000000000007"], 0x0)
fcntl$getown(r7, 0x9)
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0)
mkdir(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="18bf0032000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007ba1000000000000070180000000ffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYBLOB="7383c37acc0cc03d8b11deb9d7a3a58a3c2642328975aa046eb93eed31cb95b50c3007edb2024c9c243a51d5ac588308eb994cb08ff91ed1044cfd74ddd0f8bd1dda91ec6411e19a046ccadff8a50cffb4f066fcf28aee60ddd97885f123f6f66a26ace6242ffd38b6ffc6261dad879be6127e8eb30c15bad58a891785", @ANYBLOB="00010000a17c0d27b3048e0fda4e000080f65fd4060000000000004c8c833d3e39dde3127a33767dbe1d935daf019447b7f34dc8938fd3320d70019300000000000000004cf5744f4ed85519a9270e3504a712435320b66ac5b13095f0fff3131418ee3647292477eea2504aa39673b6cb4d9d9d2bdc84107a564d0fc586256328ef200fdaaaa8a8349f96a61e74082951cc95d0c5294b251b8d89f1e1a369176f7ce120547b00222ea736f6961b0c18432066d4132c3625fe532dc8fda67a6584857b6b4e900362a84bf4f460e2acf2290888dfd85aabe39c4168ba386c9911e5bbc464148f6864793751a64bce3679dee9ea18c8a443a9a4a7c4e6e3e6500b472b5cda6d2227b5a3b2bede5007c796077a74c2d76c3899e012577e9eff94b07528c8742ba49f0d3b276934715241d890a0e94cda47922b5dba3202396d10daff2b4e517a88cf87c71ffb74cb9c76ef"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000740)='rxrpc_skb\x00', r3, 0x0, 0x8001}, 0xffffffffffffff31)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000780)=ANY=[@ANYBLOB="5000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b000100697036746e6c00001800028014000300fe80000000000000000000000000000008000a00", @ANYRES32], 0x50}}, 0x0)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r9, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
syz_emit_ethernet(0x4a, &(0x7f0000000500)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x31}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a9646", 0xd, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x7}}}}}}}, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='kfree\x00', r10}, 0x10)

1.805522882s ago: executing program 2 (id=501):
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x20001401)
ioctl$TUNSETOFFLOAD(r1, 0x40047459, 0x20004000)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='veth1_virt_wifi\x00', 0x10)
r2 = dup(r0)
sendmsg$inet(r2, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000000)="be39", 0xffeb}], 0x1, &(0x7f0000000c80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @private}}}], 0xf}, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r4=>0x0})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000003c0), 0x5, r5}, 0x38)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00', r6}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={0x0, &(0x7f00000010c0)=""/4096, 0x0, 0x1000, 0x0, 0xffff, 0x0, @void, @value}, 0x28)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r2, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000003000)=ANY=[@ANYBLOB="0038c22c2bb86052", @ANYRES16=r7, @ANYBLOB="00032dbd7000fbdbdf250c00000030000180080003000200000008000100", @ANYRES32=r4, @ANYRESHEX=r7, @ANYRES32=r4, @ANYBLOB="140002007866726d30000000000000000000000090110380ce0005008d9c681687b50a8641c3697071984e7e7ca7182fec5fb6693c3e988fbb8de66092086418d3bf7f6190fe92ded63c1556b48349e16af957597f0715734d4c549699dab7536d04b312be17ae3de3f73f6ab6da852c508cde5e4243fd867f90fb79541550832890a98677f5affb82ecd559fea89e18000c2ade77d2a0a7763769a7560f00d220ab67829a372a1df38ad187628f9669a87a00230deb1d32ac332c70a1d2b9db83375836ff87d845b86147f582b4b02075affa44f8fd13809bebdac0c312f6d6416c55be249c0000b200050025a276b05c05c28ff578187d3efd1285c70cd0dd01a4ab98ed9d8d707c4b20bdfac4e2fa9855f07df24ef4deccf18101af8a14e0580b1d9c8b112949d1b315c092bf6397b2157471d681393c3bc7e234f79da8f1a75e6a2b547b27e1b2c5d98586bdca3abc13f982919bf880184d4c38ab082c1a3aabf6f30f064a0db207f3015ab34b1eeafe6394474025057c8cbae0f626b5ee12886a86a5192a5c891ad50fb30ab6d935ce6a38e312dcc1a89b00000410050045a2e8367f7c5fa56498973a713a98a466e487264d20db123490a71901315bdf5b315df1130c4e0c51f3beb098332d0041ee1554b2fdfdb8f96a3eec2ce72d2364fa07cfc3c8f2d2b93b03824ea409fd5627895a5d74310978877add7b10565876f962e50df2c08daf5bf561990e057123b31ddbb93f0fec1e740c46740df0b24044599ea5f2af21ad95a69663f9823ff35f01053843af1b51d7bad9d0f96c94ea66a1fa65950187831829da10ea4e720d8875bb9b6fd02862a641af0cb91254ca0b04589640b105a82a4016ca70dea40fcf7936b30e2a971e9ad2809ec3c9d2d3f585a558b1b1979dcb0b36880f55a14dc9f1a6c43da9e5e96f7a681818228a98b42ffb3775f1b3fdbdf26072f9a8fa899dfc683d95efadf2b92f3015288e05a819f7463efc5ebe0974fa5ef3865eac6c39909f341092cd9d4c6c12c5e8b65690eb748d4961f97fa5cec43c95caff2d308ed97fa2636f680a23e359914e7629a9beaa2492889124944a0fdd6c117afed2771c6fd02a246dc1dccb973352e989a97be91c639285c74e666a8efb252d65623b89519bb8724b0c885569a85acfc4ab481e26a281ae3b1c3f85df7c47aac89aadf696737e123f85959df1e7e1c74f16b820625828df4d7383633b73eeb3aaa9bb89f7a68a1e7ef7292cf0a0de5036af2c6c0447dd57fc4a345a6540015a7ce748675b2691eeec5e7f0002d33100fc00b8f44521ec1f5babc3f40125e252de9d9237c1962ff509004af69e689f14e3a57f910b6e88a2a1b5e5ba8ae3604679040cae3e866301db4bc454f084a9757034d6c035b95f6c1ce7725c201c7bc2eb25fa23579f2623a11b51bd7403255a45d019c459fb0208d401a25e55942af3dd0d30e4f7446d9ac6b43b63100fc8f1d5303068307b1f3776607f8c64cb60522b77becf9c1a604a7e328c53967528499160690b4c1a8d8b2b860f0aa40db25826ec35a37b9ad38b27c3961c01efd29f21c2fc930389330cc29a7bf63700ec53ea033394daa26715fec17fc9d84964a1f4ef02592ee956accc139dc090e9231d4396b132a448f7f9a9d3050d2b5ead9645e38843cdf028197105885a11ec22a30d8575738fb5f2148102ec7200ba38371deaa2eacd0148359e344160c00e474323b21fb645199820c13b8766584dad331a6e89b107ef37fb9fa757faddffd94bc339257c84736245568c62db74383f065aa054f55bcd91da215f0db1306eac1fe3e3cc8102efebaffb8d31d3737d222f9bf7047623f4a32ca43bae9957976d745d0ec0cf9d400eecd4c3cc92514d82b7e317ec4c19fe13e0f04cf7c9e8617556792039e9adaf8af6964e6a699cf284db01e4965936042cf71f71d274891369d07298df6c642daea0cd9e6613298aea75fc66ec50f76c272f64652c0dc4fe76ca032f7954f4e75ba1b854690669eab9e8c98cb4d7d426f63215e858e58a73097530f3d91fb64c03679e07a27a42f3b472b9c6a6d8cbb8943f88046628e6ef6ee3e0d8739a91581fc62cc76032019f5e7ef2501f23fe2270946bf596eca65aa82a1a62d6e5d898dd245a1fa759ce0e00d64b7b2d6b9e7192bef019806401578b1da3ecd8168c8ac39ada6b55ab1acf828fc56374d8ef8b918c64e048bbb7d4c49c34a7a643fd86f67e7868909f1e010ddda833cef588fcad2bd44720ecafcd0f6ddcde3b44ec4022b5fb410a6bcc0dbbbb2692e593e5b0b85ff738acbffec6e561e931c98e9ea39ff3ab5bd5e38351043f00a2010fe8836524004d2acade8adc16ecbb36896a58b7a661f0b8c283ed47082a6d3ac56f82728728c85f0d131b42dfd4fe303072a7b11ef6ac0559d45c132a382c86dca8e958c50219fdda7a2e469f75ed5a817a33ce930107ce3e714a9062d2e231a283e705ecd9ca88f01b25bda214a382c46bf51b19677003c24b53f0ed0da3a5a3d500b24f29e27ab946f0b10e5bc1efbd20908614c0dd8c811e398ea80746d7a617d5c061ce1ccc16b96113a641e419b9f187ab53c8ec47a1096407df0abd58ad3234829525cf636d9ff74cd017ceb05369eb4104b737239424eed3690e31d496117d1a431409f23bda782d9e9ef313e782d05fb3ed280c203d20f68159eea8ec8341cf432e5af52d7af0c5624dc1729e50f67039e7cddf7c186041c02dd9074f877e38a7f359b9a123f943c0286456e875f97809d69232fc0098f643c36b5866349f9ed190c9208e6d3e2d85c21898eb0a568a2663682d276465a44305623e52eda26332f82d15923de81493924b372689de89bd4142d0f1dad50d862fc87b56ea62283102c0558d3555c921e0e6c25befd9685056cc5dbcacfa636bd40199bb75b5d00e19260572708c1c6e817be068ff379bec292e4ecdb618df05f7610818dc621c16485fd9eefcb18f2241e0a231461059dcb4cd29317c9fce984c453a4ec5fcaa321d389b24ecb00c7756e7476021d417f5af6ab40d0a5c07f20213cb0373145dc49435e4c3f501bc2a28ff31a57379bf47acbef9132e87cd6e951cb6fb9afd22458107ba8f4927ce1d9e681df38fa93334e9fdc486aedeb46a530df73c982d587042835230c3e6f9e0758df9f60ad4934a2d66aca3df717d2e27c327806e6f7b8b738e330bb1417b91fe3ceca9aaa548c522b0ef998084f13f00cc11a6a8fc66b186a050e40c1db4e18560f8edfd9c811ede071a2aea487f024d67c36b45489e6a6a53a7d8ebf39ad8592f8213ef4348d116e76577bd00eeef51b31d6350042375b7b11f6af273bbf3a97925740df87c83874b222541ed9e9cc5e7847831f85f83bf2f866f222eae2a593b025adf4b106a0faab9b95e7b5813bd2d8d5e36e136e6117b816e6f1e0349d61ccdbd8b1e6726b0dcd7ed28fce1c7e881ad64daf50ee417102c980b7b58e43d467020e6dc02d97ca49cdf7d1d91dd4e72ff2e71aaed483ddc399effdb7d535e67f57a0cf8e145984ea38f51b96753ce1d797d37d918c1a523942794a5d3cbef9a627877dfa96358530a4b6cf301a96a068b7328e24d3c1edc511392c44519a457b586a021053c44b99d507c0360784dddc62d8c9c6e12e7ff96876917ce421ae653cdc2d06e02d3977b0b3d8f36a03b988170b6527540ff2b7aa260d294803b89d9a742dac264b787a2fa3ffff9eabc25d00fd735297f43ddd9587a0b0e7f82884373519949b5501ceb336a8699832bf2f67710b0592991141d2a467be9da8f9e968c96d1ce5f15604837874e23faabdf34aa20a735af868acad49eb71e23a88bb2f37433d2c3b24042a838d913a42a7795351c900e201118c8888f8994e7c495d32003899f9cb2f2e943fb07ce8067296a688e6abd767b7d1298910ee3905200c3ecf6f721c4809e36c2af611369e8a695fc7699242a6b12e254733b10a01287fa1b1d5b16373ae36200f1462f98279c934eb4f89147bf96e9603676e3d60547d4d0011fe79b7894a275f9e745f6064266c13d3d5be19007a32d4cb92134dc27412b16ff1798f1efc4fa275112944d4c3082a3a98b4805076caf17f4e17f4ab512ceac585308865e08c3a1fa0e5ce746f389bbf004b309f7f5d626055ef3b2ae06e5bb58817010f78cdb2b356a3b8dad01e790b946851034ca3bab4242cd74d05342a29c2bbdfba8af0cc13d53e40a2c03e4ecd4b791f239b065d6e6036de02cd274802cfb1ecacbd22704e79d511551f40902396fb11734605861ff50a59c35e6f587f5906e53536a3a9572d6cc1100649de204dc38d5ad37423e074650b058c67cd97872a1ce07f1607104185f1311b66bc60ba35413738161dc6f9a8dff1d16a047963e2a9662263b199ecab2f47fc40baa19e18cbe0dbb371bccb3359068badea0e6a1b4359b530f204e638b3a679b690d643b3574430257be6c6bb6eb03d2d0a4a9e5d002a258e9b2786d2e5c11e29f6a1a6b3b071ce572db6f3d28423a14b6592af2d84b850232665da59a8b341fbd383099819c8a99ecadbfb5a5c5675444c1521efe0db32e0a3ba52cfff245df2a77cc1b6f9ad4002918cfbcd66c4ea0557d358a07aedd6c1beb706a2f60d6a4e224da558d32e7f518a2edc22cf0abde8adbd1988512606be7a785fafb84d1df079dbda517f81d2709f2b4957e57c4f3d9d1b4c78e791755701b52ac70c8458ee20ce79884b9979081e905ecdcf5e632b9f465a75646fcb77d69aaef01b66a86a40a040dbaa7a8fbb849fd2e1db3b76bba03ccde622bf5d06b982f369cdb25653078c5100cc617efc64a30ee75133483b9c5249b7518d743f49ded0493527f5187c835f1a467ec038f60964e727530e2e4bf52b5e4cfaa92de5a2065436aa9fc51f4b40b83dfeeb24fec879281c1cd5f36bc4fc88a706084c13ebf5403f2f5e9f8ed4d9b24067a6246ff1c2477b405138b83cbd4a2cda398a123262ba41d60d75c4682e993fea3b4932049631cde67bc5f3aa64b6684bfc3214d0c294fdaf1936e442156a9b9dd9c172aea536eccd81382a3c87aa1bfa72ae8464699a0ab5ba8dfad8845bac7297c2c571fbf8c9d9aba0f0e0805634f8bbe94688757012ee9f035f36417bf8aa655197cb9508c369d5f0e9a9b73600d11e2912b1fc93f1d17554dbedf05b41063370e73df80e6f5a1a13ea9ea66df13b87761cb638f0287c9a049c46978afe99a392063387a04b0681f981d075f87078e271c2d2a4942f1393c8dfea1de74f18be1adab0d55f6ac25879d389568401e33fed29e4f12cde95d376d9bf8853dcd73b8432da9764006c5c58da1d31d9dc65e6314be6c4b808897a57ea6ef06dbbfb2157311604e6ede31173186395a341801d61bf1c5e4ef50fe24f58fd428e7f11eab70e003b2efb62e3654c06220645ce8e7d7bc57e946b4ac038a4fbf371576c0d142b8031d05ef4cb02615388ff4983444679cc14f2063417cdfe96495384b44a460822bb447ad0c73cc068ce92920f68efd9f76b5d45d16a4fdcb3fb26b7d341bd546c19e210411f12702866e7ecb65d353601f50482c8383ae26426e1f76a4396166b74084e9ba8295af6cc0bfaca018a2cb5339316e360d299d2ac1072f0346711a5b47fcf95df44059dd04096ac1f679dce2a9301c1256ff6248a12f580ef949028dc525026d16fd92366e9e1411675530313dc8bf584c8ec393778489caedc3ab0cdec1b16b7b65d05bd3d58651916f9477a4b917db830be692bc3a23ca50c2a28346a6bdb035e145585e984775dfea303506a4e4a02624a15c8626debe2fe6f4e0ce9e4cc8388655236204b80e62f468e3a73a66c7a8f7a8fecb8e974cc864b100de2e8720a0b78634cb19f80e65f26dac7a8e39407ab8ed5c35a307bd0db8e7f2e582ac719848c545e07213a81d611bdf614a7cacf09eaf474136a748922b7320acede2e69292b72ca5bdab3539a2e9beb96e6ed9ef75f9c72b4a6601b9945c1bdf70cfce44a7c5108ace1812947191e49b64134fabb3205e91146da1cf69595cc99ed2bd51ffeac928b5e8d06fc5ac928f4defa2b6db660be657384e32cb8eab35ed31def16995221a7f12b1e61aedf44fd0fbeef87a06afd0c46067ff3c7dea6d51de9f78bba04ed3db6d229def12b5503003f41dd0d9ca962c0b00b90c93a6750d69aa2dc8f7bff94d8541d3ed5340615735f146de755cff21b7cd827355b751866c7df82f300333e48f6d67b92a95f02f2cab15308bae1bbc37a37e46f5209b31bd70953b1a0ec1928cee94ca0fd1399a2eaffbe708fc5a5632e4ead56438e450962cd206d63f3bd96aecaf2eecc240102e04000100"], 0x11d4}, 0x1, 0x0, 0x0, 0x4008015}, 0x58010)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r8 = io_uring_setup(0x371f, &(0x7f0000000440)={0x0, 0xfffffffe, 0x0, 0x0, 0xfffffffe})
io_uring_register$IORING_REGISTER_PBUF_RING(r8, 0x16, &(0x7f0000000740)={&(0x7f0000002000)={[{0x0, 0x0, 0x2}, {0x0, 0x0, 0x1}, {0x0}, {0x0}, {0x0, 0x0, 0x1}, {0x0, 0x0, 0x3}, {0x0}, {0x0, 0x0, 0x2}]}, 0x8}, 0x1)

1.688714026s ago: executing program 2 (id=503):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000580), r1)
sendmsg$IEEE802154_LIST_PHY(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000005c0)={0x14, r2, 0x30b}, 0x14}}, 0x0)

1.657365639s ago: executing program 2 (id=504):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000540), 0x84)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0)
perf_event_open(&(0x7f0000000400)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x1e, 0x12, r1, 0x0)

1.597452536s ago: executing program 2 (id=506):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe)
r1 = inotify_init()
dup3(r1, r0, 0x0)

1.551980231s ago: executing program 2 (id=507):
r0 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000001540), 0x2, 0x0)
prlimit64(0x0, 0xd, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000000040)={0x0, 0xfffffffc, 0x1, 'queue0\x00'})
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
add_key$user(&(0x7f0000000140), &(0x7f0000002840)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
r5 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r5, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)
r7 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000480)=ANY=[@ANYBLOB="12010000000001081e040031004000000001090224000140000000090400000203000000092105000905810300000000000000000000ad8b92adad372737298cf6e3ddda0e29480b4531fc551117e3ff1dcd8b5567462aaca85ea2287461d06e12f49cb27c7f1771e505b9ee9e638dfbdeec24c76100000000000000a7c2df699422f12679bd463c3fb7f1a772ef57ad086401380a7313a32d880c2911230e7bf45f7cae6391539c44e23e2d18cef5429977cb9fdfa1e1f4ea8c901c092d06ba9b0ca8c00e766a72bf496463da152858882f52f3377cc6ff8a4c1c901f783f7c206b28de89a53a5d85c4ef3b6b2d8b359cd3a6e1bf38084a566b56a5c32da0e0441ab0200537e8c64fb9655195b065e634d4d02d80c8efc24e210aee38cc7af470720321962c49a2b2cf008afc38deb01b6361b3ee657e092a6abea2c19e583fe40970038722a4f2e5b776ede9c92cd27b22ff1eb5ec6a87fc27fa3ccaa98fe23679d385b46fe761416c1164cd32524048ae70b1265be4aa4f"], 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000100)=0x14)
syz_usb_control_io$hid(r7, 0x0, 0x0)
r8 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x149a82, 0x0)
write$cgroup_int(r8, &(0x7f0000000040)=0x1c8, 0x12)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x0, 0x0, &(0x7f0000000440)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
fstat(0xffffffffffffffff, 0x0)
write$selinux_access(r0, &(0x7f0000000800)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6763745f723a6574635f9a1e3cc6697230202f7362697a2f6468636c69656e742030"], 0x44)

1.48115811s ago: executing program 1 (id=508):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
add_key(&(0x7f0000000080)='asymmetric\x00', 0x0, &(0x7f0000000980)='S', 0x1, 0xfffffffffffffffe)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, &(0x7f0000000180), &(0x7f0000000380)}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="190000000400000008000000", @ANYRES32], 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r3, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f00000000c0)=""/43, 0x2b}}, 0x120)
readv(r3, &(0x7f0000000400)=[{&(0x7f0000000480)=""/174, 0xae}], 0x1)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000400)='./file0\x00', 0xe, &(0x7f0000000480)={[{@noinit_itable}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@block_validity}, {@debug}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@stripe={'stripe', 0x3d, 0x4}}, {@abort}]}, 0x3, 0x43b, &(0x7f0000000e00)="$eJzs3MtvG0UYAPBv10lKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWkUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0Xdlzq30/admZ3nJnPs2PP7mQTQM8azv5JIvZFxO8RMVjLri4wXPvv1tLC1N9LC1NJVCpv/ZVUy91cWpgqihav25tnRtKI9LMkjjSpd+7ylfOT5fLMpTw/Nn/h/bG5y1eePXdh8uzM2ZmLE6dOnTwx/sLzE8+1Jc6sTTcPfzR79NBr71x7Y+r0tXd//jYp4m+Io02G1zv4RKXS5uq6a39dOunrYkPYklJEZN3VXx3/g1GKlc4bjFc/7WrjgI6qVCqVva0PL1aAO1gS3W4B0B3FF312/VtsOzT1uC3ceKl2AZTFfSvfakf6Is3L9Ddc37bTcEScXvznq2yLztyHAABY5fts/vNMs/lfGvfXlbs7Xxsaioh7IuJARNwbEQcj4r6IatkHIuLBLdbfuEiydv6TXt9WYJuUzf9ezNe2Vs//itlfDJXy3P5q/P3JmXPlmeP5ezIS/buy/Pg6dfzwym9ftDpWP//Ltqz+Yi6Yt+N6367Vr5menJ/8LzHXu/FJxOG+ZvEnyysBSUQciojD26zj3FPfHG11rEX8uzb1g9uwzlT5OuLJWv8vRkP8hWT99cmxu6I8c3ysOCvW+uXXq2+2qn/j/u+srP/3ND3/l+MfSurXa+e2XsfVPz5veU2z3fN/IHm7mh7I9304OT9/aTxiIHm91uj6/RMrry3yRfks/pFjzcf/gVh5J45ERHYSPxQRD0fEI3nbH42IxyLi2Drx//Ty4+9tP/7OyuKf3lL/ryQGonFP80Tp/I/frap0aCvxZ/1/spoayfds5vNvM+3a3tkMAAAA/z9pROyLJB1dTqfp6Gjt9+UPxp60PDs3//SZ2Q8uTteeERiK/rS40zVYdz90PL+sL/ITDfkT+X3jL0u7q/nRqdnydLeDhx63t8X4z/xZ6nbrgI7zvBb0LuMfepfxD73L+Ife1WT87+5GO4Cd1+z7/+MutAPYeQ3j37If9JANr//9RUe4Yxnd0LuMf+hJc7tj44fkJSTWJCK9LZoh0aFEtz+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2uPfAAAA//8SV+Y8")
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = inotify_init()
inotify_add_watch(r4, &(0x7f0000000080)='.\x00', 0xfe)
r5 = inotify_init()
dup3(r5, r4, 0x0)

1.266010904s ago: executing program 0 (id=509):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000000000)={0x0, 0x1}, 0xc)
setsockopt$MRT6_FLUSH(r1, 0x29, 0xd4, &(0x7f0000000080)=0x8, 0x4)

921.072834ms ago: executing program 1 (id=510):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r6}, 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x40)
syz_emit_ethernet(0x5a, &(0x7f0000000340)={@multicast, @remote, @val={@void}, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "ec7ab49f42266b558197758939c3a67064eb2413deb6d588b153902f5348321b2aa24fcea6549a091e651e6c1d3053eef4b8f189054244df8c1353433e834d4c"}}}}, 0x0)

852.135252ms ago: executing program 1 (id=512):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000980)='./file1\x00', 0x280809a, &(0x7f0000000f40)=ANY=[], 0xd, 0x2b2, &(0x7f00000006c0)="$eJzs3U9rY1UUAPDz0jR9OosUcaMIPtCFqzJ166ZRRhC7UiKoCw3ODEgSBqYQmArGruYTuPR7+BHcuPEbDLgV3E0XlSfvX/7ga402VXR+v9Xh3nfuPXm3TbLJeZ+/Mh3ffZDE2dMnkaZJdI7iKM6T2I9ONL6JbgAA/x/neR6/5mWY5JUNM7udGy0MALgx1ef/X/rgBwD+4z78+JP3B8fHdz7IsjRe6j+eDZOImD6eDav5wf34MiZxL25HPy4i8oUqfve94zvRzQr78fp0PhsWmdPPfqzXH/wSUeYfRj/22/MPs8pK/nw23I3nI4vB/d2m1H682J7/Zkt+DHvxxmsr9R9EP376Ih7EJO5GkbvM//owy97Jv3361afFNkV+0onhXnldKfcFCQAAAAAAAAAAAAAAAAAAAACA7TrIsqRq31P27ymG6v47Oxfl/EHW2F/vz1PlJ81CVX+gvOmWM8/ju6a/zu0sy/L6wmV+N17uerAAAAAAAAAAAAAAAAAAAAAAFE4ePbk1mkzuPTx5dDq+dtB0A2h+1v931zlaGXk1TsejncsX3Nt8r9VuA0WtV14c3W5s6ba0B2eLkeeKera+xV4sRj6KKmgOZqt7vfB2tejpeJTVU81NHo+SP9srbQ7u+9WpXly3sLz8k7jI1880XZS6ntXb0t3o3Wqd+i3P883Weevn6ozqkaRssbHZ7rt10PoCiyAtziJd/OMXUz9cvuClbxk7137TAQAAAAAAAAAAAAAAAAAAWi1/9NsyeXZlaufGigIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf9jy+f9NkEbE+sgfgnmdfNU1ddCLhyf/8ksEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgGfB7AAAA//8rlFqg")
open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x51)
getpid()
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f88)
r4 = dup2(r3, r3)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x200020a, 0x1})
ioctl$BLKTRACESETUP(r4, 0x1276, 0x0)

851.357842ms ago: executing program 4 (id=513):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff0000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)

834.931624ms ago: executing program 0 (id=514):
r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0x40047459, 0x20004000)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r3 = io_uring_setup(0x371f, &(0x7f0000000440)={0x0, 0xfffffffe, 0x0, 0x0, 0xfffffffe})
io_uring_register$IORING_REGISTER_PBUF_RING(r3, 0x16, &(0x7f0000000740)={&(0x7f0000002000)={[{0x0, 0x0, 0x2}, {0x0, 0x0, 0x1}, {0x0}, {0x0}, {0x0, 0x0, 0x1}, {0x0, 0x0, 0x3}, {0x0}, {0x0, 0x0, 0x2}]}, 0x8}, 0x1)

745.168934ms ago: executing program 3 (id=461):
socket$kcm(0x11, 0xa, 0x300)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
sendmmsg$inet(r0, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, 0x0)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000406a057b03000000000001090224000100000000090400000103000200092100003301220500070000000000000007"], 0x0)
fcntl$getown(r1, 0x9)
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0)
mkdir(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="18bf0032000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007ba1000000000000070180000000ffffbfa400000000000007040000f0ffffffb7020000080000001823", @ANYBLOB="7383c37acc0cc03d8b11deb9d7a3a58a3c2642328975aa046eb93eed31cb95b50c3007edb2024c9c243a51d5ac588308eb994cb08ff91ed1044cfd74ddd0f8bd1dda91ec6411e19a046ccadff8a50cffb4f066fcf28aee60ddd97885f123f6f66a26ace6242ffd38b6ffc6261dad879be6127e8eb30c15bad58a891785", @ANYBLOB="00010000a17c0d27b3048e0fda4e000080f65fd4060000000000004c8c833d3e39dde3127a33767dbe1d935daf019447b7f34dc8938fd3320d70019300000000000000004cf5744f4ed85519a9270e3504a712435320b66ac5b13095f0fff3131418ee3647292477eea2504aa39673b6cb4d9d9d2bdc84107a564d0fc586256328ef200fdaaaa8a8349f96a61e74082951cc95d0c5294b251b8d89f1e1a369176f7ce120547b00222ea736f6961b0c18432066d4132c3625fe532dc8fda67a6584857b6b4e900362a84bf4f460e2acf2290888dfd85aabe39c4168ba386c9911e5bbc464148f6864793751a64bce3679dee9ea18c8a443a9a4a7c4e6e3e6500b472b5cda6d2227b5a3b2bede5007c796077a74c2d76c3899e012577e9eff94b07528c8742ba49f0d3b276934715241d890a0e94cda47922b5dba3202396d10daff2b4e517a88cf87c71ffb74cb9c76ef"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000740)='rxrpc_skb\x00', 0xffffffffffffffff, 0x0, 0x8001}, 0xffffffffffffff31)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000780)=ANY=[@ANYBLOB="5000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b000100697036746e6c00001800028014000300fe80000000000000000000000000000008000a00", @ANYRES32], 0x50}}, 0x0)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
syz_emit_ethernet(0x4a, &(0x7f0000000500)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x31}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a9646", 0xd, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x7}}}}}}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)

744.211524ms ago: executing program 4 (id=515):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket(0xa, 0x40000000002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000880)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x2, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000021000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000400000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff020000000300000000000000ffff0000000000000000000000000000000062726983676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000d8010000d801000010020000636f6d6d656e7400000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073746174697374696300000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e3000e575dd73000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a8000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff00000000"]}, 0x3c0)
unlinkat(0xffffffffffffff9c, &(0x7f00000007c0)='./file1\x00', 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000202"], 0x18)

743.025564ms ago: executing program 0 (id=525):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000080)=@mangle={'mangle\x00', 0x1f, 0x6, 0x3a0, 0x118, 0x0, 0x330, 0x298, 0x330, 0x3f0, 0x3f0, 0x3f0, 0x3f0, 0x3f0, 0x6, 0x0, {[{{@ip={@multicast1, @remote, 0x0, 0x0, 'ip6erspan0\x00', 'pimreg0\x00'}, 0x0, 0x70, 0xa8}, @common=@inet=@SET3={0x38}}, {{@ip={@multicast2, @dev, 0x0, 0x0, 'veth0_to_bond\x00', 'syzkaller1\x00'}, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, 0x0, 0x0, 'vlan0\x00', 'veth1_to_bridge\x00'}, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x400)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc020078000000000000000000000000ff02000000000000e26ea7250000000100000000000000000a"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001a00)={&(0x7f0000000000)=ANY=[@ANYBLOB="650100001b"], 0x188}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x2500, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="6501000014"], 0x188}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
r4 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f00000008c0)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@noquota}, {@abort}, {@noload}, {@noload}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000740), 0x4)
r5 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
statx(r4, &(0x7f0000000040)='./bus\x00', 0x400, 0x880, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
r8 = syz_clone(0x80000, &(0x7f0000000900)="0c528886f7fd6418de880b62963efc29439b8c6fd95f752670e4c361a14302ac94340b91035413bde597bc279bcbb009455c628ab4cd0cc14e3b00714a96fa275e06376ce2ec2168745a1780cefc8a7ce47b413f00263eeb3a4e392bb9d843089e77412bd55a6a67b8dcef5afd71ce2afbed570b1896a1101b41a75d4d088e0c0028a400b43591db780edcf3146fc6e1a2e98d81af9fac9f66680b93d8cab5938caf8a34a3f282dad94553e9f3e6c1b952a6a4e3158018fd77e3ec40c9eac181b431ba0b3407e227c062e816d9bfb1f40f99607a46c4a16ddc067f37834b80ab3f0f6e8c94c68a2b4d790ce19ecf61d7f7d77c1937fb254a3f44de8f7c3baf4cc2a7612c183f1be275ac4f59d9a8ae4edea9676498e3a8ef62ce6b078a8fb96093e87dfc534a523bb0cffe458e6934d7b6b79c6ee2521b93658a4e4531981adc06c43ee8e010eb465363e625e10ab6d99b8b769d23b56e419da8d6785ef3bc45288ca13e32be722a4cc26e826c9ff7c08cf5b6a308915fd153217c07f6aa4ff5a875fb333dab6a4f802040abd64941e984158b0d670bf3c67953b8a6dcf5d4d5578e29bb4e9d4324c7e437ea9e88ae88b4e41793c5aba67194fab4e0ef44753006e3af502fda6468f5edf04248d06e909e3295b808571e764539502b04452796a7b5b098a00303b69f6c1f3b24e72a127907a49d49d35641f1bff9ccb597e6d2798897efdd187580ae6a6afce14d5656bfcad725080c6c7c1c5a4dd5805f1636258bf5ad60b597eee84f45dda0471b0c26cb48bec6fb7e767e2539c1785aa7dfc3eb0f32505e09484442df69e88c5b853ccb807acfd6c3da36c2c7444bcd93c32c23116e9a88ce4dc9a90a6db65b1cffe1b4fc7a9da7e4e20f10230fc56e4b8cf49787b9f71b4e44690f4917d2a6b494510affb001496db98a81928a41d070a0efbc816dfa8873682091d486a36671b95198ce2ae18c897e73010ff1c2e1914dfff60feded30135e4d8454b152be6e701e5eeec8e6d1ea80a99c4a3d4ad6dd6fb842324aee9a329785212c659bca26ca7f353660384da26a1eaa00f806da7ab6c2043c4890ccae308644a9edb2765138781d6bac6ff515ec639bab33e6a2cf0b8879d50c2dea342ddf05712694325325cf85053c72012273f56886c82921f35a1b9558dc855027ccf08a06d891da319fb73f04462e75a8488d23d25ca498d81e2c9df799b9eab83987851ba1edf91b716c9388aa514277301b34b195fc6fbbb0e85eb14fc5f0e395b10e56b279fa4602439006690c13afb4ceb8547bb0ec82ba5990f3dfc0ec8fc01c71a77395f8aa0c2b6659a52268c91010f70a337a5fac9945f3d700e854b7d540e1837b90baa21e43b599177e4c016680ca8b4b5ca1b316e61a912b7451206ba0ea4721868cbf6185444f9955e160acea3dc7095a70a07e59a9f084fd7b716a4e56949f80b4622f9bd99702f3363d432a3b24983128a7581c286d9b87d45e0bda53def30455336e3e1d32de634c6179662f31756bbcc8fbda7f1ea53f75b8c2e014a3abaf53336c62c032a2b0db91188cea57bc7078acaa274e2fe25ea3f557b2f71fb3aafbef97e804c3ffa62567d594d45b9c00032f40fc6141e85fe8316080611251dd177ce27c301c774b446761bbebcfce0c20d909ed53c356c8155bf4f6ae213d070c71bf85da0ac2b684c7c683e4b5f24028bbd6303dd4f32ef0b593b91a64c18e965f8d4e416e75a8cd36c6e564f149eadb4696b5ca6f9133cc916a75c9e25df110360421e6ca9375e10aabec337489f1f72caf1e06b14a21c949813ebfc46b6fcc29f21727d3d21186f9e56c5d47578112026225aac6853206958bc77fec76579f98c5b60bf1546c715408a8259128c9e1c5ecb07067207896e3e79b9394cc3f9286483011df56f2e2e0d76ce10ca9852a0af6719e08c36e5e0b185d35d70932c1b024c893fb9ed7748f59f35e2b055579077811be10f0eada5246db05fbf0ce5428fec6029db4ea825c26c9072a3b73d0729777d40ca1c8721157ecc1c461a93dbf9149f199f1cc715de817c80ac6d6df2a9d5d7d73c3ad6ebe4e4b9f85a2ec5c9a276ab8e72636a621d1c86ab060314a4748ebff9134658b62e8d43c166a4330de8a27bc347ba4e2816022ca44924974cb8f9414c68b8004a2271c93a60a819c04571577acd4b2ebd95a7848f23eca1c666ee5ee28bc26c85c3ac7efd8d81123304518bec245d2346c155552ca49170ab67edf483765a58cddf5f2f04617b488434a300009bd02d943ce24639cee3ce011dff22195ddd2644d2e2d01808d5ee859a5d009a0fcfaaca1355381ce0931da1acd4c362f8272367f69acd1512f5b88e74595439c733c4c54b9750c7a66ad9750037ee5a7dd2aa2443c3b6cb3d98fa73cd557aa76bc7d5a8b9d42437e34d955e8e7df78d4f794c2c910e0367cb5c2c57612a2207c19e914435222a73c85a51c9d9789aca1470e6806a233dbbc8d78ad2cc3780877dc79ccec1dd4a40a228b1d39cbddea13fc9100d6770e44084b9fbb34506a9fd77c1047cb250bd186e7333c733494ea6bdbc4687f9375dc0a80d52aaab4b05364d0895d8f429eb838c3b458b9e610884ff512639ee2de37b0bc594d0ed865aadbac47b037c9286779370fe1386151e14a2b864c5b818de9ce0cbb65d22807c5f4a764cc4ab98b755901a0614a7f50978ed3028f3769b540f825a8ca9fd0d83e8b9bf4c73e288f3dfa1b10207498b5fd64150a1f33ef4c0ad8baf933df81145e3c9abf0a79b11d47163804999dae73606de51b8872e8d3194cb0f68a7ab17bda16ac6c241bbc6f0b3cd12fc93d88d0b21167f43b5a1e571d970adace1b649927608cc96a8ed0aa5d172f5dea44a49785aa3f4f8a24d8df9805b4604aae83bd76dbdf6defe9ed40190ade2bc95991cddd6284eace9517c591747244cd64dded7c10a181e63a48fe253d3bca1c7296b44287c95beb45637eb5237cf392e2e0a34404f4d893c3c1ad23cafa3124dda3ec2b365cb1ead7545dcf71fbd413384dd8fdb5fd1760a7d4ca8027992821d4b81730811a70c10711a8644e6b24d1a6633d12dc60076fa48cbb7f890f2f5f497f190fa33128d1bc3018d555afa4546aa598bfbb67ee4ded5852e9f9149b0b13d2a2aa3c0fff0c38a7b39dd574215d3f6db7145c6891bdbec66aa2227e8b1057c7e7aa5d89e2eb8ec78ec03b975a160fd3cb6d264db348f5d02bd28444a22ad1994a41048a2e0da7ca3c5d36a6d699c09c4e0e422899db28661b5dcddf0949328dfc916e70a13600c924bdcecca4a1dbfbb24af74b992e20b8be01171a8ee165ed8a8fc31f0a88896d23bab2b6e8f7dfeb9e2b1e009648091a0789d8ae992d5dbfcbb64095f4af0bd205b66f69b565754743c3a747a37c0fe326e4b7a5374747cd3843d97a6597f31cb1d400fdc3d2d5840b7c010a77ff03a5cae12702c3ddb8b7eb8d08eec4a65283c36b3ce25d3e37ae2af5bcebe1609be598920d6490dcb5bb86e3eb41b44ace7b4120f5b47a6d341b979651a0dc49c5c41d0c9e75d66bdc900546e85ff7c826730662c8cb482be12f057346515020141d0489db4cb7cfafc5d13082306de73742da038d7e7882abe6f886dcc494a8bfc51153963b40744833fdbcf35db00cc3fc80680ec46984faad68133dda95bdf36fd5608efd96e22aacaec3b2eb87f44d78d6550cf1e8a946fe15eb1b8c8a985833ca3aea0fa12d9b7770496b6e8bbb21e8b30d3d38f947b01a35a795ae85de9d4ceb0f949a320ff74325a54892153993d5749a56fb729c25354948e55a61a0dff141ee0fcb1a36698ac693455cf6bd62825bed5d1b95a5be5bfbef81e182876700a78d656d073ae224da61516dd5b9b4f8b50a8de178c9298db93be003a25b1e99fb69b91ed54e254b4b19b1c161e35a6e286b77c3467dcf1aa3e1a7efcf9b54e1f38f71f82b91aafa3fa9a46e220d512cf25a387fa0227448858c97717d5b3f8a2bd41828898c544e903496dbd0cd507262e7c8b79880e200485a24851a6fd22d9ea3e699d5c04be258c69c1fc62384822f10f7e914a5b6f519d41066347dc4784a5a9aae1bba43904019754a9a3163959101e1c1a961caea86b2710549b4223c4580ec47812bd5adaca31737e585a8c109badc393c0e0ba98e1cf1e1c136f152d68bb5e5ddd78aafc40d68efe3ea0d03acf3a4f8c3f92108b5e594dca5ffd76a0b339cf748f2658a113c8576918d596db616f71bd37d8225e781a8f4eae59cdadc6cafc528c09662d192b6469a9677cf6dfc667df1abd331c74c2429c065892550506e3ba1ff34baa8acd06b95221f184d2f72cf366240d5f0fb9585cebdf3eabfffbec95b55defb2b71ce4bbb4cd680ab21889296bda7ece5e2d4722496916d7e015c9e237510e74630ba1b4d40e3d990666f2fc4b6f051559e17ed40da41890c0b5cafb9c36a87269c047e4d6bbf9f7cd8d91230c7a13b171cde0af35af774e8273d2236f195c7a6791022120db0a2a5544555cb7bd93ec0e97eadf4d9f47e2298b8721b66bbb96c400878d50fafc7a7e27c9e8e23d69f9adf99f2883b1ed83e970345265e71915121542098c6e88a77496c953ff90d9a31a7ea0a552ed9457d4bb1292bcac0a7cb2f14be2d7eba1175336822614df5e0aab7ed17e67a88b9be7dc880b35a359ac50da91ae623e7e413ae6c03e15f5a2faa2a8d53f3fc22c6a6b39c7a0a19861a3741696a3f83b6a8f44ce0379385e398360c7471a7d9e6d2e9643f5de0bc09f30597a436557f05bad9f6c5a31bf290b3c9ed2089b7a222d669025e9ac16fb130fbf90c3afb920734e3458bfdd22e0bf014bd0d82d98cf6ea739400629e8516326fadf7aed743cc5a5cb0dfd6a218f1dd21cbff2a91e43b4f468ced1a16175e31045d0944d1795c248e1981cd17d15cd58d7da63cf59988f92242919859d2b316b9102a3424ebd0b0da2059aca6f049f744c3279ed4ba032d0b6390edc115a6ba3e48ded090fdf0e3005984ee3836734fc4bc11d6f51fd0919c2a1845faebfdb9ed13a7d002f47d35ad62768b7ad562eb7f59ea4f1abe8df317afa5b4f646ea6c6b30a01fe04d6ad9dd9dcf6ff78c3f6e9ce0365350db5e9315a31109f729e7b52bed520f071ea954ce50e23109b4eed14029c0649bdea4550b483266a34fad385f9958b5acd7bb7005dcd195fd0145a22b907edbf7ef7cc634a20ee752b0293761e309c9cfb00da10cfb2797204671fc14441f1b4569b14b5cb94e024bb300380edce74d6b74becbb6b5bbb1d10769b3cf1c4b4a1f12026830ebc93b908259827192fbf4a8b53904d2fb54c260fa0dcb32971b1d8e1b60b8d81742909e3cb8ef7154e539ac845da88150b95c699b5467a3bdf5d3a9847b127bb8cca054f3efe08fcc35e6e5a4e6787419c8a769d08a97998705300c21cdbcccb0a89ceaeb66b40dd47a82150248043c8345e4ae04e11b13563bf64dba92e7248fc7fa3ab8340a9eb09e63d10aedd4c67dc57256ec0a926c1804398a8fd767d197d1958b3e4eb3dfea44a78883c2b803774c13c6fd7e5862edec4bb2ce9e6124a256dbaf841b7ce394fabd5fae97701215d9a16c35496043d554b0a2b582f7054c5907532a397693b97a759b4b238b41215d69f5dc66c9252e659eef8e4a27ce144f7c21833764acdc5646dc2647e6adbbe89c699c726d407f14d5819ea0ad99d35ef247772c7d782a46f3605b75bd69b7ede5a89019dabb707f771ee7d4a3346f6bcf73c7cc59", 0x1000, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)="01c64c05a90a2cfd85e471b1c97c5d36092b806e9e08ba05b221791de743a8c3bc2a1cddd2a8dc265d4f8d34e3ab7734724e3c18305468cc7107fa54be2064f226cbf33d9d9341a97d0030ad07f8c7af879482a19c89fedfc3bf5d53a6f7a514e9072e08c484c948234b6aee2acd0dc9395f651576da67a92b425ab069ea88030ccd981ca87cfff3124e67eff2b75c19e84a99bd41ad14241ed1cb54ea744d96e55bcf4b095148e87d63bb41fb")
r9 = msgget$private(0x0, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000840)={'wlan0\x00', <r12=>0x0})
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r10, &(0x7f00000019c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000001900)={&(0x7f0000000880)={0x34, r11, 0x1, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8, 0x3, r12}, @val={0xc, 0x99, {0x100, 0x22}}}}, [@NL80211_ATTR_IE={0xc, 0x2a, [@mesh_chsw={0x76, 0x6, {0x5, 0x5, 0x3d, 0x8000}}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24008811}, 0x10000010)
msgsnd(r9, 0x0, 0x0, 0x800)
lstat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r13=>0x0})
newfstatat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', &(0x7f0000001940)={0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}, 0x6000)
fstat(r7, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r15=>0x0})
msgctl$IPC_SET(r9, 0x1, &(0x7f0000000340)={{0x3, r13, r14, 0xffffffffffffffff, r15, 0x181, 0x7ff}, 0x0, 0x0, 0x7, 0xd46a, 0xc, 0xf4a, 0x2, 0x2, 0x8, 0x8, r8, r8})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000780)={{0x1, 0x1, 0x18, r4, {r6, r14}}, './file0\x00'})
r16 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r16, 0x0, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0x541b, 0x0)

742.163354ms ago: executing program 1 (id=516):
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x130)
open$dir(0x0, 0x0, 0x51)
getpid()
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f88)
r3 = dup2(r2, r2)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x200020a, 0x1})
ioctl$BLKTRACESETUP(r3, 0x1276, 0x0)

491.703543ms ago: executing program 4 (id=517):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000202"], 0x18)

460.675936ms ago: executing program 1 (id=518):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='sched_process_fork\x00', r0}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = shmget(0x1, 0x4000, 0x200, &(0x7f0000ffb000/0x4000)=nil)
shmat(r2, &(0x7f0000ff9000/0x1000)=nil, 0x4000)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d300000000000000800050001040f0f080003000000080008000f00f7ffffff08000600040000000800110009000000080002"], 0x5c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000540), 0x84)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r6, 0x0)
perf_event_open(&(0x7f0000000400)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x1e, 0x12, r7, 0x0)

443.343838ms ago: executing program 4 (id=519):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="000202"], 0x18)

374.273316ms ago: executing program 4 (id=521):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
add_key(&(0x7f0000000080)='asymmetric\x00', 0x0, &(0x7f0000000980)='S', 0x1, 0xfffffffffffffffe)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, &(0x7f0000000180), &(0x7f0000000380)}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="190000000400000008000000", @ANYRES32], 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r3, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f00000000c0)=""/43, 0x2b}}, 0x120)
readv(r3, &(0x7f0000000400)=[{&(0x7f0000000480)=""/174, 0xae}], 0x1)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000400)='./file0\x00', 0xe, &(0x7f0000000480)={[{@noinit_itable}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@block_validity}, {@debug}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@stripe={'stripe', 0x3d, 0x4}}, {@abort}]}, 0x3, 0x43b, &(0x7f0000000e00)="$eJzs3MtvG0UYAPBv10lKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWkUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0Xdlzq30/admZ3nJnPs2PP7mQTQM8azv5JIvZFxO8RMVjLri4wXPvv1tLC1N9LC1NJVCpv/ZVUy91cWpgqihav25tnRtKI9LMkjjSpd+7ylfOT5fLMpTw/Nn/h/bG5y1eePXdh8uzM2ZmLE6dOnTwx/sLzE8+1Jc6sTTcPfzR79NBr71x7Y+r0tXd//jYp4m+Io02G1zv4RKXS5uq6a39dOunrYkPYklJEZN3VXx3/g1GKlc4bjFc/7WrjgI6qVCqVva0PL1aAO1gS3W4B0B3FF312/VtsOzT1uC3ceKl2AZTFfSvfakf6Is3L9Ddc37bTcEScXvznq2yLztyHAABY5fts/vNMs/lfGvfXlbs7Xxsaioh7IuJARNwbEQcj4r6IatkHIuLBLdbfuEiydv6TXt9WYJuUzf9ezNe2Vs//itlfDJXy3P5q/P3JmXPlmeP5ezIS/buy/Pg6dfzwym9ftDpWP//Ltqz+Yi6Yt+N6367Vr5menJ/8LzHXu/FJxOG+ZvEnyysBSUQciojD26zj3FPfHG11rEX8uzb1g9uwzlT5OuLJWv8vRkP8hWT99cmxu6I8c3ysOCvW+uXXq2+2qn/j/u+srP/3ND3/l+MfSurXa+e2XsfVPz5veU2z3fN/IHm7mh7I9304OT9/aTxiIHm91uj6/RMrry3yRfks/pFjzcf/gVh5J45ERHYSPxQRD0fEI3nbH42IxyLi2Drx//Ty4+9tP/7OyuKf3lL/ryQGonFP80Tp/I/frap0aCvxZ/1/spoayfds5vNvM+3a3tkMAAAA/z9pROyLJB1dTqfp6Gjt9+UPxp60PDs3//SZ2Q8uTteeERiK/rS40zVYdz90PL+sL/ITDfkT+X3jL0u7q/nRqdnydLeDhx63t8X4z/xZ6nbrgI7zvBb0LuMfepfxD73L+Ife1WT87+5GO4Cd1+z7/+MutAPYeQ3j37If9JANr//9RUe4Yxnd0LuMf+hJc7tj44fkJSTWJCK9LZoh0aFEtz+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2uPfAAAA//8SV+Y8")
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = inotify_init()
inotify_add_watch(r4, &(0x7f0000000080)='.\x00', 0xfe)
r5 = inotify_init()
dup3(r5, r4, 0x0)

23.480147ms ago: executing program 0 (id=522):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b000000000000000000000000000400000000", @ANYRES32=0x0, @ANYBLOB="000000000000000000007dc6a35394004652f5fd3832278cef41db432a8b334d6204e0ed48ec98df9ad7a3092763ff8a3d05bea5047b4459c84096dfc500000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000280)=ANY=[@ANYRESOCT=r0, @ANYRES32=r1, @ANYRES8=<r2=>r1], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1}, 0x0, &(0x7f0000000040)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
socket$kcm(0x11, 0xa, 0x300)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000007818000001000000feffff7f00030000", @ANYRES32=0x1, @ANYBLOB="0200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0500000005000000040000000300"/28], 0x50)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="000068e8e2a9b72dc7e900b319ac8df1a33dd52e4fd407b7c357e9e393cdd8c7085ffa", @ANYRES32=r4, @ANYRES64=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
r6 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r6, &(0x7f0000001040)=[{{&(0x7f00000001c0)={0x2, 0xfffe, @multicast1}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000200)="a9050000000074640000000000003552bde5c064c6", 0x15}, {&(0x7f0000000540)="174640b6d80fb2eedc81ba60ccbb9d", 0xf}], 0x2}}, {{&(0x7f00000004c0)={0x2, 0xfffc, @multicast1}, 0x10, &(0x7f00000002c0)=[{&(0x7f0000000140)="5825be57aff9352b356be67ca2746357d17879ae", 0x14}, {0x0}], 0x2}}, {{&(0x7f00000005c0)={0x2, 0x4e24, @rand_addr=0x64010101}, 0x10, &(0x7f0000000a00)=[{&(0x7f00000008c0)="fb1468e7b39dfd533dfb94facc135946ccce9d321eab2045346c31f7d78469e43a05435e40eae7653e025c3689350f56562cba641a6594d0710d79a5ee7d87006b88f708daafcd22d6e59f8a61", 0x4d}, {&(0x7f0000000940)="1ea07a608f7f0b3238f02521f14906aea0d32faf1b77ba1d416c7a4edc5e1c99e093", 0x22}, {&(0x7f0000000980)="c4479c4e657e14339cb3b4930bc8cfe55a7a80de587b648b77e6baf94fa8b7def6591b2c1b656cd8d4a520b5e98d0bfad01f2ae015e1f223edab5d12977df946052bba2d49b737f49f4a8fe8a9a05273b0048a002a050c9c", 0x58}], 0x3, &(0x7f0000000e80)=[@ip_ttl={{0x14, 0x0, 0x2, 0x10}}, @ip_ttl={{0x14, 0x0, 0x2, 0x8}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast1, @private=0xa010101}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x5}}, @ip_retopts={{0xa8, 0x0, 0x7, {[@timestamp_addr={0x44, 0x1c, 0x2c, 0x1, 0x6, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4}, {@multicast2, 0x2}, {@dev={0xac, 0x14, 0x14, 0x2d}, 0x7}]}, @cipso={0x86, 0x47, 0x3, [{0x5, 0xa, "923045debc90bf9f"}, {0x5, 0x8, "2442f437a1bd"}, {0x6, 0x11, "6495c42e2c7170e312257187ab17a3"}, {0x5, 0x8, "4f9b1901b85c"}, {0x1, 0xc, "9cfbbbaf285fa73ebf24"}, {0x0, 0xa, "1a39d732c5986fcf"}]}, @cipso={0x86, 0x32, 0xffffffffffffffff, [{0x6, 0x10, "e90c1ca8fe3eb0baa2f03568b495"}, {0x3, 0x11, "58c47be7b562e9d264e7a7553f802c"}, {0x5, 0xb, "2ee3e8d5d7f71d54b7"}]}]}}}, @ip_retopts={{0x38, 0x0, 0x7, {[@end, @ra={0x94, 0x4}, @ssrr={0x89, 0x7, 0x5c, [@multicast2]}, @noop, @end, @ssrr={0x89, 0xf, 0x4e, [@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @rand_addr=0x64010102]}, @rr={0x7, 0x7, 0xd2, [@loopback]}, @generic={0x94, 0x4, "ccea"}]}}}], 0x148}}], 0x3, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000100)={0x0, 0x0, 0x10}, 0xc)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0xffffffffffffffb0, r5, {0x4}}, './file1\x00'})
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000406a057b03000000000001090224000100000000090400000103000200092100003301220500070000000000000007"], 0x0)
fcntl$getown(r7, 0x9)
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0)
mkdir(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="18bf0032000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007ba1000000000000070180000000ffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYBLOB="7383c37acc0cc03d8b11deb9d7a3a58a3c2642328975aa046eb93eed31cb95b50c3007edb2024c9c243a51d5ac588308eb994cb08ff91ed1044cfd74ddd0f8bd1dda91ec6411e19a046ccadff8a50cffb4f066fcf28aee60ddd97885f123f6f66a26ace6242ffd38b6ffc6261dad879be6127e8eb30c15bad58a891785", @ANYBLOB="00010000a17c0d27b3048e0fda4e000080f65fd4060000000000004c8c833d3e39dde3127a33767dbe1d935daf019447b7f34dc8938fd3320d70019300000000000000004cf5744f4ed85519a9270e3504a712435320b66ac5b13095f0fff3131418ee3647292477eea2504aa39673b6cb4d9d9d2bdc84107a564d0fc586256328ef200fdaaaa8a8349f96a61e74082951cc95d0c5294b251b8d89f1e1a369176f7ce120547b00222ea736f6961b0c18432066d4132c3625fe532dc8fda67a6584857b6b4e900362a84bf4f460e2acf2290888dfd85aabe39c4168ba386c9911e5bbc464148f6864793751a64bce3679dee9ea18c8a443a9a4a7c4e6e3e6500b472b5cda6d2227b5a3b2bede5007c796077a74c2d76c3899e012577e9eff94b07528c8742ba49f0d3b276934715241d890a0e94cda47922b5dba3202396d10daff2b4e517a88cf87c71ffb74cb9c76ef"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000740)='rxrpc_skb\x00', r3, 0x0, 0x8001}, 0xffffffffffffff31)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000780)=ANY=[@ANYBLOB="5000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b000100697036746e6c00001800028014000300fe80000000000000000000000000000008000a00", @ANYRES32], 0x50}}, 0x0)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r9, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
syz_emit_ethernet(0x4a, &(0x7f0000000500)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x31}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a9646", 0xd, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x7}}}}}}}, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='kfree\x00', r10}, 0x10)

14.156978ms ago: executing program 4 (id=523):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r6}, 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x40)
syz_emit_ethernet(0x5a, &(0x7f0000000340)={@multicast, @remote, @val={@void}, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "ec7ab49f42266b558197758939c3a67064eb2413deb6d588b153902f5348321b2aa24fcea6549a091e651e6c1d3053eef4b8f189054244df8c1353433e834d4c"}}}}, 0x0)

0s ago: executing program 1 (id=524):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = inotify_init()
inotify_add_watch(r1, &(0x7f0000000080)='.\x00', 0xfe)
r2 = inotify_init()
dup3(r2, r1, 0x0)

kernel console output (not intermixed with test programs):

000000000000 RCX: 00007f01d8eacadf
[   34.156613][ T3695] RDX: 0000000000000001 RSI: 00007f01d7b060a0 RDI: 0000000000000008
[   34.164573][ T3695] RBP: 00007f01d7b06090 R08: 0000000000000000 R09: 0000000000000000
[   34.172533][ T3695] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[   34.180566][ T3695] R13: 0000000000000000 R14: 00007f01d9066058 R15: 00007ffd4b3cf108
[   34.188530][ T3695]  </TASK>
[   34.321110][   T29] audit: type=1400 audit(1729716011.206:626): avc:  denied  { create } for  pid=3700 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   34.404291][   T29] audit: type=1400 audit(1729716011.206:627): avc:  denied  { getopt } for  pid=3700 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   34.423686][   T29] audit: type=1400 audit(1729716011.206:628): avc:  denied  { listen } for  pid=3700 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   34.442602][   T29] audit: type=1400 audit(1729716011.206:629): avc:  denied  { name_bind } for  pid=3700 comm="+}[@" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   34.463801][   T29] audit: type=1400 audit(1729716011.206:630): avc:  denied  { node_bind } for  pid=3700 comm="+}[@" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   34.483948][   T29] audit: type=1326 audit(1729716011.206:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3700 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdc7f4dff9 code=0x7ffc0000
[   34.506733][   T29] audit: type=1326 audit(1729716011.206:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3700 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbdc7f4dff9 code=0x7ffc0000
[   34.618086][ T3707] netlink: 165 bytes leftover after parsing attributes in process `syz.0.110'.
[   34.639093][ T3711] bridge0: port 2(bridge_slave_1) entered disabled state
[   34.646322][ T3711] bridge0: port 1(bridge_slave_0) entered disabled state
[   34.737603][ T3707] netlink: 277 bytes leftover after parsing attributes in process `syz.0.110'.
[   34.806321][ T3714] loop7: detected capacity change from 0 to 16384
[   34.838486][ T3709] loop4: detected capacity change from 0 to 8192
[   34.839000][ T3707] loop0: detected capacity change from 0 to 512
[   34.851567][ T3714] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   34.861880][ T3709] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   34.939929][ T3707] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   34.958358][ T3714] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 16 prio class 0
[   34.992720][ T3707] EXT4-fs (loop0): orphan cleanup on readonly fs
[   35.035976][ T3707] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.110: bg 0: block 248: padding at end of block bitmap is not set
[   35.061934][ T3724] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   35.089122][ T3707] EXT4-fs error (device loop0): ext4_acquire_dquot:6879: comm syz.0.110: Failed to acquire dquot type 1
[   35.101135][ T3724] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   35.110625][ T3726] netlink: 20 bytes leftover after parsing attributes in process `syz.4.116'.
[   35.110869][ T3707] EXT4-fs (loop0): 1 truncate cleaned up
[   35.148246][ T3707] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   35.176523][ T3730] loop4: detected capacity change from 0 to 512
[   35.306488][ T3707] EXT4-fs error (device loop0): ext4_lookup:1817: inode #2: comm syz.0.110: deleted inode referenced: 12
[   35.412000][ T3273] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.602051][ T3730] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.646078][ T3747] FAULT_INJECTION: forcing a failure.
[   35.646078][ T3747] name failslab, interval 1, probability 0, space 0, times 0
[   35.658774][ T3747] CPU: 0 UID: 0 PID: 3747 Comm: syz.3.123 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[   35.669367][ T3747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   35.679419][ T3747] Call Trace:
[   35.682711][ T3747]  <TASK>
[   35.685638][ T3747]  dump_stack_lvl+0xf2/0x150
[   35.690314][ T3747]  dump_stack+0x15/0x20
[   35.694495][ T3747]  should_fail_ex+0x223/0x230
[   35.699243][ T3747]  ? __alloc_skb+0x10b/0x310
[   35.703879][ T3747]  should_failslab+0x8f/0xb0
[   35.708482][ T3747]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[   35.714303][ T3747]  __alloc_skb+0x10b/0x310
[   35.718726][ T3747]  netlink_alloc_large_skb+0xad/0xe0
[   35.724096][ T3747]  netlink_sendmsg+0x3b4/0x6e0
[   35.728900][ T3747]  ? __pfx_netlink_sendmsg+0x10/0x10
[   35.734234][ T3747]  __sock_sendmsg+0x140/0x180
[   35.738968][ T3747]  ____sys_sendmsg+0x312/0x410
[   35.743754][ T3747]  __sys_sendmsg+0x1d9/0x270
[   35.748362][ T3747]  __x64_sys_sendmsg+0x46/0x50
[   35.753172][ T3747]  x64_sys_call+0x2689/0x2d60
[   35.757858][ T3747]  do_syscall_64+0xc9/0x1c0
[   35.762364][ T3747]  ? clear_bhb_loop+0x55/0xb0
[   35.767052][ T3747]  ? clear_bhb_loop+0x55/0xb0
[   35.771740][ T3747]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   35.777646][ T3747] RIP: 0033:0x7f866715dff9
[   35.782103][ T3747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   35.801732][ T3747] RSP: 002b:00007f8665dd7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   35.810147][ T3747] RAX: ffffffffffffffda RBX: 00007f8667315f80 RCX: 00007f866715dff9
[   35.818166][ T3747] RDX: 0000000020050800 RSI: 00000000200000c0 RDI: 0000000000000003
[   35.826135][ T3747] RBP: 00007f8665dd7090 R08: 0000000000000000 R09: 0000000000000000
[   35.834102][ T3747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   35.842114][ T3747] R13: 0000000000000000 R14: 00007f8667315f80 R15: 00007fff10117e18
[   35.850152][ T3747]  </TASK>
[   36.025318][ T3730] ext4 filesystem being mounted at /33/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   36.069436][ T3751] netlink: 8 bytes leftover after parsing attributes in process `syz.2.124'.
[   36.081281][ T3274] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.123096][ T3742] loop1: detected capacity change from 0 to 32768
[   36.156618][ T3767] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   36.177145][ T3742]  loop1: p1 p2 p3 < >
[   36.185266][ T3742] loop1: p2 size 589824 extends beyond EOD, truncated
[   36.200537][ T2968]  loop1: p1 p2 p3 < p5 p6 >
[   36.215591][ T2968] loop1: p2 size 589824 extends beyond EOD, truncated
[   36.255009][ T3775] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   36.277714][ T3775] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   36.286201][ T3779] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   36.286545][ T3776] netlink: 12 bytes leftover after parsing attributes in process `syz.0.129'.
[   36.306203][ T3779] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   36.357368][ T3250] udevd[3250]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   36.367003][ T3759] udevd[3759]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[   36.378832][ T3259] udevd[3259]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   36.410749][ T3462] udevd[3462]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[   36.426714][ T3759] udevd[3759]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   36.440668][ T3790] udevd[3790]: inotify_add_watch(7, /dev/loop1p6, 10) failed: No such file or directory
[   36.446442][ T3259] udevd[3259]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   36.465072][ T3789] udevd[3789]: inotify_add_watch(7, /dev/loop1p5, 10) failed: No such file or directory
[   36.479666][ T3766] syz.2.130[3766] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   36.479870][ T3766] syz.2.130[3766] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   36.492509][ T3766] syz.2.130[3766] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   36.517607][ T3766] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   36.548774][ T3766] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   36.577020][ T3766] netlink: 28 bytes leftover after parsing attributes in process `syz.2.130'.
[   36.585941][ T3766] netlink: 28 bytes leftover after parsing attributes in process `syz.2.130'.
[   36.606698][ T3766] team0: entered promiscuous mode
[   36.611738][ T3766] team_slave_0: entered promiscuous mode
[   36.617506][ T3766] team_slave_1: entered promiscuous mode
[   36.625996][ T3766] batadv_slave_1: entered promiscuous mode
[   36.799830][ T3802] FAULT_INJECTION: forcing a failure.
[   36.799830][ T3802] name failslab, interval 1, probability 0, space 0, times 0
[   36.812533][ T3802] CPU: 0 UID: 0 PID: 3802 Comm: syz.4.142 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[   36.823147][ T3802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   36.833199][ T3802] Call Trace:
[   36.836476][ T3802]  <TASK>
[   36.839398][ T3802]  dump_stack_lvl+0xf2/0x150
[   36.843992][ T3802]  dump_stack+0x15/0x20
[   36.848259][ T3802]  should_fail_ex+0x223/0x230
[   36.853003][ T3802]  ? __kvmalloc_node_noprof+0x72/0x170
[   36.858472][ T3802]  should_failslab+0x8f/0xb0
[   36.863067][ T3802]  __kmalloc_node_noprof+0xa8/0x380
[   36.870985][ T3802]  __kvmalloc_node_noprof+0x72/0x170
[   36.876315][ T3802]  rhashtable_init_noprof+0x312/0x450
[   36.881714][ T3802]  rhltable_init_noprof+0x1e/0x40
[   36.886755][ T3802]  nf_tables_newtable+0x54d/0xee0
[   36.891843][ T3802]  nfnetlink_rcv+0xb37/0x15c0
[   36.896585][ T3802]  ? kmem_cache_free+0xdc/0x2d0
[   36.901499][ T3802]  netlink_unicast+0x599/0x670
[   36.906351][ T3802]  netlink_sendmsg+0x5cc/0x6e0
[   36.911113][ T3802]  ? __pfx_netlink_sendmsg+0x10/0x10
[   36.916391][ T3802]  __sock_sendmsg+0x140/0x180
[   36.921076][ T3802]  ____sys_sendmsg+0x312/0x410
[   36.925888][ T3802]  __sys_sendmsg+0x1d9/0x270
[   36.930494][ T3802]  __x64_sys_sendmsg+0x46/0x50
[   36.935326][ T3802]  x64_sys_call+0x2689/0x2d60
[   36.940007][ T3802]  do_syscall_64+0xc9/0x1c0
[   36.944511][ T3802]  ? clear_bhb_loop+0x55/0xb0
[   36.949199][ T3802]  ? clear_bhb_loop+0x55/0xb0
[   36.953920][ T3802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   36.959819][ T3802] RIP: 0033:0x7ff5d7f6dff9
[   36.964291][ T3802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   36.983901][ T3802] RSP: 002b:00007ff5d6be7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   36.992315][ T3802] RAX: ffffffffffffffda RBX: 00007ff5d8125f80 RCX: 00007ff5d7f6dff9
[   37.000278][ T3802] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003
[   37.008424][ T3802] RBP: 00007ff5d6be7090 R08: 0000000000000000 R09: 0000000000000000
[   37.016384][ T3802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   37.024443][ T3802] R13: 0000000000000000 R14: 00007ff5d8125f80 R15: 00007ffeb5125f18
[   37.032408][ T3802]  </TASK>
[   37.105055][ T3805] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   37.107770][ T3806] loop1: detected capacity change from 0 to 512
[   37.130073][ T3806] ext4: Unknown parameter 'permit_directio'
[   37.151808][ T3812] FAULT_INJECTION: forcing a failure.
[   37.151808][ T3812] name failslab, interval 1, probability 0, space 0, times 0
[   37.164536][ T3812] CPU: 0 UID: 0 PID: 3812 Comm: syz.3.147 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[   37.175204][ T3812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   37.185259][ T3812] Call Trace:
[   37.188528][ T3812]  <TASK>
[   37.191453][ T3812]  dump_stack_lvl+0xf2/0x150
[   37.196058][ T3812]  dump_stack+0x15/0x20
[   37.200302][ T3812]  should_fail_ex+0x223/0x230
[   37.205108][ T3812]  ? __alloc_skb+0x10b/0x310
[   37.209792][ T3812]  should_failslab+0x8f/0xb0
[   37.214431][ T3812]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[   37.220292][ T3812]  __alloc_skb+0x10b/0x310
[   37.224758][ T3812]  audit_log_start+0x368/0x6b0
[   37.229536][ T3812]  audit_seccomp+0x4b/0x130
[   37.234044][ T3812]  __seccomp_filter+0x6fa/0x1180
[   37.239081][ T3812]  ? proc_fail_nth_write+0x12a/0x150
[   37.244408][ T3812]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   37.250057][ T3812]  ? vfs_write+0x580/0x910
[   37.254509][ T3812]  __secure_computing+0x9f/0x1c0
[   37.259448][ T3812]  syscall_trace_enter+0xd1/0x1f0
[   37.264479][ T3812]  do_syscall_64+0xaa/0x1c0
[   37.268984][ T3812]  ? clear_bhb_loop+0x55/0xb0
[   37.273671][ T3812]  ? clear_bhb_loop+0x55/0xb0
[   37.278359][ T3812]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   37.284281][ T3812] RIP: 0033:0x7f866715dff9
[   37.288690][ T3812] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   37.308395][ T3812] RSP: 002b:00007f8665dd7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ef
[   37.316799][ T3812] RAX: ffffffffffffffda RBX: 00007f8667315f80 RCX: 00007f866715dff9
[   37.324838][ T3812] RDX: 00000000000072b2 RSI: 0000000000000000 RDI: 0000000000000000
[   37.332809][ T3812] RBP: 00007f8665dd7090 R08: 0000000000000004 R09: 0000000000000000
[   37.340774][ T3812] R10: 0000000020fff000 R11: 0000000000000246 R12: 0000000000000001
[   37.348752][ T3812] R13: 0000000000000000 R14: 00007f8667315f80 R15: 00007fff10117e18
[   37.356758][ T3812]  </TASK>
[   37.375302][ T3816] netlink: 165 bytes leftover after parsing attributes in process `syz.4.149'.
[   37.395047][ T3816] netlink: 277 bytes leftover after parsing attributes in process `syz.4.149'.
[   37.421788][ T3806] loop1: detected capacity change from 0 to 2048
[   37.433807][ T3816] loop4: detected capacity change from 0 to 512
[   37.454897][ T3816] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   37.463704][ T3806] EXT4-fs: Ignoring removed mblk_io_submit option
[   37.472409][ T3816] EXT4-fs (loop4): orphan cleanup on readonly fs
[   37.481398][ T3823] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   37.491901][ T3816] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.149: bg 0: block 248: padding at end of block bitmap is not set
[   37.493603][ T3806] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.527466][ T3816] EXT4-fs error (device loop4): ext4_acquire_dquot:6879: comm syz.4.149: Failed to acquire dquot type 1
[   37.538779][ T3823] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   37.555487][ T3816] EXT4-fs (loop4): 1 truncate cleaned up
[   37.563756][ T3816] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   37.613601][ T3816] EXT4-fs error (device loop4): ext4_lookup:1817: inode #2: comm syz.4.149: deleted inode referenced: 12
[   37.665521][ T3816] EXT4-fs error (device loop4): ext4_lookup:1817: inode #2: comm syz.4.149: deleted inode referenced: 12
[   37.732475][ T3274] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.742218][ T3265] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.763254][ T3834] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   37.797428][ T3834] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   37.838517][ T3838] loop1: detected capacity change from 0 to 512
[   37.861868][ T3838] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.156: corrupted in-inode xattr: invalid ea_ino
[   37.901365][ T3838] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.156: couldn't read orphan inode 15 (err -117)
[   37.937735][ T3838] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.012247][ T3265] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.051777][ T3844] netlink: 16 bytes leftover after parsing attributes in process `syz.1.157'.
[   38.309815][ T3871] FAULT_INJECTION: forcing a failure.
[   38.309815][ T3871] name failslab, interval 1, probability 0, space 0, times 0
[   38.322466][ T3871] CPU: 0 UID: 0 PID: 3871 Comm: syz.2.167 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[   38.333143][ T3871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   38.341134][ T3874] netlink: 165 bytes leftover after parsing attributes in process `syz.3.169'.
[   38.343219][ T3871] Call Trace:
[   38.343228][ T3871]  <TASK>
[   38.358391][ T3871]  dump_stack_lvl+0xf2/0x150
[   38.363016][ T3871]  dump_stack+0x15/0x20
[   38.367177][ T3871]  should_fail_ex+0x223/0x230
[   38.371902][ T3871]  ? jbd2__journal_start+0xe8/0x3e0
[   38.377161][ T3871]  should_failslab+0x8f/0xb0
[   38.381851][ T3871]  kmem_cache_alloc_noprof+0x4c/0x290
[   38.387322][ T3871]  jbd2__journal_start+0xe8/0x3e0
[   38.392358][ T3871]  __ext4_journal_start_sb+0xd5/0x340
[   38.397750][ T3871]  ext4_do_writepages+0x9c7/0x2130
[   38.402884][ T3871]  ? try_charge_memcg+0x677/0x810
[   38.407998][ T3871]  ? cgroup_rstat_updated+0x99/0x550
[   38.413284][ T3871]  ? page_counter_charge+0x21a/0x240
[   38.418621][ T3871]  ? mod_objcg_state+0x2ea/0x4f0
[   38.423585][ T3871]  ? __rcu_read_unlock+0x4e/0x70
[   38.428608][ T3871]  ? put_dec_trunc8+0x10e/0x130
[   38.433488][ T3871]  ext4_writepages+0x159/0x2e0
[   38.438337][ T3871]  ? __pfx_ext4_writepages+0x10/0x10
[   38.444494][ T3871]  do_writepages+0x1d8/0x480
[   38.449091][ T3871]  ? _raw_spin_unlock+0x26/0x50
[   38.453944][ T3871]  filemap_fdatawrite_wbc+0xdb/0x100
[   38.459230][ T3871]  file_write_and_wait_range+0xc4/0x250
[   38.464909][ T3871]  ? audit_log_vformat+0x23a/0x490
[   38.470031][ T3871]  ext4_sync_file+0x12e/0x6c0
[   38.474810][ T3871]  ? __pfx_ext4_sync_file+0x10/0x10
[   38.480065][ T3871]  vfs_fsync_range+0x116/0x130
[   38.484901][ T3871]  __se_sys_msync+0x34d/0x510
[   38.489576][ T3871]  __x64_sys_msync+0x43/0x50
[   38.494192][ T3871]  x64_sys_call+0x1074/0x2d60
[   38.498871][ T3871]  do_syscall_64+0xc9/0x1c0
[   38.503444][ T3871]  ? clear_bhb_loop+0x55/0xb0
[   38.508238][ T3871]  ? clear_bhb_loop+0x55/0xb0
[   38.512981][ T3871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.518883][ T3871] RIP: 0033:0x7fbdc7f4dff9
[   38.523294][ T3871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   38.542899][ T3871] RSP: 002b:00007fbdc6bc1038 EFLAGS: 00000246 ORIG_RAX: 000000000000001a
[   38.551310][ T3871] RAX: ffffffffffffffda RBX: 00007fbdc8105f80 RCX: 00007fbdc7f4dff9
[   38.559368][ T3871] RDX: 0000000000000006 RSI: 087abbe8d1cc6ad9 RDI: 0000000020952000
[   38.567560][ T3871] RBP: 00007fbdc6bc1090 R08: 0000000000000000 R09: 0000000000000000
[   38.575580][ T3871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   38.583544][ T3871] R13: 0000000000000000 R14: 00007fbdc8105f80 R15: 00007ffeab1da548
[   38.591550][ T3871]  </TASK>
[   38.595089][ T3871] EXT4-fs (sda1): ext4_do_writepages: jbd2_start: 9223372036854775807 pages, ino 1924; err -12
[   38.609659][ T3874] loop3: detected capacity change from 0 to 512
[   38.609911][ T3878] loop1: detected capacity change from 0 to 512
[   38.626469][ T3874] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   38.640161][ T3874] EXT4-fs (loop3): orphan cleanup on readonly fs
[   38.640551][ T3878] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.647610][ T3874] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.169: bg 0: block 248: padding at end of block bitmap is not set
[   38.659791][ T3878] ext4 filesystem being mounted at /30/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   38.684941][ T3874] __quota_error: 315 callbacks suppressed
[   38.684953][ T3874] Quota error (device loop3): write_blk: dquota write failed
[   38.698372][ T3874] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[   38.708296][ T3874] EXT4-fs error (device loop3): ext4_acquire_dquot:6879: comm syz.3.169: Failed to acquire dquot type 1
[   38.768192][   T29] audit: type=1400 audit(1729716015.646:942): avc:  denied  { read append open } for  pid=3877 comm="syz.1.170" path="/30/file0/blkio.bfq.empty_time" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   38.810355][   T29] audit: type=1400 audit(1729716015.696:943): avc:  denied  { ioctl } for  pid=3877 comm="syz.1.170" path="/30/file0/blkio.bfq.empty_time" dev="loop1" ino=18 ioctlcmd=0x660f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   38.814371][ T3874] EXT4-fs (loop3): 1 truncate cleaned up
[   38.852614][ T3265] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.865280][   T29] audit: type=1326 audit(1729716015.746:944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3870 comm="syz.2.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fbdc7f4ca3c code=0x7ffc0000
[   38.888318][   T29] audit: type=1326 audit(1729716015.746:945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3870 comm="syz.2.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fbdc7f4cadf code=0x7ffc0000
[   38.911346][   T29] audit: type=1326 audit(1729716015.746:946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3870 comm="syz.2.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fbdc7f4cc8a code=0x7ffc0000
[   38.934402][   T29] audit: type=1326 audit(1729716015.756:947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3870 comm="syz.2.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdc7f4dff9 code=0x7ffc0000
[   38.957645][   T29] audit: type=1326 audit(1729716015.756:948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3870 comm="syz.2.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdc7f4dff9 code=0x7ffc0000
[   38.987254][ T3874] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   39.002992][   T29] audit: type=1400 audit(1729716015.886:949): avc:  denied  { bind } for  pid=3886 comm="syz.2.173" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   39.033256][ T3887] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   39.045448][ T3887] SELinux: failed to load policy
[   39.085376][ T3874] EXT4-fs error (device loop3): ext4_lookup:1817: inode #2: comm syz.3.169: deleted inode referenced: 12
[   39.109157][ T3884] syz.4.171[3884] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   39.109212][ T3884] syz.4.171[3884] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   39.121077][ T3884] syz.4.171[3884] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   39.136208][ T3874] EXT4-fs error (device loop3): ext4_lookup:1817: inode #2: comm syz.3.169: deleted inode referenced: 12
[   39.159883][ T3884] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   39.169177][ T3884] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   39.189510][ T3884] team0: entered promiscuous mode
[   39.194533][ T3884] team_slave_0: entered promiscuous mode
[   39.200237][ T3884] team_slave_1: entered promiscuous mode
[   39.228931][ T3884] batadv_slave_1: entered promiscuous mode
[   39.235324][ T3278] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.262219][ T3884] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[   39.272335][ T3884] Cannot create hsr debugfs directory
[   39.317148][ T3911] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   39.347067][ T3911] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   39.371386][ T3914] FAULT_INJECTION: forcing a failure.
[   39.371386][ T3914] name failslab, interval 1, probability 0, space 0, times 0
[   39.384051][ T3914] CPU: 1 UID: 0 PID: 3914 Comm: syz.3.180 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[   39.394633][ T3914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   39.404674][ T3914] Call Trace:
[   39.408004][ T3914]  <TASK>
[   39.410923][ T3914]  dump_stack_lvl+0xf2/0x150
[   39.415585][ T3914]  dump_stack+0x15/0x20
[   39.419732][ T3914]  should_fail_ex+0x223/0x230
[   39.424407][ T3914]  ? mas_alloc_nodes+0x1d3/0x4a0
[   39.429453][ T3914]  should_failslab+0x8f/0xb0
[   39.434032][ T3914]  kmem_cache_alloc_noprof+0x4c/0x290
[   39.439416][ T3914]  mas_alloc_nodes+0x1d3/0x4a0
[   39.444247][ T3914]  mas_preallocate+0x449/0x650
[   39.449044][ T3914]  vma_link+0x93/0x370
[   39.453262][ T3914]  insert_vm_struct+0x17b/0x210
[   39.458264][ T3914]  alloc_bprm+0x4d7/0x740
[   39.462593][ T3914]  do_execveat_common+0x134/0x800
[   39.467699][ T3914]  __x64_sys_execve+0x5a/0x70
[   39.472373][ T3914]  x64_sys_call+0x1277/0x2d60
[   39.477047][ T3914]  do_syscall_64+0xc9/0x1c0
[   39.481538][ T3914]  ? clear_bhb_loop+0x55/0xb0
[   39.486275][ T3914]  ? clear_bhb_loop+0x55/0xb0
[   39.491012][ T3914]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   39.496938][ T3914] RIP: 0033:0x7f866715dff9
[   39.501340][ T3914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   39.520936][ T3914] RSP: 002b:00007f8665db6038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[   39.529472][ T3914] RAX: ffffffffffffffda RBX: 00007f8667316058 RCX: 00007f866715dff9
[   39.537435][ T3914] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000000
[   39.545395][ T3914] RBP: 00007f8665db6090 R08: 0000000000000000 R09: 0000000000000000
[   39.553384][ T3914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   39.561349][ T3914] R13: 0000000000000000 R14: 00007f8667316058 R15: 00007fff10117e18
[   39.569320][ T3914]  </TASK>
[   39.682839][ T3918] usb usb7: usbfs: interface 0 claimed by hub while '+}[@' sets config #15
[   39.705764][ T3920] process 'syz.3.183' launched './file0' with NULL argv: empty string added
[   40.029255][ T3935] __nla_validate_parse: 4 callbacks suppressed
[   40.029269][ T3935] netlink: 165 bytes leftover after parsing attributes in process `syz.2.188'.
[   40.143655][ T3935] netlink: 277 bytes leftover after parsing attributes in process `syz.2.188'.
[   40.238556][ T3935] loop2: detected capacity change from 0 to 512
[   40.250394][ T3935] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   40.271651][ T3935] EXT4-fs (loop2): orphan cleanup on readonly fs
[   40.297137][ T3935] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.188: bg 0: block 248: padding at end of block bitmap is not set
[   40.317035][ T3935] EXT4-fs error (device loop2): ext4_acquire_dquot:6879: comm syz.2.188: Failed to acquire dquot type 1
[   40.329098][ T3945] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   40.331393][ T3935] EXT4-fs (loop2): 1 truncate cleaned up
[   40.344634][ T3935] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   40.344759][ T3945] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   40.364964][ T3947] FAULT_INJECTION: forcing a failure.
[   40.364964][ T3947] name failslab, interval 1, probability 0, space 0, times 0
[   40.377732][ T3947] CPU: 1 UID: 0 PID: 3947 Comm: syz.4.192 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[   40.388321][ T3947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   40.398376][ T3947] Call Trace:
[   40.401652][ T3947]  <TASK>
[   40.404632][ T3947]  dump_stack_lvl+0xf2/0x150
[   40.409227][ T3947]  dump_stack+0x15/0x20
[   40.413434][ T3947]  should_fail_ex+0x223/0x230
[   40.418134][ T3947]  ? getname_flags+0x81/0x3b0
[   40.422882][ T3947]  should_failslab+0x8f/0xb0
[   40.427474][ T3947]  kmem_cache_alloc_noprof+0x4c/0x290
[   40.432886][ T3947]  getname_flags+0x81/0x3b0
[   40.437562][ T3947]  user_path_at+0x26/0x110
[   40.437706][ T3940] EXT4-fs error (device loop2): ext4_lookup:1817: inode #2: comm syz.2.188: deleted inode referenced: 12
[   40.441992][ T3947]  __se_sys_mount+0x248/0x2d0
[   40.457905][ T3947]  __x64_sys_mount+0x67/0x80
[   40.462500][ T3947]  x64_sys_call+0x203e/0x2d60
[   40.467218][ T3947]  do_syscall_64+0xc9/0x1c0
[   40.471720][ T3947]  ? clear_bhb_loop+0x55/0xb0
[   40.476408][ T3947]  ? clear_bhb_loop+0x55/0xb0
[   40.481086][ T3947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   40.486986][ T3947] RIP: 0033:0x7ff5d7f6dff9
[   40.491405][ T3947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   40.498707][ T3940] EXT4-fs error (device loop2): ext4_lookup:1817: inode #2: comm syz.2.188: deleted inode referenced: 12
[   40.511013][ T3947] RSP: 002b:00007ff5d6be7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   40.511035][ T3947] RAX: ffffffffffffffda RBX: 00007ff5d8125f80 RCX: 00007ff5d7f6dff9
[   40.511049][ T3947] RDX: 0000000020000800 RSI: 0000000020000700 RDI: 00000000200006c0
[   40.546586][ T3947] RBP: 00007ff5d6be7090 R08: 00000000200008c0 R09: 0000000000000000
[   40.554562][ T3947] R10: 0000000000000080 R11: 0000000000000246 R12: 0000000000000001
[   40.562567][ T3947] R13: 0000000000000000 R14: 00007ff5d8125f80 R15: 00007ffeb5125f18
[   40.570603][ T3947]  </TASK>
[   40.655929][ T3957] xt_CT: You must specify a L4 protocol and not use inversions on it
[   40.664472][ T3935] syz.2.188 (3935) used greatest stack depth: 9360 bytes left
[   40.708104][ T3270] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.804054][ T3961] netlink: 8 bytes leftover after parsing attributes in process `syz.2.197'.
[   40.913789][ T3970] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   40.923857][ T3970] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   40.951243][ T3974] netlink: 4 bytes leftover after parsing attributes in process `syz.2.202'.
[   40.962206][ T3974] bridge0: port 3(syz_tun) entered blocking state
[   40.968723][ T3974] bridge0: port 3(syz_tun) entered disabled state
[   40.975313][ T3974] syz_tun: entered allmulticast mode
[   40.983074][ T3974] syz_tun: entered promiscuous mode
[   41.081501][ T3982] netlink: 52 bytes leftover after parsing attributes in process `syz.2.205'.
[   41.090848][ T3982] unsupported nlmsg_type 40
[   41.136894][ T3986] loop2: detected capacity change from 0 to 2048
[   41.147914][ T3984] loop7: detected capacity change from 0 to 16384
[   41.155010][ T3984] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   41.167504][ T3986] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.192194][ T3270] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.216130][ T3992] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 16 prio class 0
[   41.225638][ T3992] buffer_io_error: 22 callbacks suppressed
[   41.225649][ T3992] Buffer I/O error on dev loop7, logical block 0, lost async page write
[   41.239835][ T3992] Buffer I/O error on dev loop7, logical block 1, lost async page write
[   41.248188][ T3992] Buffer I/O error on dev loop7, logical block 2, lost async page write
[   41.257244][ T3992] Buffer I/O error on dev loop7, logical block 3, lost async page write
[   41.265934][ T3992] Buffer I/O error on dev loop7, logical block 4, lost async page write
[   41.274325][ T3992] Buffer I/O error on dev loop7, logical block 5, lost async page write
[   41.282684][ T3992] Buffer I/O error on dev loop7, logical block 6, lost async page write
[   41.291041][ T3992] Buffer I/O error on dev loop7, logical block 7, lost async page write
[   41.299422][ T3992] Buffer I/O error on dev loop7, logical block 8, lost async page write
[   41.307793][ T3992] Buffer I/O error on dev loop7, logical block 9, lost async page write
[   41.533195][ T4006] FAULT_INJECTION: forcing a failure.
[   41.533195][ T4006] name failslab, interval 1, probability 0, space 0, times 0
[   41.545938][ T4006] CPU: 0 UID: 0 PID: 4006 Comm: syz.1.215 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[   41.556599][ T4006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   41.566651][ T4006] Call Trace:
[   41.569925][ T4006]  <TASK>
[   41.572851][ T4006]  dump_stack_lvl+0xf2/0x150
[   41.577466][ T4006]  dump_stack+0x15/0x20
[   41.581663][ T4006]  should_fail_ex+0x223/0x230
[   41.586355][ T4006]  ? do_handle_open+0x31e/0x570
[   41.591214][ T4006]  should_failslab+0x8f/0xb0
[   41.595809][ T4006]  __kmalloc_noprof+0xa5/0x370
[   41.600632][ T4006]  do_handle_open+0x31e/0x570
[   41.605332][ T4006]  __x64_sys_open_by_handle_at+0x46/0x50
[   41.610982][ T4006]  x64_sys_call+0x2909/0x2d60
[   41.615667][ T4006]  do_syscall_64+0xc9/0x1c0
[   41.620213][ T4006]  ? clear_bhb_loop+0x55/0xb0
[   41.624922][ T4006]  ? clear_bhb_loop+0x55/0xb0
[   41.629725][ T4006]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.635627][ T4006] RIP: 0033:0x7ff033d0dff9
[   41.640055][ T4006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.659663][ T4006] RSP: 002b:00007ff032987038 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[   41.668101][ T4006] RAX: ffffffffffffffda RBX: 00007ff033ec5f80 RCX: 00007ff033d0dff9
[   41.676084][ T4006] RDX: 0000000000009e4b RSI: 0000000020000640 RDI: 000000000000000c
[   41.684059][ T4006] RBP: 00007ff032987090 R08: 0000000000000000 R09: 0000000000000000
[   41.692024][ T4006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   41.700001][ T4006] R13: 0000000000000000 R14: 00007ff033ec5f80 R15: 00007ffe771c8068
[   41.708062][ T4006]  </TASK>
[   41.744145][ T4009] syz.4.216[4009] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   41.744203][ T4009] syz.4.216[4009] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   41.765671][ T4009] syz.4.216[4009] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   41.853444][ T4021] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=33 sclass=netlink_tcpdiag_socket pid=4021 comm=syz.4.218
[   41.933099][ T4025] netlink: 165 bytes leftover after parsing attributes in process `syz.4.220'.
[   41.957372][ T4025] netlink: 277 bytes leftover after parsing attributes in process `syz.4.220'.
[   42.027359][ T4036] loop4: detected capacity change from 0 to 512
[   42.042006][ T4036] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   42.055064][ T4036] EXT4-fs (loop4): orphan cleanup on readonly fs
[   42.062476][ T4036] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.220: bg 0: block 248: padding at end of block bitmap is not set
[   42.077105][ T4036] EXT4-fs error (device loop4): ext4_acquire_dquot:6879: comm syz.4.220: Failed to acquire dquot type 1
[   42.089890][ T4036] EXT4-fs (loop4): 1 truncate cleaned up
[   42.115018][ T4036] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   42.130070][ T4042] netlink: 165 bytes leftover after parsing attributes in process `syz.2.226'.
[   42.142968][ T4042] netlink: 277 bytes leftover after parsing attributes in process `syz.2.226'.
[   42.159828][ T4042] loop2: detected capacity change from 0 to 512
[   42.166549][ T4044] grow_buffers: requested out-of-range block 144115188076118015 for device sda1
[   42.175637][ T4044] EXT4-fs warning (device sda1): ext4_resize_fs:2019: can't read last block, resize aborted
[   42.187194][ T4046] loop1: detected capacity change from 0 to 4096
[   42.193658][ T4042] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   42.213608][ T4042] EXT4-fs (loop2): orphan cleanup on readonly fs
[   42.220994][ T4042] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.226: bg 0: block 248: padding at end of block bitmap is not set
[   42.235572][ T4042] EXT4-fs error (device loop2): ext4_acquire_dquot:6879: comm syz.2.226: Failed to acquire dquot type 1
[   42.236354][ T4046] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.247844][ T4042] EXT4-fs (loop2): 1 truncate cleaned up
[   42.267245][ T4042] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   42.280842][ T3265] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.383344][ T4054] loop0: detected capacity change from 0 to 2048
[   42.396049][ T4025] EXT4-fs error (device loop4): ext4_lookup:1817: inode #2: comm syz.4.220: deleted inode referenced: 12
[   42.413199][ T4052] loop1: detected capacity change from 0 to 8192
[   42.433550][ T4025] EXT4-fs error (device loop4): ext4_lookup:1817: inode #2: comm syz.4.220: deleted inode referenced: 12
[   42.440243][ T4052] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   42.457540][ T4042] EXT4-fs error (device loop2): ext4_lookup:1817: inode #2: comm syz.2.226: deleted inode referenced: 12
[   42.470748][ T4063] loop7: detected capacity change from 0 to 16384
[   42.475146][    C1] hrtimer: interrupt took 41674 ns
[   42.478510][ T4063] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   42.491736][ T4042] EXT4-fs error (device loop2): ext4_lookup:1817: inode #2: comm syz.2.226: deleted inode referenced: 12
[   42.491856][ T3274] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.517253][ T4052] tmpfs: Bad value for 'mpol'
[   42.540098][ T4066] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   42.558238][ T4068] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 16 prio class 0
[   42.568742][ T4066] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   42.583403][ T3270] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.617985][ T4078] loop0: detected capacity change from 0 to 512
[   42.651457][ T4078] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.677627][ T4078] ext4 filesystem being mounted at /27/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   42.715767][ T3273] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.735752][ T4098] netlink: 165 bytes leftover after parsing attributes in process `syz.0.244'.
[   42.748564][ T4098] loop0: detected capacity change from 0 to 512
[   42.755674][ T4098] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   42.764578][ T4098] EXT4-fs (loop0): orphan cleanup on readonly fs
[   42.771525][ T4098] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.244: bg 0: block 248: padding at end of block bitmap is not set
[   42.785963][ T4098] EXT4-fs error (device loop0): ext4_acquire_dquot:6879: comm syz.0.244: Failed to acquire dquot type 1
[   42.797539][ T4098] EXT4-fs (loop0): 1 truncate cleaned up
[   42.803766][ T4098] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   42.838730][ T4098] EXT4-fs error (device loop0): ext4_lookup:1817: inode #2: comm syz.0.244: deleted inode referenced: 12
[   42.850521][ T4098] EXT4-fs error (device loop0): ext4_lookup:1817: inode #2: comm syz.0.244: deleted inode referenced: 12
[   42.868820][ T3273] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.960938][ T4118] loop0: detected capacity change from 0 to 512
[   42.968052][ T4118] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   42.977069][ T4118] EXT4-fs (loop0): orphan cleanup on readonly fs
[   42.983820][ T4118] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.247: bg 0: block 248: padding at end of block bitmap is not set
[   42.998385][ T4118] EXT4-fs error (device loop0): ext4_acquire_dquot:6879: comm syz.0.247: Failed to acquire dquot type 1
[   43.010093][ T4118] EXT4-fs (loop0): 1 truncate cleaned up
[   43.017539][ T4118] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   43.048410][ T4118] EXT4-fs error (device loop0): ext4_lookup:1817: inode #2: comm syz.0.247: deleted inode referenced: 12
[   43.060411][ T4118] EXT4-fs error (device loop0): ext4_lookup:1817: inode #2: comm syz.0.247: deleted inode referenced: 12
[   43.079005][ T3273] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.226262][ T4127] loop4: detected capacity change from 0 to 256
[   43.253186][ T4127] wireguard0: entered promiscuous mode
[   43.258740][ T4127] wireguard0: entered allmulticast mode
[   43.517507][   T11] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   43.567068][ T4148] loop3: detected capacity change from 0 to 512
[   43.577308][   T11] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   43.588738][ T4148] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   43.619079][ T4148] EXT4-fs (loop3): 1 truncate cleaned up
[   43.632376][ T4148] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.671642][   T11] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   43.675391][ T4157] loop2: detected capacity change from 0 to 8192
[   43.694948][ T4139] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=33 sclass=netlink_tcpdiag_socket pid=4139 comm=syz.3.254
[   43.703067][ T4157] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   43.726256][   T29] kauditd_printk_skb: 190 callbacks suppressed
[   43.726270][   T29] audit: type=1326 audit(1729716020.616:1128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4165 comm="syz.0.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01d8eadff9 code=0x7ffc0000
[   43.757133][   T29] audit: type=1326 audit(1729716020.616:1129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4165 comm="syz.0.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01d8eadff9 code=0x7ffc0000
[   43.780598][   T29] audit: type=1326 audit(1729716020.616:1130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4165 comm="syz.0.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01d8eadff9 code=0x7ffc0000
[   43.803908][   T29] audit: type=1326 audit(1729716020.616:1131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4165 comm="syz.0.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01d8eadff9 code=0x7ffc0000
[   43.827420][   T29] audit: type=1326 audit(1729716020.616:1132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4165 comm="syz.0.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01d8eadff9 code=0x7ffc0000
[   43.839493][ T4163] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   43.850786][   T29] audit: type=1326 audit(1729716020.616:1133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4165 comm="syz.0.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01d8eadff9 code=0x7ffc0000
[   43.882305][   T29] audit: type=1326 audit(1729716020.616:1134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4165 comm="syz.0.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01d8eadff9 code=0x7ffc0000
[   43.905622][   T29] audit: type=1326 audit(1729716020.646:1135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4165 comm="syz.0.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01d8eadff9 code=0x7ffc0000
[   43.928956][   T29] audit: type=1326 audit(1729716020.646:1136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4165 comm="syz.0.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7f01d8eadff9 code=0x7ffc0000
[   43.929929][ T4163] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   43.952321][   T29] audit: type=1326 audit(1729716020.646:1137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4165 comm="syz.0.260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01d8eadff9 code=0x7ffc0000
[   43.996105][ T3278] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.009852][   T11] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   44.081218][ T4183] FAULT_INJECTION: forcing a failure.
[   44.081218][ T4183] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   44.094363][ T4183] CPU: 0 UID: 0 PID: 4183 Comm: syz.2.264 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[   44.105012][ T4183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   44.115071][ T4183] Call Trace:
[   44.118352][ T4183]  <TASK>
[   44.121321][ T4183]  dump_stack_lvl+0xf2/0x150
[   44.125928][ T4183]  dump_stack+0x15/0x20
[   44.130167][ T4183]  should_fail_ex+0x223/0x230
[   44.134882][ T4183]  should_fail+0xb/0x10
[   44.139042][ T4183]  should_fail_usercopy+0x1a/0x20
[   44.144081][ T4183]  _copy_from_user+0x1e/0xd0
[   44.148701][ T4183]  copy_msghdr_from_user+0x54/0x2a0
[   44.153911][ T4183]  __sys_sendmsg+0x171/0x270
[   44.158562][ T4183]  __x64_sys_sendmsg+0x46/0x50
[   44.163349][ T4183]  x64_sys_call+0x2689/0x2d60
[   44.168036][ T4183]  do_syscall_64+0xc9/0x1c0
[   44.172628][ T4183]  ? clear_bhb_loop+0x55/0xb0
[   44.177386][ T4183]  ? clear_bhb_loop+0x55/0xb0
[   44.182162][ T4183]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.188075][ T4183] RIP: 0033:0x7fbdc7f4dff9
[   44.192496][ T4183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   44.212106][ T4183] RSP: 002b:00007fbdc6bc1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   44.220521][ T4183] RAX: ffffffffffffffda RBX: 00007fbdc8105f80 RCX: 00007fbdc7f4dff9
[   44.228489][ T4183] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003
[   44.236456][ T4183] RBP: 00007fbdc6bc1090 R08: 0000000000000000 R09: 0000000000000000
[   44.244416][ T4183] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   44.252377][ T4183] R13: 0000000000000000 R14: 00007fbdc8105f80 R15: 00007ffeab1da548
[   44.260421][ T4183]  </TASK>
[   44.264413][   T11] bridge_slave_1: left allmulticast mode
[   44.270126][   T11] bridge_slave_1: left promiscuous mode
[   44.275892][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.283778][   T11] bridge_slave_0: left allmulticast mode
[   44.289495][   T11] bridge_slave_0: left promiscuous mode
[   44.295346][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.424297][ T4207] loop0: detected capacity change from 0 to 1024
[   44.448111][ T4216] Zero length message leads to an empty skb
[   44.454810][ T4207] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.503196][ T4220] loop3: detected capacity change from 0 to 512
[   44.516929][ T4220] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   44.530419][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   44.540502][ T4220] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   44.542580][ T4222] EXT4-fs (loop0): shut down requested (0)
[   44.554342][ T4220] EXT4-fs (loop3): 1 truncate cleaned up
[   44.567828][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   44.578281][ T4220] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.585587][   T11] bond0 (unregistering): Released all slaves
[   44.602891][ T4153] chnl_net:caif_netlink_parms(): no params data found
[   44.619931][ T3373] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   44.635547][ T3373] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   44.648028][ T3373] EXT4-fs (loop0): This should not happen!! Data will be lost
[   44.648028][ T3373] 
[   44.657672][ T3373] EXT4-fs (loop0): Total free blocks count 0
[   44.663696][ T3373] EXT4-fs (loop0): Free/Dirty block details
[   44.669583][ T3373] EXT4-fs (loop0): free_blocks=68451041280
[   44.675442][ T3373] EXT4-fs (loop0): dirty_blocks=7520
[   44.680712][ T3373] EXT4-fs (loop0): Block reservation details
[   44.686756][ T3373] EXT4-fs (loop0): i_reserved_data_blocks=470
[   44.706958][ T3278] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.728392][   T11] team0: left promiscuous mode
[   44.733185][   T11] team_slave_0: left promiscuous mode
[   44.738689][   T11] team_slave_1: left promiscuous mode
[   44.745358][   T11] batadv_slave_1: left promiscuous mode
[   44.757165][ T4229] loop2: detected capacity change from 0 to 512
[   44.770896][ T4229] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   44.785024][   T11] hsr_slave_0: left promiscuous mode
[   44.793250][   T11] hsr_slave_1: left promiscuous mode
[   44.794905][ T4229] EXT4-fs (loop2): orphan cleanup on readonly fs
[   44.806423][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   44.806599][ T4229] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.274: bg 0: block 248: padding at end of block bitmap is not set
[   44.813811][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[   44.829670][ T4229] EXT4-fs error (device loop2): ext4_acquire_dquot:6879: comm syz.2.274: Failed to acquire dquot type 1
[   44.846852][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   44.854285][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[   44.866368][ T4229] EXT4-fs (loop2): 1 truncate cleaned up
[   44.872486][   T11] veth1_macvtap: left promiscuous mode
[   44.878041][   T11] veth0_macvtap: left promiscuous mode
[   44.883552][   T11] veth1_vlan: left promiscuous mode
[   44.888790][   T11] veth0_vlan: left promiscuous mode
[   44.903181][ T4247] FAULT_INJECTION: forcing a failure.
[   44.903181][ T4247] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   44.916460][ T4247] CPU: 1 UID: 0 PID: 4247 Comm: syz.3.276 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[   44.927089][ T4247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   44.937147][ T4247] Call Trace:
[   44.940416][ T4247]  <TASK>
[   44.943335][ T4247]  dump_stack_lvl+0xf2/0x150
[   44.947962][ T4247]  dump_stack+0x15/0x20
[   44.952118][ T4247]  should_fail_ex+0x223/0x230
[   44.956827][ T4247]  should_fail_alloc_page+0xfd/0x110
[   44.962107][ T4247]  __alloc_pages_noprof+0x109/0x340
[   44.967352][ T4247]  alloc_pages_mpol_noprof+0xb1/0x1e0
[   44.972769][ T4247]  vma_alloc_folio_noprof+0x1a0/0x2f0
[   44.978141][ T4247]  do_wp_page+0x64e/0x2340
[   44.982710][ T4247]  ? dst_release+0xde/0x140
[   44.987206][ T4247]  ? __rcu_read_lock+0x36/0x50
[   44.992022][ T4247]  handle_mm_fault+0xc47/0x2a80
[   44.996883][ T4247]  exc_page_fault+0x296/0x650
[   45.001580][ T4247]  asm_exc_page_fault+0x26/0x30
[   45.006545][ T4247] RIP: 0010:__put_user_4+0x11/0x20
[   45.011649][ T4247] Code: 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90
[   45.031247][ T4247] RSP: 0018:ffffc90001867c58 EFLAGS: 00050202
[   45.037370][ T4247] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000020007ff8
[   45.045329][ T4247] RDX: 0000000020007fc0 RSI: 0000000000000000 RDI: 0000000000000000
[   45.053291][ T4247] RBP: ffffc90001867ee0 R08: ffffffff8413afdb R09: 0000000000000000
[   45.061269][ T4247] R10: 0001ffffffffffff R11: 0001888102f35df0 R12: 0000000000000001
[   45.069264][ T4247] R13: 0000000000000400 R14: 0000000000000000 R15: 0000000000000001
[   45.077286][ T4247]  ? __sys_sendmmsg+0x35b/0x500
[   45.082141][ T4247]  __sys_sendmmsg+0x37b/0x500
[   45.086830][ T4247]  __x64_sys_sendmmsg+0x57/0x70
[   45.091677][ T4247]  x64_sys_call+0xa49/0x2d60
[   45.096275][ T4247]  do_syscall_64+0xc9/0x1c0
[   45.100812][ T4247]  ? clear_bhb_loop+0x55/0xb0
[   45.105496][ T4247]  ? clear_bhb_loop+0x55/0xb0
[   45.110246][ T4247]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.116301][ T4247] RIP: 0033:0x7f866715dff9
[   45.120704][ T4247] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.140403][ T4247] RSP: 002b:00007f8665dd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   45.148808][ T4247] RAX: ffffffffffffffda RBX: 00007f8667315f80 RCX: 00007f866715dff9
[   45.156770][ T4247] RDX: 000000000800001d RSI: 0000000020007fc0 RDI: 0000000000000004
[   45.164732][ T4247] RBP: 00007f8665dd7090 R08: 0000000000000000 R09: 0000000000000000
[   45.172694][ T4247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   45.180729][ T4247] R13: 0000000000000000 R14: 00007f8667315f80 R15: 00007fff10117e18
[   45.188745][ T4247]  </TASK>
[   45.198788][ T4229] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   45.293437][ T4262] EXT4-fs error (device loop2): ext4_lookup:1817: inode #2: comm syz.2.274: deleted inode referenced: 12
[   45.295035][ T4259] loop1: detected capacity change from 0 to 512
[   45.315781][ T4262] EXT4-fs error (device loop2): ext4_lookup:1817: inode #2: comm syz.2.274: deleted inode referenced: 12
[   45.327909][ T4259] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[   45.419682][   T11] team0 (unregistering): Port device team_slave_1 removed
[   45.421221][ T4268] loop3: detected capacity change from 0 to 128
[   45.438762][   T11] team0 (unregistering): Port device team_slave_0 removed
[   45.468412][ T4270] __nla_validate_parse: 8 callbacks suppressed
[   45.468440][ T4270] netlink: 60 bytes leftover after parsing attributes in process `syz.1.279'.
[   45.484984][ T4268] syz.3.283: attempt to access beyond end of device
[   45.484984][ T4268] loop3: rw=0, sector=121, nr_sectors = 120 limit=128
[   45.534309][ T3373] kworker/u8:8: attempt to access beyond end of device
[   45.534309][ T3373] loop3: rw=1, sector=241, nr_sectors = 800 limit=128
[   45.567491][ T3270] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.591555][ T4153] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.598721][ T4153] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.607614][ T4153] bridge_slave_0: entered allmulticast mode
[   45.615622][ T4153] bridge_slave_0: entered promiscuous mode
[   45.627933][ T4153] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.635005][ T4153] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.648852][ T4283] loop3: detected capacity change from 0 to 512
[   45.658754][ T4153] bridge_slave_1: entered allmulticast mode
[   45.665152][ T4153] bridge_slave_1: entered promiscuous mode
[   45.666122][ T4285] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   45.679872][ T4285] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   45.703778][ T4153] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   45.727175][ T4153] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   45.768824][ T4153] team0: Port device team_slave_0 added
[   45.786149][ T4153] team0: Port device team_slave_1 added
[   45.825192][ T4153] batman_adv: batadv0: Adding interface: batadv_slave_0
[   45.832155][ T4153] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.858074][ T4153] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   45.890550][ T4153] batman_adv: batadv0: Adding interface: batadv_slave_1
[   45.897584][ T4153] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.923559][ T4153] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   45.978884][ T4153] hsr_slave_0: entered promiscuous mode
[   45.984977][ T4153] hsr_slave_1: entered promiscuous mode
[   45.992082][ T4153] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   45.999793][ T4153] Cannot create hsr debugfs directory
[   46.068590][ T4318] loop0: detected capacity change from 0 to 512
[   46.084292][ T4318] EXT4-fs (loop0): 1 truncate cleaned up
[   46.091534][ T4318] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.215500][ T3273] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.337903][ T4338] FAULT_INJECTION: forcing a failure.
[   46.337903][ T4338] name failslab, interval 1, probability 0, space 0, times 0
[   46.350599][ T4338] CPU: 0 UID: 0 PID: 4338 Comm: syz.0.297 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[   46.361241][ T4338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   46.371341][ T4338] Call Trace:
[   46.374664][ T4338]  <TASK>
[   46.377599][ T4338]  dump_stack_lvl+0xf2/0x150
[   46.382215][ T4338]  dump_stack+0x15/0x20
[   46.386426][ T4338]  should_fail_ex+0x223/0x230
[   46.391115][ T4338]  ? __alloc_skb+0x10b/0x310
[   46.395761][ T4338]  should_failslab+0x8f/0xb0
[   46.400381][ T4338]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[   46.406206][ T4338]  __alloc_skb+0x10b/0x310
[   46.410705][ T4338]  audit_log_start+0x368/0x6b0
[   46.415560][ T4338]  audit_seccomp+0x4b/0x130
[   46.420069][ T4338]  __seccomp_filter+0x6fa/0x1180
[   46.425019][ T4338]  ? proc_fail_nth_write+0x12a/0x150
[   46.430307][ T4338]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   46.436028][ T4338]  ? vfs_write+0x580/0x910
[   46.440459][ T4338]  __secure_computing+0x9f/0x1c0
[   46.445455][ T4338]  syscall_trace_enter+0xd1/0x1f0
[   46.450486][ T4338]  do_syscall_64+0xaa/0x1c0
[   46.454987][ T4338]  ? clear_bhb_loop+0x55/0xb0
[   46.459771][ T4338]  ? clear_bhb_loop+0x55/0xb0
[   46.464455][ T4338]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   46.470362][ T4338] RIP: 0033:0x7f01d8eadff9
[   46.474850][ T4338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   46.494520][ T4338] RSP: 002b:00007f01d7b27038 EFLAGS: 00000246 ORIG_RAX: 00000000000001c3
[   46.502998][ T4338] RAX: ffffffffffffffda RBX: 00007f01d9065f80 RCX: 00007f01d8eadff9
[   46.511026][ T4338] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000005
[   46.518998][ T4338] RBP: 00007f01d7b27090 R08: 0000000000000000 R09: 0000000000000000
[   46.526972][ T4338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   46.535036][ T4338] R13: 0000000000000000 R14: 00007f01d9065f80 R15: 00007ffd4b3cf108
[   46.543016][ T4338]  </TASK>
[   46.589972][ T4359] netlink: 24 bytes leftover after parsing attributes in process `syz.0.299'.
[   46.728733][ T4153] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   46.755192][ T4153] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   46.780098][ T4153] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   46.811621][ T4153] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   46.932978][ T4153] 8021q: adding VLAN 0 to HW filter on device bond0
[   46.970409][ T4153] 8021q: adding VLAN 0 to HW filter on device team0
[   46.990575][  T161] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.997647][  T161] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.041870][   T40] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.049027][   T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.134232][ T4153] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   47.291396][ T4153] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.384134][ T4426] loop1: detected capacity change from 0 to 512
[   47.446733][ T4426] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.510537][ T4426] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   47.596308][ T4426] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #18: comm syz.1.305: corrupted inode contents
[   47.614375][ T4153] veth0_vlan: entered promiscuous mode
[   47.645098][ T4153] veth1_vlan: entered promiscuous mode
[   47.654160][ T4426] EXT4-fs error (device loop1): ext4_dirty_inode:5984: inode #18: comm syz.1.305: mark_inode_dirty error
[   47.686419][ T4153] veth0_macvtap: entered promiscuous mode
[   47.693416][ T4426] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #18: comm syz.1.305: corrupted inode contents
[   47.718176][ T4153] veth1_macvtap: entered promiscuous mode
[   47.734821][ T4153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.745318][ T4153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.755107][ T4153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.765599][ T4153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.775473][ T4153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.785932][ T4153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.795732][ T4153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.806205][ T4153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.807895][ T4426] EXT4-fs error (device loop1): ext4_xattr_delete_inode:3006: inode #18: comm syz.1.305: mark_inode_dirty error
[   47.816697][ T4153] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.837445][ T4426] EXT4-fs error (device loop1): ext4_xattr_delete_inode:3009: inode #18: comm syz.1.305: mark inode dirty (error -117)
[   47.859962][ T4426] EXT4-fs warning (device loop1): ext4_evict_inode:276: xattr delete (err -117)
[   47.888791][ T4153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.899253][ T4153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.909154][ T4153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.919685][ T4153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.929554][ T4153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.940249][ T4153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.950095][ T4153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.960637][ T4153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.991044][ T4153] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.014328][ T4153] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.022548][ T4485] loop3: detected capacity change from 0 to 1024
[   48.023085][ T4153] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.038087][ T4153] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.046858][ T4153] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.056558][ T4485] EXT4-fs (loop3): invalid inodes per group: 0
[   48.056558][ T4485] 
[   48.102447][ T4485] capability: warning: `syz.3.310' uses deprecated v2 capabilities in a way that may be insecure
[   48.112688][ T4490] netlink: 8 bytes leftover after parsing attributes in process `syz.0.312'.
[   48.121821][ T4490] netlink: 4 bytes leftover after parsing attributes in process `syz.0.312'.
[   48.153417][ T4493] loop2: detected capacity change from 0 to 512
[   48.160740][ T4493] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   48.169879][ T4493] EXT4-fs (loop2): blocks per group (71) and clusters per group (32768) inconsistent
[   48.206662][ T4497] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub
[   48.238100][ T4503] FAULT_INJECTION: forcing a failure.
[   48.238100][ T4503] name failslab, interval 1, probability 0, space 0, times 0
[   48.250768][ T4503] CPU: 1 UID: 0 PID: 4503 Comm: syz.0.316 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[   48.261361][ T4503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   48.271414][ T4503] Call Trace:
[   48.274682][ T4503]  <TASK>
[   48.277614][ T4503]  dump_stack_lvl+0xf2/0x150
[   48.282198][ T4503]  dump_stack+0x15/0x20
[   48.286366][ T4503]  should_fail_ex+0x223/0x230
[   48.291118][ T4503]  ? __kvmalloc_node_noprof+0x72/0x170
[   48.296702][ T4503]  should_failslab+0x8f/0xb0
[   48.301286][ T4503]  __kmalloc_node_noprof+0xa8/0x380
[   48.306604][ T4503]  __kvmalloc_node_noprof+0x72/0x170
[   48.311881][ T4503]  unix_prepare_fpl+0x159/0x290
[   48.316842][ T4503]  unix_scm_to_skb+0x1a8/0x250
[   48.321599][ T4503]  unix_stream_sendmsg+0x3a2/0x880
[   48.326748][ T4503]  ? __pfx_unix_stream_sendmsg+0x10/0x10
[   48.332393][ T4503]  __sock_sendmsg+0x140/0x180
[   48.337072][ T4503]  ____sys_sendmsg+0x312/0x410
[   48.341835][ T4503]  __sys_sendmmsg+0x259/0x500
[   48.346552][ T4503]  __x64_sys_sendmmsg+0x57/0x70
[   48.351436][ T4503]  x64_sys_call+0xa49/0x2d60
[   48.356021][ T4503]  do_syscall_64+0xc9/0x1c0
[   48.360585][ T4503]  ? clear_bhb_loop+0x55/0xb0
[   48.365274][ T4503]  ? clear_bhb_loop+0x55/0xb0
[   48.370036][ T4503]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.375990][ T4503] RIP: 0033:0x7f01d8eadff9
[   48.380397][ T4503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.399998][ T4503] RSP: 002b:00007f01d7b27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   48.408405][ T4503] RAX: ffffffffffffffda RBX: 00007f01d9065f80 RCX: 00007f01d8eadff9
[   48.416366][ T4503] RDX: 0000000000000001 RSI: 00000000200014c0 RDI: 0000000000000004
[   48.424327][ T4503] RBP: 00007f01d7b27090 R08: 0000000000000000 R09: 0000000000000000
[   48.432305][ T4503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.440265][ T4503] R13: 0000000000000000 R14: 00007f01d9065f80 R15: 00007ffd4b3cf108
[   48.448232][ T4503]  </TASK>
[   48.647621][ T4518] loop2: detected capacity change from 0 to 1024
[   48.710274][ T4518] EXT4-fs (loop2): mounted filesystem 00000000-0000-0008-0000-000000000000 r/w without journal. Quota mode: none.
[   48.756744][ T4530] syz.3.325[4530] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   48.756882][ T4530] syz.3.325[4530] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   48.768519][ T4530] syz.3.325[4530] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   48.781054][ T4530] syz.3.325[4530] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   48.792600][ T4530] syz.3.325[4530] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   48.804710][ T4530] syz.3.325[4530] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   48.817884][ T4530] netlink: 'syz.3.325': attribute type 21 has an invalid length.
[   48.837890][ T4530] netlink: 132 bytes leftover after parsing attributes in process `syz.3.325'.
[   48.865816][   T29] kauditd_printk_skb: 387 callbacks suppressed
[   48.865829][   T29] audit: type=1400 audit(1729716025.746:1519): avc:  denied  { connect } for  pid=4531 comm="syz.3.326" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   48.903071][ T3270] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0008-0000-000000000000.
[   48.941649][   T29] audit: type=1400 audit(1729716025.826:1520): avc:  denied  { bind } for  pid=4535 comm="syz.3.328" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   48.961452][   T29] audit: type=1400 audit(1729716025.826:1521): avc:  denied  { setopt } for  pid=4535 comm="syz.3.328" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   48.993912][   T29] audit: type=1400 audit(1729716025.876:1522): avc:  denied  { getopt } for  pid=4535 comm="syz.3.328" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   49.024745][ T4539] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   49.042235][ T4539] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   49.051221][ T4540] Process accounting resumed
[   49.187945][ T4549] loop0: detected capacity change from 0 to 512
[   49.194517][ T4549] EXT4-fs: quotafile must be on filesystem root
[   49.218774][   T29] audit: type=1400 audit(1729716026.106:1523): avc:  denied  { name_bind } for  pid=4550 comm="syz.0.333" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[   49.286609][ T4557] loop0: detected capacity change from 0 to 2048
[   49.307063][ T4557] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.321678][   T29] audit: type=1400 audit(1729716026.206:1524): avc:  denied  { create } for  pid=4556 comm="syz.0.336" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   49.341702][   T29] audit: type=1400 audit(1729716026.206:1525): avc:  denied  { write } for  pid=4556 comm="syz.0.336" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   49.343114][ T3273] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.361561][   T29] audit: type=1400 audit(1729716026.206:1526): avc:  denied  { rmdir } for  pid=4556 comm="syz.0.336" name="control" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   49.401823][   T29] audit: type=1326 audit(1729716026.286:1527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4560 comm="syz.0.337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01d8eadff9 code=0x7ffc0000
[   49.426461][   T29] audit: type=1326 audit(1729716026.286:1528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4560 comm="syz.0.337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01d8eadff9 code=0x7ffc0000
[   49.462809][ T4566] loop0: detected capacity change from 0 to 512
[   49.469319][ T4566] EXT4-fs: Ignoring removed mblk_io_submit option
[   49.477423][ T4566] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   49.489151][ T4566] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.338: corrupted in-inode xattr: e_value out of bounds
[   49.503880][ T4566] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.338: couldn't read orphan inode 15 (err -117)
[   49.516415][ T4566] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.529824][ T4566] FAULT_INJECTION: forcing a failure.
[   49.529824][ T4566] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   49.542944][ T4566] CPU: 0 UID: 0 PID: 4566 Comm: syz.0.338 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[   49.553590][ T4566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   49.563696][ T4566] Call Trace:
[   49.566962][ T4566]  <TASK>
[   49.569901][ T4566]  dump_stack_lvl+0xf2/0x150
[   49.574476][ T4566]  dump_stack+0x15/0x20
[   49.578623][ T4566]  should_fail_ex+0x223/0x230
[   49.583348][ T4566]  should_fail+0xb/0x10
[   49.587561][ T4566]  should_fail_usercopy+0x1a/0x20
[   49.592583][ T4566]  strncpy_from_user+0x25/0x200
[   49.597439][ T4566]  ? kmem_cache_alloc_noprof+0x10c/0x290
[   49.603124][ T4566]  getname_flags+0xb0/0x3b0
[   49.607754][ T4566]  user_path_at+0x26/0x110
[   49.612174][ T4566]  path_setxattr+0x179/0x360
[   49.616760][ T4566]  ? get_pid_task+0x8e/0xc0
[   49.621287][ T4566]  __x64_sys_setxattr+0x6d/0x80
[   49.626235][ T4566]  x64_sys_call+0x2927/0x2d60
[   49.630950][ T4566]  do_syscall_64+0xc9/0x1c0
[   49.635461][ T4566]  ? clear_bhb_loop+0x55/0xb0
[   49.640206][ T4566]  ? clear_bhb_loop+0x55/0xb0
[   49.644937][ T4566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.650865][ T4566] RIP: 0033:0x7f01d8eadff9
[   49.655263][ T4566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.674860][ T4566] RSP: 002b:00007f01d7b27038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[   49.683256][ T4566] RAX: ffffffffffffffda RBX: 00007f01d9065f80 RCX: 00007f01d8eadff9
[   49.691270][ T4566] RDX: 00000000200001c0 RSI: 0000000020000100 RDI: 0000000020000180
[   49.699252][ T4566] RBP: 00007f01d7b27090 R08: 0000000000000000 R09: 0000000000000000
[   49.707201][ T4566] R10: 0000000000000386 R11: 0000000000000246 R12: 0000000000000001
[   49.715172][ T4566] R13: 0000000000000000 R14: 00007f01d9065f80 R15: 00007ffd4b3cf108
[   49.723278][ T4566]  </TASK>
[   49.740873][ T3273] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.820028][ T4578] loop0: detected capacity change from 0 to 256
[   49.830174][ T4578] FAT-fs (loop0): Directory bread(block 1285) failed
[   49.843126][ T4580] FAULT_INJECTION: forcing a failure.
[   49.843126][ T4580] name failslab, interval 1, probability 0, space 0, times 0
[   49.855832][ T4580] CPU: 0 UID: 0 PID: 4580 Comm: syz.2.344 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[   49.866486][ T4580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   49.876524][ T4580] Call Trace:
[   49.879874][ T4580]  <TASK>
[   49.882799][ T4580]  dump_stack_lvl+0xf2/0x150
[   49.887385][ T4580]  dump_stack+0x15/0x20
[   49.888450][ T4578] hub 6-0:1.0: USB hub found
[   49.891561][ T4580]  should_fail_ex+0x223/0x230
[   49.891592][ T4580]  ? radix_tree_node_alloc+0x8b/0x1e0
[   49.897111][ T4578] hub 6-0:1.0: 8 ports detected
[   49.900815][ T4580]  should_failslab+0x8f/0xb0
[   49.900839][ T4580]  kmem_cache_alloc_noprof+0x4c/0x290
[   49.921087][ T4580]  radix_tree_node_alloc+0x8b/0x1e0
[   49.926307][ T4580]  idr_get_free+0x1f5/0x550
[   49.930801][ T4580]  idr_alloc_u32+0xcb/0x180
[   49.935356][ T4580]  tcf_idr_check_alloc+0x171/0x270
[   49.940575][ T4580]  tcf_bpf_init+0x17c/0x600
[   49.945148][ T4580]  tcf_action_init_1+0x339/0x490
[   49.950103][ T4580]  tcf_action_init+0x1a0/0x530
[   49.954946][ T4580]  tc_ctl_action+0x292/0x840
[   49.959538][ T4580]  ? __pfx_tc_ctl_action+0x10/0x10
[   49.964643][ T4580]  rtnetlink_rcv_msg+0x6aa/0x710
[   49.969682][ T4580]  ? ref_tracker_free+0x3a5/0x410
[   49.974704][ T4580]  ? __dev_queue_xmit+0x161/0x2040
[   49.980024][ T4580]  ? ref_tracker_alloc+0x1f5/0x2f0
[   49.985185][ T4580]  netlink_rcv_skb+0x12c/0x230
[   49.990070][ T4580]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   49.995526][ T4580]  rtnetlink_rcv+0x1c/0x30
[   50.000004][ T4580]  netlink_unicast+0x599/0x670
[   50.004771][ T4580]  netlink_sendmsg+0x5cc/0x6e0
[   50.009543][ T4580]  ? __pfx_netlink_sendmsg+0x10/0x10
[   50.014882][ T4580]  __sock_sendmsg+0x140/0x180
[   50.019627][ T4580]  ____sys_sendmsg+0x312/0x410
[   50.024464][ T4580]  __sys_sendmsg+0x1d9/0x270
[   50.029172][ T4580]  __x64_sys_sendmsg+0x46/0x50
[   50.033933][ T4580]  x64_sys_call+0x2689/0x2d60
[   50.038708][ T4580]  do_syscall_64+0xc9/0x1c0
[   50.043203][ T4580]  ? clear_bhb_loop+0x55/0xb0
[   50.047954][ T4580]  ? clear_bhb_loop+0x55/0xb0
[   50.052713][ T4580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.058601][ T4580] RIP: 0033:0x7fbdc7f4dff9
[   50.063003][ T4580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   50.082626][ T4580] RSP: 002b:00007fbdc6bc1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   50.091075][ T4580] RAX: ffffffffffffffda RBX: 00007fbdc8105f80 RCX: 00007fbdc7f4dff9
[   50.099061][ T4580] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000006
[   50.107020][ T4580] RBP: 00007fbdc6bc1090 R08: 0000000000000000 R09: 0000000000000000
[   50.115052][ T4580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   50.123130][ T4580] R13: 0000000000000000 R14: 00007fbdc8105f80 R15: 00007ffeab1da548
[   50.131093][ T4580]  </TASK>
[   50.192146][ T4581] hub 6-0:1.0: USB hub found
[   50.197046][ T4581] hub 6-0:1.0: 8 ports detected
[   50.491076][ T3265] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.524472][ T4584] loop1: detected capacity change from 0 to 512
[   50.540200][ T4584] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   50.568385][ T4584] EXT4-fs (loop1): 1 truncate cleaned up
[   50.574417][ T4584] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.581757][ T4591] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   50.606607][ T4584] FAULT_INJECTION: forcing a failure.
[   50.606607][ T4584] name failslab, interval 1, probability 0, space 0, times 0
[   50.609963][ T4593] syz.2.349[4593] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   50.619217][ T4584] CPU: 0 UID: 0 PID: 4584 Comm: syz.1.345 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[   50.619242][ T4584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   50.619252][ T4584] Call Trace:
[   50.619258][ T4584]  <TASK>
[   50.619264][ T4584]  dump_stack_lvl+0xf2/0x150
[   50.630543][ T4593] syz.2.349[4593] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   50.640992][ T4584]  dump_stack+0x15/0x20
[   50.641014][ T4584]  should_fail_ex+0x223/0x230
[   50.651188][ T4593] syz.2.349[4593] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   50.654322][ T4584]  ? ext4_alloc_inode+0x38/0x320
[   50.698053][ T4584]  should_failslab+0x8f/0xb0
[   50.702639][ T4584]  kmem_cache_alloc_lru_noprof+0x51/0x2a0
[   50.708354][ T4584]  ? __ext4_check_dir_entry+0x36b/0x500
[   50.713969][ T4584]  ext4_alloc_inode+0x38/0x320
[   50.718780][ T4584]  ? __pfx_ext4_alloc_inode+0x10/0x10
[   50.724221][ T4584]  alloc_inode+0x3c/0x160
[   50.728619][ T4584]  iget_locked+0xf2/0x5d0
[   50.732985][ T4584]  __ext4_iget+0x17c/0x1dd0
[   50.737559][ T4584]  ? __d_alloc+0x3d/0x340
[   50.741900][ T4584]  ext4_lookup+0x15b/0x390
[   50.746369][ T4584]  lookup_one_qstr_excl+0xc7/0x1a0
[   50.751473][ T4584]  do_renameat2+0x4c2/0xa60
[   50.755993][ T4584]  __x64_sys_renameat2+0x82/0xa0
[   50.760920][ T4584]  x64_sys_call+0x2cf1/0x2d60
[   50.765616][ T4584]  do_syscall_64+0xc9/0x1c0
[   50.770141][ T4584]  ? clear_bhb_loop+0x55/0xb0
[   50.774813][ T4584]  ? clear_bhb_loop+0x55/0xb0
[   50.779566][ T4584]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.785482][ T4584] RIP: 0033:0x7ff033d0dff9
[   50.789946][ T4584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   50.809555][ T4584] RSP: 002b:00007ff032987038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[   50.818033][ T4584] RAX: ffffffffffffffda RBX: 00007ff033ec5f80 RCX: 00007ff033d0dff9
[   50.826042][ T4584] RDX: ffffffffffffff9c RSI: 0000000020000400 RDI: 0000000000000004
[   50.834004][ T4584] RBP: 00007ff032987090 R08: 0000000000000004 R09: 0000000000000000
[   50.841973][ T4584] R10: 0000000020000440 R11: 0000000000000246 R12: 0000000000000001
[   50.849943][ T4584] R13: 0000000000000000 R14: 00007ff033ec5f80 R15: 00007ffe771c8068
[   50.857919][ T4584]  </TASK>
[   50.871775][ T4591] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   50.942451][ T4593] loop2: detected capacity change from 0 to 8192
[   50.950401][ T3265] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.959953][ T4593] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   51.083746][ T4615] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[   51.099078][ T4615] netdevsim netdevsim1 netdevsim1: entered promiscuous mode
[   51.107689][ T4615] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[   51.116480][ T4615] Cannot create hsr debugfs directory
[   51.166233][ T4625] netlink: 8 bytes leftover after parsing attributes in process `syz.1.362'.
[   51.178180][ T4625] loop1: detected capacity change from 0 to 512
[   51.184736][ T4625] EXT4-fs: Ignoring removed orlov option
[   51.190783][ T4625] ext3: Unknown parameter 'fowner'
[   51.377825][ T4640] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   51.392829][ T4640] vhci_hcd: default hub control req: d300 v0000 i0000 l0
[   51.440349][ T4638] loop3: detected capacity change from 0 to 512
[   51.465377][ T4638] EXT4-fs: Ignoring removed oldalloc option
[   51.503727][ T4638] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   51.543635][ T4638] EXT4-fs (loop3): 1 truncate cleaned up
[   51.564836][ T4638] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.660406][ T3278] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.743949][ T4647] FAULT_INJECTION: forcing a failure.
[   51.743949][ T4647] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   51.757033][ T4647] CPU: 0 UID: 0 PID: 4647 Comm: syz.4.370 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[   51.767705][ T4647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   51.777807][ T4647] Call Trace:
[   51.781066][ T4647]  <TASK>
[   51.784033][ T4647]  dump_stack_lvl+0xf2/0x150
[   51.788675][ T4647]  dump_stack+0x15/0x20
[   51.792817][ T4647]  should_fail_ex+0x223/0x230
[   51.797528][ T4647]  should_fail+0xb/0x10
[   51.801701][ T4647]  should_fail_usercopy+0x1a/0x20
[   51.806745][ T4647]  _copy_from_user+0x1e/0xd0
[   51.811417][ T4647]  copy_msghdr_from_user+0x54/0x2a0
[   51.816634][ T4647]  __sys_recvmsg+0x160/0x270
[   51.821227][ T4647]  __x64_sys_recvmsg+0x46/0x50
[   51.826088][ T4647]  x64_sys_call+0xb84/0x2d60
[   51.830668][ T4647]  do_syscall_64+0xc9/0x1c0
[   51.835304][ T4647]  ? clear_bhb_loop+0x55/0xb0
[   51.839989][ T4647]  ? clear_bhb_loop+0x55/0xb0
[   51.844700][ T4647]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.850676][ T4647] RIP: 0033:0x7f46d65cdff9
[   51.855149][ T4647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.874806][ T4647] RSP: 002b:00007f46d5241038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[   51.883203][ T4647] RAX: ffffffffffffffda RBX: 00007f46d6785f80 RCX: 00007f46d65cdff9
[   51.891158][ T4647] RDX: 0000000000000100 RSI: 0000000020000340 RDI: 0000000000000003
[   51.899109][ T4647] RBP: 00007f46d5241090 R08: 0000000000000000 R09: 0000000000000000
[   51.907069][ T4647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   51.915035][ T4647] R13: 0000000000000000 R14: 00007f46d6785f80 R15: 00007ffebebe1098
[   51.922992][ T4647]  </TASK>
[   51.957997][ T4651] loop3: detected capacity change from 0 to 512
[   51.969088][ T4651] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.981798][ T4651] ext4 filesystem being mounted at /87/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   52.063798][ T3278] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.171861][ T4688] netlink: 8 bytes leftover after parsing attributes in process `syz.1.385'.
[   52.191875][ T4691] loop3: detected capacity change from 0 to 1024
[   52.199011][ T4688] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   52.205721][ T4691] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   52.266618][ T4691] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.288595][ T4700] loop4: detected capacity change from 0 to 512
[   52.303787][ T4700] EXT4-fs: Ignoring removed orlov option
[   52.312550][ T4700] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   52.333392][ T3278] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.342729][ T4700] EXT4-fs (loop4): 1 orphan inode deleted
[   52.348499][ T4700] EXT4-fs (loop4): 1 truncate cleaned up
[   52.354499][ T4700] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.434018][ T4709] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[   52.443759][ T4153] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.507405][ T4723] loop3: detected capacity change from 0 to 764
[   52.508558][ T4721] loop4: detected capacity change from 0 to 256
[   52.521663][ T4721] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   52.533538][ T4727] sch_tbf: burst 53766 is lower than device lo mtu (65550) !
[   52.542028][ T4721] Cannot find set identified by id 0 to match
[   52.545812][ T4725] loop0: detected capacity change from 0 to 1024
[   52.559357][ T4723] rock: directory entry would overflow storage
[   52.560404][ T4725] EXT4-fs: Ignoring removed orlov option
[   52.565595][ T4723] rock: sig=0x4654, size=5, remaining=4
[   52.571274][ T4725] EXT4-fs: Ignoring removed nomblk_io_submit option
[   52.626935][ T4725] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.642288][ T4730] loop4: detected capacity change from 0 to 256
[   52.654860][ T4734] tmpfs: Bad value for 'mpol'
[   52.655963][ T4737] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   52.674928][ T4730] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   52.679013][ T4739] loop7: detected capacity change from 0 to 16384
[   52.759072][ T3273] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.803995][ T4751] loop0: detected capacity change from 0 to 128
[   52.816460][ T4751] EXT4-fs: Ignoring removed orlov option
[   52.834029][ T4751] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   52.847186][ T4751] ext4 filesystem being mounted at /67/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   52.881197][ T4739] I/O error, dev loop7, sector 10240 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   52.892173][ T4739] I/O error, dev loop7, sector 10240 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   52.901691][ T4739] buffer_io_error: 22 callbacks suppressed
[   52.901702][ T4739] Buffer I/O error on dev loop7, logical block 1280, async page read
[   52.922340][ T4738] I/O error, dev loop7, sector 8312 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[   52.932295][ T4738] Buffer I/O error on dev loop7, logical block 1039, lost async page write
[   52.941086][ T4738] Buffer I/O error on dev loop7, logical block 1040, lost async page write
[   52.949895][ T4738] Buffer I/O error on dev loop7, logical block 1041, lost async page write
[   52.958513][ T4738] Buffer I/O error on dev loop7, logical block 1042, lost async page write
[   52.967138][ T4738] Buffer I/O error on dev loop7, logical block 1043, lost async page write
[   52.975743][ T4738] Buffer I/O error on dev loop7, logical block 1044, lost async page write
[   52.984373][ T4738] Buffer I/O error on dev loop7, logical block 1045, lost async page write
[   52.992974][ T4738] Buffer I/O error on dev loop7, logical block 1046, lost async page write
[   53.001572][ T4738] Buffer I/O error on dev loop7, logical block 1047, lost async page write
[   53.012170][ T3273] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   53.013385][ T4738] I/O error, dev loop7, sector 9336 op 0x1:(WRITE) flags 0x800 phys_seg 113 prio class 0
[   53.065713][ T4764] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   53.079096][ T4764] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   53.228766][ T4773] FAULT_INJECTION: forcing a failure.
[   53.228766][ T4773] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   53.241890][ T4773] CPU: 0 UID: 0 PID: 4773 Comm: syz.2.413 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[   53.252493][ T4773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   53.262533][ T4773] Call Trace:
[   53.265803][ T4773]  <TASK>
[   53.268733][ T4773]  dump_stack_lvl+0xf2/0x150
[   53.273381][ T4773]  dump_stack+0x15/0x20
[   53.277521][ T4773]  should_fail_ex+0x223/0x230
[   53.282203][ T4773]  should_fail+0xb/0x10
[   53.286366][ T4773]  should_fail_usercopy+0x1a/0x20
[   53.291466][ T4773]  _copy_from_iter+0xd3/0xd20
[   53.296164][ T4773]  ? perf_tp_event+0xfc1/0x1000
[   53.301033][ T4773]  copy_page_from_iter+0x14f/0x280
[   53.306225][ T4773]  tun_get_user+0x686/0x24e0
[   53.310842][ T4773]  ? kstrtoull+0x110/0x140
[   53.315248][ T4773]  ? ref_tracker_alloc+0x1f5/0x2f0
[   53.320375][ T4773]  tun_chr_write_iter+0x188/0x240
[   53.325398][ T4773]  vfs_write+0x76a/0x910
[   53.329680][ T4773]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   53.335261][ T4773]  ksys_write+0xeb/0x1b0
[   53.339507][ T4773]  __x64_sys_write+0x42/0x50
[   53.344124][ T4773]  x64_sys_call+0x27dd/0x2d60
[   53.348785][ T4773]  do_syscall_64+0xc9/0x1c0
[   53.353269][ T4773]  ? clear_bhb_loop+0x55/0xb0
[   53.357939][ T4773]  ? clear_bhb_loop+0x55/0xb0
[   53.362641][ T4773]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.368521][ T4773] RIP: 0033:0x7fbdc7f4cadf
[   53.372973][ T4773] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[   53.392703][ T4773] RSP: 002b:00007fbdc6bc1000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   53.401096][ T4773] RAX: ffffffffffffffda RBX: 00007fbdc8105f80 RCX: 00007fbdc7f4cadf
[   53.409120][ T4773] RDX: 000000000000002a RSI: 0000000020000300 RDI: 00000000000000c8
[   53.417106][ T4773] RBP: 00007fbdc6bc1090 R08: 0000000000000000 R09: 0000000000000000
[   53.425156][ T4773] R10: 000000000000002a R11: 0000000000000293 R12: 0000000000000001
[   53.433123][ T4773] R13: 0000000000000000 R14: 00007fbdc8105f80 R15: 00007ffeab1da548
[   53.441159][ T4773]  </TASK>
[   53.498611][ T4783] FAULT_INJECTION: forcing a failure.
[   53.498611][ T4783] name failslab, interval 1, probability 0, space 0, times 0
[   53.511429][ T4783] CPU: 0 UID: 0 PID: 4783 Comm: syz.2.417 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[   53.522014][ T4783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   53.532066][ T4783] Call Trace:
[   53.535331][ T4783]  <TASK>
[   53.538262][ T4783]  dump_stack_lvl+0xf2/0x150
[   53.542979][ T4783]  dump_stack+0x15/0x20
[   53.547203][ T4783]  should_fail_ex+0x223/0x230
[   53.551877][ T4783]  ? selinux_bpf_prog_load+0x35/0xe0
[   53.557153][ T4783]  should_failslab+0x8f/0xb0
[   53.561736][ T4783]  __kmalloc_cache_noprof+0x4b/0x2a0
[   53.567019][ T4783]  ? should_fail+0xb/0x10
[   53.571462][ T4783]  selinux_bpf_prog_load+0x35/0xe0
[   53.576563][ T4783]  security_bpf_prog_load+0x47/0x80
[   53.581798][ T4783]  bpf_prog_load+0xe81/0x1070
[   53.586472][ T4783]  ? __rcu_read_unlock+0x4e/0x70
[   53.591446][ T4783]  __sys_bpf+0x463/0x7a0
[   53.595678][ T4783]  __x64_sys_bpf+0x43/0x50
[   53.600170][ T4783]  x64_sys_call+0x2625/0x2d60
[   53.604931][ T4783]  do_syscall_64+0xc9/0x1c0
[   53.609469][ T4783]  ? clear_bhb_loop+0x55/0xb0
[   53.614155][ T4783]  ? clear_bhb_loop+0x55/0xb0
[   53.618870][ T4783]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.624759][ T4783] RIP: 0033:0x7fbdc7f4dff9
[   53.629169][ T4783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.648863][ T4783] RSP: 002b:00007fbdc6bc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   53.657264][ T4783] RAX: ffffffffffffffda RBX: 00007fbdc8105f80 RCX: 00007fbdc7f4dff9
[   53.665224][ T4783] RDX: 0000000000000080 RSI: 00000000200002c0 RDI: 0000000000000005
[   53.673182][ T4783] RBP: 00007fbdc6bc1090 R08: 0000000000000000 R09: 0000000000000000
[   53.681140][ T4783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.689149][ T4783] R13: 0000000000000001 R14: 00007fbdc8105f80 R15: 00007ffeab1da548
[   53.697208][ T4783]  </TASK>
[   53.830645][ T4801] netlink: 36 bytes leftover after parsing attributes in process `syz.3.425'.
[   53.832816][ T4789] bond1: entered promiscuous mode
[   53.844572][ T4789] bond1: entered allmulticast mode
[   53.850148][ T4789] 8021q: adding VLAN 0 to HW filter on device bond1
[   53.858144][ T4806] loop0: detected capacity change from 0 to 1024
[   53.868330][ T4789] bond1 (unregistering): Released all slaves
[   53.881114][   T29] kauditd_printk_skb: 364 callbacks suppressed
[   53.881200][   T29] audit: type=1400 audit(1729716030.766:1887): avc:  denied  { ioctl } for  pid=4800 comm="+}[@" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   53.916506][ T4806] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.938074][   T29] audit: type=1326 audit(1729716030.826:1888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4794 comm="syz.0.419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f01d8eac990 code=0x7ffc0000
[   53.943458][ T4809] 9pnet_fd: Insufficient options for proto=fd
[   53.967825][   T29] audit: type=1326 audit(1729716030.856:1889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4794 comm="syz.0.419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f01d8eacd77 code=0x7ffc0000
[   53.995175][   T29] audit: type=1326 audit(1729716030.856:1890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4794 comm="syz.0.419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f01d8eac990 code=0x7ffc0000
[   54.018623][   T29] audit: type=1326 audit(1729716030.856:1891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4794 comm="syz.0.419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01d8eadff9 code=0x7ffc0000
[   54.042046][   T29] audit: type=1326 audit(1729716030.856:1892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4794 comm="syz.0.419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01d8eadff9 code=0x7ffc0000
[   54.065638][   T29] audit: type=1326 audit(1729716030.856:1893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4794 comm="syz.0.419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01d8eadff9 code=0x7ffc0000
[   54.089128][   T29] audit: type=1326 audit(1729716030.856:1894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4794 comm="syz.0.419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01d8eadff9 code=0x7ffc0000
[   54.112475][   T29] audit: type=1326 audit(1729716030.856:1895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4794 comm="syz.0.419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01d8eadff9 code=0x7ffc0000
[   54.135843][   T29] audit: type=1326 audit(1729716030.856:1896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4794 comm="syz.0.419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01d8eadff9 code=0x7ffc0000
[   54.171017][ T4812] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   54.182194][ T4812] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   54.200662][ T4812] bond0 (unregistering): Released all slaves
[   54.274783][ T4828] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   54.290803][ T4828] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   54.316366][ T4832] loop1: detected capacity change from 0 to 256
[   54.326963][ T4832] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   54.380256][ T4838] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4838 comm=syz.4.440
[   54.514314][ T4845] random: crng reseeded on system resumption
[   54.604288][ T3273] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.680253][ T4862] xt_connbytes: Forcing CT accounting to be enabled
[   54.687887][ T4862] Cannot find add_set index 0 as target
[   54.967345][ T4868] loop2: detected capacity change from 0 to 512
[   54.973849][ T4868] EXT4-fs: Ignoring removed orlov option
[   54.980740][ T4868] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   54.991792][ T4868] EXT4-fs (loop2): 1 orphan inode deleted
[   54.997557][ T4868] EXT4-fs (loop2): 1 truncate cleaned up
[   55.005442][ T4868] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   55.020257][ T4868] FAULT_INJECTION: forcing a failure.
[   55.020257][ T4868] name failslab, interval 1, probability 0, space 0, times 0
[   55.032937][ T4868] CPU: 1 UID: 0 PID: 4868 Comm: syz.2.451 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[   55.043526][ T4868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   55.053563][ T4868] Call Trace:
[   55.056827][ T4868]  <TASK>
[   55.059739][ T4868]  dump_stack_lvl+0xf2/0x150
[   55.064378][ T4868]  dump_stack+0x15/0x20
[   55.068513][ T4868]  should_fail_ex+0x223/0x230
[   55.073262][ T4868]  ? security_inode_init_security+0xbd/0x330
[   55.079293][ T4868]  should_failslab+0x8f/0xb0
[   55.083868][ T4868]  __kmalloc_noprof+0xa5/0x370
[   55.088700][ T4868]  ? __pfx_ext4_initxattrs+0x10/0x10
[   55.094030][ T4868]  security_inode_init_security+0xbd/0x330
[   55.099890][ T4868]  ext4_init_security+0x34/0x40
[   55.104758][ T4868]  __ext4_new_inode+0x203a/0x2230
[   55.109773][ T4868]  ext4_create+0x172/0x2f0
[   55.114193][ T4868]  vfs_create+0x19c/0x2b0
[   55.118638][ T4868]  do_mknodat+0x2a4/0x420
[   55.122984][ T4868]  __x64_sys_mknod+0x51/0x60
[   55.127563][ T4868]  x64_sys_call+0x2657/0x2d60
[   55.132225][ T4868]  do_syscall_64+0xc9/0x1c0
[   55.136708][ T4868]  ? clear_bhb_loop+0x55/0xb0
[   55.141485][ T4868]  ? clear_bhb_loop+0x55/0xb0
[   55.146176][ T4868]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.152104][ T4868] RIP: 0033:0x7fbdc7f4dff9
[   55.156552][ T4868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.176148][ T4868] RSP: 002b:00007fbdc6bc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[   55.184575][ T4868] RAX: ffffffffffffffda RBX: 00007fbdc8105f80 RCX: 00007fbdc7f4dff9
[   55.192614][ T4868] RDX: 0000000000000704 RSI: 0000000000000000 RDI: 0000000020000000
[   55.200575][ T4868] RBP: 00007fbdc6bc1090 R08: 0000000000000000 R09: 0000000000000000
[   55.208531][ T4868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.216493][ T4868] R13: 0000000000000000 R14: 00007fbdc8105f80 R15: 00007ffeab1da548
[   55.224484][ T4868]  </TASK>
[   55.257664][ T4873] netlink: 87 bytes leftover after parsing attributes in process `syz.1.452'.
[   55.361253][ T4876] loop3: detected capacity change from 0 to 2048
[   55.368466][ T4876] EXT4-fs: Ignoring removed nomblk_io_submit option
[   55.425233][ T4876] loop3: detected capacity change from 2048 to 64
[   55.442867][ T4876] syz.3.454: attempt to access beyond end of device
[   55.442867][ T4876] loop3: rw=34817, sector=448, nr_sectors = 1536 limit=64
[   55.456785][ T4876] syz.3.454: attempt to access beyond end of device
[   55.456785][ T4876] loop3: rw=2051, sector=448, nr_sectors = 1600 limit=64
[   55.470400][ T4876] EXT4-fs (loop3): discard request in group:0 block:7 count:400 failed with -5
[   55.479622][ T4876] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: IO failure
[   55.529408][ T4877] kmmpd-loop3: attempt to access beyond end of device
[   55.529408][ T4877] loop3: rw=14337, sector=256, nr_sectors = 4 limit=64
[   55.555022][ T4886] netlink: 388 bytes leftover after parsing attributes in process `syz.4.458'.
[   55.624309][ T4891] loop0: detected capacity change from 0 to 512
[   55.625458][ T4890] loop4: detected capacity change from 0 to 512
[   55.726993][   T40] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.756039][ T4897] loop7: detected capacity change from 0 to 16384
[   55.762674][ T4897] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   55.778556][   T40] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.820525][   T40] bond0: (slave netdevsim1): Releasing backup interface
[   55.828532][ T4907] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 16 prio class 0
[   55.830927][   T40] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.892657][ T4898] chnl_net:caif_netlink_parms(): no params data found
[   55.913634][   T40] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.937200][ T4898] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.944229][ T4898] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.951412][ T4898] bridge_slave_0: entered allmulticast mode
[   55.958065][ T4898] bridge_slave_0: entered promiscuous mode
[   55.966973][ T4898] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.974007][ T4898] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.981785][ T4898] bridge_slave_1: entered allmulticast mode
[   55.988221][ T4898] bridge_slave_1: entered promiscuous mode
[   56.005420][ T4898] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   56.016093][ T4898] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   56.047003][   T40] bridge_slave_1: left allmulticast mode
[   56.052640][   T40] bridge_slave_1: left promiscuous mode
[   56.058343][   T40] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.066078][   T40] bridge_slave_0: left allmulticast mode
[   56.071708][   T40] bridge_slave_0: left promiscuous mode
[   56.077359][   T40] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.168706][   T40] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   56.189581][   T40] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   56.198376][ T4920] loop1: detected capacity change from 0 to 2048
[   56.206437][ T4920] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[   56.220477][   T40] bond0 (unregistering): Released all slaves
[   56.230478][ T4898] team0: Port device team_slave_0 added
[   56.239372][ T4898] team0: Port device team_slave_1 added
[   56.260481][ T4898] batman_adv: batadv0: Adding interface: batadv_slave_0
[   56.267525][ T4898] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.293423][ T4898] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   56.315260][ T4898] batman_adv: batadv0: Adding interface: batadv_slave_1
[   56.322296][ T4898] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.348218][ T4898] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   56.409607][ T4932] ip6t_rpfilter: unknown options
[   56.487680][ T4931] netlink: '+}[@': attribute type 10 has an invalid length.
[   56.514994][ T4931] 8021q: adding VLAN 0 to HW filter on device batadv0
[   56.522668][ T4931] team0: Port device batadv0 added
[   56.549303][ T4898] hsr_slave_0: entered promiscuous mode
[   56.555496][ T4898] hsr_slave_1: entered promiscuous mode
[   56.562621][ T4898] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   56.573296][ T4898] Cannot create hsr debugfs directory
[   56.584470][   T40] hsr_slave_0: left promiscuous mode
[   56.610190][   T40] hsr_slave_1: left promiscuous mode
[   56.629003][   T40] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   56.636661][   T40] batman_adv: batadv0: Removing interface: batadv_slave_0
[   56.644843][   T40] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   56.652317][   T40] batman_adv: batadv0: Removing interface: batadv_slave_1
[   56.664068][   T40] veth1_macvtap: left promiscuous mode
[   56.669575][   T40] veth0_macvtap: left promiscuous mode
[   56.675059][   T40] veth1_vlan: left promiscuous mode
[   56.680340][   T40] veth0_vlan: left promiscuous mode
[   56.752927][   T40] team0 (unregistering): Port device team_slave_1 removed
[   56.762406][   T40] team0 (unregistering): Port device team_slave_0 removed
[   56.796208][ T4944] netlink: 'syz.1.472': attribute type 10 has an invalid length.
[   56.806812][ T4944] 8021q: adding VLAN 0 to HW filter on device batadv0
[   56.814160][ T4944] team0: Port device batadv0 added
[   56.823768][ T4949] netlink: 52 bytes leftover after parsing attributes in process `syz.0.474'.
[   56.876581][ T4961] FAULT_INJECTION: forcing a failure.
[   56.876581][ T4961] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   56.889787][ T4961] CPU: 0 UID: 0 PID: 4961 Comm: syz.1.476 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[   56.900438][ T4961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   56.910481][ T4961] Call Trace:
[   56.913747][ T4961]  <TASK>
[   56.916671][ T4961]  dump_stack_lvl+0xf2/0x150
[   56.921252][ T4961]  dump_stack+0x15/0x20
[   56.925399][ T4961]  should_fail_ex+0x223/0x230
[   56.930073][ T4961]  should_fail+0xb/0x10
[   56.934234][ T4961]  should_fail_usercopy+0x1a/0x20
[   56.939254][ T4961]  _copy_from_user+0x1e/0xd0
[   56.943888][ T4961]  copy_msghdr_from_user+0x54/0x2a0
[   56.949161][ T4961]  __sys_sendmsg+0x171/0x270
[   56.953757][ T4961]  __x64_sys_sendmsg+0x46/0x50
[   56.958583][ T4961]  x64_sys_call+0x2689/0x2d60
[   56.963300][ T4961]  do_syscall_64+0xc9/0x1c0
[   56.967799][ T4961]  ? clear_bhb_loop+0x55/0xb0
[   56.972529][ T4961]  ? clear_bhb_loop+0x55/0xb0
[   56.977236][ T4961]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.983203][ T4961] RIP: 0033:0x7ff033d0dff9
[   56.987613][ T4961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.007299][ T4961] RSP: 002b:00007ff032987038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   57.015701][ T4961] RAX: ffffffffffffffda RBX: 00007ff033ec5f80 RCX: 00007ff033d0dff9
[   57.023660][ T4961] RDX: 0000000000000000 RSI: 0000000020000600 RDI: 0000000000000003
[   57.031620][ T4961] RBP: 00007ff032987090 R08: 0000000000000000 R09: 0000000000000000
[   57.039618][ T4961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   57.047575][ T4961] R13: 0000000000000000 R14: 00007ff033ec5f80 R15: 00007ffe771c8068
[   57.055542][ T4961]  </TASK>
[   57.134170][ T4969] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   57.143897][ T4967] ref_ctr increment failed for inode: 0x1c2 offset: 0x0 ref_ctr_offset: 0x82 of mm: 0xffff888131a179c0
[   57.158023][ T4972] loop7: detected capacity change from 0 to 16384
[   57.168388][ T4966] uprobe: syz.1.487:4966 failed to unregister, leaking uprobe
[   57.184066][ T4969] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   57.335949][ T4972] I/O error, dev loop7, sector 7168 op 0x0:(READ) flags 0x80700 phys_seg 15 prio class 0
[   57.353330][ T4972] I/O error, dev loop7, sector 7424 op 0x0:(READ) flags 0x80700 phys_seg 30 prio class 0
[   57.364158][ T4972] I/O error, dev loop7, sector 7168 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   57.410064][ T4971] I/O error, dev loop7, sector 5192 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[   57.545888][ T4898] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   57.565838][ T4898] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   57.576388][ T5010] loop4: detected capacity change from 0 to 256
[   57.590882][ T4898] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   57.603262][ T5018] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   57.617218][ T4898] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   57.624146][ T5018] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   57.786093][ T5044] loop1: detected capacity change from 0 to 256
[   57.804533][ T4898] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.819145][ T4898] 8021q: adding VLAN 0 to HW filter on device team0
[   57.841152][   T40] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.848288][   T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.866222][   T40] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.873332][   T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.886282][ T5051] ref_ctr increment failed for inode: 0xd0 offset: 0x0 ref_ctr_offset: 0x82 of mm: 0xffff888131a16f40
[   57.893337][ T4898] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   57.908652][ T4898] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   57.911777][ T5049] uprobe: syz.4.496:5049 failed to unregister, leaking uprobe
[   57.980576][ T4898] 8021q: adding VLAN 0 to HW filter on device batadv0
[   58.076160][ T5073] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   58.092368][ T5073] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   58.095229][ T4898] veth0_vlan: entered promiscuous mode
[   58.122969][ T4898] veth1_vlan: entered promiscuous mode
[   58.129830][ T5080] ref_ctr increment failed for inode: 0x26a offset: 0x0 ref_ctr_offset: 0x82 of mm: 0xffff888131a16f40
[   58.142425][ T5079] uprobe: syz.2.504:5079 failed to unregister, leaking uprobe
[   58.154835][ T4898] veth0_macvtap: entered promiscuous mode
[   58.155075][ T5082] loop1: detected capacity change from 0 to 256
[   58.168123][ T4898] veth1_macvtap: entered promiscuous mode
[   58.200747][ T4898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   58.211238][ T4898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.221224][ T4898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   58.231766][ T4898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.241617][ T4898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   58.252055][ T4898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.261907][ T4898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   58.272417][ T4898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.303673][ T4898] batman_adv: batadv0: Interface activated: batadv_slave_0
[   58.313825][ T4898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   58.324361][ T4898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.334322][ T4898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   58.344789][ T4898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.352468][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.354657][ T4898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   58.362041][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.362061][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.362081][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.362101][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.362121][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.372536][ T4898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.372551][ T4898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   58.379959][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.387304][ T4898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.389829][ T4898] batman_adv: batadv0: Interface activated: batadv_slave_1
[   58.394659][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x4
[   58.435342][ T5092] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   58.436981][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.449109][ T4898] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   58.453915][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x2
[   58.461327][ T4898] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   58.469654][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.476956][ T4898] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   58.476987][ T4898] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   58.485633][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.534036][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.541632][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.541708][ T5091] loop1: detected capacity change from 0 to 512
[   58.549158][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.562651][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.570068][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.577457][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.584837][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.585364][ T5091] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   58.592289][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.609423][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.616830][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.618291][ T5091] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2002c018, mo2=0102]
[   58.624193][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.624218][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.646916][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.652524][ T5091] System zones: 
[   58.654278][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.654304][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.657838][ T5091] 1-12
[   58.665192][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.672538][ T5091] 
[   58.675218][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.692270][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.699705][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.707082][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.708832][ T5091] EXT4-fs (loop1): 1 truncate cleaned up
[   58.714504][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.727633][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.735021][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.742590][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.749980][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.757506][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.764931][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.772409][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.779801][ T3345] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   58.788480][ T3345] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   58.793447][ T5095] pim6reg: entered allmulticast mode
[   58.812808][ T5096] pim6reg: left allmulticast mode
[   58.818831][ T5092] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   58.968242][ T5104] loop1: detected capacity change from 0 to 256
[   58.976421][   T29] kauditd_printk_skb: 341 callbacks suppressed
[   58.976433][   T29] audit: type=1326 audit(1729716035.866:2238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5105 comm="syz.4.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46d65cdff9 code=0x7ffc0000
[   59.034978][ T5111] netlink: 165 bytes leftover after parsing attributes in process `syz.0.525'.
[   59.051111][ T5114] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   59.068626][ T5111] netlink: 277 bytes leftover after parsing attributes in process `syz.0.525'.
[   59.068692][   T29] audit: type=1326 audit(1729716035.896:2239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5105 comm="syz.4.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f46d65cdff9 code=0x7ffc0000
[   59.100870][   T29] audit: type=1326 audit(1729716035.896:2240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5105 comm="syz.4.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46d65cdff9 code=0x7ffc0000
[   59.124293][   T29] audit: type=1326 audit(1729716035.896:2241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5105 comm="syz.4.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46d65cdff9 code=0x7ffc0000
[   59.167251][ T5114] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   59.227792][ T5111] loop0: detected capacity change from 0 to 512
[   59.250644][ T5111] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   59.282673][ T5111] EXT4-fs (loop0): orphan cleanup on readonly fs
[   59.297357][ T5111] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.525: bg 0: block 248: padding at end of block bitmap is not set
[   59.312123][ T5111] Quota error (device loop0): write_blk: dquota write failed
[   59.319660][ T5111] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[   59.329773][ T5111] EXT4-fs error (device loop0): ext4_acquire_dquot:6879: comm syz.0.525: Failed to acquire dquot type 1
[   59.342410][ T5111] EXT4-fs (loop0): 1 truncate cleaned up
[   59.370298][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.377772][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.385192][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.392679][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.400175][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.407569][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.414314][ T5111] EXT4-fs error (device loop0): ext4_lookup:1817: inode #2: comm syz.0.525: deleted inode referenced: 12
[   59.414969][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.433606][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x4
[   59.433701][ T5136] loop4: detected capacity change from 0 to 512
[   59.440985][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.441018][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x2
[   59.451429][ T5136] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   59.454588][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.470039][ T5136] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2002c018, mo2=0102]
[   59.471767][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.479207][ T5136] System zones: 
[   59.486987][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.487062][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.494338][ T5136] 1-12
[   59.497948][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.505267][ T5136] 
[   59.508013][ T5111] EXT4-fs error (device loop0): ext4_lookup:1817: inode #2: comm syz.0.525: deleted inode referenced: 12
[   59.512615][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.522679][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.530680][ T5136] EXT4-fs (loop4): 1 truncate cleaned up
[   59.536174][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.564051][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.571430][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.578868][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.586282][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.593709][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.601106][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.608480][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.615859][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.623227][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.630779][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.638262][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.645693][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.653067][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.660610][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.668007][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.675423][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.682848][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.690231][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.697696][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.705090][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.712482][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.719863][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.727241][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   59.735594][    T9] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   59.767415][ T3250] ==================================================================
[   59.775516][ T3250] BUG: KCSAN: data-race in generic_fillattr / inode_set_ctime_current
[   59.783675][ T3250] 
[   59.786005][ T3250] write to 0xffff888101f2e6c0 of 4 bytes by task 3787 on cpu 0:
[   59.789402][ T5145] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   59.793616][ T3250]  inode_set_ctime_current+0x35/0x50
[   59.807224][ T3250]  shmem_mknod+0x117/0x180
[   59.811641][ T3250]  shmem_create+0x34/0x40
[   59.815972][ T3250]  path_openat+0xe92/0x1fa0
[   59.820481][ T3250]  do_filp_open+0xf7/0x200
[   59.824893][ T3250]  do_sys_openat2+0xab/0x120
[   59.829475][ T3250]  __x64_sys_openat+0xf3/0x120
[   59.834227][ T3250]  x64_sys_call+0x1025/0x2d60
[   59.838895][ T3250]  do_syscall_64+0xc9/0x1c0
[   59.843385][ T3250]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.849277][ T3250] 
[   59.851586][ T3250] read to 0xffff888101f2e6c0 of 4 bytes by task 3250 on cpu 1:
[   59.859111][ T3250]  generic_fillattr+0x1dd/0x2f0
[   59.863956][ T3250]  shmem_getattr+0x17b/0x200
[   59.868531][ T3250]  vfs_getattr+0x19b/0x1e0
[   59.872954][ T3250]  vfs_statx+0x134/0x2f0
[   59.877184][ T3250]  vfs_fstatat+0xec/0x110
[   59.881506][ T3250]  __se_sys_newfstatat+0x58/0x260
[   59.886521][ T3250]  __x64_sys_newfstatat+0x55/0x70
[   59.891534][ T3250]  x64_sys_call+0x141f/0x2d60
[   59.896203][ T3250]  do_syscall_64+0xc9/0x1c0
[   59.900692][ T3250]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.906580][ T3250] 
[   59.908889][ T3250] value changed: 0x25e9b665 -> 0x271ae365
[   59.914591][ T3250] 
[   59.916897][ T3250] Reported by Kernel Concurrency Sanitizer on:
[   59.923028][ T3250] CPU: 1 UID: 0 PID: 3250 Comm: udevd Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[   59.933254][ T3250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   59.943299][ T3250] ==================================================================
[   59.958550][ T5145] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   59.972968][ T5147] pim6reg: entered allmulticast mode
[   59.995368][ T5147] pim6reg: left allmulticast mode