last executing test programs:

43.428427162s ago: executing program 0 (id=556):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000004000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000"], &(0x7f0000000040)='syzkaller\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r2}, 0x10)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0)
pread64(r3, &(0x7f00000001c0)=""/200, 0xc8, 0x52)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a30000000002c000000030a01010000000000000000020000000900010073797a30000000000900030073797a32000000003a000000030a03000000000000000000020000000900010073797a30000000000900030073797a32"], 0xa0}}, 0x8040)
r4 = socket$kcm(0x10, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000013c0)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='sched\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
write$binfmt_elf64(r8, 0x0, 0x3c8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000640)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYRES16=r6], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
pipe2(&(0x7f0000000c40), 0x4800)
sendmsg$inet(r4, &(0x7f0000000140)={0x0, 0x2, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703410000004000000000000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)

42.50638905s ago: executing program 0 (id=566):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000080)=0x9, 0x4)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4627, 0xfdfffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f00000055c0)=[{{&(0x7f0000001640)={0xa, 0xf, 0xfffffc01, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x12}}, 0xe}, 0x1c, &(0x7f0000002880)=[{&(0x7f0000001780)="9c435a7de4c0ff7c4563", 0xa}], 0x1}}], 0x1, 0x4001c00)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r1, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x68, 0x0, 0x8, 0x301, 0x0, 0x0, {0x0, 0x0, 0x6}, [@CTA_TIMEOUT_DATA={0x24, 0x4, 0x0, 0x1, @icmpv6=[@CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x384}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0xde1}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x4254}]}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x88b5}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x84}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @tcp=[@CTA_TIMEOUT_TCP_SYN_SENT2={0x8, 0x9, 0x1, 0x0, 0x5}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0xc}]}, 0x68}}, 0x8000)

42.446010701s ago: executing program 0 (id=567):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000740)=ANY=[@ANYBLOB="8957cfb121ba69ea884fee4307530e56869aa94c428a19298ecbb027799f14788ed5a6b2f28e47e8b71759b24279505d3409000000190b6cd7601b878ae1f746afc905452a135267da8ac0dfaff6aa17b69a9824196710756dafee1350337db8022bbe3e9196787a321d096f3e42af8a8ce75244278f70a4e71f8b4ab7f9df0f8300f3c13f1def51fa076978000ad74bcec8bada0e4d5e637ed54c9bb64bb3c35a9bc6daf841aab6de92e20fd5bff37691b8d2dd4c3208a28259c921860379788b6dc64fb65998e9c1caef50d40ce65d087d106534926a4919d486217415c290ade26ba567414f17d7e33bb6cfcd8fc86d4ffedc1946d3ad08c45d022cb880b8a25391f15109c6eab31f3cecd4b0d63cc2241e29737a3017bb906192bdbd804f6e34d506ba468437600bef5ae07f06419115adbed93c2538cafa76ebc2568006f52022aa94f49b893a8476e8996153e2b631269a1b4b9246092738d910e52c98b4a6160e12127d861385a969cf5422580c1fbb04161a994a15f89d2193cb65222c0ab2ec0d2ead11a4014b5d80e499319f0b081d1ff6cee1e5b735fd1b01fdc5c6295e8117e27792c176f0580659bd536001b2b737", @ANYRES16=r1, @ANYBLOB="010000002000fbdbdf25250000000e0001006e657464657673696d0000000f0002006e657464657673696d300000"], 0x34}, 0x1, 0x0, 0x0, 0x40840d4}, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x400000000000004)
setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f00000004c0)=0x1000000, 0x4)
syz_io_uring_setup(0x237, &(0x7f0000000480)={0x0, 0x8901, 0x0, 0x0, 0x2ce}, &(0x7f00000001c0)=<r4=>0x0, &(0x7f0000000600))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
socket$inet_smc(0x2b, 0x1, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
writev(r3, &(0x7f0000000000)=[{&(0x7f0000000b00)="4800000014001901fabceb75fd0d8c562c000050d8ba12efe2335240f5b25ee43225a2bc5603cafc000f7f89000000200000004a2471083ec69917cc03730018928b0c752064fa8ede6ce1e8e0cbc83d5b010ed419dc5c68a8f2785be05809479ac2e6352c6aabc26f37d1e5355e4992c7faeb8d47374d58f9baa6ed9acf1d584861afe055e89f27adcfdadd86004a1e2e834a935714c5f9243458adf98274e5c802af4ecd0000000000000000000000000000aa449efdf6f23d5fac2e0357736f33f3070b27c28a8b2f77f247589ec5bc1a7689acfaa88f10fb7e85cc95126fe51116a81e31572849d78caff1f1", 0xee}], 0x1)

41.864509973s ago: executing program 0 (id=569):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x3000003, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)
r3 = io_uring_setup(0x2753, &(0x7f0000000080)={0x0, 0xfffffffc, 0x100, 0xfffffffe, 0x800001b4})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@minixdf}, {}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@commit={'commit', 0x3d, 0x5}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@noblock_validity}, {@nomblk_io_submit}]}, 0x1, 0x566, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9GajdN4o8KgvUiiBYLeq9LMg0lm27JbkoTC20P9uJFiiBiQfwDvHss/gP+FQUtFClBD14is5lNt81ukqYbN3U+H5j2vZnZvPnum+/bNzu7bACFNZL9U4p4OSK+SSIOt20bjHzjyOp+yw+vTWVLEisrn/2ZRJKva+2f5P8fzCsvRcSvX0WcKK1vt764NFupVtP5vD7WmLs8Vl9cOnlxrjKTzqSXJiYnT781OfHuO2/3LNbXz/39/ad3Pzr99fHl736+f+R2EmfiUL6tPY5ncKO9MhIj+XMyFGee2HG8B43tJkm/D4BtGcjzfCiyMeBwDORZD/z/XY+IFaCgEvkPBdWaB7Su7Xt0HfzcePDB6gXQ+vgHV98biX3Na6MDy8ljV0bZ9e5wD9rP2vjljzu3syU2eR/ieg/aA2i5cTMiTg0Orh//knz8275TzTePN/ZkG0V7/YF+upvNf97oNP8prc1/osP852CH3N2OzfO/dL8HzXSVzf/e6zj/XRu6hgfy2gvNOd9QcuFiNT0VES9GxGgM7c3qG93POb18b6Xbtvb5X7Zk7bfmgvlx3B/c+/hjpiuNyrPE3O7BzYhXOs5/k7X+Tzr0f/Z8nNtiG8fSO69227Z5/Dtr5aeI1zr2/6M7WsnG9yfHmufDWOusWO+vW8d+69b+6If9jT/r/wMbxz+ctN+vrT99Gz/u+yfttm275/+e5PNmeU++7mql0Zgfj9iTfLJ+/cSjx7bqrf2z+EePbzz+dTr/90fEF1uM/9bRW1137ff5n8U//VT9//SFex9/+UO39rfW/282S6P5mq2Mf1s9wGd57gAAAAAAAGC3KUXEoUhK5bVyqVQur36+42gcKFVr9caJC7WFS9PR/K7scAyVWne6D7d9HmI8/zxsqz7xRH0yIo5ExLcD+5v18lStOt3v4AEAAAAAAAAAAAAAAAAAAGCXONjl+/+Z3wf6fXTAjvOT31Bcm+Z/L37pCdiVvP5Dccl/KC75D8Ul/6G45D8Ul/yH4pL/UFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrq3Nmz2bKy/PDaVFafvrK4MFu7cnI6rc+W5xamylO1+cvlmVptppqWp2pzm/29aq12eXwiFq6ONdJ6Y6y+uHR+rrZwqXH+4lxlJj2fDv0nUQEAAAAAAAAAAAAAAAAAAMDzpb64NFupVtN5ha6F92NXHMZOBrhqWw8f3C1RKHQt7NtG5/Z5YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANv8GAAD//04mM/E=")
setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000000240)=ANY=[], 0x835, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
read$hidraw(r6, &(0x7f0000000640)=""/238, 0xee)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r7, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000080), &(0x7f0000001400)=ANY=[], 0x835, 0x2)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r4, 0x0, 0x48b, &(0x7f0000000000)={0x1, 'veth0_virt_wifi\x00', 0x2000000}, 0x18)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r4, 0x0, 0x48c, &(0x7f00000002c0)={0x1, 'ipvlan1\x00', 0x100}, 0x18)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='thread_noise\x00', r8}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f00000000c0)=[{0x6, 0x3, 0x1, 0x7d}]})
mlockall(0x7)

40.99760926s ago: executing program 0 (id=582):
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800500190000000000050018"], 0x44}}, 0x80)
r0 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
dup3(r3, 0xffffffffffffffff, 0x80000)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
socket$packet(0x11, 0x2, 0x300)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
listxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)

39.919143142s ago: executing program 0 (id=595):
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, 0x0, &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x40f5, 0x20, 0x0, 0x224}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x2, 0xa3d8, &(0x7f00000005c0)=[{&(0x7f0000000240)="5db5bd", 0x3}], 0x81, 0x8, 0x1, {0x2}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_MEM_REGION(r0, 0x22, &(0x7f00000001c0)={&(0x7f0000000180)={&(0x7f00000000c0)="ca2d14053cc4627901bf61e55a9d38110e87661056ba74cee675c109aad44ff5569c89965ed80dabf524ec58bd0b853754a14adbd74e632e58b0440f6d98f8fc1d1273aa483deb5acd16374745036fb91c4cc6eff5a3e97b58b417393e8ac1fe394572deb3a7734927492bfa4273eab13d1b31507713ccc4c4209bf0fc6c7a275c8a4775e0576fc1f408dbaef7f8b294e0b7367522e61a2909c4757e429570", 0x9f, 0x0, 0x6, 0x2}}, 0x1)
io_uring_enter(r0, 0x47f8, 0x0, 0x0, 0x0, 0x0)

39.886187532s ago: executing program 32 (id=595):
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, 0x0, &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x40f5, 0x20, 0x0, 0x224}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x2, 0xa3d8, &(0x7f00000005c0)=[{&(0x7f0000000240)="5db5bd", 0x3}], 0x81, 0x8, 0x1, {0x2}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_MEM_REGION(r0, 0x22, &(0x7f00000001c0)={&(0x7f0000000180)={&(0x7f00000000c0)="ca2d14053cc4627901bf61e55a9d38110e87661056ba74cee675c109aad44ff5569c89965ed80dabf524ec58bd0b853754a14adbd74e632e58b0440f6d98f8fc1d1273aa483deb5acd16374745036fb91c4cc6eff5a3e97b58b417393e8ac1fe394572deb3a7734927492bfa4273eab13d1b31507713ccc4c4209bf0fc6c7a275c8a4775e0576fc1f408dbaef7f8b294e0b7367522e61a2909c4757e429570", 0x9f, 0x0, 0x6, 0x2}}, 0x1)
io_uring_enter(r0, 0x47f8, 0x0, 0x0, 0x0, 0x0)

28.693257136s ago: executing program 5 (id=716):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x18, 0xf, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff3000/0x3000)=nil, &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff1000/0xa000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ff6000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
syslog(0x2, &(0x7f0000000000)=""/47, 0x2f)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r3, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r5}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0x6, 0x4, 0x1ff, 0x5c, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffe}, 0x50)
r6 = io_uring_setup(0x61a6, &(0x7f0000000040)={0x0, 0x10c8a2, 0xc000, 0x8, 0x224})
io_uring_enter(r6, 0x2219, 0xcf73, 0x73, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8, 0x0, @perf_config_ext={0x1, 0xa}, 0x1184c, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000380)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = dup(0xffffffffffffffff)
setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r7, 0x84, 0x13, 0x0, 0x0)

27.731583495s ago: executing program 5 (id=727):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000200)=0x7ffffffc)
ioctl$EVIOCGRAB(r0, 0x40044590, 0x0)

27.696220286s ago: executing program 5 (id=729):
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xcc}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r0, &(0x7f00000003c0)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x280020}, 0x1c, &(0x7f00000000c0)=[{&(0x7f0000000540)='\x00', 0x1}], 0x1}}], 0x1, 0x20008050)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYRES16, @ANYRES16=r0], 0x1000f)

27.626584067s ago: executing program 5 (id=731):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x3000003, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)
r2 = io_uring_setup(0x2753, &(0x7f0000000080)={0x0, 0xfffffffc, 0x100, 0xfffffffe, 0x800001b4})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
socket$inet_smc(0x2b, 0x1, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@minixdf}, {}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@commit={'commit', 0x3d, 0x5}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@noblock_validity}, {@nomblk_io_submit}]}, 0x1, 0x566, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9GajdN4o8KgvUiiBYLeq9LMg0lm27JbkoTC20P9uJFiiBiQfwDvHss/gP+FQUtFClBD14is5lNt81ukqYbN3U+H5j2vZnZvPnum+/bNzu7bACFNZL9U4p4OSK+SSIOt20bjHzjyOp+yw+vTWVLEisrn/2ZRJKva+2f5P8fzCsvRcSvX0WcKK1vt764NFupVtP5vD7WmLs8Vl9cOnlxrjKTzqSXJiYnT781OfHuO2/3LNbXz/39/ad3Pzr99fHl736+f+R2EmfiUL6tPY5ncKO9MhIj+XMyFGee2HG8B43tJkm/D4BtGcjzfCiyMeBwDORZD/z/XY+IFaCgEvkPBdWaB7Su7Xt0HfzcePDB6gXQ+vgHV98biX3Na6MDy8ljV0bZ9e5wD9rP2vjljzu3syU2eR/ieg/aA2i5cTMiTg0Orh//knz8275TzTePN/ZkG0V7/YF+upvNf97oNP8prc1/osP852CH3N2OzfO/dL8HzXSVzf/e6zj/XRu6hgfy2gvNOd9QcuFiNT0VES9GxGgM7c3qG93POb18b6Xbtvb5X7Zk7bfmgvlx3B/c+/hjpiuNyrPE3O7BzYhXOs5/k7X+Tzr0f/Z8nNtiG8fSO69227Z5/Dtr5aeI1zr2/6M7WsnG9yfHmufDWOusWO+vW8d+69b+6If9jT/r/wMbxz+ctN+vrT99Gz/u+yfttm275/+e5PNmeU++7mql0Zgfj9iTfLJ+/cSjx7bqrf2z+EePbzz+dTr/90fEF1uM/9bRW1137ff5n8U//VT9//SFex9/+UO39rfW/282S6P5mq2Mf1s9wGd57gAAAAAAAGC3KUXEoUhK5bVyqVQur36+42gcKFVr9caJC7WFS9PR/K7scAyVWne6D7d9HmI8/zxsqz7xRH0yIo5ExLcD+5v18lStOt3v4AEAAAAAAAAAAAAAAAAAAGCXONjl+/+Z3wf6fXTAjvOT31Bcm+Z/L37pCdiVvP5Dccl/KC75D8Ul/6G45D8Ul/yH4pL/UFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrq3Nmz2bKy/PDaVFafvrK4MFu7cnI6rc+W5xamylO1+cvlmVptppqWp2pzm/29aq12eXwiFq6ONdJ6Y6y+uHR+rrZwqXH+4lxlJj2fDv0nUQEAAAAAAAAAAAAAAAAAAMDzpb64NFupVtN5ha6F92NXHMZOBrhqWw8f3C1RKHQt7NtG5/Z5YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANv8GAAD//04mM/E=")
setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000000240)=ANY=[], 0x835, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r4, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})

27.162782216s ago: executing program 5 (id=736):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x4, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000200000000000000000818110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4)
sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)
syz_io_uring_setup(0x4e0, 0x0, &(0x7f0000000040), &(0x7f0000000300))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703"], 0x0, 0x10001, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000a2500c5385a600"/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
open(&(0x7f00000000c0)='.\x00', 0x48800, 0x50)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff27}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000380)={[{@errors_remount}, {@discard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@jqfmt_vfsv1}, {@abort}, {@data_err_ignore}]}, 0x1, 0x476, &(0x7f0000000540)="$eJzs3M1vFOUfAPDvzLblx2v7Q3wBUavE2PjS0oLKwYtGEw8YTfSAN2tbCKFQQ2sihEg1Bi8mhkTP6tHEv8CbF6OeTLzq3ZAQ5QJ6qpnZmbK7dLctLLuF/XySZZ9n5pl9nm9nnp1n5pklgJ41nP2TRGyLiN8jYrCarS8wXH27duXc1D9Xzk0lsbT05l9JXu7qlXNTZdFyu61FZiSNSD9JikrqzZ85e2JydnbmdJEfWzj53tj8mbPPHD85eWzm2MypiUOHDh4Yf/65iWfbEmcW19U9H87t3f3q2xdfmzpy8d2fv8vau61YXxtHg00N72s2nAX+91JueWFafXt83RFsbNtr0klfFxvCulQiIttd/Xn/H4xKXN95g/HKx11tHHBbZeemFie2xSXgLpZEt1sAdEd5os+uf8tXh4YeG8LlF6sXQFnc14pXdU1feameXxttv031D0fEkcV/v8pe0fo+BABAW3w29eXheHql8V8a99WU21HMoQxFxP8jYmdE3BMRuyLi3oi87P0R8cDqVaa1mcapoRvHP+mlmw5uDbLx3wvF3Fb9+G+5mUOVIrc9j78/OXp8dmZ/8TcZif5NWX68RR0/vPzb583W1Y7/sldWfzkWLNpxqa/hBt305MJkPihtg8sfRezpWyn+ZHkmIImI3RGxZ30fvaNMHH/y273NCq0efwttmGda+ibiier+X4yG+EtJ6/nJsf/F7Mz+sfKouNEvv154o1n9txR/G2T7f0v98d9YZCipna+dX38dF/74tOk1zc0e/wPJW/m2A8WyDyYXFk6PRwwkh/N83fKJ69uW+bJ8Fv/IvpX7/85imyz+ByMiO4gfioiHI+KRou2PRsRjEbGvRfw/vdR8XX38m7d1Y/9PN3z/bc7XLB//Dft//YnKiR+/X7n2r99Z2/4/mKdGiiX5998q1trAW/zzAQAAwB0hzZ+BT9LR5XSajo5Wn+HfFVvS2bn5haeOzr1/arr6rPxQ9Kflna7Bmvuh48li8YnV/ERxr7hcf6C4b/xFZXOeH52am53ucuzQ67Y26f+ZPyvdbh1w2600jzYx0IWGAB3X2P/T+uz51zvZGKCjmj5Hs6Wz7QA6b5Xn6NJOtQPoPP9fC/Sulfr/+Ya8uQC4Ozn/Q+/S/6F36f/Qu/R/6Emr/Ui+cou//Ze44xLJ2gpH2v2mboxEf0S05QMHNkQ4RaLb30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADt8V8AAAD//5qI6jE=")
r6 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000900)=@newqdisc={0x38, 0x24, 0x3fe3aa0262d8c583, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r7, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x10, 0xe}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8, 0x6, 0xffffffff}]}}]}, 0x38}}, 0x4048000)

26.214590206s ago: executing program 5 (id=749):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="74010000", @ANYRES16=r1, @ANYBLOB="11060000000000000000010000000800050001000000200108803c0000801400040002000000ac1e00010000000000000000240001000000000000000000000000000000000000000000000000000000000000000000e0000080a400098028000080060001000a0000001400020020010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003002aea0914280000"], 0x174}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000001}, 0x0)

26.166187477s ago: executing program 33 (id=749):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="74010000", @ANYRES16=r1, @ANYBLOB="11060000000000000000010000000800050001000000200108803c0000801400040002000000ac1e00010000000000000000240001000000000000000000000000000000000000000000000000000000000000000000e0000080a400098028000080060001000a0000001400020020010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003002aea0914280000"], 0x174}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000001}, 0x0)

4.48870487s ago: executing program 4 (id=1113):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
shutdown(0xffffffffffffffff, 0x1)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000", @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r4}, 0x18)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5, 0x0, 0xffffffffffffffff}, 0x18)
r6 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
writev(r6, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb01", 0x24}], 0x1)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x38, 0x1403, 0x1, 0x70bd2c, 0x25dfdbfc, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e24, @empty}, 0x10)

4.279599374s ago: executing program 4 (id=1115):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000059c0)='./bus\x00', 0x0, &(0x7f0000000380)={[{@quota}, {@barrier}, {@jqfmt_vfsv0}, {@bh}]}, 0x1, 0x44f, &(0x7f0000001240)="$eJzs28tvG0UYAPBv105KXyRU5dEHECiIikfSpKX0wAUEEgeQkOBQjiFJq1K3QU2QaFVBQagcUSXuiCMSfwEnuCDghMQV7qhShXJp4YCM1t5NHMd2HnXiUv9+0rYzu2PNfJ4de2YnDqBvjWT/JBG7IuL3iBiqZ5cXGKn/d2vh8tTfC5enkqhW3/orqZW7uXB5qihavG5nkSlHpJ8lcaBFvXMXL52drFRmLuT5sflz74/NXbz03Jlzk6dnTs+cnzhx4tjR8ReOTzzflTizuG7u/2j24L7X3rn2xtTJa+/+/G1SxN8UR5eMdLr4ZLXa5ep6a3dDOin3sCGsS6k+TGOgNv6HohRLnTcUr37a08YBm6parVYfaH/5ShW4iyXR6xYAvVF80Wfr3+LYoqnHHeHGS/UFUBb3rfyoXylHmpcZaFrfdtNIRJy88s9X2RGb8xwCAGCZ77P5z7Ot5n9pND4XujffQxmOiPsiYk9EHI+IvRFxf0St7IMR8dA662/eJFk5/0mvbyiwNcrmfy/me1vL53/F7C+GS3ludy3+geTUmcrMkfw9ORwD27L8eIc6fnjlty/aXWuc/2VHVn8xF8zbcb28relF/95GwE1ufBKxv9wq/mRxJyCJiH0RsX+DdZx5+puD7a6tHn8HXdhnqn4d8VS9/69EU/yFpPP+5Ng9UZk5MlbcFSv98uvVN9vVv6b4k9uPs52s/3dERHGLrYx/93DSuF87t/46rv7xeds1zUbu/+nJ+cnB5O1l5z6cnJ+/MB4xmLxey5caz080lZtYKp/Ff/hQ6/G/J5beiQMRkd3ED0fEIxHxaN72xyLi8Yg41CH+n15+4r2Nx7+5svinW37+Ld50Tf2/lBiM5jOtE6WzP363rNLh9cSf9f+xWupwfibr/9XiWku7NnY3AwAAwP9PGhG7IklHF9NpOjpa/xv+vbEjrczOzT9zavaD89P13wgMx0BaPOkaangeOp4v64v8SFP+aP7c+MvS9lp+dGq2Mt3r4KHP7Wwz/jN/lnrdOmDT+b0W9C/jH/qX8Q/9y/iH/tVi/G/v/IrBTWsLsLVaff9/3IN2AFuvafzb9oM+Yv0P/au86nofuFv5/oe+NLc9Vv+RvITEikSkaytcPE26E9ossZRIsz7pUKbHH0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABd8l8AAAD//4ui24A=")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_io_uring_setup(0x2f90, &(0x7f0000000180)={0x0, 0xc474, 0x3850, 0x2, 0x200004}, &(0x7f00000003c0), &(0x7f0000000140))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
bind$bt_hci(r1, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x1, r3}, 0x38)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f0000000540)=ANY=[@ANYRES8=0x0, @ANYRES32=r3, @ANYBLOB="000000080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704006eecb549f2ac5d0000008500000001000000950000000000002fa0"], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0xb, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_config_ext={0x1f5a685a}, 0x4dc8, 0x10000, 0xfffffffc, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r6 = syz_io_uring_setup(0xbdb, &(0x7f0000000240)={0x0, 0x6862, 0x8, 0x0, 0x1c0}, &(0x7f0000000500)=<r7=>0x0, &(0x7f0000000300)=<r8=>0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x6000, @fd=r5, 0x0, 0x0})
io_uring_enter(r6, 0x847ba, 0x0, 0xe, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4, 0x0, 0x2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x0, &(0x7f0000000040)})
r9 = epoll_create(0xaf2)
epoll_pwait2(r9, &(0x7f0000000280)=[{}], 0x1, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r0, &(0x7f0000000080)={0xe000200f})
r10 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
writev(r10, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x69000}], 0x1)
sendmsg$BATADV_CMD_SET_MESH(r10, &(0x7f0000000680)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x24, 0x0, 0x20, 0x70bd26, 0x25dfdbfe, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x6}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x20045084}, 0x4000000)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x108c0, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f00000005c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r11, 0x0, 0x10}, 0x18)

2.381435322s ago: executing program 2 (id=1142):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, 0x0, 0x9, 0xa03, 0x0, 0x0, {0x1, 0x0, 0x8}, [@NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x9}, @NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}, @NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs={0x0, 0x0, 0x40}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b0000000000000000000000008000"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="74010000", @ANYRES16, @ANYBLOB="11060000000000000000010000000800050001000000200108803c0000801400040002000000ac1e00010000000000000000240001000000000000000000000000000000000000000000000000000000000000000000e0000080a400098028000080060001000a0000001400020020010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003002aea0914280000"], 0x174}}, 0x0)
ptrace$ARCH_GET_GS(0x1e, 0x0, &(0x7f00000003c0), 0x1004)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r4, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000001}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000060a0b040000000000000000020000001400048010000180090001006d617371000000000900010073797a30000000000900020073797a320000000014000000110001"], 0x68}, 0x1, 0x0, 0x0, 0x20000805}, 0x0)
r5 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r5, &(0x7f0000001000)={&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, &(0x7f0000000080)=[{&(0x7f0000001040)="5346f7f875528ef24043c68e04", 0xd}], 0x1, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @loopback}}}], 0x20}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="38010000", @ANYRES16=r7, @ANYBLOB="c50f000000000000000011000000", @ANYBLOB="0c00990008000000370000000e012a008408001040ffffffffffff69"], 0x138}}, 0x0)
sendmsg$NL80211_CMD_ASSOCIATE(r4, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000280)={&(0x7f00000005c0)={0xc4, r7, 0x0, 0x70bd27, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x6, 0x69}}}}, [@NL80211_ATTR_HT_CAPABILITY={0x1e, 0x1f, {0x2, 0x1, 0x7, 0x0, {0x6, 0x7f, 0x0, 0x9, 0x0, 0x1, 0x1, 0x0, 0x1}, 0x8, 0x3, 0xf9}}, @crypto_settings=[@NL80211_ATTR_SAE_PASSWORD={0x83, 0x115, "a4446bb130b373d444d6f0523cd967897a4ec1db7217ea8dd5c2737bd88df286f9d1a60be19f1f2755db66a7fe9e7430c2b66ab04737861506f8b37881a938a346201aab268badb04da5da3478f530012a153770e015b122c0377db800bcb3b6b4c0142c52293ce12ac300a66051e4c136ee7cebf3df2269b993d3a648a4ce"}]]}, 0xc4}, 0x1, 0x0, 0x0, 0x1}, 0x4)

2.295954374s ago: executing program 1 (id=1145):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000008000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0xf)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7ffc, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2000004}, 0x50)

2.229861876s ago: executing program 1 (id=1146):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000001c0)='sched_switch\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r1}, &(0x7f0000000040), &(0x7f0000000180)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', r3}, 0x10)
perf_event_open(&(0x7f0000000680)={0x4, 0x80, 0x7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000002c0), 0x1}, 0x100}, 0x0, 0x7, 0xffffffffffffffff, 0x0)
syz_clone(0x22023500, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
r4 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r5}, 0x10)
ioctl$EVIOCGRAB(r4, 0x40044590, &(0x7f0000000200)=0x7ffffffc)
socket$nl_generic(0x10, 0x3, 0x10)
unshare(0xa000200)
semget$private(0x0, 0x4000, 0x0)
semtimedop(0x0, &(0x7f0000000300)=[{0x2, 0x40, 0x1000}, {0x2, 0xfd, 0x3800}, {0x4, 0x1, 0x1000}, {0x4, 0x7ff}], 0x4, 0x0)
unshare(0x20060400)

1.824950144s ago: executing program 3 (id=1147):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000001c0)='sched_switch\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r1}, &(0x7f0000000040), &(0x7f0000000180)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', r3}, 0x10)
perf_event_open(&(0x7f0000000680)={0x4, 0x80, 0x7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000002c0), 0x1}, 0x100}, 0x0, 0x7, 0xffffffffffffffff, 0x0)
syz_clone(0x22023500, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
r4 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r5}, 0x10)
ioctl$EVIOCGRAB(r4, 0x40044590, &(0x7f0000000200)=0x7ffffffc)
ioctl$EVIOCGRAB(r4, 0x40044590, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
unshare(0xa000200)
semget$private(0x0, 0x4000, 0x0)
semtimedop(0x0, &(0x7f0000000300)=[{0x2, 0x40, 0x1000}, {0x2, 0xfd, 0x3800}, {0x4, 0x1, 0x1000}, {0x4, 0x7ff}], 0x4, 0x0)
unshare(0x20060400)

1.798140874s ago: executing program 1 (id=1148):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x623f, &(0x7f00000006c0), 0x0, 0x0, 0x0, 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r1, 0x0, 0xf7}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x5f}, 0x18)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000100)=0x100000001)
setsockopt$inet_tcp_int(r3, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4)
iopl(0xfe)
r4 = fsopen(&(0x7f0000000080)='tracefs\x00', 0x1)
fsconfig$FSCONFIG_SET_FLAG(r4, 0x0, &(0x7f00000037c0)='posixacl\x00', 0x0, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r5}, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa10000000000000701"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000005c0)='sched_switch\x00', r7}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x6, 0x3, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0xffffffa8, 0x0, 0x0, 0x0, 0x3}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f0000000080)='./bus\x00', 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x8c, &(0x7f0000000300)='trans=rdma,')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401000000000000000400090002002f797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)

1.660836757s ago: executing program 3 (id=1150):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$unix(0x1, 0x5, 0x0)
listen(r1, 0x402)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
shmat(0x0, &(0x7f0000000000/0x4000)=nil, 0x6000)

1.624023397s ago: executing program 4 (id=1152):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r1}, 0x8)
fsmount(0xffffffffffffffff, 0x1, 0xf8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000100), 0x10)
connect$vsock_stream(r4, &(0x7f0000000040)={0x28, 0x0, 0x2710, @my=0x0}, 0x10)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000180)={r0, <r5=>0xffffffffffffffff}, 0x4)
bpf$TOKEN_CREATE(0x24, &(0x7f00000001c0)={0x0, r1}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x6, 0x20, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@map_val={0x18, 0x0, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x7}, @map_idx={0x18, 0x1, 0x5, 0x0, 0x10}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r0, 0x5000943f, &(0x7f0000000a00)={{r2}, 0x0, 0x2, @inherit={0x28, &(0x7f0000000280)={0x1, 0x4, 0x200, 0x0, {0x10, 0x6, 0x0, 0x3, 0x5}, [0x2, 0x7fffffffffffffff, 0xf9b, 0x6]}}, @name="fd07549e92eb4ec5da3ac4324051558a275e9a51ea6916a0bab561f42321d1d266589bdda4c68af1860b5a4d828acc5ad0f732d90e0af3ddb58cc4c7fdde0788364f69103763fb4a6fd0cf96cc483ef3600bd098c734d4a05d638796a75970b386858e4f59ed6a65fd91a9600f6462e44d7076022e9254cdde24d59289dd31c9816721bf2756cf9b3cce045ba1308250d233a9b6c9ccb288f1b5de3d84384c56733bf007e2bdb93a47959510e01edabd7a9b4d14e4d459d6db6a90e31a92eed3ea8cb90cd55b85c2042efac9100e02fbfb06f00df024e7e2535ca13413e9d3c732b7bc9b5064219bed1ecf20e8658fe4d744304fb3e9c496b992146baf3d9167e25f407b7d383dac7f6a2179c4f4d26b235ddf68378ecea60ad35ebda449354ccb86b2c0ad4c7f9b4e7df19b8d014438ed680821fbaca9a63f7d07c886a998b36182e24abbea809a5c9a19431df4c491039f80a28ee2250dde09d1f0d0e96c85ee927126ebe2b8fae6451a56527ab02b4a5a89a40411536a94b0dfaa8ad44b8135254cc171b538bae1d26bc629d8af19d0260e0324d0d115589ee4b52a9d512434475b158795754fbbb2d49ee3cae24823f8b681d14700fd06141b859aebfa5a86ff8416a1b3eb08badecde010de0e7f9a8c3e7da6c168ea103a7df1fd384d4db458c14c30149b0be548b0667521671a4cdb11118a79059d6b59178324c793c6dfc6acc8b716b473adec4fe51dc70823bcbcdeae37f686b5d1f5cee0835302bd6306aeafacac3b8ac44a928fb5e58b8cd5dbe03b5abbc5d98bc81d5a4d784a5591b389379b95eec4effcc2240d5dd103547d2743a268f9f79ed4f0ab2f8902c298583d138ddca8ff47a23b1241257393e389e45b90028272af48393e78234c1684e6372e6a8f03da75eefd6134572f1c7967fe5acb6592ed47a69a68a43161e66839364667201a40e62735b1fe6990b22f04e0234a5b35d2b243487cf8547e68cdb1470f6f3cacfe8eb0742ae9fcd047cbfd01b3a9f681ca2c907156bd42a88fe6bc4c66d4765ca4b914951f217f8920815e0e8a18e39d8dc1c385349ec177da563ce2f3cf44b44c330069f7a2fe840d612cda909d11ed8fdd3dcf6a780b9bf2b076c9b40abdb98be4cbbfdeee854ffdc454139ed4938f8fe7667fa57988acbd449276319f7c56b3f85ae805bfdd5c2199c1023d20602ba756046872619fc4b36395f8a57be0157961c04db49f02f5252078c175a15c83b3d3a660df5c77723f1a954991a7109dd1efa1e3c740bd5c3a7e8c0833da143543587db7830acd0a919e5bb1ba454cffee8860e9b85d69c26585e9dcc5298c2df849b717059a6bee7f44a02bcb0502561b17cd9a9bf6a87fc9c357564c21c2a640ae6d5bffff357d056d17be7368e2b0629d98579b2f6d5b78b5f4bf7136a58bb4439dcac0bc72a4bd67dc73951f8e32583f956269ff81099bd20cbeb43bcf41ba614e8603e29d590b0de6437c44881aa76daa1de049868a367feff46f7572a7c9c562bcbd173cd3035685a144b3709f75d797ccf4c7e0a3f89955a301aba419c10d0fde0dcc53a33be7468aba53d4d3d894a6e9853a69c281704143309c0296e66e2fa1d108a1bf592cce276d22dde648fd653515c5e703481afbd1a44c6ce929990dfc313f8a13eded08c4a3c9c8d825401ba1c5e0dcd05e0ec69f54233f449ec2780c19425f2c5bbdc3fd6aa2d18c759a85c9592b0efed10828fbbccd88740663510c12be43bf04affa85c1dc259d1c2fabcf8f562f51f66d6c728ad8fbcff7083701fccc9153c4b2ec3b269150e671dc794ec9294d24d3c247ffbdf15461e59b88125abd7de9d74d1a1b2df0e7cdd06bd6797000b2e524090f99ed72c5524638df01db22f11571f2cb55c8e5d21761de5b81de3da05c5561640fba2850fd60385dcc6bb63fbbf9357c4972455ff14cc27706800c51610568c2d727cc4063b11663116291d65b73f839f54ded558e7ab22e0e9057579f83ae3f6dfc01b26dceae7d0baf9e71a448da912c7020a31fe1838212bc0f9bacacaff045e404f5702f29a98d0264a58f34f3076c1a3538b8a55f102dab1b37854dd37e389ec62684601bfb6525d19e4d196752baa3cc6b5964a847184dd01a7e3e91b82e60d51268f59ae72fda5c60c0ef521f27b8d7d8ea5758f2f05e658ef6d9ad8fb164b3be492f29f47fe93417cc6873ed1305bf487078b3362309033d47ac2ea3673df097287c3dc6d578a57eb8523cc88202cf2327f0df8f7a30487d6aca66b23c8b6e71865afea81b3e51e15dc331d4fa2e485aa83df69bc6cbecc0da8d06f4308442861a529b487ae91e655d6eebac3f1bb0e6e8d15b34435ae81b0cda62eca86bc0951e54dd6feb25cc2a5bf5084f84206ca02745657b71d28f426a3e9d7e92d8153a652df1628fdf0fb3d794f339aa99b9d7ce04d5132fc86c2626ff753737081dcb1f27d500e1354ddb91b11cfaec5b7cad6e82c551102a0cd5e6671438f6070fb694f271a47858d8e3086c47555cf829ad37a9103bac10b62dbfcfb6f2744af71b77add0640b32bd92e9b49caaf954364034e3b5f24daaf733e8d4916faae18d344ed4cabf48e24cc241f7a7b46544628db457280d562ba7f67426bfae535afe9f1a3028e08b46c19b421db6a1d9cedc54e363d44d72448b75b41f0b3192ec83a94044c508f68349d69727a82222216b1056862814b87b9c038a667d8599b1e1032d21b05d0f664bfd8cfea6b7b58d3dd7f6fdaf5e4d28c6287fbd5a170aac71690060a231e627114a3ca0bae7f1d837078727a4f8e39c3171b83f57ca6177da1d88e467e775c09ec7991f396b85245dac45d255e490388ded5e3ff089f7ed0dea7b1dffd000af9cb11dc1f841a917aa2f981875846087f48490b75c8c3a60ed99dd61529e3e10b54561b3d6220da982b0c1d6bdfd10276942dfbc32d549bf7abaa04fdf1a181e49444c50274b12774ce798f71ce30d19fdcb01d2afd6153a57cb834e3e57e7b38c68e6c746e6672a33e8f77322183ef1d5b775efac68058c8d25840c575336a65c58de270d1e375134f422f37ae911f9c19082c6cb105f12b8948c944cfd8d5df95556c62e008769d409f30cb12a8d57e4b5c8f2b1e34224ffc432f5a6cb9c9f0923ecb1925446520719a7f7fb69fcd2e8ecd84294eb6b335e525922701fe101018ee0a3eb96e5115dc3efe418ab415ddcaaa2fc0be1d745ba7c002241400a5c63e9e2678f75aa638e342fe09871a390f106efbb408b19bf510f5c897a0564703bcb1983f10726f437bb9db2748166aa37dc45d7ea0e2a2a75a2d797d69e335e02fbf4fcb71f30c66ce83d66a1ef4525f430ac61891d52212de1da0a9b943be5fc053748280bce3ee88e74948aea689de04b379cb9bb305f46aa95c7d72e4afc84be6c119aa5bc3bcdc1093affa5fe2ed9452c7096b7ffc58583c8edb3c3cc5ebc02872a7b3054c2a06decb4a1a32935546e7b1575815b8508ef391bec3d714ef326d27e948ab11e78e227064318102814bd43f7e32441c9fc475e6d00f1ed45a880138164b60cd744b5d88237299a7e048bf55e288547c7158ae4a04128128d5b69a949b3c16f141db179b0818f68d085e3a63d7f9a221bcd8f94d2127e98b4da2da7aaa2316351c6d83701815da196e2f30b704d537e0011c09f0599ea420572d1fb7e436f3387d6ba742c7b67d7c14b603be586ae0c3db0e8063c37a19fe1d611f1a4a23235fd51c5f94f8ffc1c2f698dbd94d5636bbbd7c5f0c733c9fb1ee342fe0ebec764b30f088052c5e855b33f647b9ee7e46536f66e10e85418c44772269554bba82e4cac1e7ae4d0c0ddc92abdd53601906bab8d24bb2a0c8956b59d3a36c2fcdcac8e6eff625b342b2f460668167fe69a173e43fdef7f597abe6c80f3e550151a7675be1f3ad95611ebaed52b46de91c4c9c56cd04a2580c48793d35b52235eb0ee1cd0089696cbce80f642235c5a2cf6e56ed950a71f7b1d2e72f471943992c5ed29357486903c0e5181a0b2703b950e65c2a320faa820635fa224c296f7063365dcc300a4b8b1db481eaf15cd07601ab5ed04d7ddb66d86c43aab2ec8cb5a30129a72e0c89eadda3191e8c6cc3230bcf2860dae4f7455f36d57fb8310af9cfb57a276757865499a7432fa2819e91ce8f1da56e69f57f1f94657af336033be17aad21f33d5b2d89a3db8771e871e720eca5c2d862816790ca5d9cf6105fe41cfce533a02b9461574263701d5d6f07d2c3cf33803c63a897e28b305727ab025a3d5e4ff4c37ee2457a898b1ad637b0815e0fcf9860ced9d2370a7b15d56c10fe6866a325885ecc8a9f9db024f71c8a5b936f70c092483d33c1d741c15a2f0e4de155e500156ea388b46432f3769785ed38fe97094e286822954fa01b434d4f2a1e6a9787ca232d1bae1632e1920bf7c4efa7a66a8a0e6e0c368a387595e80c8cf2fd39e7d875f46d657491d526b47657c4cdf2a06b3da1d468f0cbf8f716e63930db85e44afd1d2f6894f4b06f35d021bfb6862167a124f8b9fe603f6a75d594f6fc894cb121bbec8ba91b8ea18e6e2ca555bba25700c53777b14c969c32951a70b1c2227d6b712963b0f678df6da61ac8ba6192bcaec0f1192097900e394b7e2e04bfbb9558c23df326818801161958ad9cc5310358b06e99f1abe46011f2437618c1a736bdcad7aec9a64879357517a92148eee8291751f5f971538116da55248a4f66f6558af028224dc3295898afb1c595b4081b064f6f7c63614887f93d4484d08ab6e39986dd82a254893c599bc67527ac3a122f6584eb5bf813d7e706b6bca83fd3e6bb461b9abc7e3b38b77ae3e0823469d027d74484bbbb28bfd0c52a58154b097f0e96fc730bf2fcb067cc956b1d859edd0343199ae12e1fdf99168f7bf6907cf2bed97a94ffcd0fd08770e3d739f72817fa1820365c080b57317f465c73c83c41de7850863da959bf3e6432d18cb719c2bab7fee3792773c92d6b84f021b9290148683438d3293e9007ca9bc36319a1046856936e19c79b4cf79405df9ff28c20d2644a116394565732def948f13438ae5e85354bcfc6a85d42620cecd17473498069c56606ceb288e9ae14580a7bda9efd6d8b6889657e3ba2c60e01ca6922ea6080c8fa9739a90919473d042d415980b5c081489877b09a2ac1f2699aaffaf69cbf03350043049e338a66277d4a88112a8d2d5d5c169d398698c0c8f0a7a30d58ec3b87882252be9d09b3c16163637191a3e69c9e4f304bda86273ce2d7b8bbe8a1695c8c832a17a488ce25e680aedb0ee563b31a85b51c6d8a6e1dbf127d1c756f8cc20b72bc71af063d490cef05ee2647692c7f34c04ff87f4fb8c5d7b426f2135cf393d85d53fadd221b21995a4df9f256a4783daf0424fec71510143b5ce0f40fbefcbb560969ace9c181e70351684a1586b80fd6fb61a390cb6b7e9fa9c7c2462bb49f245e781b2c6e7f8e23444a999a6cf605080df717a2c403afd49cdce0940ce08a8b87945062c332ddb1e358fa7274def74b9b5c9f600eab640f1468649a379101bd35b1c3e34b5882c9125882b874988159dee36804b59e6390130142bf6b20856f35e9486e568cf8b2a95cc8689ef8d0ba4bebd19e944c1846fcf86f2698f1177b99d7910b5ee91ce9d8216d9cc544906b111e5b357665ca776a2"})

1.600139028s ago: executing program 3 (id=1153):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, 0x0, 0x9, 0xa03, 0x0, 0x0, {0x1, 0x0, 0x8}, [@NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x9}, @NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}, @NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs={0x0, 0x0, 0x40}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b0000000000000000000000008000"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$wireguard(&(0x7f0000001580), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="74010000", @ANYRES16=r5, @ANYBLOB="11060000000000000000010000000800050001000000200108803c0000801400040002000000ac1e00010000000000000000240001000000000000000000000000000000000000000000000000000000000000000000e0000080a400098028000080060001000a0000001400020020010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003002aea091428000080060001000a00000014000200ff010000000000000000000000000001050003000300000028020080060001000a00000014000200ff0100000000000000000000000000010500030000000000240001000000000000000000000000000000000000000000000000000000000000000000140004000200000000000000000000000000000024000300000000000000000000000000000000000000000000000000000000000000000014000200776731"], 0x174}}, 0x0)
ptrace$ARCH_GET_GS(0x1e, 0x0, &(0x7f00000003c0), 0x1004)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r4, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000001}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff000000000200000009000100"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000060a0b040000000000000000020000001400048010000180090001006d617371000000000900010073797a30000000000900020073797a320000000014000000110001"], 0x68}, 0x1, 0x0, 0x0, 0x20000805}, 0x0)
r6 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r6, &(0x7f0000001000)={&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, &(0x7f0000000080)=[{&(0x7f0000001040)="5346f7f875528ef24043c68e04", 0xd}], 0x1, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @loopback}}}], 0x20}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="38010000", @ANYRES16=r8, @ANYBLOB="c50f000000000000000011000000", @ANYBLOB="0c00990008000000370000000e012a008408001040ffffffffffff69"], 0x138}}, 0x0)
sendmsg$NL80211_CMD_ASSOCIATE(r4, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000280)={&(0x7f00000005c0)={0xc4, r8, 0x0, 0x70bd27, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x6, 0x69}}}}, [@NL80211_ATTR_HT_CAPABILITY={0x1e, 0x1f, {0x2, 0x1, 0x7, 0x0, {0x6, 0x7f, 0x0, 0x9, 0x0, 0x1, 0x1, 0x0, 0x1}, 0x8, 0x3, 0xf9}}, @crypto_settings=[@NL80211_ATTR_SAE_PASSWORD={0x83, 0x115, "a4446bb130b373d444d6f0523cd967897a4ec1db7217ea8dd5c2737bd88df286f9d1a60be19f1f2755db66a7fe9e7430c2b66ab04737861506f8b37881a938a346201aab268badb04da5da3478f530012a153770e015b122c0377db800bcb3b6b4c0142c52293ce12ac300a66051e4c136ee7cebf3df2269b993d3a648a4ce"}]]}, 0xc4}, 0x1, 0x0, 0x0, 0x1}, 0x4)

1.48680334s ago: executing program 2 (id=1154):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
setgroups(0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x1a9041, 0x0)
syz_open_pts(r2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) (fail_nth: 20)

1.476045621s ago: executing program 6 (id=1155):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004b74ffec850000006d000000850000000700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000000)='mm_lru_insertion\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40010) (fail_nth: 8)

1.353558193s ago: executing program 4 (id=1156):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000008000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7ffc, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2000004}, 0x50)

1.255150615s ago: executing program 4 (id=1157):
r0 = socket$netlink(0x10, 0x3, 0x0)
dup(r0)
r1 = socket(0x23, 0x80805, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r1, 0x84, 0x23, 0x0, 0x0)
clock_nanosleep(0x3, 0x1, &(0x7f0000000300), 0x0)
socket(0x1d, 0xa, 0x1)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x80, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0xfffffffffffffffd}, 0x18)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000300), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000640)=0xcde, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r2)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000480)='kmem_cache_free\x00', r6}, 0x18)
connect$pppl2tp(r4, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x2, 0x0, 0x4, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_DELETE(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x1c, r8, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}]}, 0x1c}}, 0x40)

1.185668496s ago: executing program 2 (id=1158):
syz_mount_image$iso9660(&(0x7f0000000500), &(0x7f0000000540)='./file0\x00', 0x800040, &(0x7f0000000000)=ANY=[], 0x1, 0x55d, &(0x7f0000000580)="$eJzs3V1v01YYwPHHpVWrTELTNiHUFTgUJhWpC04CQRFXnnOSnpHYke2g9maooimqCCDBJo3eoF6MbdqmfYbd7kNM+0Jo32Cd/BJI26QpfUvF/r8I7NjH5zzHsfzUbXwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABALLdq2wVLGsZrL6vh3GrgN/dZ36vvxo7JPu2KWPE/mZmRi+mii5+9W30h/m9e5tJ3czITT2Zk86MLH9/9dHKit/0+AZ2KFy83H692u53n4w5kTOr6noS+aTp1rUzoq0q5bN9cqoWqZho6XAkj3VRuoJ3ID9SCe0MVKpWS0vkVv+3Vq05D9xbe+bJo22X1Qy79vL2bX+dDd8k0GsarJ2Xi1XGZO/GBeM9EKtJOU6n1jW6nNCy4rezwiAsVRvUkLlQcVahoF4uFQrFYKN+u3L5j25N7Fti7yJ4S4z9oMV7HefoGjmQiy//SECOetGVZ1MCXK1UJxJfmkPWZXv7/4qbet93+/N/L8hffrZ6VJP9fTt9dHpb/h8Ty3q/puPps/t/t7e0DbHP+8zS2l7Ipj2VVutKVjjw/roiO8dVzEnXXRYsnRkLxxUhTnGSJypYoqUhZymLLA1mSmoSipCZGGqIllBUJJRKdHFGuBKLFkV/El0CULIgrN0RJQSpSkZIo0ZKXFfGlLZ7UpSpOUsu6bCT7vbRf/3uFCgcpVNynEPkfR3dcp27gyLZ7+R8AAAAAAHywrOS37/H1/5RcSuZqpqHtcYcFAAAAAACOUfKX/7l4MhXPXRKL638AAAAAAD40VnKPnSUiObmSzvXuhOKXAAAAAAAAfCCSv/9fjifJ2GtXxDrQ9f/UqQUIAAAAAACO7KdhY+z/nSy1LAlb09Zf/0gQTFlbreXr1hMnXuE8OZdud253jVFt1jqfVZJMypPZO1fPWdnol28HwXyTTdb74rAGjfVr7Qrgm14NAwL4XQYHIL/K1bTM1bV0utZbk7aSq5mGzrt+425BHOf8RKSXo++ebnwvSfd/9pqTWRsPn3XXkli24ndbT7IBFPeMozh8Z8i3yXgLyT0XA0c3nkpuxMjazVmyvtHt2P0fwES6+cR7tPla5tMy89lI+7md/Z+J2yzkh/U+jWJaRJKeW4fs+Wu5lpa5tnAtnQyIojgiik6xtXx9O93/E3KofXGAKEqjoij1HwWHiAIAxmV9RBay9ib+Q5zl1kc9yWd3dj/MjxfyWhbSMguzyYl1cnbAGd0edUa3j5jX/9zzDKRhOTZu97e37RaSdv+I45ah7YaNoiUz6U7sWX3UedR5WiyWyvYt275dlKmkG9mE3AMAGGD0M3ZGlrBuJVfV8crBV9WfvP1KQV4eyjPpyposJncbJN84GFhrru9rCIsjrlpzfU94WRxxVZfre9DLwcuWTufDAADglMyPyMMHyf+LI667d+by/a+O+3M5AAA4GTp4Y+WiH60gMK0HhUql4ERLWgW+e08FplrXyniRDtwlx6tr1Qr8yHf9Rjxz31R1qMJ2q+UHkar5gWr5oVlOnvyuske/h7rpeJFxw1ZDO6FWru9Fjhupqgld1Wp/1TDhkg6SjcOWdk3NuE5kfE+FfjtwdV6pUOu+gqaqvcjUTDzrqVZgmk6wou77jXZTq6oO3cC0Ij+tsNeW8Wp+0EyqzY97ZwMAcEa8eLn5eLXb7Tw/wZlx9xEAAOxElgYAAAAAAAAAAAAAAAAAAAAA4Ow7jfv/splpOb22jhrq2Qjj/zrzSkSyJduvpP+w6Q06fWKtnxt338/MzJhPTABO3H8BAAD//6r3SWw=")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x45)
openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x4000, 0x0)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_LOOPBACK(r0, 0x65, 0x3, 0x0, &(0x7f00000016c0))

1.132027747s ago: executing program 1 (id=1159):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
write$binfmt_misc(r0, &(0x7f0000000180)="e502", 0x2)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000001140)=ANY=[@ANYBLOB="757466382c626c6f636b3d307830303030303030303030303030323030006e6f726f636b2c63727566742c6d61703d6f66662c646d6f64653d3078303430303030303030303030303063664173657373696f6e3d3078303030303030303030303030303033382c756e686964652c756e686964652c6769643d29e0cd5c372ab078c28fb05c6421428d066455368833565fd726743513f4466efa8d4fba06d57341875f5775ab343c0f6bc59fbde784ec3597e0e286d8d0dbf360afa3bc5c145b6e4f8b0305932fb55ff13f9fcb5035769f5fca33ac02bdeacb24c58103edc3d8b46df7614aa493952584ee662174309b11a4ad19e64dcdeeca1c148170b8d1aaf26082364b0d90d63d8502ffa63dde945e4612ac134315f389af667a04931ad25ff10b9b5107e517dbbcf5dcb60f564f54b344218d9325b53e829c38c96c69adc9e745202923a1b8124333cce0a8f1c748d42a272eb3e5502051090f1ac34fe5e8f038", @ANYRES8, @ANYRESHEX], 0x2, 0x699, &(0x7f0000000140)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa")
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

1.129777158s ago: executing program 6 (id=1160):
r0 = creat(&(0x7f0000000200)='./file1\x00', 0x0)
close(r0) (async)
close(r0)
socket(0x25, 0x5, 0x4) (async)
socket(0x25, 0x5, 0x4)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={@ifindex, 0x2f, 0x1, 0x40, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0]}, 0x40) (async)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={@ifindex, 0x2f, 0x1, 0x40, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0], <r1=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)={@cgroup=r0, r0, 0x16, 0x2008, 0x0, @value=r0, @void, @void, @void, r1}, 0x20)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) (async)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
sendmsg$NFNL_MSG_CTHELPER_NEW(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x20008040}, 0xc000001) (async)
sendmsg$NFNL_MSG_CTHELPER_NEW(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x20008040}, 0xc000001)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000080)=@gcm_256={{0x303}, "2fbc61aac78cc949", "d73cb7376ccdd961eb57c264df4580a7bf502983278b5d639eabe200", "549fec04", "a28bd07f456299e8"}, 0x38)
r3 = socket$packet(0x11, 0x2, 0x300)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0) (async)
socket$inet6_udp(0xa, 0x2, 0x0)
clock_nanosleep(0x1, 0x1, &(0x7f0000000080), 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x38, 0x2, {{0xfffffffc, 0x200000, 0x0, 0x0, 0xffffffff, 0x8003}, [@TCA_NETEM_LOSS={0x1c, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x7fffffff, 0x0, 0xfffffffd, 0x100000}}]}]}}}]}, 0x68}}, 0x0)
sendto$packet(r3, 0x0, 0x0, 0x4010, &(0x7f0000000140)={0x11, 0x17, 0x0, 0x1, 0x7, 0x6, @multicast}, 0x14) (async)
sendto$packet(r3, 0x0, 0x0, 0x4010, &(0x7f0000000140)={0x11, 0x17, 0x0, 0x1, 0x7, 0x6, @multicast}, 0x14)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x513b1fb7caeba709, 0xc8, 0x2, 0x0, 0x0, 0xfffffffd, 0x1, 0x0, 0x8d}, 0x0, 0xb, 0xffffffffffffffff, 0xb) (async)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x513b1fb7caeba709, 0xc8, 0x2, 0x0, 0x0, 0xfffffffd, 0x1, 0x0, 0x8d}, 0x0, 0xb, 0xffffffffffffffff, 0xb)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
close(r7)
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000080000000000000081"], 0x50)
write$cgroup_subtree(r8, &(0x7f0000000000)=ANY=[], 0xe)
r9 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000001200), 0xa, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r9])

1.121225038s ago: executing program 2 (id=1161):
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r0}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x2, &(0x7f0000000380)=ANY=[@ANYBLOB="91103b000000000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r0}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x8, 0x0, 0x7ffc0002}]})
io_getevents(0x0, 0x200, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000840), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r2, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000000)={0x2c, r3, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8094}, 0x90)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4) (async)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r0}, 0x8) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x2, &(0x7f0000000380)=ANY=[@ANYBLOB="91103b000000000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r0}, 0x94) (async)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x8, 0x0, 0x7ffc0002}]}) (async)
io_getevents(0x0, 0x200, 0x0, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000840), 0xffffffffffffffff) (async)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r2, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000000)={0x2c, r3, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8094}, 0x90) (async)

1.02972814s ago: executing program 6 (id=1162):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0xfd, 0x0, 0x7ffc0002}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
ioperm(0x0, 0xd, 0x4000000000000020)
sendmsg$key(r1, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x6, 0x80010, r1, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xe, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r4}, 0x18)
name_to_handle_at(0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file1\x00', &(0x7f0000000580)=@ocfs2={0xc, 0x1, {0x3c5, 0x2, 0xb}}, &(0x7f00000005c0), 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f913", 0x11}], 0x1}, 0x0)
sendmsg$NLBL_CIPSOV4_C_ADD(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x8081}, 0x4008092)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r7 = socket(0xa, 0x3, 0xff)
setsockopt$inet6_int(r7, 0x29, 0x4d, &(0x7f0000000040)=0x7, 0x4)
syz_open_dev$mouse(&(0x7f0000000280), 0x2, 0x242002)
r8 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000640), r6)
sendmsg$NLBL_MGMT_C_VERSION(r6, &(0x7f0000000780)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000740)={&(0x7f00000006c0)={0x48, r8, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x17}}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x5}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @empty}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x2000c8c1)
recvmmsg(r7, &(0x7f0000000000)=[{{0x0, 0xffffffffffffff6d, 0x0, 0x0, &(0x7f0000000140)=""/10, 0x11}, 0x7ff}], 0x27, 0x40000102, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa3986dd6c370c89000c2c0120010000000000000000000000000001fe8000000000000000000000000000aaff"], 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0x4, './file0/file1\x00'}})
socketpair(0x25, 0x800, 0x100, &(0x7f0000000040))

977.60044ms ago: executing program 1 (id=1163):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$unix(0x1, 0x5, 0x0)
listen(r1, 0x402)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
shmat(0x0, &(0x7f0000000000/0x4000)=nil, 0x6000)

820.092644ms ago: executing program 2 (id=1164):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000380)=0x454e, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e21, @multicast1}, 0x10)
setsockopt$sock_int(r0, 0x1, 0xc, &(0x7f0000000000)=0x56, 0x4)
sendmmsg(r0, &(0x7f0000007fc0), 0x272, 0x0)

819.798363ms ago: executing program 1 (id=1165):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, 0x0, 0x9, 0xa03, 0x0, 0x0, {0x1, 0x0, 0x8}, [@NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x9}, @NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}, @NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs={0x0, 0x0, 0x40}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b0000000000000000000000008000"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r4 = syz_genetlink_get_family_id$wireguard(&(0x7f0000001580), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="74010000", @ANYRES16=r4, @ANYBLOB="11060000000000000000010000000800050001000000200108803c0000801400040002000000ac1e00010000000000000000240001000000000000000000000000000000000000000000000000000000000000000000e0000080a400098028000080060001000a0000001400020020010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003002aea0914280000"], 0x174}}, 0x0)
ptrace$ARCH_GET_GS(0x1e, 0x0, &(0x7f00000003c0), 0x1004)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000001}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000060a0b040000000000000000020000001400048010000180090001006d617371000000000900010073797a30000000000900020073797a320000000014000000110001"], 0x68}, 0x1, 0x0, 0x0, 0x20000805}, 0x0)
r5 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r5, &(0x7f0000001000)={&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, &(0x7f0000000080)=[{&(0x7f0000001040)="5346f7f875528ef24043c68e04", 0xd}], 0x1, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @loopback}}}], 0x20}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="38010000", @ANYRES16=r7, @ANYBLOB="c50f000000000000000011000000", @ANYBLOB="0c00990008000000370000000e012a008408001040ffffffffffff69"], 0x138}}, 0x0)
sendmsg$NL80211_CMD_ASSOCIATE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000280)={&(0x7f00000005c0)={0xc4, r7, 0x0, 0x70bd27, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x6, 0x69}}}}, [@NL80211_ATTR_HT_CAPABILITY={0x1e, 0x1f, {0x2, 0x1, 0x7, 0x0, {0x6, 0x7f, 0x0, 0x9, 0x0, 0x1, 0x1, 0x0, 0x1}, 0x8, 0x3, 0xf9}}, @crypto_settings=[@NL80211_ATTR_SAE_PASSWORD={0x83, 0x115, "a4446bb130b373d444d6f0523cd967897a4ec1db7217ea8dd5c2737bd88df286f9d1a60be19f1f2755db66a7fe9e7430c2b66ab04737861506f8b37881a938a346201aab268badb04da5da3478f530012a153770e015b122c0377db800bcb3b6b4c0142c52293ce12ac300a66051e4c136ee7cebf3df2269b993d3a648a4ce"}]]}, 0xc4}, 0x1, 0x0, 0x0, 0x1}, 0x4)

779.948094ms ago: executing program 2 (id=1166):
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000900)=ANY=[@ANYBLOB="1b000000000000000000000000202a9f834075e844d3dc177226f627d415b9e910f146b2aaa1d055a9b0a1ef77c2384b08f931355348142e74987d32a8520f8e868820170f9f05d1ac73385fc0a4f7f5"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x18)
pipe2$9p(&(0x7f0000000000), 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0xc, &(0x7f00000007c0)=ANY=[@ANYBLOB="afe68cb17ae0074a1893077a57eee7fc0540866d2c27f3f8afe429c5a302a30a340c7fc400907354d9bcfb88a2dd665df067fe9470f8f2ad79b2ee189bf77c0851444e22ed2c5275199936d842601396614248671192f73b3983f29e6b40623cbe8349c762185bbc141fdcbba25201d688be8ad29990808780091bb8a0cec61b7e39932eeecacd538e8f377a52c28f0e8baad9e75b326e74d1c850b3632a35c6800a147305f0f46db9ce5987696915c3a629ce6aba1a1068935eafef53e6dc53128e063a7348b0f993cde26e919469863ceb87ca906abc23e47ad5c9dcf0a3fa84fcfc98363242373d49860665fcdb5e4ad487681dff47461a", @ANYRESDEC=0x0], &(0x7f0000000380)='GPL\x00', 0xd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r1}, 0x18)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000280)={0x2, 0x4e21, @local}, 0x10)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000040)='cubic', 0x4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'lo\x00', <r4=>0x0})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020a07b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x6f, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r5}, 0x18)
r6 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r6, &(0x7f0000000000)={0x27}, 0x74)
sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x9, 0x7, 0x0, 0x0, 0xffffffff, 0x8003}}}}]}, 0x4c}}, 0x0)
sendto$inet(r2, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x12)
recvfrom$inet(r2, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20800, 0x0, '\x00', 0x0, 0x24}, 0x94)
r7 = syz_io_uring_setup(0x38, &(0x7f0000000580)={0x0, 0xbbda, 0x13500}, &(0x7f0000000240), &(0x7f0000000480))
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r7, 0x21, &(0x7f0000000440), 0x1)
socketpair$tipc(0x1e, 0x5, 0x0, 0x0)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r8, 0x0, 0x20000023893)

716.674516ms ago: executing program 6 (id=1167):
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
openat$selinux_status(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x19, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000080)="1400000052004f030e789e7ee2ce2fa4ff612d27", 0x14)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'netpci0\x00', 0x6501})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
writev(r2, &(0x7f0000000400)=[{&(0x7f0000001c00)="2e9b3d0007e03dd65193dfb6c575963f8864", 0x12}], 0x1)
setsockopt$inet_int(r1, 0x0, 0xd, &(0x7f0000000040)=0xfffffffc, 0x4)
setsockopt$inet_int(r1, 0x0, 0x6, &(0x7f0000000000)=0x10005, 0x4)
recvmmsg(r1, &(0x7f0000003600)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002c80)=""/16, 0x10}, 0xb}], 0x1, 0x45833af92e4b39ff, 0x0)
recvmmsg(r0, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r4, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0x1f4, {}, {}, @raw32={[0x2600]}}], 0xffc8)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
write$sndseq(r5, &(0x7f0000000080)=[{0x1e, 0x0, 0x8, 0xfd, @time={0x7ffffffd, 0x4}, {}, {}, @result={0x1f00}}], 0x1c)

701.470266ms ago: executing program 3 (id=1168):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r4}, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1, 0x0, 0x8000000002}, 0x18)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x818010, &(0x7f0000000300)={[{@minixdf}, {@grpjquota}]}, 0x1, 0x72d, &(0x7f00000014c0)="$eJzs3U1rXNUbAPDn3mb+k38bTQQVX0AqihVLJ01sKV1ZF6KbYqDgNg3JJMRMemNmpjahi3TlVkRRcKPfwY0rxbUfwK+gIFrioq5G7rykbTrTjnWSgczvB3fmOffe4TlnJpwHcoY5AYysk/lDGvF8RMwlEZPt80lEFJrRWMSl1n27t28u5kcSjcaVP5LmPXk77nlN7kRE7ETEcxHxUyHidPpg3urW9tpCpVLebLena+sb09Wt7TOr6wsr5ZXytYvnzs2eu3D+4sXBjfWN9z94tnT+nYnv55bnT838+l0Sl2Kife3ecQxS6z0p5G/hfd49iGRDlAy7AzyWsYg41n5+JibjWDMCAI6yRjGiAQCMmET9B4AR0/k/QGdt76DWwXr5/e2IGO+Wf6y9ZjbeXIc8vpvctzKRRMTUYXaUI2nnVkRcnTr54N9f8sCa7b91dhAd5ED9mM8/l7rNP+ne/BNd5p/xzncn/qPe89/d/Md6zH9zfeZ478V61jP/rYgXxrrlT/byJz3yX+0z/w93lv7uda3xbcRrXetPcl+u3t8PmV5erZTPth675zhZv/nhw8Z/vEf+nUeMf6PP8U989vLPOw/J//orD//8u+XPa+Knfeb/pPDWF72u5fmXeoz/UZ//N33mv/DSR9t93goAAAAAAAAAAAAAAAAAAAAAAAAAAABHQhoRE5Gkpb04TUul1h7eT8fxtJJVa6eXs/q1pWjulT0VhbTzU8uTrXaSt2fav8ffac8249299psR8VREfF78f7NdWswqS8MePAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0ndi3//9fxdb+/wDAETc+7A4AAIdO/QeA0aP+A8DoUf8BYPSo/wAwetR/ABg9j1H/iwfRDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGxtzly/nR2L19czFvL13fqq9l188slatrpfX6Ymkx29worWTZSqVcWszW978+2deuZNnG7GzUb0zXytXadHVre349q1+rza+uL6yU58uFQxsZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPRvonkkaSki0macpqVSxBMRMRWFZHm1Uj4bEU9GxC/FQjFvzwy70wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwYNWt7bWFSqW8KRAIBHvBsGcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOHx3N/0edk8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJjS35KIyI9Tk69O7L/6v+ROsfkcER9/feXLGwu12uZMfv7PvfO1r9rnZ4fRfwDgUTp1ulPHAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKCb6tb22kKlUt5sBXcaLXfPDCAY9hgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABicfwIAAP//wLPUPg==")

371.846693ms ago: executing program 4 (id=1169):
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = fsopen(&(0x7f0000000040)='configfs\x00', 0x0)
fsconfig$FSCONFIG_SET_FLAG(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat(r1, &(0x7f0000000340)='.\x00', 0x0, 0x0)
lseek(r2, 0x0, 0x1)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
sched_setscheduler(0x0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r5, 0x6, 0x1d, 0x0, &(0x7f0000000100))
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000300)={'team0\x00', <r7=>0x0})
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="2c0000001300010028bd7002fedbdf2500000000", @ANYRES32=r7, @ANYBLOB="00100000286407000a000100bbbbd29cc89340a52443b4392cbbbbbbbb0000"], 0x2c}, 0x1, 0x0, 0x0, 0x14011}, 0x20040040)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESDEC=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x18)
openat(0xffffffffffffff9c, 0x0, 0x281c2, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2f, 0x0, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f00000002c0)=0x17fb, 0x4)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000040)=@ethtool_link_settings={0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1c, 0x8, [0xfffffffd, 0x0, 0x0, 0xc, 0x5, 0x0, 0x0, 0x2]}})
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000280)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000380)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c00", @ANYRES32=r8, @ANYBLOB="f17685ab78f53ae4a24fe03b7b77cf508dc8d0f48e79a97e9f00f3fcd37f6b79cb0186933f53959e569d169343b453d7e801e825aeea06e9b236d114f51b641b03108ec4434c576e6dfb3f12cce432b4ccec17b6d95068da263a6c773de039c92aed38c2ca019f3349b8290fb2c43da004d53d180b44d0a13cecf3f293a934ebff6748e1e9d6ac00731e"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x14)

240.106555ms ago: executing program 3 (id=1170):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x318}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x1218088, &(0x7f0000000f80)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae356940538b7b2c1c1416c42047ca7a5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a035afc6241e25fa6b51d80fa9f9d2c1a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b52a0352a82c794995bbb97c82fcde79d"], 0xa, 0x2c2, &(0x7f00000008c0)="$eJzs3T+LI2UcB/DfZLOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2nnAwMpOZndk1xkQ2K7f7+TT72+d5vjPPMxmys0WefPjy7OhuHvcfffFLZFkSvXGM40kSo+hF46s4ZfxNAADPsidFEb8XC5vkkojItjctAGCL1vv732/Lny5kWgDAFt1597239w8Obr2TRRa3Z18fT8r/7Mufi/79+/FxTONevBbDeBpRPSjsRvW0UJa3i6KY9/PSKK7P5seTMjn74HF9/P3fIqr8XgxjVDWdPG1U+bcObu3lC538vJzH8/X5x2X+ZgzjxZPwqfzNJfmYpPHqK53534hh/PxRfBLTuFtNos1/uZfnbxbf/vH5++X0ynwyP54MqnGtYueCXxoAAAAAAAAAAAAAAAAAAAAAAC6xG/XeOYPIr8X1WdlU77+z8zTS8te8MWpTZf+iSpqm7v5ARVHMi/i+s6VgXtQD2/19+vFSv7uxIAAAAAAAAAAAAAAAAAAAAFxdDz/97OhwOr334FyKZjeAfkT8eSfivx5n3Gm5FqsHD+pzHk6nvbo8NeZx2m2JnWZMErFyGuUizumy/Fvx3Nk5N8UPP5YL3OSAWafl9eUL3N3+upq76+gwWX6uQTQtWX2TfJdGtGPSWPNc6T91FbHJ7Zcu7RpuvPb0haqYrxgTyaqJvfHr4srVLcnZVaTVVV0a362LTvzMvbHW6x7ZIv7394qk2q1jsL03IwAAAAAAAAAAAAAAAAAAuOLaT/8u6Xy0MtorfBQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEui/f7/DYp5HV5jcBoPHv7PSwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAK+CsAAP//hipWFQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='.\x00', 0x0, 0x0)
fchown(r0, 0x0, 0xee01)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r1}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
fallocate(0xffffffffffffffff, 0x1, 0x400002000000000, 0xffff)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)

172.806847ms ago: executing program 6 (id=1171):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
r2 = syz_io_uring_setup(0x70ca, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x3, 0x179}, &(0x7f0000000100)=<r3=>0x0, &(0x7f00000007c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x40, 0x0, @fd=r1, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)="1a", 0x1}], 0x1})
io_uring_enter(r2, 0x4d10, 0x2, 0x2, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000040), 0x7, 0x2)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
rmdir(&(0x7f0000004340)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

83.314509ms ago: executing program 3 (id=1172):
r0 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

0s ago: executing program 6 (id=1173):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r1, 0x0, 0x5}, 0x18)
r2 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(r3)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001d80)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002300000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r4}, 0x10)
write$binfmt_script(r2, &(0x7f00000003c0)={'#! ', './file0'}, 0xb)
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000008c80)=ANY=[@ANYBLOB="2c00000026000506"], 0x2c}}, 0x800)
recvmmsg(r5, &(0x7f0000007700), 0x318, 0xfc0, 0x0)

kernel console output (not intermixed with test programs):

695427][ T5760] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   87.709557][ T5760] syz.1.677: attempt to access beyond end of device
[   87.709557][ T5760] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[   87.711785][ T5756] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   87.751057][ T5756] EXT4-fs (loop2): orphan cleanup on readonly fs
[   87.766361][ T5756] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.676: corrupted inode contents
[   87.769872][ T5766] openvswitch: netlink: Message has 6 unknown bytes.
[   87.812928][ T5768] syzkaller0: entered promiscuous mode
[   87.818572][ T5768] syzkaller0: entered allmulticast mode
[   87.824354][ T5756] EXT4-fs (loop2): Remounting filesystem read-only
[   87.831039][ T5756] EXT4-fs (loop2): 1 truncate cleaned up
[   87.842502][ T3831] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   87.853224][ T3831] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   87.863921][ T3831] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   87.874738][ T5756] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   87.887890][ T5756] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.995913][ T5779] lo speed is unknown, defaulting to 1000
[   88.023231][ T5788] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5788 comm=syz.1.688
[   88.110040][ T5779] siw: device registration error -23
[   88.160015][ T5793] lo speed is unknown, defaulting to 1000
[   88.200421][ T5799] loop4: detected capacity change from 0 to 1024
[   88.208626][ T5799] EXT4-fs: Ignoring removed nobh option
[   88.214356][ T5799] EXT4-fs: inline encryption not supported
[   88.216359][ T5793] siw: device registration error -23
[   88.233782][ T5799] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.252656][ T5799] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.690: Allocating blocks 385-513 which overlap fs metadata
[   88.277478][ T5799] EXT4-fs (loop4): pa ffff888106eb12a0: logic 16, phys. 129, len 24
[   88.285773][ T5799] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[   88.300365][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.344905][ T5806] loop4: detected capacity change from 0 to 128
[   88.354431][ T5806] sch_fq: defrate 9 ignored.
[   88.392656][ T5808] loop4: detected capacity change from 0 to 2048
[   88.402927][ T5808] EXT4-fs warning (device loop4): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop4.
[   88.576189][ T5821] netdevsim netdevsim3: Direct firmware load for ./file0/file1 failed with error -2
[   88.627365][ T5825] netlink: 47 bytes leftover after parsing attributes in process `syz.3.699'.
[   88.766248][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811ba63600: rx timeout, send abort
[   88.915182][ T5829] loop3: detected capacity change from 0 to 512
[   88.964759][ T5829] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   88.975890][ T5833] loop2: detected capacity change from 0 to 2048
[   89.001161][ T5829] EXT4-fs (loop3): orphan cleanup on readonly fs
[   89.060082][ T5829] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.700: corrupted inode contents
[   89.079001][ T5833]  loop2: p1 < > p4
[   89.108936][ T5829] EXT4-fs (loop3): Remounting filesystem read-only
[   89.116375][ T5829] EXT4-fs (loop3): 1 truncate cleaned up
[   89.142765][ T5833] loop2: p4 size 8388608 extends beyond EOD, truncated
[   89.274517][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811ba63600: abort rx timeout. Force session deactivation
[   89.500915][ T3871] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   89.511583][ T3871] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   89.524155][ T3871] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   89.535362][ T5829] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   89.561716][ T5829] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.612840][ T5856] loop1: detected capacity change from 0 to 1024
[   89.620028][ T5856] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   89.631129][ T5856] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   89.645307][ T5856] JBD2: no valid journal superblock found
[   89.645323][ T5856] EXT4-fs (loop1): Could not load journal inode
[   89.648040][ T5856] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   89.755060][ T5859] netlink: 132 bytes leftover after parsing attributes in process `syz.4.706'.
[   89.790009][ T5870] netlink: 8 bytes leftover after parsing attributes in process `syz.5.713'.
[   89.790958][ T5871] netlink: 14 bytes leftover after parsing attributes in process `syz.2.709'.
[   89.807010][ T5868] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   89.807010][ T5868]    program syz.3.710 not setting count and/or reply_len properly
[   89.874954][ T5874] loop5: detected capacity change from 0 to 164
[   89.883160][ T5876] netlink: 'syz.2.709': attribute type 10 has an invalid length.
[   89.965227][ T5874] syz.5.714: attempt to access beyond end of device
[   89.965227][ T5874] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   89.965279][ T5874] syz.5.714: attempt to access beyond end of device
[   89.965279][ T5874] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[   90.355829][ T5891] loop1: detected capacity change from 0 to 164
[   90.367111][ T5891] syz.1.720: attempt to access beyond end of device
[   90.367111][ T5891] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   90.367156][ T5891] syz.1.720: attempt to access beyond end of device
[   90.367156][ T5891] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[   90.503684][ T5893] loop1: detected capacity change from 0 to 512
[   90.522764][ T5893] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   90.533388][ T5893] EXT4-fs (loop1): orphan cleanup on readonly fs
[   90.566129][ T5893] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.721: corrupted inode contents
[   90.578681][ T5893] EXT4-fs (loop1): Remounting filesystem read-only
[   90.587189][ T5893] EXT4-fs (loop1): 1 truncate cleaned up
[   90.600373][ T3856] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   90.611296][ T3856] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   90.622509][ T3856] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   90.634395][ T5893] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   90.650154][ T5904] FAULT_INJECTION: forcing a failure.
[   90.650154][ T5904] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   90.663278][ T5904] CPU: 1 UID: 0 PID: 5904 Comm: syz.4.725 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   90.663306][ T5904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   90.663347][ T5904] Call Trace:
[   90.663356][ T5904]  <TASK>
[   90.663366][ T5904]  __dump_stack+0x1d/0x30
[   90.663393][ T5904]  dump_stack_lvl+0xe8/0x140
[   90.663418][ T5904]  dump_stack+0x15/0x1b
[   90.663437][ T5904]  should_fail_ex+0x265/0x280
[   90.663547][ T5904]  should_fail+0xb/0x20
[   90.663567][ T5904]  should_fail_usercopy+0x1a/0x20
[   90.663594][ T5904]  _copy_from_user+0x1c/0xb0
[   90.663627][ T5904]  ___sys_sendmsg+0xc1/0x1d0
[   90.663751][ T5904]  __sys_sendmmsg+0x178/0x300
[   90.663797][ T5904]  __x64_sys_sendmmsg+0x57/0x70
[   90.663824][ T5904]  x64_sys_call+0x1c4a/0x2ff0
[   90.663846][ T5904]  do_syscall_64+0xd2/0x200
[   90.663999][ T5904]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   90.664039][ T5904]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   90.664072][ T5904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.664097][ T5904] RIP: 0033:0x7f9b5f24eec9
[   90.664158][ T5904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.664181][ T5904] RSP: 002b:00007f9b5dcaf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   90.664205][ T5904] RAX: ffffffffffffffda RBX: 00007f9b5f4a5fa0 RCX: 00007f9b5f24eec9
[   90.664219][ T5904] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000003
[   90.664232][ T5904] RBP: 00007f9b5dcaf090 R08: 0000000000000000 R09: 0000000000000000
[   90.664246][ T5904] R10: 0000000004004040 R11: 0000000000000246 R12: 0000000000000001
[   90.664258][ T5904] R13: 00007f9b5f4a6038 R14: 00007f9b5f4a5fa0 R15: 00007fff19313b68
[   90.664314][ T5904]  </TASK>
[   90.840501][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811b1fb800: rx timeout, send abort
[   90.894399][ T5893] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.998337][ T5912] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[   90.998337][ T5912]    program syz.4.728 not setting count and/or reply_len properly
[   91.036764][ T5912] __nla_validate_parse: 3 callbacks suppressed
[   91.036790][ T5912] netlink: 24 bytes leftover after parsing attributes in process `syz.4.728'.
[   91.059209][   T29] kauditd_printk_skb: 349 callbacks suppressed
[   91.059227][   T29] audit: type=1326 audit(1758913560.824:4099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5911 comm="syz.4.728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b5f24eec9 code=0x7ffc0000
[   91.103679][   T29] audit: type=1326 audit(1758913560.854:4100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5911 comm="syz.4.728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b5f24eec9 code=0x7ffc0000
[   91.127825][   T29] audit: type=1326 audit(1758913560.854:4101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5911 comm="syz.4.728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f9b5f24eec9 code=0x7ffc0000
[   91.151243][   T29] audit: type=1326 audit(1758913560.854:4102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5911 comm="syz.4.728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b5f24eec9 code=0x7ffc0000
[   91.157174][ T5921] loop5: detected capacity change from 0 to 1024
[   91.190375][ T5921] EXT4-fs: Ignoring removed nomblk_io_submit option
[   91.191184][   T29] audit: type=1326 audit(1758913560.954:4103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5911 comm="syz.4.728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b5f24eec9 code=0x7ffc0000
[   91.220460][   T29] audit: type=1326 audit(1758913560.954:4104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5911 comm="syz.4.728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f9b5f24eec9 code=0x7ffc0000
[   91.220581][   T29] audit: type=1326 audit(1758913560.954:4105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5911 comm="syz.4.728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b5f24eec9 code=0x7ffc0000
[   91.220634][   T29] audit: type=1326 audit(1758913560.954:4106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5925 comm="syz.4.728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f9b5f281785 code=0x7ffc0000
[   91.220732][   T29] audit: type=1326 audit(1758913560.954:4107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5911 comm="syz.4.728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9b5f24eec9 code=0x7ffc0000
[   91.220762][   T29] audit: type=1326 audit(1758913560.954:4108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5911 comm="syz.4.728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b5f24eec9 code=0x7ffc0000
[   91.297939][ T5921] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.348716][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811b1fb800: abort rx timeout. Force session deactivation
[   91.501406][ T5921] loop5: detected capacity change from 1024 to 64
[   91.522619][ T5437] EXT4-fs warning (device loop5): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   91.530885][ T5938] lo speed is unknown, defaulting to 1000
[   91.552807][ T5437] EXT4-fs warning (device loop5): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   91.596066][ T5945] netlink: 56 bytes leftover after parsing attributes in process `syz.1.734'.
[   91.647753][ T5437] EXT4-fs warning (device loop5): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   91.827356][ T5437] EXT4-fs warning (device loop5): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   91.916810][ T5955] FAULT_INJECTION: forcing a failure.
[   91.916810][ T5955] name failslab, interval 1, probability 0, space 0, times 0
[   91.929800][ T5955] CPU: 0 UID: 0 PID: 5955 Comm: syz.4.740 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   91.929827][ T5955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   91.929839][ T5955] Call Trace:
[   91.929845][ T5955]  <TASK>
[   91.929853][ T5955]  __dump_stack+0x1d/0x30
[   91.929880][ T5955]  dump_stack_lvl+0xe8/0x140
[   91.929905][ T5955]  dump_stack+0x15/0x1b
[   91.929958][ T5955]  should_fail_ex+0x265/0x280
[   91.929984][ T5955]  should_failslab+0x8c/0xb0
[   91.930017][ T5955]  kmem_cache_alloc_lru_noprof+0x55/0x310
[   91.930089][ T5955]  ? __d_alloc+0x3d/0x340
[   91.930150][ T5955]  __d_alloc+0x3d/0x340
[   91.930188][ T5955]  d_alloc_pseudo+0x1e/0x80
[   91.930243][ T5955]  alloc_file_pseudo+0x71/0x160
[   91.930286][ T5955]  sock_alloc_file+0x9c/0x1e0
[   91.930326][ T5955]  __sys_socketpair+0x2b8/0x430
[   91.930357][ T5955]  __x64_sys_socketpair+0x52/0x60
[   91.930394][ T5955]  x64_sys_call+0x2bf2/0x2ff0
[   91.930423][ T5955]  do_syscall_64+0xd2/0x200
[   91.930461][ T5955]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   91.930520][ T5955]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   91.930611][ T5955]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.930683][ T5955] RIP: 0033:0x7f9b5f250e1a
[   91.930702][ T5955] Code: 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 35 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.930722][ T5955] RSP: 002b:00007f9b5dcaef78 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[   91.930741][ T5955] RAX: ffffffffffffffda RBX: 00007f9b5f4a5f00 RCX: 00007f9b5f250e1a
[   91.930753][ T5955] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[   91.930764][ T5955] RBP: 00007f9b5dcaf090 R08: 0000000000000000 R09: 0000000000000000
[   91.930776][ T5955] R10: 00007f9b5dcaef98 R11: 0000000000000246 R12: 0000000000000000
[   91.930798][ T5955] R13: 00007f9b5f4a6038 R14: 00007f9b5f4a5fa0 R15: 00007fff19313b68
[   91.930823][ T5955]  </TASK>
[   92.120271][ T5437] EXT4-fs warning (device loop5): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   92.140735][ T5437] EXT4-fs warning (device loop5): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   92.154625][ T5437] EXT4-fs warning (device loop5): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   92.156013][ T5957] loop2: detected capacity change from 0 to 512
[   92.168314][ T5437] EXT4-fs warning (device loop5): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   92.188100][ T5437] EXT4-fs warning (device loop5): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   92.201795][ T5437] EXT4-fs warning (device loop5): ext4_empty_dir:3080: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   92.274584][ T5957] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   92.330625][ T5967] openvswitch: netlink: Message has 6 unknown bytes.
[   92.394411][ T5957] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   92.407346][ T5957] ext4 filesystem being mounted at /136/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.432932][ T5437] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.445563][ T5931] kmmpd-loop5: attempt to access beyond end of device
[   92.445563][ T5931] loop5: rw=14337, sector=128, nr_sectors = 2 limit=64
[   92.459233][ T5931] Buffer I/O error on dev loop5, logical block 64, lost sync page write
[   92.603231][ T5977] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.657130][ T5978] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[   92.677583][ T5977] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.709975][ T5978] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.741: Failed to acquire dquot type 0
[   92.786169][ T5990] netlink: 'syz.4.751': attribute type 3 has an invalid length.
[   92.812859][ T5990] netlink: 'syz.4.751': attribute type 3 has an invalid length.
[   92.832499][ T5977] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.882191][ T3839] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.906328][ T5990] cgroup: none used incorrectly
[   92.923890][ T5990] netlink: 20 bytes leftover after parsing attributes in process `syz.4.751'.
[   92.933246][ T5990] netlink: 4 bytes leftover after parsing attributes in process `syz.4.751'.
[   92.973372][ T5978] syz.2.741 (5978) used greatest stack depth: 9448 bytes left
[   92.993855][ T5977] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.009977][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.022634][ T3839] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.062813][   T51] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   93.083053][ T6000] netlink: 47 bytes leftover after parsing attributes in process `syz.4.752'.
[   93.095522][   T51] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   93.106595][ T3839] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.119678][ T6002] netlink: 47 bytes leftover after parsing attributes in process `syz.2.753'.
[   93.214501][   T51] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   93.227893][ T3839] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.285234][ T6014] FAULT_INJECTION: forcing a failure.
[   93.285234][ T6014] name failslab, interval 1, probability 0, space 0, times 0
[   93.298080][ T6014] CPU: 1 UID: 0 PID: 6014 Comm: syz.1.757 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   93.298187][ T6014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   93.298201][ T6014] Call Trace:
[   93.298208][ T6014]  <TASK>
[   93.298217][ T6014]  __dump_stack+0x1d/0x30
[   93.298243][ T6014]  dump_stack_lvl+0xe8/0x140
[   93.298315][ T6014]  dump_stack+0x15/0x1b
[   93.298389][ T6014]  should_fail_ex+0x265/0x280
[   93.298419][ T6014]  should_failslab+0x8c/0xb0
[   93.298454][ T6014]  kmem_cache_alloc_noprof+0x50/0x310
[   93.298564][ T6014]  ? prepare_creds+0x37/0x4c0
[   93.298594][ T6014]  prepare_creds+0x37/0x4c0
[   93.298622][ T6014]  selinux_lsm_setattr+0x1a4/0x660
[   93.298704][ T6014]  selinux_setprocattr+0x4f/0x70
[   93.298732][ T6014]  security_setprocattr+0x1a7/0x1d0
[   93.298771][ T6014]  proc_pid_attr_write+0x1eb/0x220
[   93.298851][ T6014]  vfs_writev+0x406/0x8b0
[   93.298889][ T6014]  ? __pfx_proc_pid_attr_write+0x10/0x10
[   93.298925][ T6014]  ? mutex_lock+0xd/0x30
[   93.299005][ T6014]  do_writev+0xe7/0x210
[   93.299043][ T6014]  __x64_sys_writev+0x45/0x50
[   93.299073][ T6014]  x64_sys_call+0x1e9a/0x2ff0
[   93.299125][ T6014]  do_syscall_64+0xd2/0x200
[   93.299201][ T6014]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   93.299231][ T6014]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   93.299345][ T6014]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.299372][ T6014] RIP: 0033:0x7f85ec9feec9
[   93.299391][ T6014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.299410][ T6014] RSP: 002b:00007f85eb45f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   93.299440][ T6014] RAX: ffffffffffffffda RBX: 00007f85ecc55fa0 RCX: 00007f85ec9feec9
[   93.299495][ T6014] RDX: 0000000000000008 RSI: 00002000000000c0 RDI: 0000000000000006
[   93.299510][ T6014] RBP: 00007f85eb45f090 R08: 0000000000000000 R09: 0000000000000000
[   93.299525][ T6014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.299540][ T6014] R13: 00007f85ecc56038 R14: 00007f85ecc55fa0 R15: 00007ffeff6487a8
[   93.299565][ T6014]  </TASK>
[   93.591044][ T5983] lo speed is unknown, defaulting to 1000
[   93.591341][   T51] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.623621][ T6017] FAULT_INJECTION: forcing a failure.
[   93.623621][ T6017] name failslab, interval 1, probability 0, space 0, times 0
[   93.636405][ T6017] CPU: 0 UID: 0 PID: 6017 Comm: syz.1.758 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   93.636481][ T6017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   93.636496][ T6017] Call Trace:
[   93.636503][ T6017]  <TASK>
[   93.636511][ T6017]  __dump_stack+0x1d/0x30
[   93.636538][ T6017]  dump_stack_lvl+0xe8/0x140
[   93.636567][ T6017]  dump_stack+0x15/0x1b
[   93.636659][ T6017]  should_fail_ex+0x265/0x280
[   93.636684][ T6017]  should_failslab+0x8c/0xb0
[   93.636780][ T6017]  kmem_cache_alloc_noprof+0x50/0x310
[   93.636948][ T6017]  ? __anon_vma_prepare+0xcd/0x2f0
[   93.636975][ T6017]  __anon_vma_prepare+0xcd/0x2f0
[   93.637007][ T6017]  do_wp_page+0x1926/0x24e0
[   93.637035][ T6017]  ? __lruvec_stat_mod_folio+0xd6/0x120
[   93.637115][ T6017]  ? css_rstat_updated+0xb7/0x240
[   93.637152][ T6017]  ? __rcu_read_lock+0x37/0x50
[   93.637189][ T6017]  handle_mm_fault+0x77d/0x2c20
[   93.637289][ T6017]  do_user_addr_fault+0x636/0x1090
[   93.637334][ T6017]  ? fpregs_assert_state_consistent+0xb4/0xe0
[   93.637436][ T6017]  exc_page_fault+0x62/0xa0
[   93.637464][ T6017]  asm_exc_page_fault+0x26/0x30
[   93.637483][ T6017] RIP: 0033:0x7f85ec8c0c03
[   93.637498][ T6017] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[   93.637529][ T6017] RSP: 002b:00007f85eb45e4a0 EFLAGS: 00010202
[   93.637549][ T6017] RAX: 0000000000000400 RBX: 00007f85eb45e540 RCX: 00007f85e303f000
[   93.637565][ T6017] RDX: 00007f85eb45e6e0 RSI: 0000000000000009 RDI: 00007f85eb45e5e0
[   93.637581][ T6017] RBP: 00000000000000f9 R08: 0000000000000008 R09: 00000000000000aa
[   93.637593][ T6017] R10: 00000000000000c0 R11: 00007f85eb45e540 R12: 0000000000000001
[   93.637604][ T6017] R13: 00007f85eca9db80 R14: 0000000000000020 R15: 00007f85eb45e5e0
[   93.637628][ T6017]  </TASK>
[   93.637713][ T6017] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   93.836814][ T6017] loop1: detected capacity change from 0 to 1024
[   93.848574][ T6017] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   93.859598][ T6017] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   93.864622][ T6026] netlink: 4 bytes leftover after parsing attributes in process `syz.2.760'.
[   93.879856][ T6017] JBD2: no valid journal superblock found
[   93.885639][ T6017] EXT4-fs (loop1): Could not load journal inode
[   93.945839][ T5983] chnl_net:caif_netlink_parms(): no params data found
[   93.972534][ T3839] bridge_slave_1: left allmulticast mode
[   93.978245][ T3839] bridge_slave_1: left promiscuous mode
[   93.984117][ T3839] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.049456][ T3839] bridge_slave_0: left allmulticast mode
[   94.055499][ T3839] bridge_slave_0: left promiscuous mode
[   94.061602][ T3839] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.140729][ T6037] loop4: detected capacity change from 0 to 128
[   94.327173][ T3839] team0: Port device geneve1 removed
[   94.437910][ T3839] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   94.456861][ T3839] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   94.497553][ T3839] bond0 (unregistering): Released all slaves
[   94.534611][ T6037] sch_fq: defrate 9 ignored.
[   94.681482][ T5983] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.688598][ T5983] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.979643][ T6063] loop2: detected capacity change from 0 to 1024
[   95.009843][ T5983] bridge_slave_0: entered allmulticast mode
[   95.021906][ T6063] EXT4-fs: Ignoring removed nobh option
[   95.027533][ T6063] EXT4-fs: inline encryption not supported
[   95.055123][ T5983] bridge_slave_0: entered promiscuous mode
[   95.098443][ T6068] netlink: 47 bytes leftover after parsing attributes in process `syz.4.771'.
[   95.117248][ T6063] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.131591][ T3839] hsr_slave_0: left promiscuous mode
[   95.137795][ T3839] hsr_slave_1: left promiscuous mode
[   95.144431][ T3839] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   95.151879][ T3839] batman_adv: batadv0: Removing interface: batadv_slave_0
[   95.160462][ T3839] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   95.168187][ T3839] batman_adv: batadv0: Removing interface: batadv_slave_1
[   95.184225][ T3839] veth1_macvtap: left promiscuous mode
[   95.191267][ T6063] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.769: Allocating blocks 385-513 which overlap fs metadata
[   95.205320][ T3839] veth0_macvtap: left promiscuous mode
[   95.210890][ T3839] veth1_vlan: left promiscuous mode
[   95.216235][ T3839] veth0_vlan: left promiscuous mode
[   95.216613][ T6079] loop3: detected capacity change from 0 to 1024
[   95.230336][ T6079] journal_path: Non-blockdev passed as './file0'
[   95.236751][ T6079] EXT4-fs: error: could not find journal device path
[   95.264110][ T6063] EXT4-fs (loop2): pa ffff888106e63930: logic 16, phys. 129, len 24
[   95.272216][ T6063] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[   95.302777][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.495073][ T3839] team0 (unregistering): Port device team_slave_1 removed
[   95.514275][ T3839] team0 (unregistering): Port device team_slave_0 removed
[   95.560578][ T6083] loop3: detected capacity change from 0 to 1024
[   95.567228][ T5983] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.567455][ T6083] EXT4-fs: Ignoring removed mblk_io_submit option
[   95.574456][ T5983] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.581941][ T6083] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   95.591249][ T5983] bridge_slave_1: entered allmulticast mode
[   95.598096][ T6083] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.772: bad orphan inode 11
[   95.604863][ T5983] bridge_slave_1: entered promiscuous mode
[   95.615810][ T6083] ext4_test_bit(bit=10, block=4) = 1
[   95.623972][ T6083] is_bad_inode(inode)=0
[   95.624910][ T6082] tipc: Enabling of bearer <eth:syzkal> rejected, failed to enable media
[   95.628247][ T6083] NEXT_ORPHAN(inode)=3254779904
[   95.641783][ T6083] max_ino=32
[   95.645019][ T6083] i_nlink=0
[   95.665624][ T6083] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm syz.3.772: lblock 2 mapped to illegal pblock 2 (length 1)
[   95.684614][ T6093] vxcan1: entered allmulticast mode
[   95.710624][ T5983] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   95.723311][ T5983] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   95.735753][ T6083] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.772: lblock 0 mapped to illegal pblock 48 (length 1)
[   95.760050][ T6098] netlink: 8 bytes leftover after parsing attributes in process `syz.4.778'.
[   95.770291][ T5983] team0: Port device team_slave_0 added
[   95.776856][ T6098] FAULT_INJECTION: forcing a failure.
[   95.776856][ T6098] name failslab, interval 1, probability 0, space 0, times 0
[   95.789581][ T6098] CPU: 0 UID: 0 PID: 6098 Comm: syz.4.778 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   95.789704][ T6098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   95.789720][ T6098] Call Trace:
[   95.789728][ T6098]  <TASK>
[   95.789738][ T6098]  __dump_stack+0x1d/0x30
[   95.789776][ T6098]  dump_stack_lvl+0xe8/0x140
[   95.789795][ T6098]  dump_stack+0x15/0x1b
[   95.789811][ T6098]  should_fail_ex+0x265/0x280
[   95.789868][ T6098]  should_failslab+0x8c/0xb0
[   95.789921][ T6098]  __kvmalloc_node_noprof+0x123/0x4e0
[   95.789952][ T6098]  ? alloc_netdev_mqs+0x553/0xa30
[   95.790028][ T6098]  alloc_netdev_mqs+0x553/0xa30
[   95.790070][ T6098]  rtnl_create_link+0x239/0x710
[   95.790105][ T6098]  rtnl_newlink_create+0x14c/0x620
[   95.790126][ T6098]  ? __list_del_entry_valid_or_report+0x65/0x130
[   95.790237][ T6098]  ? __mutex_lock+0x25d/0xcc0
[   95.790295][ T6098]  rtnl_newlink+0xf29/0x12d0
[   95.790335][ T6098]  ? __kfree_skb+0x109/0x150
[   95.790357][ T6098]  ? __memcg_slab_free_hook+0x135/0x230
[   95.790415][ T6098]  ? __rcu_read_unlock+0x4f/0x70
[   95.790442][ T6098]  ? avc_has_perm_noaudit+0x1b1/0x200
[   95.790477][ T6098]  ? cred_has_capability+0x210/0x280
[   95.790537][ T6098]  ? selinux_capable+0x31/0x40
[   95.790572][ T6098]  ? security_capable+0x83/0x90
[   95.790602][ T6098]  ? ns_capable+0x7d/0xb0
[   95.790627][ T6098]  ? __pfx_rtnl_newlink+0x10/0x10
[   95.790688][ T6098]  rtnetlink_rcv_msg+0x5fb/0x6d0
[   95.790732][ T6098]  netlink_rcv_skb+0x120/0x220
[   95.790787][ T6098]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   95.790826][ T6098]  rtnetlink_rcv+0x1c/0x30
[   95.790904][ T6098]  netlink_unicast+0x5c0/0x690
[   95.790934][ T6098]  netlink_sendmsg+0x58b/0x6b0
[   95.790969][ T6098]  ? __pfx_netlink_sendmsg+0x10/0x10
[   95.791123][ T6098]  __sock_sendmsg+0x142/0x180
[   95.791244][ T6098]  ____sys_sendmsg+0x31e/0x4e0
[   95.791280][ T6098]  ___sys_sendmsg+0x17b/0x1d0
[   95.791323][ T6098]  __x64_sys_sendmsg+0xd4/0x160
[   95.791402][ T6098]  x64_sys_call+0x191e/0x2ff0
[   95.791473][ T6098]  do_syscall_64+0xd2/0x200
[   95.791571][ T6098]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   95.791600][ T6098]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   95.791638][ T6098]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.791698][ T6098] RIP: 0033:0x7f9b5f24eec9
[   95.791719][ T6098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.791743][ T6098] RSP: 002b:00007f9b5dcaf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   95.791768][ T6098] RAX: ffffffffffffffda RBX: 00007f9b5f4a5fa0 RCX: 00007f9b5f24eec9
[   95.791852][ T6098] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000005
[   95.791868][ T6098] RBP: 00007f9b5dcaf090 R08: 0000000000000000 R09: 0000000000000000
[   95.791920][ T6098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   95.791932][ T6098] R13: 00007f9b5f4a6038 R14: 00007f9b5f4a5fa0 R15: 00007fff19313b68
[   95.791952][ T6098]  </TASK>
[   95.795651][ T6083] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.772: Failed to acquire dquot type 0
[   95.889206][ T6103] netlink: 4 bytes leftover after parsing attributes in process `syz.2.779'.
[   95.892160][ T6083] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[   96.115388][ T6083] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.772: mark_inode_dirty error
[   96.129033][ T5983] team0: Port device team_slave_1 added
[   96.144160][ T6083] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   96.164065][ T5983] batman_adv: batadv0: Adding interface: batadv_slave_0
[   96.165390][ T6083] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.171563][ T5983] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.171599][ T5983] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   96.222839][ T5983] batman_adv: batadv0: Adding interface: batadv_slave_1
[   96.229902][ T5983] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.255949][ T5983] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   96.308035][ T6111] loop1: detected capacity change from 0 to 1024
[   96.324724][ T6111] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   96.335725][ T6111] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   96.350657][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.355008][ T6111] JBD2: no valid journal superblock found
[   96.365591][ T6111] EXT4-fs (loop1): Could not load journal inode
[   96.377598][ T3307] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[   96.392363][ T3307] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[   96.407328][ T3307] EXT4-fs error (device loop3): ext4_quota_off:7221: inode #3: comm syz-executor: mark_inode_dirty error
[   96.450146][ T6113] netlink: 12 bytes leftover after parsing attributes in process `syz.3.783'.
[   96.463937][ T5983] hsr_slave_0: entered promiscuous mode
[   96.470185][ T5983] hsr_slave_1: entered promiscuous mode
[   96.480922][ T5983] debugfs: 'hsr0' already exists in 'hsr'
[   96.486766][ T5983] Cannot create hsr debugfs directory
[   96.501376][ T6113] netlink: 12 bytes leftover after parsing attributes in process `syz.3.783'.
[   96.511711][ T6115] netlink: 12 bytes leftover after parsing attributes in process `syz.3.783'.
[   96.543304][ T6117] netlink: 8 bytes leftover after parsing attributes in process `syz.1.784'.
[   96.553267][ T6113] netlink: 12 bytes leftover after parsing attributes in process `syz.3.783'.
[   96.565624][ T6115] netlink: 12 bytes leftover after parsing attributes in process `syz.3.783'.
[   96.575679][ T6117] sit0: Master is either lo or non-ether device
[   96.615142][ T6115] netlink: 12 bytes leftover after parsing attributes in process `syz.3.783'.
[   96.727942][ T6133] netlink: 4 bytes leftover after parsing attributes in process `syz.2.788'.
[   96.734495][ T6130] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   96.737016][ T6133] netlink: 4 bytes leftover after parsing attributes in process `syz.2.788'.
[   96.769820][ T6129] tipc: Resetting bearer <eth:syzkaller0>
[   96.811564][ T6129] tipc: Disabling bearer <eth:syzkaller0>
[   96.821627][   T29] kauditd_printk_skb: 74 callbacks suppressed
[   96.821641][   T29] audit: type=1326 audit(1758913566.584:4179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6131 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44d590eec9 code=0x7ffc0000
[   96.837767][ T6139] loop2: detected capacity change from 0 to 512
[   96.851237][   T29] audit: type=1326 audit(1758913566.594:4180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6131 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44d590eec9 code=0x7ffc0000
[   96.880788][   T29] audit: type=1326 audit(1758913566.594:4181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6131 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f44d590eec9 code=0x7ffc0000
[   96.904186][   T29] audit: type=1326 audit(1758913566.594:4182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6131 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44d590eec9 code=0x7ffc0000
[   96.906253][ T6139] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   96.927595][   T29] audit: type=1326 audit(1758913566.594:4183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6131 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44d590eec9 code=0x7ffc0000
[   96.962601][ T6139] EXT4-fs error (device loop2): ext4_init_orphan_info:585: inode #3: comm syz.2.788: iget: special inode unallocated
[   96.976055][ T6139] EXT4-fs (loop2): Remounting filesystem read-only
[   96.982655][ T6139] EXT4-fs (loop2): get orphan inode failed
[   96.988706][ T6139] EXT4-fs (loop2): mount failed
[   96.993817][ T5983] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   97.006188][ T5983] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   97.014179][   T29] audit: type=1400 audit(1758913566.784:4184): avc:  denied  { write } for  pid=6140 comm="syz.4.790" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   97.037630][ T5983] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   97.048383][ T5983] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   97.082034][   T29] audit: type=1326 audit(1758913566.844:4185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6145 comm="syz.1.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ec9feec9 code=0x7ffc0000
[   97.105590][   T29] audit: type=1326 audit(1758913566.844:4186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6145 comm="syz.1.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85ec9feec9 code=0x7ffc0000
[   97.129010][   T29] audit: type=1326 audit(1758913566.844:4187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6145 comm="syz.1.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ec9feec9 code=0x7ffc0000
[   97.152528][   T29] audit: type=1326 audit(1758913566.844:4188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6145 comm="syz.1.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85ec9feec9 code=0x7ffc0000
[   97.181882][ T6153] IPVS: stopping master sync thread 6155 ...
[   97.188067][ T6155] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[   97.220975][ T6161] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[   97.244939][ T6160] FAULT_INJECTION: forcing a failure.
[   97.244939][ T6160] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   97.256770][ T5983] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.258232][ T6160] CPU: 1 UID: 0 PID: 6160 Comm: syz.1.795 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   97.258269][ T6160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   97.258287][ T6160] Call Trace:
[   97.258296][ T6160]  <TASK>
[   97.258315][ T6160]  __dump_stack+0x1d/0x30
[   97.258363][ T6160]  dump_stack_lvl+0xe8/0x140
[   97.258391][ T6160]  dump_stack+0x15/0x1b
[   97.258415][ T6160]  should_fail_ex+0x265/0x280
[   97.258448][ T6160]  should_fail+0xb/0x20
[   97.258478][ T6160]  should_fail_usercopy+0x1a/0x20
[   97.258586][ T6160]  _copy_from_user+0x1c/0xb0
[   97.258676][ T6160]  do_ip_vs_set_ctl+0x1a1/0x8c0
[   97.258703][ T6160]  ? path_openat+0x1bf8/0x2170
[   97.258741][ T6160]  ? do_ip_setsockopt+0x1af3/0x2240
[   97.258770][ T6160]  nf_setsockopt+0x196/0x1b0
[   97.258850][ T6160]  ip_setsockopt+0x102/0x110
[   97.258880][ T6160]  tcp_setsockopt+0x98/0xb0
[   97.258972][ T6160]  sock_common_setsockopt+0x69/0x80
[   97.259035][ T6160]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   97.259092][ T6160]  smc_setsockopt+0x183/0x750
[   97.259186][ T6160]  ? __pfx_smc_setsockopt+0x10/0x10
[   97.259214][ T6160]  __sys_setsockopt+0x181/0x200
[   97.259251][ T6160]  __x64_sys_setsockopt+0x64/0x80
[   97.259352][ T6160]  x64_sys_call+0x20ec/0x2ff0
[   97.259382][ T6160]  do_syscall_64+0xd2/0x200
[   97.259427][ T6160]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   97.259530][ T6160]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   97.259573][ T6160]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.259606][ T6160] RIP: 0033:0x7f85ec9feec9
[   97.259629][ T6160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.259657][ T6160] RSP: 002b:00007f85eb45f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   97.259686][ T6160] RAX: ffffffffffffffda RBX: 00007f85ecc55fa0 RCX: 00007f85ec9feec9
[   97.259704][ T6160] RDX: 000000000000048c RSI: 0000000000000000 RDI: 0000000000000003
[   97.259721][ T6160] RBP: 00007f85eb45f090 R08: 0000000000000018 R09: 0000000000000000
[   97.259778][ T6160] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[   97.259812][ T6160] R13: 00007f85ecc56038 R14: 00007f85ecc55fa0 R15: 00007ffeff6487a8
[   97.259834][ T6160]  </TASK>
[   97.302050][ T6151] loop4: detected capacity change from 0 to 2048
[   97.329671][ T5983] 8021q: adding VLAN 0 to HW filter on device team0
[   97.506299][ T3867] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.513492][ T3867] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.514555][ T6151]  loop4: p1 < > p4
[   97.523072][ T3867] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.531720][ T3867] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.541912][ T6151] loop4: p4 size 8388608 extends beyond EOD, truncated
[   97.591249][ T5983] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   97.601783][ T5983] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   97.723234][ T6180] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   97.735518][ T6186] netlink: 28 bytes leftover after parsing attributes in process `syz.2.804'.
[   97.746712][ T6178] tipc: Resetting bearer <eth:syzkaller0>
[   97.763248][ T6178] tipc: Disabling bearer <eth:syzkaller0>
[   97.785967][ T6179] netlink: 'syz.3.801': attribute type 10 has an invalid length.
[   97.826762][ T5983] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.904593][ T6189] loop1: detected capacity change from 0 to 2048
[   97.952119][ T6189]  loop1: p1 < > p4
[   97.956662][ T6189] loop1: p4 size 8388608 extends beyond EOD, truncated
[   98.005625][ T5983] veth0_vlan: entered promiscuous mode
[   98.014981][ T5983] veth1_vlan: entered promiscuous mode
[   98.034733][ T5983] veth0_macvtap: entered promiscuous mode
[   98.042861][ T5983] veth1_macvtap: entered promiscuous mode
[   98.055345][ T5983] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.066838][ T5983] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.079415][ T3867] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.095134][ T3867] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.106031][ T3867] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.118381][ T3867] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.238631][ T6225] netdevsim netdevsim6: Direct firmware load for ./file0/file1 failed with error -2
[   98.438876][ T6247] loop6: detected capacity change from 0 to 512
[   98.455788][ T6247] EXT4-fs (loop6): revision level too high, forcing read-only mode
[   98.464930][ T6247] EXT4-fs (loop6): orphan cleanup on readonly fs
[   98.473586][ T6247] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.820: corrupted inode contents
[   98.486648][ T6247] EXT4-fs (loop6): Remounting filesystem read-only
[   98.491790][ T6249] lo speed is unknown, defaulting to 1000
[   98.494456][ T6247] EXT4-fs (loop6): 1 truncate cleaned up
[   98.506450][   T31] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   98.517110][   T31] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   98.529242][   T31] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[   98.542461][ T6247] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   98.556480][ T6247] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.556779][ T6249] netlink: 'syz.3.821': attribute type 13 has an invalid length.
[   98.573420][ T6249] netlink: 'syz.3.821': attribute type 17 has an invalid length.
[   98.609661][ T6249] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   98.714299][ T6257] lo speed is unknown, defaulting to 1000
[   98.856378][ T6268] lo speed is unknown, defaulting to 1000
[   98.962743][ T6285] loop4: detected capacity change from 0 to 512
[   98.993162][ T6285] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   99.008727][ T6285] EXT4-fs (loop4): orphan cleanup on readonly fs
[   99.023174][ T6285] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.834: corrupted inode contents
[   99.036874][ T6285] EXT4-fs (loop4): Remounting filesystem read-only
[   99.054481][ T6285] EXT4-fs (loop4): 1 truncate cleaned up
[   99.060672][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   99.071297][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   99.085852][   T12] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   99.096317][ T6292] FAULT_INJECTION: forcing a failure.
[   99.096317][ T6292] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   99.102301][ T6285] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   99.109468][ T6292] CPU: 0 UID: 0 PID: 6292 Comm: syz.6.837 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   99.109576][ T6292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   99.109626][ T6292] Call Trace:
[   99.109635][ T6292]  <TASK>
[   99.109646][ T6292]  __dump_stack+0x1d/0x30
[   99.109685][ T6292]  dump_stack_lvl+0xe8/0x140
[   99.109713][ T6292]  dump_stack+0x15/0x1b
[   99.109735][ T6292]  should_fail_ex+0x265/0x280
[   99.109771][ T6292]  should_fail+0xb/0x20
[   99.109838][ T6292]  should_fail_usercopy+0x1a/0x20
[   99.109874][ T6292]  copy_fpstate_to_sigframe+0x628/0x7d0
[   99.109921][ T6292]  ? copy_fpstate_to_sigframe+0xe6/0x7d0
[   99.109973][ T6292]  ? x86_task_fpu+0x36/0x60
[   99.110025][ T6292]  get_sigframe+0x34d/0x490
[   99.110050][ T6292]  ? get_signal+0xdc8/0xf70
[   99.110080][ T6292]  x64_setup_rt_frame+0xa8/0x580
[   99.110179][ T6292]  arch_do_signal_or_restart+0x27c/0x480
[   99.110216][ T6292]  exit_to_user_mode_loop+0x7a/0x100
[   99.110302][ T6292]  do_syscall_64+0x1d6/0x200
[   99.110347][ T6292]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   99.110380][ T6292]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   99.110493][ T6292]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.110522][ T6292] RIP: 0033:0x7f241178eec7
[   99.110544][ T6292] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[   99.110603][ T6292] RSP: 002b:00007f24101ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   99.110629][ T6292] RAX: 0000000000000001 RBX: 00007f24119e5fa0 RCX: 00007f241178eec9
[   99.110646][ T6292] RDX: 0000000000000027 RSI: 0000200000000380 RDI: 0000000000000003
[   99.110674][ T6292] RBP: 00007f24101ef090 R08: 0000000000000000 R09: 0000000000000000
[   99.110691][ T6292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.110706][ T6292] R13: 00007f24119e6038 R14: 00007f24119e5fa0 R15: 00007ffd3a5bca48
[   99.110736][ T6292]  </TASK>
[   99.277401][ T6307] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   99.289307][ T6285] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.357413][ T6313] loop2: detected capacity change from 0 to 128
[   99.397335][ T6319] loop4: detected capacity change from 0 to 1024
[   99.404924][ T6319] EXT4-fs: Ignoring removed nobh option
[   99.410548][ T6319] EXT4-fs: inline encryption not supported
[   99.490082][ T6319] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.590175][ T6319] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.846: Allocating blocks 385-513 which overlap fs metadata
[   99.615127][ T6317] EXT4-fs (loop4): pa ffff888106e63850: logic 16, phys. 129, len 24
[   99.623247][ T6317] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[   99.638055][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.674376][ T6318] netlink: 'syz.1.847': attribute type 10 has an invalid length.
[   99.945478][ T6333] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   99.960521][ T6332] tipc: Resetting bearer <eth:syzkaller0>
[   99.986582][ T6332] tipc: Disabling bearer <eth:syzkaller0>
[  100.276747][ T6348] FAULT_INJECTION: forcing a failure.
[  100.276747][ T6348] name failslab, interval 1, probability 0, space 0, times 0
[  100.289589][ T6348] CPU: 0 UID: 0 PID: 6348 Comm: syz.2.856 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  100.289624][ T6348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  100.289640][ T6348] Call Trace:
[  100.289650][ T6348]  <TASK>
[  100.289660][ T6348]  __dump_stack+0x1d/0x30
[  100.289731][ T6348]  dump_stack_lvl+0xe8/0x140
[  100.289755][ T6348]  dump_stack+0x15/0x1b
[  100.289774][ T6348]  should_fail_ex+0x265/0x280
[  100.289812][ T6348]  should_failslab+0x8c/0xb0
[  100.289839][ T6348]  kmem_cache_alloc_noprof+0x50/0x310
[  100.289885][ T6348]  ? audit_log_start+0x365/0x6c0
[  100.289919][ T6348]  audit_log_start+0x365/0x6c0
[  100.289955][ T6348]  audit_seccomp+0x48/0x100
[  100.289988][ T6348]  ? __seccomp_filter+0x68c/0x10d0
[  100.290121][ T6348]  __seccomp_filter+0x69d/0x10d0
[  100.290146][ T6348]  ? __list_add_valid_or_report+0x38/0xe0
[  100.290181][ T6348]  ? __set_next_task_fair+0x5b/0x150
[  100.290203][ T6348]  ? tracing_record_taskinfo_sched_switch+0x71/0x260
[  100.290273][ T6348]  ? _raw_spin_unlock+0x26/0x50
[  100.290302][ T6348]  __secure_computing+0x82/0x150
[  100.290326][ T6348]  syscall_trace_enter+0xcf/0x1e0
[  100.290355][ T6348]  do_syscall_64+0xac/0x200
[  100.290435][ T6348]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  100.290531][ T6348]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  100.290566][ T6348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.290631][ T6348] RIP: 0033:0x7f292e50d8dc
[  100.290648][ T6348] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  100.290732][ T6348] RSP: 002b:00007f292cf6f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  100.290754][ T6348] RAX: ffffffffffffffda RBX: 00007f292e765fa0 RCX: 00007f292e50d8dc
[  100.290768][ T6348] RDX: 000000000000000f RSI: 00007f292cf6f0a0 RDI: 0000000000000005
[  100.290782][ T6348] RBP: 00007f292cf6f090 R08: 0000000000000000 R09: 0000000000000000
[  100.290795][ T6348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.290830][ T6348] R13: 00007f292e766038 R14: 00007f292e765fa0 R15: 00007fffc9f621c8
[  100.290851][ T6348]  </TASK>
[  100.545455][ T6352] loop2: detected capacity change from 0 to 512
[  100.562254][ T6352] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  100.577139][ T6352] EXT4-fs (loop2): orphan cleanup on readonly fs
[  100.593912][ T6352] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.857: corrupted inode contents
[  100.619213][ T6352] EXT4-fs (loop2): Remounting filesystem read-only
[  100.626042][ T6352] EXT4-fs (loop2): 1 truncate cleaned up
[  100.632200][ T4136] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  100.642820][ T4136] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  100.653600][ T4136] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  100.665257][ T6352] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  100.700261][ T6352] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.778339][ T6360] loop1: detected capacity change from 0 to 2048
[  100.827198][ T6363] lo speed is unknown, defaulting to 1000
[  100.851650][ T6360]  loop1: p1 < > p4
[  100.869651][ T6360] loop1: p4 size 8388608 extends beyond EOD, truncated
[  100.983950][ T6371] loop2: detected capacity change from 0 to 8192
[  101.082590][ T6384] loop1: detected capacity change from 0 to 1024
[  101.089944][ T6384] EXT4-fs: inline encryption not supported
[  101.095930][ T6384] EXT4-fs: Ignoring removed i_version option
[  101.102915][ T6384] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  101.117831][ T6384] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 2: comm syz.1.868: lblock 2 mapped to illegal pblock 2 (length 1)
[  101.133808][ T6384] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 48: comm syz.1.868: lblock 0 mapped to illegal pblock 48 (length 1)
[  101.149026][ T6384] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.868: Failed to acquire dquot type 0
[  101.160970][ T6384] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  101.171024][ T6384] EXT4-fs error (device loop1): ext4_evict_inode:254: inode #11: comm syz.1.868: mark_inode_dirty error
[  101.184087][ T6384] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  101.195286][ T6384] EXT4-fs (loop1): 1 orphan inode deleted
[  101.202658][ T6384] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.215228][   T31] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:1: lblock 1 mapped to illegal pblock 1 (length 1)
[  101.229639][   T31] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u8:1: Failed to release dquot type 0
[  101.244060][ T6385] netlink: 'syz.1.868': attribute type 3 has an invalid length.
[  101.252023][ T6384] netlink: 'syz.1.868': attribute type 3 has an invalid length.
[  101.270725][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.280341][ T3301] EXT4-fs error (device loop1): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[  101.295830][ T3301] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  101.306468][ T3301] EXT4-fs error (device loop1): ext4_quota_off:7221: inode #3: comm syz-executor: mark_inode_dirty error
[  101.311527][ T6395] netlink: 'syz.6.872': attribute type 4 has an invalid length.
[  101.321332][ T6396] netlink: 'syz.6.872': attribute type 4 has an invalid length.
[  101.345209][ T6399] loop1: detected capacity change from 0 to 128
[  101.358705][ T6399] sch_fq: defrate 9 ignored.
[  101.438094][ T6403] lo speed is unknown, defaulting to 1000
[  101.450593][ T6405] siw: device registration error -23
[  101.505613][ T6409] tipc: Enabling of bearer <eth:syzkal> rejected, failed to enable media
[  101.586708][ T6416] openvswitch: netlink: Message has 6 unknown bytes.
[  101.676643][ T6429] FAULT_INJECTION: forcing a failure.
[  101.676643][ T6429] name failslab, interval 1, probability 0, space 0, times 0
[  101.689372][ T6429] CPU: 1 UID: 0 PID: 6429 Comm: syz.6.885 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  101.689477][ T6429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  101.689489][ T6429] Call Trace:
[  101.689495][ T6429]  <TASK>
[  101.689503][ T6429]  __dump_stack+0x1d/0x30
[  101.689526][ T6429]  dump_stack_lvl+0xe8/0x140
[  101.689551][ T6429]  dump_stack+0x15/0x1b
[  101.689571][ T6429]  should_fail_ex+0x265/0x280
[  101.689641][ T6429]  should_failslab+0x8c/0xb0
[  101.689672][ T6429]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  101.689718][ T6429]  ? shmem_alloc_inode+0x34/0x50
[  101.689818][ T6429]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  101.689845][ T6429]  shmem_alloc_inode+0x34/0x50
[  101.689872][ T6429]  alloc_inode+0x40/0x170
[  101.689900][ T6429]  new_inode+0x1d/0xe0
[  101.689924][ T6429]  shmem_get_inode+0x244/0x750
[  101.690009][ T6429]  shmem_mknod+0x46/0x180
[  101.690042][ T6429]  shmem_create+0x34/0x50
[  101.690140][ T6429]  ? __pfx_shmem_create+0x10/0x10
[  101.690170][ T6429]  path_openat+0x1102/0x2170
[  101.690211][ T6429]  do_filp_open+0x109/0x230
[  101.690265][ T6429]  do_sys_openat2+0xa6/0x110
[  101.690306][ T6429]  __x64_sys_openat+0xf2/0x120
[  101.690350][ T6429]  x64_sys_call+0x2e9c/0x2ff0
[  101.690409][ T6429]  do_syscall_64+0xd2/0x200
[  101.690523][ T6429]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  101.690553][ T6429]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  101.690632][ T6429]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.690654][ T6429] RIP: 0033:0x7f241178eec9
[  101.690722][ T6429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.690743][ T6429] RSP: 002b:00007f24101ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  101.690820][ T6429] RAX: ffffffffffffffda RBX: 00007f24119e5fa0 RCX: 00007f241178eec9
[  101.690888][ T6429] RDX: 0000000000101042 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  101.690904][ T6429] RBP: 00007f24101ef090 R08: 0000000000000000 R09: 0000000000000000
[  101.690919][ T6429] R10: 0000000000000045 R11: 0000000000000246 R12: 0000000000000001
[  101.690934][ T6429] R13: 00007f24119e6038 R14: 00007f24119e5fa0 R15: 00007ffd3a5bca48
[  101.690959][ T6429]  </TASK>
[  101.713567][ T6431] loop1: detected capacity change from 0 to 128
[  101.935145][   T29] kauditd_printk_skb: 711 callbacks suppressed
[  101.935162][   T29] audit: type=1400 audit(1758913571.704:4877): avc:  denied  { setopt } for  pid=6433 comm="syz.3.889" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  101.983012][   T29] audit: type=1400 audit(1758913571.744:4878): avc:  denied  { map } for  pid=6425 comm="syz.1.884" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=16214 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  102.007489][   T29] audit: type=1400 audit(1758913571.744:4879): avc:  denied  { read write } for  pid=6425 comm="syz.1.884" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=16214 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  102.011134][ T6431] FAULT_INJECTION: forcing a failure.
[  102.011134][ T6431] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  102.045626][ T6431] CPU: 0 UID: 0 PID: 6431 Comm: syz.1.884 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  102.045727][ T6431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  102.045744][ T6431] Call Trace:
[  102.045751][ T6431]  <TASK>
[  102.045760][ T6431]  __dump_stack+0x1d/0x30
[  102.045787][ T6431]  dump_stack_lvl+0xe8/0x140
[  102.045811][ T6431]  dump_stack+0x15/0x1b
[  102.045906][ T6431]  should_fail_ex+0x265/0x280
[  102.045947][ T6431]  should_fail+0xb/0x20
[  102.045973][ T6431]  should_fail_usercopy+0x1a/0x20
[  102.046006][ T6431]  _copy_to_iter+0xd2/0xe70
[  102.046103][ T6431]  ? chacha_block_generic+0x218/0x240
[  102.046145][ T6431]  get_random_bytes_user+0x12d/0x290
[  102.046252][ T6431]  ? import_ubuf+0xe8/0x120
[  102.046293][ T6431]  __x64_sys_getrandom+0xcf/0x1a0
[  102.046320][ T6431]  x64_sys_call+0x1fa6/0x2ff0
[  102.046341][ T6431]  do_syscall_64+0xd2/0x200
[  102.046455][ T6431]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  102.046487][ T6431]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  102.046522][ T6431]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.046550][ T6431] RIP: 0033:0x7f85ec9feec9
[  102.046649][ T6431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.046672][ T6431] RSP: 002b:00007f85eb43e038 EFLAGS: 00000246 ORIG_RAX: 000000000000013e
[  102.046696][ T6431] RAX: ffffffffffffffda RBX: 00007f85ecc56090 RCX: 00007f85ec9feec9
[  102.046713][ T6431] RDX: 0000000000000000 RSI: 00000000ffffff9a RDI: 0000200000000240
[  102.046727][ T6431] RBP: 00007f85eb43e090 R08: 0000000000000000 R09: 0000000000000000
[  102.046804][ T6431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  102.046862][ T6431] R13: 00007f85ecc56128 R14: 00007f85ecc56090 R15: 00007ffeff6487a8
[  102.046882][ T6431]  </TASK>
[  102.069720][   T29] audit: type=1326 audit(1758913571.824:4880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6442 comm="syz.3.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44d590eec9 code=0x7ffc0000
[  102.228299][ T6447] tipc: Enabling of bearer <eth:syzkal> rejected, failed to enable media
[  102.277045][   T29] audit: type=1326 audit(1758913571.864:4881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6444 comm="syz.4.890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b5f24eec9 code=0x7ffc0000
[  102.301612][   T29] audit: type=1326 audit(1758913571.864:4882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6444 comm="syz.4.890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b5f24eec9 code=0x7ffc0000
[  102.325172][   T29] audit: type=1326 audit(1758913571.874:4883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6444 comm="syz.4.890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7f9b5f24eec9 code=0x7ffc0000
[  102.348525][   T29] audit: type=1326 audit(1758913571.874:4884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6444 comm="syz.4.890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b5f24eec9 code=0x7ffc0000
[  102.372247][   T29] audit: type=1326 audit(1758913571.874:4885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6444 comm="syz.4.890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b5f24eec9 code=0x7ffc0000
[  102.395739][   T29] audit: type=1326 audit(1758913571.894:4886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6442 comm="syz.3.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f44d590eec9 code=0x7ffc0000
[  102.491803][ T3867] kworker/u8:48: attempt to access beyond end of device
[  102.491803][ T3867] loop1: rw=1, sector=153, nr_sectors = 8 limit=128
[  102.505968][ T6452] loop4: detected capacity change from 0 to 512
[  102.515078][ T6458] lo speed is unknown, defaulting to 1000
[  102.515773][ T6457] IPv6: Can't replace route, no match found
[  102.529342][ T3867] kworker/u8:48: attempt to access beyond end of device
[  102.529342][ T3867] loop1: rw=1, sector=169, nr_sectors = 8 limit=128
[  102.545068][ T6461] __nla_validate_parse: 8 callbacks suppressed
[  102.545083][ T6461] netlink: 4 bytes leftover after parsing attributes in process `syz.2.899'.
[  102.551697][ T3867] kworker/u8:48: attempt to access beyond end of device
[  102.551697][ T3867] loop1: rw=1, sector=185, nr_sectors = 8 limit=128
[  102.560117][ T6461] netlink: 4 bytes leftover after parsing attributes in process `syz.2.899'.
[  102.582558][ T3867] kworker/u8:48: attempt to access beyond end of device
[  102.582558][ T3867] loop1: rw=1, sector=201, nr_sectors = 8 limit=128
[  102.596422][ T3867] kworker/u8:48: attempt to access beyond end of device
[  102.596422][ T3867] loop1: rw=1, sector=217, nr_sectors = 8 limit=128
[  102.620498][ T3867] kworker/u8:48: attempt to access beyond end of device
[  102.620498][ T3867] loop1: rw=1, sector=233, nr_sectors = 8 limit=128
[  102.624331][ T6452] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  102.648390][ T6452] EXT4-fs (loop4): orphan cleanup on readonly fs
[  102.662407][ T6452] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.897: corrupted inode contents
[  102.675106][ T3867] kworker/u8:48: attempt to access beyond end of device
[  102.675106][ T3867] loop1: rw=1, sector=249, nr_sectors = 8 limit=128
[  102.688721][ T3867] kworker/u8:48: attempt to access beyond end of device
[  102.688721][ T3867] loop1: rw=1, sector=265, nr_sectors = 8 limit=128
[  102.703328][ T6452] EXT4-fs (loop4): Remounting filesystem read-only
[  102.710006][ T6452] EXT4-fs (loop4): 1 truncate cleaned up
[  102.715865][ T3867] kworker/u8:48: attempt to access beyond end of device
[  102.715865][ T3867] loop1: rw=1, sector=281, nr_sectors = 8 limit=128
[  102.729387][ T3867] kworker/u8:48: attempt to access beyond end of device
[  102.729387][ T3867] loop1: rw=1, sector=297, nr_sectors = 8 limit=128
[  102.730169][   T88] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  102.753553][   T88] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  102.786425][   T88] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  102.798629][ T6452] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  102.815424][ T6452] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.863007][ T6469] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  102.864841][ T6467] unsupported nla_type 52263
[  102.891419][ T6468] tipc: Resetting bearer <eth:syzkaller0>
[  102.912716][ T6476] openvswitch: netlink: Message has 6 unknown bytes.
[  102.927500][ T6468] tipc: Disabling bearer <eth:syzkaller0>
[  102.967182][ T6467] netlink: 4 bytes leftover after parsing attributes in process `syz.6.900'.
[  103.019533][ T6474] 9pnet_fd: p9_fd_create_tcp (6474): problem connecting socket to 127.0.0.1
[  103.109770][ T6467] hsr_slave_1 (unregistering): left promiscuous mode
[  103.150487][ T6490] netlink: 'syz.1.909': attribute type 10 has an invalid length.
[  103.208892][ T6490] 8021q: adding VLAN 0 to HW filter on device batadv0
[  103.231778][ T6490] batadv0: entered promiscuous mode
[  103.244073][ T6490] $Hÿ: (slave batadv0): Enslaving as an active interface with an up link
[  103.265173][ T6498] netlink: 4 bytes leftover after parsing attributes in process `syz.3.912'.
[  103.719670][ T6509] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.740968][ T6517] /dev/sg0: Can't lookup blockdev
[  103.812028][ T6509] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.003080][ T6522] loop4: detected capacity change from 0 to 512
[  104.105777][ T6522] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.193559][ T6522] ext4 filesystem being mounted at /182/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  104.279890][ T6532] lo speed is unknown, defaulting to 1000
[  104.305353][ T6522] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.921: iget: bad i_size value: 2533274857506816
[  104.337738][ T6538] siw: device registration error -23
[  104.419149][ T6526] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.921: iget: bad i_size value: 2533274857506816
[  104.471328][ T6509] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.532513][ T6509] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.544119][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.616067][ T3860] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  104.619508][ T6553] FAULT_INJECTION: forcing a failure.
[  104.619508][ T6553] name failslab, interval 1, probability 0, space 0, times 0
[  104.637612][ T6553] CPU: 1 UID: 0 PID: 6553 Comm: syz.6.927 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  104.637724][ T6553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  104.637737][ T6553] Call Trace:
[  104.637745][ T6553]  <TASK>
[  104.637753][ T6553]  __dump_stack+0x1d/0x30
[  104.637774][ T6553]  dump_stack_lvl+0xe8/0x140
[  104.637794][ T6553]  dump_stack+0x15/0x1b
[  104.637811][ T6553]  should_fail_ex+0x265/0x280
[  104.637898][ T6553]  should_failslab+0x8c/0xb0
[  104.637925][ T6553]  kmem_cache_alloc_noprof+0x50/0x310
[  104.637954][ T6553]  ? __anon_vma_prepare+0xcd/0x2f0
[  104.637975][ T6553]  __anon_vma_prepare+0xcd/0x2f0
[  104.638039][ T6553]  handle_mm_fault+0x1d58/0x2c20
[  104.638074][ T6553]  do_user_addr_fault+0x636/0x1090
[  104.638111][ T6553]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  104.638188][ T6553]  exc_page_fault+0x62/0xa0
[  104.638218][ T6553]  asm_exc_page_fault+0x26/0x30
[  104.638238][ T6553] RIP: 0033:0x7f2411650c03
[  104.638262][ T6553] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  104.638310][ T6553] RSP: 002b:00007f24101ee4a0 EFLAGS: 00010202
[  104.638326][ T6553] RAX: 0000000000008000 RBX: 00007f24101ee540 RCX: 00007f2407dcf000
[  104.638339][ T6553] RDX: 00007f24101ee6e0 RSI: 0000000000000016 RDI: 00007f24101ee5e0
[  104.638351][ T6553] RBP: 0000000000000102 R08: 0000000000000005 R09: 0000000000000004
[  104.638364][ T6553] R10: 0000000000000008 R11: 00007f24101ee540 R12: 0000000000000001
[  104.638376][ T6553] R13: 00007f241182db80 R14: 0000000000000001 R15: 00007f24101ee5e0
[  104.638395][ T6553]  </TASK>
[  104.638452][ T6553] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  104.714495][ T6550] loop4: detected capacity change from 0 to 256
[  104.751037][ T6553] loop6: detected capacity change from 0 to 164
[  104.790519][ T6550] FAT-fs (loop4): Directory bread(block 64) failed
[  104.790565][ T6550] FAT-fs (loop4): Directory bread(block 65) failed
[  104.839975][ T3860] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  104.856257][ T6550] FAT-fs (loop4): Directory bread(block 66) failed
[  104.863017][ T6550] FAT-fs (loop4): Directory bread(block 67) failed
[  104.869899][ T6550] FAT-fs (loop4): Directory bread(block 68) failed
[  104.875388][ T3860] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  104.876702][ T6553] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  104.914112][ T6550] FAT-fs (loop4): Directory bread(block 69) failed
[  104.914364][ T3860] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  104.920754][ T6550] FAT-fs (loop4): Directory bread(block 70) failed
[  104.942874][ T6550] FAT-fs (loop4): Directory bread(block 71) failed
[  104.949791][ T6550] FAT-fs (loop4): Directory bread(block 72) failed
[  104.958451][ T6550] FAT-fs (loop4): Directory bread(block 73) failed
[  105.010538][ T6554] loop3: detected capacity change from 0 to 2048
[  105.112135][ T6554]  loop3: p1 < > p4
[  105.131194][ T6554] loop3: p4 size 8388608 extends beyond EOD, truncated
[  105.159637][ T6579] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.937'.
[  105.174109][ T6566] loop6: detected capacity change from 0 to 512
[  105.180947][ T6566] EXT4-fs: Ignoring removed bh option
[  105.187498][ T6566] EXT4-fs: old and new quota format mixing
[  105.202897][ T6566] loop6: detected capacity change from 0 to 1024
[  105.212617][ T6566] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.224792][ T6566] ext4 filesystem being mounted at /39/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.261410][ T6583] openvswitch: netlink: Message has 6 unknown bytes.
[  105.292795][ T6587] loop3: detected capacity change from 0 to 164
[  105.322532][ T6566] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.391400][ T6590] netlink: 14 bytes leftover after parsing attributes in process `syz.4.940'.
[  105.408283][ T6594] openvswitch: netlink: Message has 6 unknown bytes.
[  105.496620][ T6590] netlink: 'syz.4.940': attribute type 10 has an invalid length.
[  105.504593][ T6590] netlink: 40 bytes leftover after parsing attributes in process `syz.4.940'.
[  105.534159][ T6609] netlink: 4 bytes leftover after parsing attributes in process `syz.6.949'.
[  105.543081][ T6609] netlink: 4 bytes leftover after parsing attributes in process `syz.6.949'.
[  105.622596][ T6612] netlink: 4 bytes leftover after parsing attributes in process `syz.6.950'.
[  105.819768][ T6624] netlink: 'syz.6.952': attribute type 10 has an invalid length.
[  105.833199][ T6624] team0: Port device geneve1 added
[  105.840747][ T6623] openvswitch: netlink: Message has 6 unknown bytes.
[  105.882655][ T6620] tmpfs: Unknown parameter 'mPo®Ä®Ç~ùÉG'
[  105.949971][ T6637] openvswitch: netlink: Message has 6 unknown bytes.
[  105.999824][ T6646] loop3: detected capacity change from 0 to 512
[  106.012621][ T6646] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  106.029529][ T6646] EXT4-fs (loop3): orphan cleanup on readonly fs
[  106.045113][ T6646] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.963: corrupted inode contents
[  106.066028][ T6653] loop2: detected capacity change from 0 to 512
[  106.073656][ T6646] EXT4-fs (loop3): Remounting filesystem read-only
[  106.080887][ T6646] EXT4-fs (loop3): 1 truncate cleaned up
[  106.086768][   T51] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  106.097513][   T51] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  106.108288][   T51] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  106.119744][ T6646] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  106.132738][ T6646] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.134942][ T6653] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  106.173003][ T6653] EXT4-fs (loop2): orphan cleanup on readonly fs
[  106.182784][ T6653] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.965: corrupted inode contents
[  106.209647][ T6653] EXT4-fs (loop2): Remounting filesystem read-only
[  106.224188][ T6657] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  106.228893][ T6653] EXT4-fs (loop2): 1 truncate cleaned up
[  106.237016][   T51] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  106.247655][   T51] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  106.260082][   T51] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  106.260142][ T6656] tipc: Resetting bearer <eth:syzkaller0>
[  106.270857][ T6653] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  106.290558][ T6653] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.307621][ T6656] tipc: Disabling bearer <eth:syzkaller0>
[  106.347780][ T6663] FAULT_INJECTION: forcing a failure.
[  106.347780][ T6663] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  106.361081][ T6663] CPU: 1 UID: 0 PID: 6663 Comm: syz.2.968 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  106.361159][ T6663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  106.361172][ T6663] Call Trace:
[  106.361180][ T6663]  <TASK>
[  106.361190][ T6663]  __dump_stack+0x1d/0x30
[  106.361211][ T6663]  dump_stack_lvl+0xe8/0x140
[  106.361229][ T6663]  dump_stack+0x15/0x1b
[  106.361266][ T6663]  should_fail_ex+0x265/0x280
[  106.361322][ T6663]  should_fail+0xb/0x20
[  106.361344][ T6663]  should_fail_usercopy+0x1a/0x20
[  106.361369][ T6663]  _copy_from_iter+0x254/0xe80
[  106.361477][ T6663]  ? should_fail_ex+0xdb/0x280
[  106.361572][ T6663]  ? should_failslab+0x8c/0xb0
[  106.361604][ T6663]  ? __kmalloc_noprof+0x1dd/0x3e0
[  106.361709][ T6663]  ? sctp_make_abort_user+0x17b/0x3a0
[  106.361748][ T6663]  sctp_make_abort_user+0x1c6/0x3a0
[  106.361852][ T6663]  ? sctp_epaddr_lookup_transport+0x9e/0x130
[  106.361889][ T6663]  sctp_sendmsg_check_sflags+0x17e/0x1e0
[  106.361918][ T6663]  sctp_sendmsg+0x75f/0x18d0
[  106.361988][ T6663]  ? __pfx_sctp_sendmsg+0x10/0x10
[  106.362016][ T6663]  inet_sendmsg+0xc5/0xd0
[  106.362049][ T6663]  __sock_sendmsg+0x102/0x180
[  106.362088][ T6663]  ____sys_sendmsg+0x345/0x4e0
[  106.362128][ T6663]  ___sys_sendmsg+0x17b/0x1d0
[  106.362179][ T6663]  __sys_sendmmsg+0x178/0x300
[  106.362289][ T6663]  __x64_sys_sendmmsg+0x57/0x70
[  106.362321][ T6663]  x64_sys_call+0x1c4a/0x2ff0
[  106.362343][ T6663]  do_syscall_64+0xd2/0x200
[  106.362438][ T6663]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  106.362469][ T6663]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  106.362506][ T6663]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.362608][ T6663] RIP: 0033:0x7f292e50eec9
[  106.362627][ T6663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.362650][ T6663] RSP: 002b:00007f292cf6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  106.362674][ T6663] RAX: ffffffffffffffda RBX: 00007f292e765fa0 RCX: 00007f292e50eec9
[  106.362689][ T6663] RDX: 0000000000000001 RSI: 00002000000032c0 RDI: 0000000000000004
[  106.362705][ T6663] RBP: 00007f292cf6f090 R08: 0000000000000000 R09: 0000000000000000
[  106.362721][ T6663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.362736][ T6663] R13: 00007f292e766038 R14: 00007f292e765fa0 R15: 00007fffc9f621c8
[  106.362760][ T6663]  </TASK>
[  106.712520][ T6670] tipc: Enabling of bearer <eth:syzkal> rejected, failed to enable media
[  106.772377][ T6674] loop2: detected capacity change from 0 to 164
[  106.808241][ T6676] netlink: '+}[@': attribute type 13 has an invalid length.
[  106.824371][   T51] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  106.834754][   T51] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  106.843862][ T6676] netlink: '+}[@': attribute type 13 has an invalid length.
[  106.858393][   T51] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  106.981851][   T29] kauditd_printk_skb: 475 callbacks suppressed
[  106.981929][   T29] audit: type=1326 audit(1758913576.754:5344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6675 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241178eec9 code=0x7ffc0000
[  107.025325][   T51] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  107.274175][   T29] audit: type=1326 audit(1758913576.784:5345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6675 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241178eec9 code=0x7ffc0000
[  107.297599][   T29] audit: type=1326 audit(1758913576.894:5346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6677 comm="syz.2.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f292e50eec9 code=0x7ffc0000
[  107.321226][   T29] audit: type=1326 audit(1758913576.894:5347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6677 comm="syz.2.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f292e50eec9 code=0x7ffc0000
[  107.344579][   T29] audit: type=1326 audit(1758913576.894:5348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6677 comm="syz.2.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7f292e50eec9 code=0x7ffc0000
[  107.367919][   T29] audit: type=1326 audit(1758913576.894:5349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6677 comm="syz.2.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f292e50eec9 code=0x7ffc0000
[  107.391468][   T29] audit: type=1326 audit(1758913576.894:5350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6677 comm="syz.2.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f292e50eec9 code=0x7ffc0000
[  107.415057][   T29] audit: type=1326 audit(1758913576.894:5351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6677 comm="syz.2.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f292e50d710 code=0x7ffc0000
[  107.438428][   T29] audit: type=1326 audit(1758913576.894:5352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6677 comm="syz.2.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f292e50d710 code=0x7ffc0000
[  107.461777][   T29] audit: type=1326 audit(1758913576.894:5353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6677 comm="syz.2.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f292e50eec9 code=0x7ffc0000
[  107.586215][ T6687] __nla_validate_parse: 6 callbacks suppressed
[  107.586231][ T6687] netlink: 56 bytes leftover after parsing attributes in process `syz.6.977'.
[  107.888000][ T6694] netdevsim netdevsim6: Direct firmware load for ./file0/file1 failed with error -2
[  107.933999][ T6699] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  107.945553][ T6697] tipc: Resetting bearer <eth:syzkaller0>
[  107.969500][ T6697] tipc: Disabling bearer <eth:syzkaller0>
[  107.993097][ T6702] netlink: 28 bytes leftover after parsing attributes in process `syz.6.983'.
[  108.102595][ T6708] loop4: detected capacity change from 0 to 512
[  108.125552][ T6708] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  108.126666][ T6714] FAULT_INJECTION: forcing a failure.
[  108.126666][ T6714] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  108.146803][ T6714] CPU: 1 UID: 0 PID: 6714 Comm: syz.3.988 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  108.146831][ T6714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  108.146846][ T6714] Call Trace:
[  108.146854][ T6714]  <TASK>
[  108.146863][ T6714]  __dump_stack+0x1d/0x30
[  108.146889][ T6714]  dump_stack_lvl+0xe8/0x140
[  108.146996][ T6714]  dump_stack+0x15/0x1b
[  108.147016][ T6714]  should_fail_ex+0x265/0x280
[  108.147046][ T6714]  should_fail+0xb/0x20
[  108.147091][ T6714]  should_fail_usercopy+0x1a/0x20
[  108.147117][ T6714]  _copy_to_user+0x20/0xa0
[  108.147156][ T6714]  pagemap_read+0x379/0x5e0
[  108.147260][ T6714]  ? __pfx_pagemap_read+0x10/0x10
[  108.147283][ T6714]  vfs_read+0x1a5/0x770
[  108.147308][ T6714]  ? __rcu_read_unlock+0x4f/0x70
[  108.147335][ T6714]  ? __fget_files+0x184/0x1c0
[  108.147416][ T6714]  __x64_sys_pread64+0xfd/0x150
[  108.147462][ T6714]  x64_sys_call+0x29e2/0x2ff0
[  108.147539][ T6714]  do_syscall_64+0xd2/0x200
[  108.147578][ T6714]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  108.147610][ T6714]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  108.147684][ T6714]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.147711][ T6714] RIP: 0033:0x7f44d590eec9
[  108.147730][ T6714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.147751][ T6714] RSP: 002b:00007f44d4377038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  108.147769][ T6714] RAX: ffffffffffffffda RBX: 00007f44d5b65fa0 RCX: 00007f44d590eec9
[  108.147781][ T6714] RDX: 0000000000200000 RSI: 0000200000001240 RDI: 0000000000000006
[  108.147795][ T6714] RBP: 00007f44d4377090 R08: 0000000000000000 R09: 0000000000000000
[  108.147845][ T6714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  108.147857][ T6714] R13: 00007f44d5b66038 R14: 00007f44d5b65fa0 R15: 00007ffe438ea618
[  108.147880][ T6714]  </TASK>
[  108.342470][ T6708] EXT4-fs (loop4): orphan cleanup on readonly fs
[  108.375167][ T6708] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.986: corrupted inode contents
[  108.387408][ T6708] EXT4-fs (loop4): Remounting filesystem read-only
[  108.394519][ T6708] EXT4-fs (loop4): 1 truncate cleaned up
[  108.419423][ T4128] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  108.430113][ T4128] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  108.444814][ T4128] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  108.461718][ T6708] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  108.475982][ T6708] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.522045][ T6722] SELinux: failed to load policy
[  108.604073][ T6726] netdevsim netdevsim6: Direct firmware load for ./file0/file1 failed with error -2
[  108.683073][ T6733] netlink: 14 bytes leftover after parsing attributes in process `syz.4.995'.
[  108.692315][ T6737] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.774269][ T6737] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.787010][ T6746] loop6: detected capacity change from 0 to 512
[  108.796741][ T6746] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  108.811180][ T6744] netlink: 4 bytes leftover after parsing attributes in process `syz.3.999'.
[  108.842962][ T6746] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.843516][ T6737] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.858782][ T6746] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  108.879285][ T6746] netlink: 27 bytes leftover after parsing attributes in process `syz.6.1000'.
[  108.885992][ T6733] netlink: 'syz.4.995': attribute type 10 has an invalid length.
[  108.896158][ T6733] netlink: 40 bytes leftover after parsing attributes in process `syz.4.995'.
[  108.912878][ T6746] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  108.917955][ T6642] loop1: detected capacity change from 0 to 128
[  108.935845][ T6746] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 15 with error 28
[  108.948253][ T6746] EXT4-fs (loop6): This should not happen!! Data will be lost
[  108.948253][ T6746] 
[  108.958024][ T6746] EXT4-fs (loop6): Total free blocks count 0
[  108.964069][ T6746] EXT4-fs (loop6): Free/Dirty block details
[  108.970002][ T6746] EXT4-fs (loop6): free_blocks=39626
[  108.975474][ T6746] EXT4-fs (loop6): dirty_blocks=15
[  108.980610][ T6746] EXT4-fs (loop6): Block reservation details
[  108.986675][ T6746] EXT4-fs (loop6): i_reserved_data_blocks=15
[  109.014524][ T6737] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.080693][ T5983] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.109603][ T6761] loop1: detected capacity change from 0 to 2048
[  109.162420][ T6761]  loop1: p1 < > p4
[  109.167425][ T6761] loop1: p4 size 8388608 extends beyond EOD, truncated
[  109.189492][ T6770] netdevsim netdevsim6: Direct firmware load for ./file0/file1 failed with error -2
[  109.213802][ T6777] FAULT_INJECTION: forcing a failure.
[  109.213802][ T6777] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  109.227038][ T6777] CPU: 1 UID: 0 PID: 6777 Comm: syz.3.1010 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  109.227073][ T6777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  109.227108][ T6777] Call Trace:
[  109.227117][ T6777]  <TASK>
[  109.227126][ T6777]  __dump_stack+0x1d/0x30
[  109.227153][ T6777]  dump_stack_lvl+0xe8/0x140
[  109.227188][ T6777]  dump_stack+0x15/0x1b
[  109.227208][ T6777]  should_fail_ex+0x265/0x280
[  109.227239][ T6777]  should_fail+0xb/0x20
[  109.227306][ T6777]  should_fail_usercopy+0x1a/0x20
[  109.227354][ T6777]  _copy_from_user+0x1c/0xb0
[  109.227395][ T6777]  ___sys_sendmsg+0xc1/0x1d0
[  109.227451][ T6777]  __x64_sys_sendmsg+0xd4/0x160
[  109.227486][ T6777]  x64_sys_call+0x191e/0x2ff0
[  109.227512][ T6777]  do_syscall_64+0xd2/0x200
[  109.227562][ T6777]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  109.227617][ T6777]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  109.227647][ T6777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.227669][ T6777] RIP: 0033:0x7f44d590eec9
[  109.227686][ T6777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.227708][ T6777] RSP: 002b:00007f44d4377038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  109.227751][ T6777] RAX: ffffffffffffffda RBX: 00007f44d5b65fa0 RCX: 00007f44d590eec9
[  109.227762][ T6777] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000004
[  109.227773][ T6777] RBP: 00007f44d4377090 R08: 0000000000000000 R09: 0000000000000000
[  109.227829][ T6777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.227839][ T6777] R13: 00007f44d5b66038 R14: 00007f44d5b65fa0 R15: 00007ffe438ea618
[  109.227858][ T6777]  </TASK>
[  109.438798][ T6786] netlink: 100 bytes leftover after parsing attributes in process `syz.4.1015'.
[  109.479339][ T6786] program syz.4.1015 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  109.531849][ T6795] bridge0: entered promiscuous mode
[  109.537298][ T6795] macvtap1: entered allmulticast mode
[  109.542899][ T6795] bridge0: entered allmulticast mode
[  109.551918][ T6795] bridge0: port 3(macvtap1) entered blocking state
[  109.558967][ T6795] bridge0: port 3(macvtap1) entered disabled state
[  109.568713][ T6795] bridge0: left allmulticast mode
[  109.573972][ T6795] bridge0: left promiscuous mode
[  109.595955][ T3857] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.612011][ T3857] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.642643][ T3857] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.686921][ T3857] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.698808][ T6801] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  109.706388][ T6800] tipc: Resetting bearer <eth:syzkaller0>
[  109.743171][ T6800] tipc: Disabling bearer <eth:syzkaller0>
[  109.754600][ T6810] siw: device registration error -23
[  109.770922][ T6806] netdevsim netdevsim6: Direct firmware load for ./file0/file1 failed with error -2
[  109.777226][ T6814] tipc: Enabling of bearer <eth:syzkal> rejected, failed to enable media
[  109.838422][ T6820] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1028'.
[  109.912686][ T6820] smc: net device bond0 applied user defined pnetid SYZ0
[  109.923127][ T6820] smc: net device bond0 erased user defined pnetid SYZ0
[  109.953689][ T6834] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6834 comm=syz.1.1034
[  109.964778][ T6836] loop3: detected capacity change from 0 to 512
[  109.967891][ T6834] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1034'.
[  109.984582][ T6836] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  109.995860][ T6836] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e842e09c, mo2=0002]
[  110.005309][ T6836] System zones: 1-12
[  110.009337][ T6836] EXT4-fs (loop3): orphan cleanup on readonly fs
[  110.015727][ T6836] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.1036: bad orphan inode 267
[  110.015964][ T6834] loop1: detected capacity change from 0 to 512
[  110.026746][ T6836] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  110.046376][ T6834] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  110.055154][ T6836] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #2: block 5: comm syz.3.1036: lblock 0 mapped to illegal pblock 5 (length 1)
[  110.071496][ T6836] EXT4-fs warning (device loop3): dx_probe:791: inode #2: lblock 0: comm syz.3.1036: error -117 reading directory block
[  110.087548][ T6836] serio: Serial port ptm0
[  110.093460][ T6834] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  110.110172][ T6834] EXT4-fs (loop1): 1 truncate cleaned up
[  110.117353][ T6834] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.146232][ T6846] tipc: Started in network mode
[  110.151178][ T6846] tipc: Node identity 7e93e5f9ca6b, cluster identity 4711
[  110.158360][ T6846] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  110.165813][ T6845] tipc: Resetting bearer <eth:syzkaller0>
[  110.166416][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.171837][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  110.210294][ T6845] tipc: Disabling bearer <eth:syzkaller0>
[  110.310932][ T6860] loop4: detected capacity change from 0 to 512
[  110.329069][ T6860] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  110.359602][ T6860] EXT4-fs (loop4): 1 truncate cleaned up
[  110.367484][ T6860] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.385244][ T6867] loop2: detected capacity change from 0 to 512
[  110.393136][ T6867] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  110.456567][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.546386][ T6883] loop3: detected capacity change from 0 to 1024
[  110.559517][ T6883] EXT4-fs: Ignoring removed orlov option
[  110.565301][ T6883] EXT4-fs: Ignoring removed nomblk_io_submit option
[  110.585297][ T6887] FAULT_INJECTION: forcing a failure.
[  110.585297][ T6887] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  110.598711][ T6887] CPU: 0 UID: 0 PID: 6887 Comm: syz.4.1056 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  110.598742][ T6887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  110.598822][ T6887] Call Trace:
[  110.598829][ T6887]  <TASK>
[  110.598843][ T6887]  __dump_stack+0x1d/0x30
[  110.598865][ T6887]  dump_stack_lvl+0xe8/0x140
[  110.598885][ T6887]  dump_stack+0x15/0x1b
[  110.598913][ T6887]  should_fail_ex+0x265/0x280
[  110.598939][ T6887]  should_fail+0xb/0x20
[  110.598960][ T6887]  should_fail_usercopy+0x1a/0x20
[  110.598986][ T6887]  _copy_from_user+0x1c/0xb0
[  110.599045][ T6887]  ___sys_sendmsg+0xc1/0x1d0
[  110.599091][ T6887]  __x64_sys_sendmsg+0xd4/0x160
[  110.599123][ T6887]  x64_sys_call+0x191e/0x2ff0
[  110.599145][ T6887]  do_syscall_64+0xd2/0x200
[  110.599187][ T6887]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  110.599212][ T6887]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  110.599349][ T6887]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.599371][ T6887] RIP: 0033:0x7f9b5f24eec9
[  110.599387][ T6887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.599405][ T6887] RSP: 002b:00007f9b5dcaf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  110.599474][ T6887] RAX: ffffffffffffffda RBX: 00007f9b5f4a5fa0 RCX: 00007f9b5f24eec9
[  110.599487][ T6887] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  110.599499][ T6887] RBP: 00007f9b5dcaf090 R08: 0000000000000000 R09: 0000000000000000
[  110.599511][ T6887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.599523][ T6887] R13: 00007f9b5f4a6038 R14: 00007f9b5f4a5fa0 R15: 00007fff19313b68
[  110.599591][ T6887]  </TASK>
[  110.798092][ T6875] loop1: detected capacity change from 0 to 2048
[  110.813506][ T6883] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.823574][ T6893] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  110.836235][ T6893] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  110.877534][ T6875]  loop1: p1 < > p4
[  110.882466][ T6875] loop1: p4 size 8388608 extends beyond EOD, truncated
[  110.961517][ T6898] SELinux: failed to load policy
[  111.125740][ T6907] loop2: detected capacity change from 0 to 128
[  111.134258][ T6908] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1062'.
[  111.227557][ T6908] netlink: 'syz.1.1062': attribute type 10 has an invalid length.
[  111.447048][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.485259][ T6914] openvswitch: netlink: Message has 6 unknown bytes.
[  111.553323][ T6912] FAULT_INJECTION: forcing a failure.
[  111.553323][ T6912] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  111.566638][ T6912] CPU: 0 UID: 0 PID: 6912 Comm: syz.2.1063 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  111.566722][ T6912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  111.566735][ T6912] Call Trace:
[  111.566744][ T6912]  <TASK>
[  111.566753][ T6912]  __dump_stack+0x1d/0x30
[  111.566779][ T6912]  dump_stack_lvl+0xe8/0x140
[  111.566841][ T6912]  dump_stack+0x15/0x1b
[  111.566857][ T6912]  should_fail_ex+0x265/0x280
[  111.566889][ T6912]  should_fail+0xb/0x20
[  111.566916][ T6912]  should_fail_usercopy+0x1a/0x20
[  111.567009][ T6912]  copy_folio_from_iter_atomic+0x278/0x11b0
[  111.567058][ T6912]  ? fat_write_begin+0x4f/0xe0
[  111.567103][ T6912]  ? __pfx_fat_get_block+0x10/0x10
[  111.567132][ T6912]  generic_perform_write+0x2c2/0x490
[  111.567167][ T6912]  __generic_file_write_iter+0x9e/0x120
[  111.567196][ T6912]  ? __pfx_generic_file_write_iter+0x10/0x10
[  111.567219][ T6912]  generic_file_write_iter+0x8d/0x2f0
[  111.567274][ T6912]  ? _parse_integer_limit+0x170/0x190
[  111.567308][ T6912]  ? _parse_integer+0x27/0x40
[  111.567337][ T6912]  ? kstrtoull+0x111/0x140
[  111.567361][ T6912]  ? kstrtouint+0x76/0xc0
[  111.567382][ T6912]  ? kstrtouint_from_user+0x9f/0xf0
[  111.567432][ T6912]  ? avc_policy_seqno+0x15/0x30
[  111.567493][ T6912]  ? selinux_file_permission+0x1e4/0x320
[  111.567518][ T6912]  ? __pfx_generic_file_write_iter+0x10/0x10
[  111.567548][ T6912]  vfs_write+0x527/0x960
[  111.567583][ T6912]  ksys_write+0xda/0x1a0
[  111.567614][ T6912]  __x64_sys_write+0x40/0x50
[  111.567701][ T6912]  x64_sys_call+0x27fe/0x2ff0
[  111.567805][ T6912]  do_syscall_64+0xd2/0x200
[  111.567845][ T6912]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  111.567987][ T6912]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  111.568017][ T6912]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.568058][ T6912] RIP: 0033:0x7f292e50eec9
[  111.568078][ T6912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.568101][ T6912] RSP: 002b:00007f292cf4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  111.568121][ T6912] RAX: ffffffffffffffda RBX: 00007f292e766090 RCX: 00007f292e50eec9
[  111.568133][ T6912] RDX: 000000000208e24b RSI: 0000200000000000 RDI: 000000000000000c
[  111.568144][ T6912] RBP: 00007f292cf4e090 R08: 0000000000000000 R09: 0000000000000000
[  111.568156][ T6912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  111.568223][ T6912] R13: 00007f292e766128 R14: 00007f292e766090 R15: 00007fffc9f621c8
[  111.568242][ T6912]  </TASK>
[  111.991654][ T3860] bio_check_eod: 21 callbacks suppressed
[  111.991670][ T3860] kworker/u8:43: attempt to access beyond end of device
[  111.991670][ T3860] loop2: rw=1, sector=145, nr_sectors = 8 limit=128
[  112.083482][ T6925] lo speed is unknown, defaulting to 1000
[  112.093734][ T3860] kworker/u8:43: attempt to access beyond end of device
[  112.093734][ T3860] loop2: rw=1, sector=161, nr_sectors = 880 limit=128
[  112.114862][ T6932] siw: device registration error -23
[  112.135218][ T3860] kworker/u8:43: attempt to access beyond end of device
[  112.135218][ T3860] loop2: rw=1, sector=153, nr_sectors = 8 limit=128
[  112.267174][ T6941] loop2: detected capacity change from 0 to 1024
[  112.298766][ T6941] EXT4-fs: Ignoring removed orlov option
[  112.304535][ T6941] EXT4-fs: Ignoring removed nomblk_io_submit option
[  112.420275][ T6941] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  112.488989][   T29] kauditd_printk_skb: 600 callbacks suppressed
[  112.489006][   T29] audit: type=1400 audit(1758913582.254:5948): avc:  denied  { setattr } for  pid=6939 comm="syz.2.1070" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  112.557623][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.614387][ T6954] loop6: detected capacity change from 0 to 512
[  112.668302][ T6963] loop3: detected capacity change from 0 to 512
[  112.692893][ T6963] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  112.693397][ T6954] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  112.705053][ T6968] __nla_validate_parse: 1 callbacks suppressed
[  112.705073][ T6968] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1079'.
[  112.711170][ T6954] EXT4-fs (loop6): orphan cleanup on readonly fs
[  112.733632][   T29] audit: type=1400 audit(1758913582.494:5949): avc:  denied  { read open } for  pid=6965 comm="syz.4.1081" path="/" dev="configfs" ino=367 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  112.782061][ T6954] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.1076: corrupted inode contents
[  112.796005][ T6954] EXT4-fs (loop6): Remounting filesystem read-only
[  112.802715][ T6954] EXT4-fs (loop6): 1 truncate cleaned up
[  112.808595][ T4128] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  112.819254][ T4128] Quota error (device loop6): write_blk: dquota write failed
[  112.826839][ T4128] Quota error (device loop6): remove_free_dqentry: Can't write block (5) with free entries
[  112.831025][ T6970] loop4: detected capacity change from 0 to 512
[  112.837112][ T4128] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  112.843650][   T29] audit: type=1400 audit(1758913582.524:5950): avc:  denied  { getopt } for  pid=6965 comm="syz.4.1081" lport=13 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  112.853812][ T4128] Quota error (device loop6): write_blk: dquota write failed
[  112.874662][   T29] audit: type=1326 audit(1758913582.584:5951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6960 comm="syz.2.1079" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f292e50eec9 code=0x0
[  112.882029][ T4128] Quota error (device loop6): free_dqentry: Can't move quota data block (5) to free list
[  112.917811][ T4128] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  112.920126][ T6968] netlink: 'syz.2.1079': attribute type 10 has an invalid length.
[  112.928004][ T4128] Quota error (device loop6): v2_write_file_info: Can't write info structure
[  112.936192][ T6973] loop1: detected capacity change from 0 to 164
[  112.944697][ T6968] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1079'.
[  112.947061][   T29] audit: type=1326 audit(1758913582.694:5952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6960 comm="syz.2.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f292e50eec9 code=0x7ffc0000
[  112.966276][ T6963] EXT4-fs (loop3): 1 truncate cleaned up
[  112.984450][ T6954] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  112.991754][ T6973] syz.1.1083: attempt to access beyond end of device
[  112.991754][ T6973] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  113.003667][ T6954] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.019618][ T6963] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.025142][ T6973] syz.1.1083: attempt to access beyond end of device
[  113.025142][ T6973] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[  113.040574][ T6970] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  113.059908][ T6963] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1080'.
[  113.069154][ T6970] EXT4-fs (loop4): orphan cleanup on readonly fs
[  113.079866][ T6970] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.1082: corrupted inode contents
[  113.093184][ T6970] EXT4-fs (loop4): Remounting filesystem read-only
[  113.101024][ T6970] EXT4-fs (loop4): 1 truncate cleaned up
[  113.108394][ T4128] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  113.119121][ T4128] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  113.131798][ T4128] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  113.159452][ T6970] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  113.173213][ T6981] FAULT_INJECTION: forcing a failure.
[  113.173213][ T6981] name failslab, interval 1, probability 0, space 0, times 0
[  113.174293][ T6970] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.186058][ T6981] CPU: 1 UID: 0 PID: 6981 Comm: syz.6.1086 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  113.186100][ T6981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  113.186119][ T6981] Call Trace:
[  113.186129][ T6981]  <TASK>
[  113.186142][ T6981]  __dump_stack+0x1d/0x30
[  113.186171][ T6981]  dump_stack_lvl+0xe8/0x140
[  113.186198][ T6981]  dump_stack+0x15/0x1b
[  113.186222][ T6981]  should_fail_ex+0x265/0x280
[  113.186321][ T6981]  should_failslab+0x8c/0xb0
[  113.186421][ T6981]  kmem_cache_alloc_node_noprof+0x57/0x320
[  113.186462][ T6981]  ? __alloc_skb+0x101/0x320
[  113.186512][ T6981]  __alloc_skb+0x101/0x320
[  113.186624][ T6981]  netlink_alloc_large_skb+0xba/0xf0
[  113.186658][ T6981]  netlink_sendmsg+0x3cf/0x6b0
[  113.186697][ T6981]  ? __pfx_netlink_sendmsg+0x10/0x10
[  113.186778][ T6981]  __sock_sendmsg+0x142/0x180
[  113.186824][ T6981]  ____sys_sendmsg+0x31e/0x4e0
[  113.186865][ T6981]  ___sys_sendmsg+0x17b/0x1d0
[  113.186959][ T6981]  __x64_sys_sendmsg+0xd4/0x160
[  113.187001][ T6981]  x64_sys_call+0x191e/0x2ff0
[  113.187031][ T6981]  do_syscall_64+0xd2/0x200
[  113.187101][ T6981]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  113.187150][ T6981]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  113.187228][ T6981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.187257][ T6981] RIP: 0033:0x7f241178eec9
[  113.187280][ T6981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.187410][ T6981] RSP: 002b:00007f24101ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  113.187428][ T6981] RAX: ffffffffffffffda RBX: 00007f24119e5fa0 RCX: 00007f241178eec9
[  113.187440][ T6981] RDX: 0000000000048810 RSI: 0000200000000440 RDI: 0000000000000004
[  113.187452][ T6981] RBP: 00007f24101ef090 R08: 0000000000000000 R09: 0000000000000000
[  113.187467][ T6981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.187482][ T6981] R13: 00007f24119e6038 R14: 00007f24119e5fa0 R15: 00007ffd3a5bca48
[  113.187510][ T6981]  </TASK>
[  113.298874][ T6990] openvswitch: netlink: Message has 6 unknown bytes.
[  113.330524][ T6991] loop1: detected capacity change from 0 to 2048
[  113.418820][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.443828][ T6991] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.525401][ T7009] loop3: detected capacity change from 0 to 512
[  113.560703][ T7009] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1094: couldn't read orphan inode 26 (err -116)
[  113.582044][ T7009] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.595612][ T7009] ext4 filesystem being mounted at /218/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.672336][ T7022] loop6: detected capacity change from 0 to 2048
[  113.681524][ T7014] Falling back ldisc for ttyS3.
[  113.688178][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.708570][ T7022] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.721910][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.735942][ T7030] IPVS: stopping master sync thread 6161 ...
[  113.745421][ T7028] loop4: detected capacity change from 0 to 512
[  113.787933][ T7032] 9pnet_fd: Insufficient options for proto=fd
[  113.794430][ T7032] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  113.806844][ T7032] loop1: detected capacity change from 0 to 512
[  113.835081][ T7032] EXT4-fs (loop1): orphan cleanup on readonly fs
[  113.850368][ T7032] EXT4-fs warning (device loop1): ext4_xattr_inode_get:556: inode #11: comm syz.1.1107: EA inode hash validation failed
[  113.936461][ T7032] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  113.952515][ T7043] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1108'.
[  114.012786][ T7032] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #15: comm syz.1.1107: corrupted inode contents
[  114.032999][ T7047] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1109'.
[  114.059186][ T7050] netlink: 'syz.2.1108': attribute type 10 has an invalid length.
[  114.067231][ T7050] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1108'.
[  114.130622][ T7032] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #15: comm syz.1.1107: mark_inode_dirty error
[  114.146599][ T7032] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #15: comm syz.1.1107: corrupted inode contents
[  114.167638][ T7032] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2991: inode #15: comm syz.1.1107: mark_inode_dirty error
[  114.181310][ T7032] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2994: inode #15: comm syz.1.1107: mark inode dirty (error -117)
[  114.196278][ T7032] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -117)
[  114.205855][ T7032] EXT4-fs (loop1): 1 orphan inode deleted
[  114.213393][ T7032] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  114.239991][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.267022][ T7058] loop1: detected capacity change from 0 to 512
[  114.275115][ T7039] netlink: 'syz.3.1109': attribute type 10 has an invalid length.
[  114.283016][ T7039] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1109'.
[  114.283739][ T7056] lo speed is unknown, defaulting to 1000
[  114.299134][ T7059] siw: device registration error -23
[  114.313168][ T7058] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  114.321293][ T7058] EXT4-fs (loop1): orphan cleanup on readonly fs
[  114.336733][ T7058] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1114: corrupted inode contents
[  114.349068][ T7058] EXT4-fs (loop1): Remounting filesystem read-only
[  114.356256][ T7058] EXT4-fs (loop1): 1 truncate cleaned up
[  114.362776][   T88] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  114.373572][   T88] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  114.396077][   T88] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  114.407123][ T7058] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  114.422020][ T7064] loop4: detected capacity change from 0 to 512
[  114.429108][ T5983] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.439576][ T7064] EXT4-fs: Ignoring removed bh option
[  114.440011][ T7058] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.455005][ T7064] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  114.467925][ T7064] EXT4-fs (loop4): 1 truncate cleaned up
[  114.474885][ T7064] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.707168][ T7079] loop2: detected capacity change from 0 to 164
[  115.151656][ T7079] syz.2.1120: attempt to access beyond end of device
[  115.151656][ T7079] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  115.165860][ T7097] FAULT_INJECTION: forcing a failure.
[  115.165860][ T7097] name failslab, interval 1, probability 0, space 0, times 0
[  115.178592][ T7097] CPU: 0 UID: 0 PID: 7097 Comm: syz.3.1124 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  115.178619][ T7097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  115.178631][ T7097] Call Trace:
[  115.178636][ T7097]  <TASK>
[  115.178644][ T7097]  __dump_stack+0x1d/0x30
[  115.178695][ T7097]  dump_stack_lvl+0xe8/0x140
[  115.178719][ T7097]  dump_stack+0x15/0x1b
[  115.178741][ T7097]  should_fail_ex+0x265/0x280
[  115.178771][ T7097]  ? resv_map_alloc+0x57/0x190
[  115.178806][ T7097]  should_failslab+0x8c/0xb0
[  115.178908][ T7097]  __kmalloc_cache_noprof+0x4c/0x320
[  115.179009][ T7097]  resv_map_alloc+0x57/0x190
[  115.179036][ T7097]  hugetlbfs_get_inode+0x67/0x370
[  115.179087][ T7097]  hugetlb_file_setup+0x192/0x3d0
[  115.179119][ T7097]  ksys_mmap_pgoff+0x157/0x310
[  115.179145][ T7097]  x64_sys_call+0x14a3/0x2ff0
[  115.179168][ T7097]  do_syscall_64+0xd2/0x200
[  115.179302][ T7097]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  115.179329][ T7097]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  115.179365][ T7097]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.179393][ T7097] RIP: 0033:0x7f44d590eec9
[  115.179491][ T7097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.179515][ T7097] RSP: 002b:00007f44d428d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  115.179613][ T7097] RAX: ffffffffffffffda RBX: 00007f44d5b66090 RCX: 00007f44d590eec9
[  115.179637][ T7097] RDX: 000000000000000b RSI: 0000000000c00000 RDI: 0000200000400000
[  115.179652][ T7097] RBP: 00007f44d428d090 R08: ffffffffffffffff R09: 0000000000000000
[  115.179667][ T7097] R10: 0000000000059032 R11: 0000000000000246 R12: 0000000000000001
[  115.179682][ T7097] R13: 00007f44d5b66128 R14: 00007f44d5b66090 R15: 00007ffe438ea618
[  115.179706][ T7097]  </TASK>
[  115.207370][ T7094] lo speed is unknown, defaulting to 1000
[  115.211751][ T7079] syz.2.1120: attempt to access beyond end of device
[  115.211751][ T7079] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  115.252599][ T7095] siw: device registration error -23
[  115.444515][ T7108] loop6: detected capacity change from 0 to 512
[  115.497113][ T7112] loop2: detected capacity change from 0 to 512
[  115.504519][ T7112] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  115.530401][ T7108] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  115.538733][ T7117] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1129'.
[  115.550750][ T7112] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.591458][ T7108] EXT4-fs (loop6): orphan cleanup on readonly fs
[  115.598150][ T7112] ext4 filesystem being mounted at /210/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  115.621196][ T7112] netlink: 27 bytes leftover after parsing attributes in process `syz.2.1128'.
[  115.653031][ T7108] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.1127: corrupted inode contents
[  115.698233][ T7108] EXT4-fs (loop6): Remounting filesystem read-only
[  115.716807][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.742545][ T7111] netlink: 'syz.1.1129': attribute type 10 has an invalid length.
[  115.750473][ T7111] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1129'.
[  115.759653][ T7108] EXT4-fs (loop6): 1 truncate cleaned up
[  115.769895][ T3860] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  115.780609][ T3860] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  115.797902][ T3860] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  115.827277][ T7108] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  115.852207][ T7108] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.960081][ T7167] infiniband !yz!: set active
[  116.964907][ T7167] infiniband !yz!: added team_slave_0
[  116.982284][ T7167] RDS/IB: !yz!: added
[  116.986526][ T7167] smc: adding ib device !yz! with port count 1
[  116.992900][ T7167] smc:    ib device !yz! port 1 has pnetid 
[  117.035208][ T7171] netdevsim netdevsim6: Direct firmware load for ./file0/file1 failed with error -2
[  117.071621][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.220996][ T7182] FAULT_INJECTION: forcing a failure.
[  117.220996][ T7182] name failslab, interval 1, probability 0, space 0, times 0
[  117.233787][ T7182] CPU: 0 UID: 0 PID: 7182 Comm: syz.2.1154 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  117.233821][ T7182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  117.233911][ T7182] Call Trace:
[  117.233918][ T7182]  <TASK>
[  117.233928][ T7182]  __dump_stack+0x1d/0x30
[  117.234032][ T7182]  dump_stack_lvl+0xe8/0x140
[  117.234052][ T7182]  dump_stack+0x15/0x1b
[  117.234068][ T7182]  should_fail_ex+0x265/0x280
[  117.234094][ T7182]  should_failslab+0x8c/0xb0
[  117.234126][ T7182]  kmem_cache_alloc_noprof+0x50/0x310
[  117.234182][ T7182]  ? __kernfs_new_node+0x6d/0x350
[  117.234212][ T7182]  __kernfs_new_node+0x6d/0x350
[  117.234320][ T7182]  ? __rcu_read_unlock+0x4f/0x70
[  117.234341][ T7182]  ? up_write+0x18/0x60
[  117.234365][ T7182]  ? kernfs_link_sibling+0x26e/0x290
[  117.234399][ T7182]  kernfs_new_node+0xd0/0x140
[  117.234484][ T7182]  __kernfs_create_file+0x4b/0x180
[  117.234518][ T7182]  cgroup_addrm_files+0x519/0x670
[  117.234558][ T7182]  ? css_task_iter_advance+0x240/0x280
[  117.234593][ T7182]  css_populate_dir+0xfe/0x230
[  117.234715][ T7182]  cgroup_mkdir+0xbba/0xc90
[  117.234745][ T7182]  ? __pfx_cgroup_mkdir+0x10/0x10
[  117.234803][ T7182]  kernfs_iop_mkdir+0x11e/0x1c0
[  117.234867][ T7182]  vfs_mkdir+0x210/0x340
[  117.234894][ T7182]  do_mkdirat+0x132/0x3f0
[  117.234921][ T7182]  __x64_sys_mkdirat+0x4c/0x60
[  117.234957][ T7182]  x64_sys_call+0x2b7/0x2ff0
[  117.234986][ T7182]  do_syscall_64+0xd2/0x200
[  117.235027][ T7182]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  117.235059][ T7182]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  117.235098][ T7182]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.235119][ T7182] RIP: 0033:0x7f292e50eec9
[  117.235138][ T7182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.235235][ T7182] RSP: 002b:00007f292cf6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  117.235278][ T7182] RAX: ffffffffffffffda RBX: 00007f292e765fa0 RCX: 00007f292e50eec9
[  117.235292][ T7182] RDX: 00000000000001ff RSI: 0000200000000000 RDI: ffffffffffffff9c
[  117.235307][ T7182] RBP: 00007f292cf6f090 R08: 0000000000000000 R09: 0000000000000000
[  117.235323][ T7182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  117.235335][ T7182] R13: 00007f292e766038 R14: 00007f292e765fa0 R15: 00007fffc9f621c8
[  117.235356][ T7182]  </TASK>
[  117.235364][ T7182] cgroup: cgroup_addrm_files: failed to add notify_on_release, err=-12
[  117.508510][ T7198] loop2: detected capacity change from 0 to 164
[  117.521035][   T29] kauditd_printk_skb: 190 callbacks suppressed
[  117.521052][   T29] audit: type=1400 audit(1758913587.294:6124): avc:  denied  { getopt } for  pid=7197 comm="syz.2.1158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  117.551387][ T7200] loop1: detected capacity change from 0 to 164
[  117.564711][ T7200] syz.1.1159: attempt to access beyond end of device
[  117.564711][ T7200] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  117.578866][   T29] audit: type=1326 audit(1758913587.344:6125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.2.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f292e50eec9 code=0x7ffc0000
[  117.602406][   T29] audit: type=1326 audit(1758913587.344:6126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.2.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f292e50eec9 code=0x7ffc0000
[  117.608531][ T7200] syz.1.1159: attempt to access beyond end of device
[  117.608531][ T7200] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[  117.625980][   T29] audit: type=1326 audit(1758913587.344:6127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.2.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f292e50eec9 code=0x7ffc0000
[  117.662807][   T29] audit: type=1326 audit(1758913587.344:6128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.2.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f292e50eec9 code=0x7ffc0000
[  117.697107][   T29] audit: type=1326 audit(1758913587.374:6129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.2.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f292e50eec9 code=0x7ffc0000
[  117.720677][   T29] audit: type=1326 audit(1758913587.374:6130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.2.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f292e50eec9 code=0x7ffc0000
[  117.744132][   T29] audit: type=1326 audit(1758913587.374:6131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.2.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f292e50eec9 code=0x7ffc0000
[  117.767694][   T29] audit: type=1326 audit(1758913587.374:6132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.2.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f292e510de7 code=0x7ffc0000
[  117.791019][   T29] audit: type=1326 audit(1758913587.374:6133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.2.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f292e510d5c code=0x7ffc0000
[  117.903658][ T7210] netdevsim netdevsim6: Direct firmware load for ./file0/file1 failed with error -2
[  118.023731][ T7225] loop3: detected capacity change from 0 to 2048
[  118.066891][ T7225] EXT4-fs (loop3): failed to initialize system zone (-117)
[  118.202704][ T7225] EXT4-fs (loop3): mount failed
[  118.476893][ T7243] loop3: detected capacity change from 0 to 256
[  118.607346][ T7251] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7251 comm=syz.3.1172
[  118.648353][ T7241] ==================================================================
[  118.656505][ T7241] BUG: KCSAN: data-race in __bpf_get_stackid / __bpf_get_stackid
[  118.664438][ T7241] 
[  118.666884][ T7241] write to 0xffff88813b54c0f4 of 4 bytes by task 7253 on cpu 0:
[  118.674950][ T7241]  __bpf_get_stackid+0x77a/0x800
[  118.679904][ T7241]  bpf_get_stackid+0xee/0x120
[  118.684684][ T7241]  bpf_get_stackid_raw_tp+0xf6/0x120
[  118.690006][ T7241]  bpf_prog_e6fc920cfeff8120+0x2a/0x32
[  118.695486][ T7241]  bpf_trace_run2+0x104/0x1c0
[  118.700177][ T7241]  kfree+0x27b/0x320
[  118.704092][ T7241]  do_check_common+0xcc8/0x12a0
[  118.708959][ T7241]  bpf_check+0x942b/0xd9e0
[  118.713385][ T7241]  bpf_prog_load+0xedd/0x1070
[  118.718097][ T7241]  __sys_bpf+0x462/0x7b0
[  118.722366][ T7241]  __x64_sys_bpf+0x41/0x50
[  118.726806][ T7241]  x64_sys_call+0x2aea/0x2ff0
[  118.731514][ T7241]  do_syscall_64+0xd2/0x200
[  118.736048][ T7241]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.741992][ T7241] 
[  118.744323][ T7241] read to 0xffff88813b54c0f4 of 4 bytes by task 7241 on cpu 1:
[  118.751871][ T7241]  __bpf_get_stackid+0x33a/0x800
[  118.756829][ T7241]  bpf_get_stackid+0xee/0x120
[  118.761523][ T7241]  bpf_get_stackid_raw_tp+0xf6/0x120
[  118.766839][ T7241]  bpf_prog_e6fc920cfeff8120+0x2a/0x32
[  118.772308][ T7241]  bpf_trace_run2+0x104/0x1c0
[  118.777001][ T7241]  kfree+0x27b/0x320
[  118.780909][ T7241]  ___sys_recvmsg+0x135/0x370
[  118.785617][ T7241]  do_recvmmsg+0x1ef/0x540
[  118.790050][ T7241]  __x64_sys_recvmmsg+0xe5/0x170
[  118.795003][ T7241]  x64_sys_call+0x27a6/0x2ff0
[  118.799693][ T7241]  do_syscall_64+0xd2/0x200
[  118.804220][ T7241]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.810134][ T7241] 
[  118.812463][ T7241] value changed: 0x0000000a -> 0x0000000c
[  118.818199][ T7241] 
[  118.820524][ T7241] Reported by Kernel Concurrency Sanitizer on:
[  118.826686][ T7241] CPU: 1 UID: 0 PID: 7241 Comm: syz.4.1169 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  118.836413][ T7241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  118.846477][ T7241] ==================================================================
[  118.892356][ T7253] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1173'.
[  118.903356][ T7253] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1173'.
[  118.915399][ T7253] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1173'.
[  118.925090][ T7253] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1173'.