last executing test programs:

3.21932825s ago: executing program 3 (id=948):
bpf$PROG_LOAD(0x5, &(0x7f00000014c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r0=>0xffffffffffffffff})
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x4, 0x7fe2, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
r2 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000440)={'syztnl1\x00', &(0x7f0000000640)={'ip6_vti0\x00', 0x0, 0x0, 0x0, 0x3, 0x9, 0x0, @private2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x0, 0xc0}})

2.290626736s ago: executing program 3 (id=967):
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f0000000400000004000000"], 0x48)
sendmsg$inet(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000780)='}', 0x1}], 0x1}, 0x0)
recvmsg$unix(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000340)=""/229, 0xec1}], 0x1}, 0x0)

2.032339637s ago: executing program 3 (id=972):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[], 0x4c}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000080900010073797a30000000005c000000030a03000000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140004"], 0xa4}}, 0x0)

1.962515618s ago: executing program 3 (id=974):
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x44, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x528, 0x1, @perf_bp={0x0, 0x1}, 0x419, 0x5, 0x0, 0x8, 0x103fb, 0x1ff, 0x7, 0x0, 0x0, 0x0, 0x400000000000007}, 0x0, 0x1, 0xffffffffffffffff, 0xb)
gettid()
timer_create(0x2, &(0x7f0000000180)={0x0, 0x15, 0x800000000004, @thr={0x0, &(0x7f00000002c0)="a0fcf95c31e324ce9f2d7cf01c72562b33af64321d7b9c57788535cf121f86b31177294b03c027355eb6c7455f941fcdf302c2c0a0d934fdd816df0858d63de6df614e37fdd1ef699176d9ad1cf3028ae90910dc03579026356f6cb1553fc933c81453aae6ac9d6f7ed7624d09d949be67214b521f5419c58f7da710db48508a856fc3e918aef0b09b7a4f81b5be61d8e055e52d8cf77531ca58dffcdda2a3e4c3b22236d8cd94d51465c76dfacf50c21cf2fc819ef366e16542cb760f66b9f4aff9ce04b1b0fc459d4921151344fde5fff4ff46ef347446f13c920bb3e0f6f670bef9e016ec07bcb2087add49da7a8a03dbc4ca96ca903042b852e72c40b8f98a1f1553f2ae68b4e337475d7f23433b9c0e587a0ed7015b11e060f922fd2b8b0375a94b23e584fc0c88d6d2f80fdde7c9e83b605d12e241065177f001b68d679188db1d19273b42c2a41b853b4e797f336729a49b72cb3dbb1bbe7df32d3823ef9bb382db9a84bd69d3a04ba597d043b4ee22e53daa5a892aeb4d928013c6ba9ba210b08fbafb8574a256716ed306ae62448fb5b7c3e4d4df2a5ab90613474b7847b13c8b2eb27c774ef4edff78a31b4447cb39cf4cc48a1a68324879bd1801002464096a653eeba9e890b5cd54e15826d84e5008889d93cd40c1a1c552b85a2fe8355091a8ac2e46c4d9e782393e8f687d1c08ca49367ec910f4eec159b5ad1374b6d26d4c8f78636e64a3f8bcc7739eb1954f31ebd0eccec7563d83d229699acdfa66b233594063a1262f98f72e94a7862971020587fbb4c04ba4f39cd61d61cbfcd0b60ddf6eb50e8064d9d5895116cb53b953e0cf8a15fc18c46590d2197b2cc45b88c0416b6a380cdbf04a596bd253cdd1fd77f2fc439ea2b26a2c4ae2bbde3a26a565e0b83ff231ad27a0e1babc5d63b08ac3b7d49b53aaaf47abbae60fb17b8d86a72c764ab9d876ad089e30558823b4931b54e8ece300492dc8ac6b2f97f2b1e66dbc42627cb63c21c27c7f234c77835d832bce6850f96cfe1dde66c7eac266fff939390e1cc2765f262a98af1415c14707da778626c0b689251d01418bb4f4d65e1e4be4917deebe111bd19f10f655c5d42ef5ba2ee5740ab2b0776c6db647002e306e35efdc6a8281b8285d9913e99b277a4b7cf5add90f8eed9e53a066405e0ac239032f9e947f6d27d9f82695939a473d212608f6aca491ce13712b1f4568bb95b2c25d5a97e7a8cc6f27d4a6d232891b534bca312ed81cd65ce07c9ff1b78174fe8419719bc2471314cbf63e983888a7e609b6e23264b4077242977b7cd7c6067a79b7d9e6fdc12bed4e395616ff51e4e8910936cca4e52c8dcc090aff4f17d9bdbc8d2fa5e0fd0c605a527c305b40f6e62eaf0f3650e87c172233fc063d5909a070bfc1674004cc41aa579f7a2ae4cd186368d6c88aa772a3df6051a0eff98351c57a14c02f2d4062480cc484409ae839b417d9f7acd6131cf6031960bb04bfd7de4be3b2c9ec0ad74fbbbdbecf9dc2feaef790a1bc3adbe71092eaa5924755c11056dd2f134d1e551b6fa8318995888b49f71e60ee341a3a4daff903df2abfa0908babef686b056cc5067b513138a76379189bdd6a1012663c213a59068cca7ef471f9ca2606b07de20aeda2f73e7d29becfbe6438986475dfc7c7f5a517f65cf5891bbc07ed061e3e9551ce5da6501c77927b3e76d0daa71a1294ded641bc4e219ee42617fd51fee19ada087741141d5c5e3f99d12be0c73e957822953cf936d85f5c37d731a3387585e487caf52ea4f41b6f0913fbebdbf326e42621575a18d13cdf84d128d8c72b0315e4bc43e16f35c6c34188dc9970fa3abeaaf1fcdd4bb66a53fbb9285537686e8777e4e7d32828d8b8e1d0a752d2c11222bdb808d6d01a706ef0c7e7d38bfc265431ac6cbfdbe7d00d6754304e5fe0cf637e8fa7e06d1cc7e6dc710a06b94a4305bfd70e1f79cf7600b6a118e272d97b4e7b7f62a6dd5255831d5f23396f00500bd68081d74773a14b095913a5041d494a4bacb97781585c643dd15f715d9c755a613ce2391d64eb36bf4ed50177495ddbb989f2591279d12a63e7433f027bc1e5c768f294081952cdbc42ed5a327b808b918aeb409836cdfa02e0e53fabbe7d2db1ab3d2202edbb91c0ebdfa4e5d0f001bb4dd170a85ccd016cca3ee83914493ce4780540ec2108098369fdb5a4d0360265fb96019dfc646ba43f953cf3c3776a19ebe7e30bfac5a0a3e3363f776a6575c5d0ed8743e8ea3ff8e69ce9fd29618c4da185213a38f139f897398bb3ec4dc6432b2fbe8456fc903c949593976ca553a41978e09484f5be92b28527fdbd64a4c0c496e5fec5b329c9a2abf0322e973a1d19416055d5e3f73f583b0a4a02eaf59d1ed642e79d51d05e577769c173c67bd3e03544c17876bc5372eb9abf0c95793a8cfb83caa810da9f2b5342c77ec5ae0cf23155d22b15af9574f9a97c23b61bec533271897a131cf3c3f36a3d3c682282d00815ff68f431339a455a1f738572d2c9a199178c087799aef2fde27b21be5e629eeee73ad70c783da5e6034ba92813253454618a052e2081bafc963eaa3f79a60fb35dfc3cfd3dd01f5c7b893b990056e41dbc6a57fd78d5866fb4fd4eed3fbbff927b5f57f453f3d178dc230d87aea4fc9df27717750b207001b7b6023183870d9ff34a1a3e19192d068dd22a5045a1f6c397fed8f078ba08bc8f6b45dc88a797bf0ed67d95f971f57eb1445054f326ef117bc643d3be272bc70670571ba209ddb22ab8aab8258ea6d64a91d7440a7bc1a261885e532e5d79a5e50311555048ac755240a8c77bb80dc61c43cc412e6e980fa827ae320fb8ad69aacc2e8c9b6d2b79e52ac51c750668f8888686b4cf3b47896d5ccd3203920ca2f695cee6afb402befe03c2c7c56fb069473f57da4851bbb168b9653bf4bb7ca761c531719006ba3d6db357c2710ddcec7717ca3cca65e7a8e92af73ede220fcb1af9b6ec453d78e70a77fc18e857796c3fa5fe0a3a112ba7ee4960c3bf91dc0a8c2560f1ffb3e4e8bffa809bdf09d615d1edb8672d1989ab9c57b6bf7dae5521c9043d443b2c8502be5d9f7cd4aefa8027f5e00aad762edba7f916767b955af2a713d19df678472a4a6c003b6bf8b2deb354379b47d2c762082649e74cba223d42f0e57c5e835b55275646f105b48576634aa8d21ae72eaa3b0669716927a840f5b37eea5a6fcfeee48b1eee8a4ac2f76c94c2ccab72af131736fb2473ec702a6c4e02599504800901e41820a4ef2dccaf8c0e0873aa38cd670edd62f219b178e80cee63cc7aa78edd7d68faafed64f9cb17e01dc4c37743b880d04b8565781928e0394c0cd27ae611de5c2ad9247d2f3e9f6c88b5e6d7907312ef95c7da555ce860645d6dd9ff13e1c656d8016477e056364d741734084673c529a01c99066d537c2d320e3dcce6a8d855f48f9d0bd1aa049e3d9a1f49416c165a18515b1daf7d76e220c6ac09aa3afeed696a4d0d3615b49a7f42f2163aa161e20c5cdbfa6995b685ba235471bbad2364630079c0af106c402a1e5447f354ff47beab0e7115e2a826307ab1a63d80b99b63e25fa55a85460871114a814ab5285fdd16b611c967c3b064d68824d9cbc1ee20b319c3babb43930dd456a7e1916038477e1d9512d0c1e25e511f208b0d10d5591a00e0cebbb44e1cd2658a4fb68caf77b35d560fc6f9a47b8bf03d5d6e7e9d4552ee5d00a0af950988545be842df1160bde6c674c50d861b3db8a5d59336dab50578449c9c3f3bacae298b67cc47014a937d0bd9a587a7de7ad17275facb879aaef8867d841db8f898f5e5b6119f1734179f6825ca60f1e37b120654b9692e426fcbc75d547b811d31f153f7f39ac2acfb47589a5c76a69a3327dbd63422fcc11532f0cb574e1db2d4acff0e1363e2e211569a89b34db17b56a3570650f47b1b6da68e990ac2b3d3a7a98d4d36962f16f93d524d6d57e3feea5874cbb7b563cad6c995c51d9f5ef7369deb2d0015a93bdbd55705aba1c0f19030acce38d8513efc0494f85d7893fc467fc95b9177813f81c341d5813a9fa88ca1546fdbd47b3ac27654c3a388c650ed3a03549369a21132c218c94ea2082a0e095d5dcd5b00b54febb27501d315f9c676850de47198ccceb6f02ca98aa3082755b768e53541b137f877d6f185a56ca1f2152af6ca160c002612af5ebe6ac5ca12dbf7956ecaf05894cea7c537e9a7ca52a37a66a9fef61dc527afbeb8d9eff7310535be4973c3117227aed1a9eabdcf3b6d4e9b5dc3195b1ba0444885802befa192a7e66958717f1c27448e518a4b9ba0e5c41caa0ccd768b560b10ede3797fb053c84c23009a640773680207d626f10192162d99c1c0a6d0332a7ba359824ba85998506478a9b49b846772ebcbde46d82301ce7f97fd4c6e1976a183a80daeecbc4a142cda649f271dc61b8aabb0f20eec09973ab291f1d43fbc8654ed9cd81214cf16828a552af57dd40de1afdd80b5eaefbe05a37fd3e4fe8237e3326718e601931db9cbb3cdaf84ace1f7a6766eb2a56df494acf40e8e073dd09501305dde4f83a8940f68fa5d26b25ef3c7f21926fb1ed6a6ce88d71f0994b44b5227606f2837b1415e036e6261c3eff96588188299d17cc09306411c4ccc367988648f41b1671a22f87112e1992562017d1821d557a447fe9d6f10e842f2a58035065ea2f59f2d4bec7c983ee8aa87910b146bd3a847630ed0fbe1bca2cfdea8a20a4dccd7c7392a5bd7f3979c8b7999552d2e4bb66cfc324689004f2538b4246622829dde73f5499b04a4da072439545650b73c3af3e14443d3a1f1748a1dff89960967d9a3bffb05895b87995d5be54c243ac43f15e4bfbd652a82fb2875ced3400e2d8423c710439f8368dd5bfacae079e7e242930b9ff94d760e8406e680a03317c22180426fcf6e6a6351aac597e5ef6b6133e2ed4aa5412b13277554671dd6fb7783c879d75c1e7389950a67ca45189de67d0ca84a0e2dba5e8f0b4e92028dded0ea7e06be71cbfeb8f33d51dce52a56a46ba831302ef9982491f8e4ccc6482bfccded1211eff603df8f072a8f28ff59011c5c482c410a41c0eea6636181034670086690d6d1e16d086b7379c8667146bb1b7325fc43b6f293dce410f9c445cec1f29dd554a4c6a62894b48a3f6f02c36861fb1d0217118ffae618111cced6000a048617e1dea8da15597791f4257a979c7e073c81bbac5a8eb21500b56798cd935c8f795c697101aee96d1341ac1918322e53a25e0d8f0e9cde7edea3d88f65a42d56bfe604987593d5a0909130924103ccb9baf501c142aa20d8ffb333be0180304964789fd036a8e7355603459e8be66641ce1c563003710cccee9a315dff9f7a9ac574fddbdd3f0a7003f508703f833edf13b3b3805a05f5c4d2520d4308a528143c41992956bed7efebacbfe06e271ba493e099c6150d7343527cb7886f8139cd9da730af6da384dda0c9e99985df42852624dc12febad4a2ec012cf5b3f72335951e6e56988cb93ee68e12e61b2665399b73c4b5aee91b3a35bf45cea4b8078f460a7fb04f78a56ea91d313aa9a8526795e7dcbf647ce5371f34ff73476f63b7319758ae43f61a2bae56e396e384ff59c2c0e669c127e79e917a642fb7f7a5239d3d63b16a16c018d334f38fcca0970f9b03baa689ea1df39f1a273afa1ba78bb4c07e5d48dc087cbe4bd76d824095150822ddca5231d15d03294353cb10092d5111bcd9"}}, &(0x7f0000bbdffc))
r0 = io_uring_setup(0xf90, &(0x7f0000000000)={0x0, 0x5146, 0x8, 0x1, 0x39d})
io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f00000000c0), 0x1)
dup2(r0, 0xffffffffffffffff)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x9)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg(r2, 0x0, 0x0, 0x20044000)
connect$inet(r2, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, 0x0, 0x800)
close(r2)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10022, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1080}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000540)='kfree\x00', r5}, 0x10)

1.866231508s ago: executing program 1 (id=975):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000c5000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000fbb703000000e31f008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='+}[@\x00G5\v\x89n\xb2\x0e\xb7\xb4\x9a\xb3\xb9\xe1\xff@`\x87\xefy\xb7\xe0\xe6c\x91\x81ND\t3\xc4\xca\xf0\xd0Zp\xadbdY\xdcz\xc6lo\xd0\xc7\'CT')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', 0xffffffffffffffff, 0x0, 0x7fff}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a310000000014000780050015000c00000008001240000000000500050002000000050004000000000010000300686173683a69702c6d6163"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000030601020000ffffffff00000a0000010500018007"], 0x1c}, 0x1, 0x0, 0x0, 0x4004810}, 0x840)

1.767903609s ago: executing program 1 (id=979):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1, 0x0, 0x1}, 0x18)
syz_emit_ethernet(0x2e, &(0x7f00000003c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x33, 0x0, @private, @broadcast}, {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x1, 0x3, 0x9, 0x100, @void}}}}}}}, 0x0)

1.739959939s ago: executing program 0 (id=980):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000005c0)='sched_switch\x00', r3}, 0x10)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x2, &(0x7f0000006680))
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000000180)=<r5=>0x0)
timer_settime(r5, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001740)={0x11, 0xf, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000100000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000800008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000084000000b70000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000340)='xen_cpu_write_idt_entry\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x545, &(0x7f0000001300)="$eJzs3c9vHFcdAPDvrL2Okzi1CxygUktFi5IKshvXtLU4lCIhOFVClHsw9saysvZG9rqNrQo2fwESQoDECS5ckPgDkFAkLhwRUiQ4g1QEQpCCBIfSQbM7G5v1rL0xa2+8/nykybw3v77f5/iNZ3aeZgM4t56PiDci4sM0TV+KiNl8eSmfotWZsu3ef/jucjYlkaZv/S2JJF+WbZamado95uV8t+mI+NpXIr6Z7As4nc93dm8v1eu1zbxaba7fqW7t7F5fW19ara3WNhYW5l9dfG3xlcUbQ2nnlYh4/Ut/+v53fvrl13/52Xf+ePMv176VpTWTr++24xgmD1vZaXr5wnTPDpvHDPYkytpT/iCvXBxsn3snmRAAAH1l1/gfiYhPRcRLMRsTh1/OAgAAAGdQ+oWZ+CDpPL8rMNVnOQAAAHCGlNpjYJNSJR8LMBOlUqXSGcP7sbhUqje2mp+51djeWOmMlZ2LcunWWr12Ix8rPBflJKvPt8t79Zd76gsR8XREfG/2YrteWW7UV0b94QcAAACcE5d77v//Odu5/z9ccjrJAQAAAMMzN+oEAAAAgBPn/h8AAADGWnnUCQAAAAAn7qtvvplNaff7r1fe3tm+3Xj7+kpt63ZlfXu5stzYvFNZbTRW2+/sWz/qePVG487nYmP7brVZ22pWr+zs3lxvbG80b67F9Kk0CAAAADjg6U/e/30SEa3PX2xPmalRJwWcislHpe47PQt6/x+e6szfO6WkgFMxMcA2710oXu46Ac62yd4Fffo6MH6M/weO+kaPvoN3ftOZlYacDwAAMHxXP3Hc5/8tl/xwxunEcH71PP9PZ0eVCHDq2s//Bx3I42IBxkp5oBGAwDj7f5//Hy1NHyshAABg6GbaU1Kq5B/vzUSpVKlEXGl/LWA5ubVWr92IiKci4nez5QtZfb69Z3LkPQMAAAAAAAAAAAAAAAAAAAAAAAAA0JGmSaQAAADAWIso/Tn5Vedd/ldnX5zp/XxgKvl3+yuBpyLinR+99YO7S83m5ny2/O+Pljd/mC9/eRSfYAAAAAC9uvfp7fm/Rp0NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOPm/YfvLnenATa/OKy4f/1iRMwVxZ+M6fZ8OsoRcekfSUzu2y+JiIkhxG/di4iPF8VPsrQehSyKP4wfQute0krbCuPHXP5TKIp/eQjx4Ty7n51/3ijq/6V4vj0v7n+TEf9TP67+5794dP6b6NP/rwwY45kHP6/2jX8v4pnJ4vNfN37SJ/4LA0Uvxze+vrvbb23644ir3b8/7TPe/gh7pWpz/U51a2f3+tr60mpttbaxsDD/6uJri68s3qjeWqvX8n8LY3z32V98eFj7LxX+/UvybPq3/8WC400U5P+fB3cffrRbaR2Mf+2Fgvi//km+xcH4pTzOp/Nytv5qt9zqlPd77me/fe6w9q/stb/8OP//1/odtNeBjvLsYL86AMCJ2NrZvb1Ur9c2x7aQ3aU/AWkcpzAVT0Qa41v4dlZ4MKwDpmmaZn2qYNX9iBjkOEkMuaWl4nz2Cn3PAKM+MwEAAMO2d9E/6kwAAAAAAAAAAAAAAAAAAADg/DqNt6z1xtx7BXIyjFdoAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMxX8DAAD//xfc3AU=")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xf, 0x0, 0x7ffc1ffb}]})
statfs(&(0x7f0000000200)='.\x00', &(0x7f0000000440)=""/137)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00'}, 0x10)
r7 = mq_open(&(0x7f0000000140)='*+@[^#^\x00', 0x40, 0x65, 0x0)
mq_notify(r7, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)

1.739309199s ago: executing program 2 (id=981):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)=<r2=>0x0, &(0x7f0000000580)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x49, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r1, 0x6e2, 0x3900, 0x3, 0x0, 0x0)
clock_nanosleep(0x2, 0x1000000, &(0x7f0000000040)={0x77359400}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10)
socketpair(0x18, 0xa, 0x0, &(0x7f0000000000))
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000000c0)={0x44, r5, 0x1, 0xfffffffd, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SEC_DEVKEY={0x28, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}, @NL802154_DEVKEY_ATTR_ID={0x10, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x4}, @NL802154_KEY_ID_ATTR_MODE={0x8}]}]}]}, 0x44}}, 0x0)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r4)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r4, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, r6, 0x8, 0x70bd27, 0x25dfdbff, {}, [@IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x8}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x19a)
rmdir(&(0x7f0000000000)='./file0\x00')

1.71578345s ago: executing program 1 (id=982):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x6, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r0, 0x408c5333, &(0x7f0000000280)={0x0, 0x80000000, 0x0, 'queue0\x00', 0xffffff00})

1.63540383s ago: executing program 1 (id=983):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r0, 0x29, 0xc8, &(0x7f0000000340), 0x4)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000004700)={'team0\x00', <r2=>0x0})
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1, 0x6, r2}, 0xc)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f00000005c0)={{0xa, 0xfffc, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x33}}}, {0xa, 0x0, 0x1, @empty}, 0x0, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe]}}, 0x5c)
setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f0000000080)=0x6, 0x4)

1.58251179s ago: executing program 1 (id=985):
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x44, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x528, 0x1, @perf_bp={0x0, 0x1}, 0x419, 0x5, 0x0, 0x8, 0x103fb, 0x1ff, 0x7, 0x0, 0x0, 0x0, 0x400000000000007}, 0x0, 0x1, 0xffffffffffffffff, 0xb)
gettid()
timer_create(0x2, &(0x7f0000000180)={0x0, 0x15, 0x800000000004, @thr={0x0, &(0x7f00000002c0)="a0fcf95c31e324ce9f2d7cf01c72562b33af64321d7b9c57788535cf121f86b31177294b03c027355eb6c7455f941fcdf302c2c0a0d934fdd816df0858d63de6df614e37fdd1ef699176d9ad1cf3028ae90910dc03579026356f6cb1553fc933c81453aae6ac9d6f7ed7624d09d949be67214b521f5419c58f7da710db48508a856fc3e918aef0b09b7a4f81b5be61d8e055e52d8cf77531ca58dffcdda2a3e4c3b22236d8cd94d51465c76dfacf50c21cf2fc819ef366e16542cb760f66b9f4aff9ce04b1b0fc459d4921151344fde5fff4ff46ef347446f13c920bb3e0f6f670bef9e016ec07bcb2087add49da7a8a03dbc4ca96ca903042b852e72c40b8f98a1f1553f2ae68b4e337475d7f23433b9c0e587a0ed7015b11e060f922fd2b8b0375a94b23e584fc0c88d6d2f80fdde7c9e83b605d12e241065177f001b68d679188db1d19273b42c2a41b853b4e797f336729a49b72cb3dbb1bbe7df32d3823ef9bb382db9a84bd69d3a04ba597d043b4ee22e53daa5a892aeb4d928013c6ba9ba210b08fbafb8574a256716ed306ae62448fb5b7c3e4d4df2a5ab90613474b7847b13c8b2eb27c774ef4edff78a31b4447cb39cf4cc48a1a68324879bd1801002464096a653eeba9e890b5cd54e15826d84e5008889d93cd40c1a1c552b85a2fe8355091a8ac2e46c4d9e782393e8f687d1c08ca49367ec910f4eec159b5ad1374b6d26d4c8f78636e64a3f8bcc7739eb1954f31ebd0eccec7563d83d229699acdfa66b233594063a1262f98f72e94a7862971020587fbb4c04ba4f39cd61d61cbfcd0b60ddf6eb50e8064d9d5895116cb53b953e0cf8a15fc18c46590d2197b2cc45b88c0416b6a380cdbf04a596bd253cdd1fd77f2fc439ea2b26a2c4ae2bbde3a26a565e0b83ff231ad27a0e1babc5d63b08ac3b7d49b53aaaf47abbae60fb17b8d86a72c764ab9d876ad089e30558823b4931b54e8ece300492dc8ac6b2f97f2b1e66dbc42627cb63c21c27c7f234c77835d832bce6850f96cfe1dde66c7eac266fff939390e1cc2765f262a98af1415c14707da778626c0b689251d01418bb4f4d65e1e4be4917deebe111bd19f10f655c5d42ef5ba2ee5740ab2b0776c6db647002e306e35efdc6a8281b8285d9913e99b277a4b7cf5add90f8eed9e53a066405e0ac239032f9e947f6d27d9f82695939a473d212608f6aca491ce13712b1f4568bb95b2c25d5a97e7a8cc6f27d4a6d232891b534bca312ed81cd65ce07c9ff1b78174fe8419719bc2471314cbf63e983888a7e609b6e23264b4077242977b7cd7c6067a79b7d9e6fdc12bed4e395616ff51e4e8910936cca4e52c8dcc090aff4f17d9bdbc8d2fa5e0fd0c605a527c305b40f6e62eaf0f3650e87c172233fc063d5909a070bfc1674004cc41aa579f7a2ae4cd186368d6c88aa772a3df6051a0eff98351c57a14c02f2d4062480cc484409ae839b417d9f7acd6131cf6031960bb04bfd7de4be3b2c9ec0ad74fbbbdbecf9dc2feaef790a1bc3adbe71092eaa5924755c11056dd2f134d1e551b6fa8318995888b49f71e60ee341a3a4daff903df2abfa0908babef686b056cc5067b513138a76379189bdd6a1012663c213a59068cca7ef471f9ca2606b07de20aeda2f73e7d29becfbe6438986475dfc7c7f5a517f65cf5891bbc07ed061e3e9551ce5da6501c77927b3e76d0daa71a1294ded641bc4e219ee42617fd51fee19ada087741141d5c5e3f99d12be0c73e957822953cf936d85f5c37d731a3387585e487caf52ea4f41b6f0913fbebdbf326e42621575a18d13cdf84d128d8c72b0315e4bc43e16f35c6c34188dc9970fa3abeaaf1fcdd4bb66a53fbb9285537686e8777e4e7d32828d8b8e1d0a752d2c11222bdb808d6d01a706ef0c7e7d38bfc265431ac6cbfdbe7d00d6754304e5fe0cf637e8fa7e06d1cc7e6dc710a06b94a4305bfd70e1f79cf7600b6a118e272d97b4e7b7f62a6dd5255831d5f23396f00500bd68081d74773a14b095913a5041d494a4bacb97781585c643dd15f715d9c755a613ce2391d64eb36bf4ed50177495ddbb989f2591279d12a63e7433f027bc1e5c768f294081952cdbc42ed5a327b808b918aeb409836cdfa02e0e53fabbe7d2db1ab3d2202edbb91c0ebdfa4e5d0f001bb4dd170a85ccd016cca3ee83914493ce4780540ec2108098369fdb5a4d0360265fb96019dfc646ba43f953cf3c3776a19ebe7e30bfac5a0a3e3363f776a6575c5d0ed8743e8ea3ff8e69ce9fd29618c4da185213a38f139f897398bb3ec4dc6432b2fbe8456fc903c949593976ca553a41978e09484f5be92b28527fdbd64a4c0c496e5fec5b329c9a2abf0322e973a1d19416055d5e3f73f583b0a4a02eaf59d1ed642e79d51d05e577769c173c67bd3e03544c17876bc5372eb9abf0c95793a8cfb83caa810da9f2b5342c77ec5ae0cf23155d22b15af9574f9a97c23b61bec533271897a131cf3c3f36a3d3c682282d00815ff68f431339a455a1f738572d2c9a199178c087799aef2fde27b21be5e629eeee73ad70c783da5e6034ba92813253454618a052e2081bafc963eaa3f79a60fb35dfc3cfd3dd01f5c7b893b990056e41dbc6a57fd78d5866fb4fd4eed3fbbff927b5f57f453f3d178dc230d87aea4fc9df27717750b207001b7b6023183870d9ff34a1a3e19192d068dd22a5045a1f6c397fed8f078ba08bc8f6b45dc88a797bf0ed67d95f971f57eb1445054f326ef117bc643d3be272bc70670571ba209ddb22ab8aab8258ea6d64a91d7440a7bc1a261885e532e5d79a5e50311555048ac755240a8c77bb80dc61c43cc412e6e980fa827ae320fb8ad69aacc2e8c9b6d2b79e52ac51c750668f8888686b4cf3b47896d5ccd3203920ca2f695cee6afb402befe03c2c7c56fb069473f57da4851bbb168b9653bf4bb7ca761c531719006ba3d6db357c2710ddcec7717ca3cca65e7a8e92af73ede220fcb1af9b6ec453d78e70a77fc18e857796c3fa5fe0a3a112ba7ee4960c3bf91dc0a8c2560f1ffb3e4e8bffa809bdf09d615d1edb8672d1989ab9c57b6bf7dae5521c9043d443b2c8502be5d9f7cd4aefa8027f5e00aad762edba7f916767b955af2a713d19df678472a4a6c003b6bf8b2deb354379b47d2c762082649e74cba223d42f0e57c5e835b55275646f105b48576634aa8d21ae72eaa3b0669716927a840f5b37eea5a6fcfeee48b1eee8a4ac2f76c94c2ccab72af131736fb2473ec702a6c4e02599504800901e41820a4ef2dccaf8c0e0873aa38cd670edd62f219b178e80cee63cc7aa78edd7d68faafed64f9cb17e01dc4c37743b880d04b8565781928e0394c0cd27ae611de5c2ad9247d2f3e9f6c88b5e6d7907312ef95c7da555ce860645d6dd9ff13e1c656d8016477e056364d741734084673c529a01c99066d537c2d320e3dcce6a8d855f48f9d0bd1aa049e3d9a1f49416c165a18515b1daf7d76e220c6ac09aa3afeed696a4d0d3615b49a7f42f2163aa161e20c5cdbfa6995b685ba235471bbad2364630079c0af106c402a1e5447f354ff47beab0e7115e2a826307ab1a63d80b99b63e25fa55a85460871114a814ab5285fdd16b611c967c3b064d68824d9cbc1ee20b319c3babb43930dd456a7e1916038477e1d9512d0c1e25e511f208b0d10d5591a00e0cebbb44e1cd2658a4fb68caf77b35d560fc6f9a47b8bf03d5d6e7e9d4552ee5d00a0af950988545be842df1160bde6c674c50d861b3db8a5d59336dab50578449c9c3f3bacae298b67cc47014a937d0bd9a587a7de7ad17275facb879aaef8867d841db8f898f5e5b6119f1734179f6825ca60f1e37b120654b9692e426fcbc75d547b811d31f153f7f39ac2acfb47589a5c76a69a3327dbd63422fcc11532f0cb574e1db2d4acff0e1363e2e211569a89b34db17b56a3570650f47b1b6da68e990ac2b3d3a7a98d4d36962f16f93d524d6d57e3feea5874cbb7b563cad6c995c51d9f5ef7369deb2d0015a93bdbd55705aba1c0f19030acce38d8513efc0494f85d7893fc467fc95b9177813f81c341d5813a9fa88ca1546fdbd47b3ac27654c3a388c650ed3a03549369a21132c218c94ea2082a0e095d5dcd5b00b54febb27501d315f9c676850de47198ccceb6f02ca98aa3082755b768e53541b137f877d6f185a56ca1f2152af6ca160c002612af5ebe6ac5ca12dbf7956ecaf05894cea7c537e9a7ca52a37a66a9fef61dc527afbeb8d9eff7310535be4973c3117227aed1a9eabdcf3b6d4e9b5dc3195b1ba0444885802befa192a7e66958717f1c27448e518a4b9ba0e5c41caa0ccd768b560b10ede3797fb053c84c23009a640773680207d626f10192162d99c1c0a6d0332a7ba359824ba85998506478a9b49b846772ebcbde46d82301ce7f97fd4c6e1976a183a80daeecbc4a142cda649f271dc61b8aabb0f20eec09973ab291f1d43fbc8654ed9cd81214cf16828a552af57dd40de1afdd80b5eaefbe05a37fd3e4fe8237e3326718e601931db9cbb3cdaf84ace1f7a6766eb2a56df494acf40e8e073dd09501305dde4f83a8940f68fa5d26b25ef3c7f21926fb1ed6a6ce88d71f0994b44b5227606f2837b1415e036e6261c3eff96588188299d17cc09306411c4ccc367988648f41b1671a22f87112e1992562017d1821d557a447fe9d6f10e842f2a58035065ea2f59f2d4bec7c983ee8aa87910b146bd3a847630ed0fbe1bca2cfdea8a20a4dccd7c7392a5bd7f3979c8b7999552d2e4bb66cfc324689004f2538b4246622829dde73f5499b04a4da072439545650b73c3af3e14443d3a1f1748a1dff89960967d9a3bffb05895b87995d5be54c243ac43f15e4bfbd652a82fb2875ced3400e2d8423c710439f8368dd5bfacae079e7e242930b9ff94d760e8406e680a03317c22180426fcf6e6a6351aac597e5ef6b6133e2ed4aa5412b13277554671dd6fb7783c879d75c1e7389950a67ca45189de67d0ca84a0e2dba5e8f0b4e92028dded0ea7e06be71cbfeb8f33d51dce52a56a46ba831302ef9982491f8e4ccc6482bfccded1211eff603df8f072a8f28ff59011c5c482c410a41c0eea6636181034670086690d6d1e16d086b7379c8667146bb1b7325fc43b6f293dce410f9c445cec1f29dd554a4c6a62894b48a3f6f02c36861fb1d0217118ffae618111cced6000a048617e1dea8da15597791f4257a979c7e073c81bbac5a8eb21500b56798cd935c8f795c697101aee96d1341ac1918322e53a25e0d8f0e9cde7edea3d88f65a42d56bfe604987593d5a0909130924103ccb9baf501c142aa20d8ffb333be0180304964789fd036a8e7355603459e8be66641ce1c563003710cccee9a315dff9f7a9ac574fddbdd3f0a7003f508703f833edf13b3b3805a05f5c4d2520d4308a528143c41992956bed7efebacbfe06e271ba493e099c6150d7343527cb7886f8139cd9da730af6da384dda0c9e99985df42852624dc12febad4a2ec012cf5b3f72335951e6e56988cb93ee68e12e61b2665399b73c4b5aee91b3a35bf45cea4b8078f460a7fb04f78a56ea91d313aa9a8526795e7dcbf647ce5371f34ff73476f63b7319758ae43f61a2bae56e396e384ff59c2c0e669c127e79e917a642fb7f7a5239d3d63b16a16c018d334f38fcca0970f9b03baa689ea1df39f1a273afa1ba78bb4c07e5d48dc087cbe4bd76d824095150822ddca5231d15d03294353cb10092d5111bcd9"}}, &(0x7f0000bbdffc))
r0 = io_uring_setup(0xf90, &(0x7f0000000000)={0x0, 0x5146, 0x8, 0x1, 0x39d})
io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f00000000c0), 0x1)
dup2(r0, 0xffffffffffffffff)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x9)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg(r2, 0x0, 0x0, 0x20044000)
connect$inet(r2, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, 0x0, 0x800)
close(r2)
r4 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10022, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1080}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000540)='kfree\x00', r6}, 0x10)

1.455637181s ago: executing program 0 (id=986):
r0 = syz_io_uring_setup(0x1104, &(0x7f00000004c0)={0x0, 0xffffffff, 0x0, 0xfffffffe, 0x160}, &(0x7f00000003c0)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, 0x0)
io_uring_enter(r0, 0x47fa, 0xfd5d, 0x200000000000000, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x2, 0xffffffffffffffff, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0, 0x40032043, 0x1})
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b70300001d00000085000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.361616751s ago: executing program 4 (id=990):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000c5000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000fbb703000000e31f008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='+}[@\x00G5\v\x89n\xb2\x0e\xb7\xb4\x9a\xb3\xb9\xe1\xff@`\x87\xefy\xb7\xe0\xe6c\x91\x81ND\t3\xc4\xca\xf0\xd0Zp\xadbdY\xdcz\xc6lo\xd0\xc7\'CT')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', 0xffffffffffffffff, 0x0, 0x7fff}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a310000000014000780050015000c00000008001240000000000500050002000000050004000000000010000300686173683a69702c6d6163"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000030601020000ffffffff00000a0000010500018007"], 0x1c}, 0x1, 0x0, 0x0, 0x4004810}, 0x840)

1.360992281s ago: executing program 0 (id=991):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x4, 0x80, 0x1, 0x20}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x43e, 0x800, 0x0, 0x40010333}, &(0x7f00000006c0)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000)={0x204000, 0xd8, 0x10}, &(0x7f0000000080)='./file1\x00', 0x18, 0x0, 0x12345})
io_uring_enter(r2, 0x47b6, 0x800000, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
ioctl$TUNGETVNETLE(0xffffffffffffffff, 0x800454dd, &(0x7f0000000300))
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r8}, 0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r6, 0x84, 0x7b, &(0x7f0000000180)={0x0, 0x3}, 0x8)
sendto$inet6(r6, &(0x7f0000000040)="be", 0x1, 0x4008014, &(0x7f0000000000)={0xa, 0x4e22, 0x1, @dev={0xfe, 0x80, '\x00', 0x23}, 0x7}, 0x1c)
shutdown(r6, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r9 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x101201, 0x0)
ioctl$IMADDTIMER(r9, 0x80044940, &(0x7f0000000600)=0x14)
pipe2(&(0x7f0000000000)={0x0, <r10=>0x0}, 0x0)
r11 = socket(0x2c, 0x3, 0x0)
r12 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xff}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r12, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r11}, 0x20)
close_range(r10, 0xffffffffffffffff, 0x0)

1.338823012s ago: executing program 4 (id=992):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
sendmmsg$inet6(r0, 0x0, 0x0, 0x0)

1.325106921s ago: executing program 0 (id=993):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000edffffff00000000040000000000ff000000001000000000"], 0x48)
r0 = socket(0x2c, 0x806, 0x150)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x60, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000400)='kfree\x00', r2}, 0x18)
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000001380)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, &(0x7f0000000cc0)='asymmetric\x00', &(0x7f0000000180)=@secondary)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000280)=@chain)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x808000}, 0x8)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={0xffffffffffffffff, 0x0}, 0x20)
getsockopt$bt_hci(r0, 0x84, 0x7f, &(0x7f0000000080)=""/4057, &(0x7f0000000000)=0xfd9)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r5=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0xd8c, 0x0, 0x0, 0x0, 0x2, '\x00', r5, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
r6 = syz_open_dev$usbfs(&(0x7f0000000000), 0x70, 0x103301)
ioctl$USBDEVFS_IOCTL(r6, 0xc0105512, &(0x7f0000000200))
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r7, 0x84, 0x2, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r7, &(0x7f0000001200)="03c67b40ef94880e0fb50c338fc91abb92082d214817cfc16040e1a42ab6f123f2fbed89fac7c63d8fa8955d6ee56e8c694f0873d6acb7696104f102db0be5fc169cfbf17b4dedb0705dd003a8b650252ae7dfc8c0c630ef3a278b16caad5c8c706b72fc3ff8eabb31ef86108374b960a81d40ada38bb927c8029a76161b25b78b67a779c148c07da2deba3c198cb1c40aef009cef9f62da980c12b3", 0x9c, 0x2004c841, &(0x7f0000000200)={0xa, 0x4e21, 0x1, @loopback, 0xfffffffb}, 0x1c)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x4}]})
open(0x0, 0xe180, 0x2)
close_range(r8, 0xffffffffffffffff, 0x0)

1.271579722s ago: executing program 4 (id=994):
connect$unix(0xffffffffffffffff, &(0x7f00000002c0)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000000)="0000000000000002", 0x8)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000280)=0x8)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = dup2(r0, r2)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='netlink_extack\x00', r4}, 0x18)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a80)=ANY=[@ANYBLOB="3c0100001000130726bd70000000000064010101000000000000000000000000ac1414130000000000000000000000004e2200004e230003020000003a000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fe8000000000000000000000000000bb0000000032000000fe8000000000000000000000000000aa0000000000000000000000000000000008000000000000000a000000000000000600000008000000000000000000000000000000000000000300000000000000fcffffffffffffff00000000000000000200000000000000f8ffffffffffffff0c000000000000000200000029bd7000000000000200010028000000000000004c001200726663343534332867636d28616573292900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000"], 0x13c}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB], 0x0, 0x6, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xa, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r7}, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0300008004000000040000000a00060000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x7, &(0x7f0000000040)=@framed={{0x18, 0x7, 0x0, 0x0, 0x4}, [@exit, @func={0x85, 0x0, 0x1, 0x0, 0x1}, @ldst={0x2, 0x3, 0x3, 0x2, 0x6, 0xffffffffffffff68, 0x8}, @exit]}, &(0x7f0000000680)='syzkaller\x00', 0x39}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x88604, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000640)}, 0x10000, 0x10000, 0x20000, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r8, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
io_uring_setup(0x68af, &(0x7f0000000480)={0x0, 0x0, 0x1880, 0x1})
r9 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r9, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x3f, 0x2, 0x10, {0x2, 0x4e22, @empty}}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffe5e}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0x8000)
socket$packet(0x11, 0x2, 0x300)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r3, 0xc0189375, 0x0)

1.105937703s ago: executing program 3 (id=995):
getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, <r0=>0x0, 0x1, 0x0, 0x6, @dev}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x20, '\x00', r0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000080", @ANYRESDEC=0x0], 0x48)
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1], 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x800)
r2 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x7}, &(0x7f0000000300)=<r3=>0x0, &(0x7f0000000580)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000f00000a64000000060a0b1600000000000000000200000838000480340001800b0001006e756d67656e00002400028008000340000000000800014000000003080003400000000008000240000000500900010073797a30000000000900020073797a32"], 0x8c}, 0x1, 0x0, 0x0, 0x850}, 0x4040080)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000004c0)=@IORING_OP_CONNECT={0x10, 0x55, 0x0, r5, 0x80, &(0x7f00000000c0)=@l2={0x1f, 0x0, @none, 0x1, 0x1}, 0x0, 0x0, 0x1, {0x0, r6}})
io_uring_enter(r2, 0x6e2, 0x3900, 0x3, 0x0, 0x0)
r7 = socket(0x10, 0x3, 0x0)
write(r7, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000003c0000000000000008000f0001000000", 0x24)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r7, 0x84, 0x8, &(0x7f0000000000)=0x2, 0x4)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r8, &(0x7f00000007c0)={0xa, 0x2, 0x8, @mcast1, 0x80000000}, 0x1c)
setsockopt$inet6_tcp_int(r8, 0x6, 0x2000000000000022, &(0x7f00000001c0)=0x1, 0x4)
sendto$inet6(r8, &(0x7f0000000340)="fb", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0x8}, 0x1c)
sendmmsg$inet6(r8, &(0x7f0000008e00)=[{{0x0, 0x0, &(0x7f0000003780)=[{&(0x7f0000001780)="19", 0x1}], 0x1}}], 0x1, 0xc0c4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r5, 0x8982, &(0x7f0000000380)={0x1, 'nr0\x00', {}, 0x8})
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r11 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r10, 0x0, 0x2}, 0x18)
fsync(r11)

886.325554ms ago: executing program 2 (id=996):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x3, &(0x7f00000003c0)=[{0x5, 0x8a, 0x1, 0x6}, {0x8, 0x1, 0x9, 0x7}, {0x4, 0x8, 0x4, 0x73}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r2, 0x10c, 0x6, &(0x7f0000000a40)=0x5, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x18)
r3 = epoll_create1(0x80000)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x10000000}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r5, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r5}, &(0x7f00000002c0), &(0x7f0000000300)=r6}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r7, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f00000000c0)={0xe000001a})
ioctl$SIOCGIFMTU(r4, 0x8921, &(0x7f0000000380)={'pim6reg\x00'})

815.579025ms ago: executing program 2 (id=997):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000005c0)='sched_switch\x00', r3}, 0x10)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x2, &(0x7f0000006680))
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000000180)=<r5=>0x0)
timer_settime(r5, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001740)={0x11, 0xf, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000100000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000800008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000084000000b70000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000340)='xen_cpu_write_idt_entry\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x545, &(0x7f0000001300)="$eJzs3c9vHFcdAPDvrL2Okzi1CxygUktFi5IKshvXtLU4lCIhOFVClHsw9saysvZG9rqNrQo2fwESQoDECS5ckPgDkFAkLhwRUiQ4g1QEQpCCBIfSQbM7G5v1rL0xa2+8/nykybw3v77f5/iNZ3aeZgM4t56PiDci4sM0TV+KiNl8eSmfotWZsu3ef/jucjYlkaZv/S2JJF+WbZamado95uV8t+mI+NpXIr6Z7As4nc93dm8v1eu1zbxaba7fqW7t7F5fW19ara3WNhYW5l9dfG3xlcUbQ2nnlYh4/Ut/+v53fvrl13/52Xf+ePMv176VpTWTr++24xgmD1vZaXr5wnTPDpvHDPYkytpT/iCvXBxsn3snmRAAAH1l1/gfiYhPRcRLMRsTh1/OAgAAAGdQ+oWZ+CDpPL8rMNVnOQAAAHCGlNpjYJNSJR8LMBOlUqXSGcP7sbhUqje2mp+51djeWOmMlZ2LcunWWr12Ix8rPBflJKvPt8t79Zd76gsR8XREfG/2YrteWW7UV0b94QcAAACcE5d77v//Odu5/z9ccjrJAQAAAMMzN+oEAAAAgBPn/h8AAADGWnnUCQAAAAAn7qtvvplNaff7r1fe3tm+3Xj7+kpt63ZlfXu5stzYvFNZbTRW2+/sWz/qePVG487nYmP7brVZ22pWr+zs3lxvbG80b67F9Kk0CAAAADjg6U/e/30SEa3PX2xPmalRJwWcislHpe47PQt6/x+e6szfO6WkgFMxMcA2710oXu46Ac62yd4Fffo6MH6M/weO+kaPvoN3ftOZlYacDwAAMHxXP3Hc5/8tl/xwxunEcH71PP9PZ0eVCHDq2s//Bx3I42IBxkp5oBGAwDj7f5//Hy1NHyshAABg6GbaU1Kq5B/vzUSpVKlEXGl/LWA5ubVWr92IiKci4nez5QtZfb69Z3LkPQMAAAAAAAAAAAAAAAAAAAAAAAAA0JGmSaQAAADAWIso/Tn5Vedd/ldnX5zp/XxgKvl3+yuBpyLinR+99YO7S83m5ny2/O+Pljd/mC9/eRSfYAAAAAC9uvfp7fm/Rp0NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOPm/YfvLnenATa/OKy4f/1iRMwVxZ+M6fZ8OsoRcekfSUzu2y+JiIkhxG/di4iPF8VPsrQehSyKP4wfQute0krbCuPHXP5TKIp/eQjx4Ty7n51/3ijq/6V4vj0v7n+TEf9TP67+5794dP6b6NP/rwwY45kHP6/2jX8v4pnJ4vNfN37SJ/4LA0Uvxze+vrvbb23644ir3b8/7TPe/gh7pWpz/U51a2f3+tr60mpttbaxsDD/6uJri68s3qjeWqvX8n8LY3z32V98eFj7LxX+/UvybPq3/8WC400U5P+fB3cffrRbaR2Mf+2Fgvi//km+xcH4pTzOp/Nytv5qt9zqlPd77me/fe6w9q/stb/8OP//1/odtNeBjvLsYL86AMCJ2NrZvb1Ur9c2x7aQ3aU/AWkcpzAVT0Qa41v4dlZ4MKwDpmmaZn2qYNX9iBjkOEkMuaWl4nz2Cn3PAKM+MwEAAMO2d9E/6kwAAAAAAAAAAAAAAAAAAADg/DqNt6z1xtx7BXIyjFdoAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMxX8DAAD//xfc3AU=")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xf, 0x0, 0x7ffc1ffb}]})
statfs(&(0x7f0000000200)='.\x00', &(0x7f0000000440)=""/137)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00'}, 0x10)
r7 = mq_open(&(0x7f0000000140)='*+@[^#^\x00', 0x40, 0x65, 0x0)
mq_notify(r7, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)

715.872906ms ago: executing program 1 (id=998):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = inotify_init()
r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000017c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8, &(0x7f00000005c0)={[{@errors_remount}, {}]}, 0x4, 0x50a, &(0x7f00000018c0)="$eJzs3c1vVF0ZAPDnTju0lEKLslATAyqKhjD9ABrCxrLRGEJiJK5cQG2HpukM03RKpJVFWbonkcSV/gnuXJiwcuHOne7c4MIElfiGvsm7mDf3zqUd+jnQj0k7v19ye+85d7jPOTOcc+YeuD0BdK1LEbEaEaci4mFEDOX5Sb7FZHNLX/fu7bPptbfPppNoNO7/N8nOp3nR8mdSZ/Jr9kfEz34c8ctka9z68sr8VKVSXszTI0vVhZH68sq1uUKeMz4xNjF66/rN8QOr68XqH9/8aO7uz//8p2++/tvqD36dFmvwN2ezc631OEjNqhdjsCWvNyLuHkawDunN//5w/KSt7SsR8e2s/Q9FT/ZpAgAnWaMxFI2h1jQAcNKl9/+DkRRK+VzAYBQKpVJzDu9CDBQqtfrS1aHak8czkc1hDUex8GiuUh7N5wqHo5ik6bHseCM9/kH6Rfl6RJyPiBd9p7PzpelaZaaTX3wAoIud2TT+f9bXHP8BgBOuv9MFAACOnPEfALqP8R8Aus9HjP+eDgSAE8L9PwB0H+M/AHSfPcf/50dTDgDgSPz03r10a6w1f//1+9/UfW2mXJ8vVZ9Ml6Zriwul2VpttlIuTTcae12vUqstjN1YT9aXVx5Ua08eLz2Yq07Nlh+Ui4dZGQCgLecvvvpHOuiv3j6dbdGyloOxGk62QqcLAHRMT6cLAHSM53mge7Vxj28aAE64bZbo/cCO/0XopcVf4bi68nXz/9Ct9jP/b+4AjrdPm///4YGXAzh6xnDoXo1GYs1/AOgy5viBj/73/zv5/uXhlAcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOg8FsSwqlbC3w1fRnoVSKOBsRw1FMHs1VyqMRcS4i/t5X7EvTY50uNACwT4V/J/n6X1eGLg9uPnsq+bwv20fEr353/7dPp5aWFsfS/P/1Teb5Sy/z/PFTHakBANBicmtWc5zO9y038u/ePpt+vx1lEd/caS4umsZdy7fmmd7ozfb9UYyIgf8nebop/b7ScwDxV59HxNc26v+0JcJgNgfSXPl0c/w09tlDiL/x/m+OX/ggfiE7l+6L2Xvx1QMoC3SbV3ea/WTe9tImlre/QlzK9tu3//6sh9q/tP9L+5K1Lf1fYb3/69kSP8na/KX19O4leXPjLz/ZktkYap57HvGN3u3iJ+vxk+373+LlNuv4z1066sbvI65sW//3K1JXs252ZKm6MFJfXrk2V52aLc+WH4+PT4xNjN66fnN8JJujbv7863Yx/nP76rmd4qf1H9ghfv/u9Y/vtln/P3zx8Bff2iX+97+z/ed/YZf46Zj4vTbjTw1Mblm+uzX+zA713+Pzj6ttxn/9r5WZNl8KAByB+vLK/FSlUl7c4yD9rrnXaxwc3cHpiDioC8ZqxEEVLJuUiIj9XCeJjr+9Diqd7pmAw7bR6DtdEgAAAAAAAAAAAAAAYCf15ZX5vk9+WiuG23kKrdN1BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4OT6MgAA//9Mj8T8")
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000160000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000140)=@generic={&(0x7f0000000040)='./file0\x00', r3}, 0x18)
inotify_add_watch(r0, &(0x7f0000000000)='./file1\x00', 0x16000f57)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000002c0)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x4, 0xffff2153, 0x2, 0xa, 0xd, 0x1c4, 0x7, 0x2, 0x6}}}}]}, 0x58}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000a00)=@newtfilter={0x38, 0x2c, 0xd27, 0x30bd29, 0x25dfdbff, {0x0, 0x0, 0x0, r7, {0x0, 0x3}, {0x0, 0xb}, {0xfff1, 0xc}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4040015}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={&(0x7f0000000180), 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=@deltclass={0x68, 0x29, 0x100, 0x70bd2b, 0x25dfdbfe, {0x0, 0x0, 0x0, r7, {0xd, 0xa}, {0x8, 0xe}, {0x3, 0xc}}, [@TCA_RATE={0x6, 0x5, {0x40}}, @tclass_kind_options=@c_sfb={0x8}, @tclass_kind_options=@c_cake={0x9}, @TCA_RATE={0x6, 0x5, {0x1, 0xd7}}, @TCA_RATE={0x6, 0x5, {0x9, 0x3}}, @TCA_RATE={0x6, 0x5, {0x7, 0xa}}, @TCA_RATE={0x6, 0x5, {0xe, 0xa7}}, @TCA_RATE={0x6, 0x5, {0x7, 0x8}}]}, 0x68}, 0x1, 0x0, 0x0, 0x5}, 0x810)
newfstatat(0xffffffffffffff9c, &(0x7f0000000780)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r8=>0x0}, 0x800)
r9 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r10=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0xffffffffffffffff, r10)
setresgid(r10, 0xffffffffffffffff, 0x0)
fchownat(r1, &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', r8, r10, 0x100)
socket$unix(0x1, 0x2, 0x0)
fstat(r0, &(0x7f0000000100))
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x80000001}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x13, &(0x7f0000000880)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0x5}, @map_val={0x18, 0x6, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x4}, @ldst={0x2, 0x3, 0x3, 0xf8887ee846adfac3, 0x5, 0x20, 0xffffffffffffffff}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x6cb, 0x73f6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x110, 0x0, [{{0x9, 0x4, 0x0, 0x1, 0x2, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x1, 0x0, 0x1, {0x22, 0x3}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x0, 0x0, 0x5}}}}}]}}]}}, 0x0)

358.923668ms ago: executing program 0 (id=999):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000740)={r0, 0x0, &(0x7f0000001700)=""/47}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x12d1c2, 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1e00dadc9fbef0d69200feff0000450000"], 0x48)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000040)=@assoc_value, &(0x7f0000000000)=0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = getpid()
r3 = syz_pidfd_open(r2, 0x0)
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r3, 0x4018f50b, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xc0100, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='kfree\x00', r5}, 0x18)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="140100002900010000000000fcdbdf250301f2800c001c000bac0f00000000001400050000000000000000000000ffff7f00000150bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c808004500ac1414bb008ff6c7ceb20989cf7012879d834d615c00270767239d067b197678c60ec0bbf9b5ea23c51fe2e06d657cb535325ebaecae2f435734d53e43af5234199a718bcc0b75cb5205db65bc4907a3a45abd6c5348e15545c24e24fa1475570e72fe61b6abb82c9b0ea64e526ca2c38b1b88ce7726aac7f5a8611f51869e00059e3bc734692b2bd2aa2fea80ff865ef41e21729e192cdb793c9295cb8bbde418524334b6d611b73ec02e2ad303eb4d81c4c524d2f60586af33ec6294d9045b90ce4052b763b80fd2a2424b3f4ad485cef311f234277dcec0401bbaaad2d782fc5e0a0e7e4a"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0xf)
r7 = syz_clone(0x8d002240, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
ptrace$pokeuser(0x6, r7, 0x358, 0xffff888237c16e50)
capget(&(0x7f00000003c0)={0x20071026, r7}, &(0x7f0000000400)={0xe, 0x200, 0x7fff, 0xfff, 0x3, 0x4})
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x18)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x67, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4028a, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r9 = socket(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000ea03010000000000000000000a00000a140000001100010000000000000000000200000a"], 0x28}}, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x1e, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000001100cc000000001812000000000000000000", @ANYRES16=r1, @ANYBLOB="0000000000000000b7030000e2000000850000001b000000b7000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

259.421578ms ago: executing program 4 (id=1000):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1, 0x0, 0x1}, 0x18)
syz_emit_ethernet(0x2e, &(0x7f00000003c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x33, 0x0, @private, @broadcast}, {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x1, 0x3, 0x9, 0x100, @void}}}}}}}, 0x0)

252.798198ms ago: executing program 2 (id=1001):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x109301)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x18)
ioctl$USBDEVFS_CONTROL(r1, 0xc0105500, &(0x7f0000000000)={0x80, 0x6, 0xff0c, 0x0, 0x0, 0xd5a6, 0x0})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0x7fff}, 0x18)
r5 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x88002, 0x0)
pwritev(r5, &(0x7f00000000c0)=[{0x0, 0x4f}, {&(0x7f0000000140)="de", 0x1}], 0x2, 0x0, 0x0)

239.400398ms ago: executing program 4 (id=1002):
r0 = syz_io_uring_setup(0x1104, &(0x7f00000004c0)={0x0, 0xffffffff, 0x0, 0xfffffffe, 0x160}, &(0x7f00000003c0)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, 0x0)
io_uring_enter(r0, 0x47fa, 0xfd5d, 0x200000000000000, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x2, 0xffffffffffffffff, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0, 0x40032043, 0x1})
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYBLOB="0000000000000000b70300001d000000850000001b"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

237.029978ms ago: executing program 3 (id=1003):
r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r0, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000000)='mm_page_free\x00', r3, 0x0, 0x8001}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0x7}, 0x18)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a03000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000180003801400020000007468305f746f5f68737200000000080002"], 0xe8}}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0xa, 0xc, &(0x7f00000001c0)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000023"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffbfffe}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
socket$pppoe(0x18, 0x1, 0x0)

147.529209ms ago: executing program 2 (id=1004):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
chdir(&(0x7f0000000140)='./bus\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x40)
r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x3, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sendmsg$ETHTOOL_MSG_PAUSE_GET(0xffffffffffffffff, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000800)=ANY=[@ANYBLOB, @ANYRES8=r1, @ANYRES32], 0x20}, 0x1, 0x0, 0x0, 0x4000c00}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x3, 0xc, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = socket$phonet_pipe(0x23, 0x5, 0x2)
getsockopt$PNPIPE_INITSTATE(r3, 0x113, 0x4, 0x0, &(0x7f0000000400))
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'sit0\x00'})
socket$inet6_udp(0xa, 0x2, 0x0)
open(&(0x7f0000000180)='.\x00', 0x0, 0x0)
flock(0xffffffffffffffff, 0x5)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xfecc)

141.905509ms ago: executing program 0 (id=1005):
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x44, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x528, 0x1, @perf_bp={0x0, 0x1}, 0x419, 0x5, 0x0, 0x8, 0x103fb, 0x1ff, 0x7, 0x0, 0x0, 0x0, 0x400000000000007}, 0x0, 0x1, 0xffffffffffffffff, 0xb)
gettid()
timer_create(0x2, &(0x7f0000000180)={0x0, 0x15, 0x800000000004, @thr={0x0, &(0x7f00000002c0)="a0fcf95c31e324ce9f2d7cf01c72562b33af64321d7b9c57788535cf121f86b31177294b03c027355eb6c7455f941fcdf302c2c0a0d934fdd816df0858d63de6df614e37fdd1ef699176d9ad1cf3028ae90910dc03579026356f6cb1553fc933c81453aae6ac9d6f7ed7624d09d949be67214b521f5419c58f7da710db48508a856fc3e918aef0b09b7a4f81b5be61d8e055e52d8cf77531ca58dffcdda2a3e4c3b22236d8cd94d51465c76dfacf50c21cf2fc819ef366e16542cb760f66b9f4aff9ce04b1b0fc459d4921151344fde5fff4ff46ef347446f13c920bb3e0f6f670bef9e016ec07bcb2087add49da7a8a03dbc4ca96ca903042b852e72c40b8f98a1f1553f2ae68b4e337475d7f23433b9c0e587a0ed7015b11e060f922fd2b8b0375a94b23e584fc0c88d6d2f80fdde7c9e83b605d12e241065177f001b68d679188db1d19273b42c2a41b853b4e797f336729a49b72cb3dbb1bbe7df32d3823ef9bb382db9a84bd69d3a04ba597d043b4ee22e53daa5a892aeb4d928013c6ba9ba210b08fbafb8574a256716ed306ae62448fb5b7c3e4d4df2a5ab90613474b7847b13c8b2eb27c774ef4edff78a31b4447cb39cf4cc48a1a68324879bd1801002464096a653eeba9e890b5cd54e15826d84e5008889d93cd40c1a1c552b85a2fe8355091a8ac2e46c4d9e782393e8f687d1c08ca49367ec910f4eec159b5ad1374b6d26d4c8f78636e64a3f8bcc7739eb1954f31ebd0eccec7563d83d229699acdfa66b233594063a1262f98f72e94a7862971020587fbb4c04ba4f39cd61d61cbfcd0b60ddf6eb50e8064d9d5895116cb53b953e0cf8a15fc18c46590d2197b2cc45b88c0416b6a380cdbf04a596bd253cdd1fd77f2fc439ea2b26a2c4ae2bbde3a26a565e0b83ff231ad27a0e1babc5d63b08ac3b7d49b53aaaf47abbae60fb17b8d86a72c764ab9d876ad089e30558823b4931b54e8ece300492dc8ac6b2f97f2b1e66dbc42627cb63c21c27c7f234c77835d832bce6850f96cfe1dde66c7eac266fff939390e1cc2765f262a98af1415c14707da778626c0b689251d01418bb4f4d65e1e4be4917deebe111bd19f10f655c5d42ef5ba2ee5740ab2b0776c6db647002e306e35efdc6a8281b8285d9913e99b277a4b7cf5add90f8eed9e53a066405e0ac239032f9e947f6d27d9f82695939a473d212608f6aca491ce13712b1f4568bb95b2c25d5a97e7a8cc6f27d4a6d232891b534bca312ed81cd65ce07c9ff1b78174fe8419719bc2471314cbf63e983888a7e609b6e23264b4077242977b7cd7c6067a79b7d9e6fdc12bed4e395616ff51e4e8910936cca4e52c8dcc090aff4f17d9bdbc8d2fa5e0fd0c605a527c305b40f6e62eaf0f3650e87c172233fc063d5909a070bfc1674004cc41aa579f7a2ae4cd186368d6c88aa772a3df6051a0eff98351c57a14c02f2d4062480cc484409ae839b417d9f7acd6131cf6031960bb04bfd7de4be3b2c9ec0ad74fbbbdbecf9dc2feaef790a1bc3adbe71092eaa5924755c11056dd2f134d1e551b6fa8318995888b49f71e60ee341a3a4daff903df2abfa0908babef686b056cc5067b513138a76379189bdd6a1012663c213a59068cca7ef471f9ca2606b07de20aeda2f73e7d29becfbe6438986475dfc7c7f5a517f65cf5891bbc07ed061e3e9551ce5da6501c77927b3e76d0daa71a1294ded641bc4e219ee42617fd51fee19ada087741141d5c5e3f99d12be0c73e957822953cf936d85f5c37d731a3387585e487caf52ea4f41b6f0913fbebdbf326e42621575a18d13cdf84d128d8c72b0315e4bc43e16f35c6c34188dc9970fa3abeaaf1fcdd4bb66a53fbb9285537686e8777e4e7d32828d8b8e1d0a752d2c11222bdb808d6d01a706ef0c7e7d38bfc265431ac6cbfdbe7d00d6754304e5fe0cf637e8fa7e06d1cc7e6dc710a06b94a4305bfd70e1f79cf7600b6a118e272d97b4e7b7f62a6dd5255831d5f23396f00500bd68081d74773a14b095913a5041d494a4bacb97781585c643dd15f715d9c755a613ce2391d64eb36bf4ed50177495ddbb989f2591279d12a63e7433f027bc1e5c768f294081952cdbc42ed5a327b808b918aeb409836cdfa02e0e53fabbe7d2db1ab3d2202edbb91c0ebdfa4e5d0f001bb4dd170a85ccd016cca3ee83914493ce4780540ec2108098369fdb5a4d0360265fb96019dfc646ba43f953cf3c3776a19ebe7e30bfac5a0a3e3363f776a6575c5d0ed8743e8ea3ff8e69ce9fd29618c4da185213a38f139f897398bb3ec4dc6432b2fbe8456fc903c949593976ca553a41978e09484f5be92b28527fdbd64a4c0c496e5fec5b329c9a2abf0322e973a1d19416055d5e3f73f583b0a4a02eaf59d1ed642e79d51d05e577769c173c67bd3e03544c17876bc5372eb9abf0c95793a8cfb83caa810da9f2b5342c77ec5ae0cf23155d22b15af9574f9a97c23b61bec533271897a131cf3c3f36a3d3c682282d00815ff68f431339a455a1f738572d2c9a199178c087799aef2fde27b21be5e629eeee73ad70c783da5e6034ba92813253454618a052e2081bafc963eaa3f79a60fb35dfc3cfd3dd01f5c7b893b990056e41dbc6a57fd78d5866fb4fd4eed3fbbff927b5f57f453f3d178dc230d87aea4fc9df27717750b207001b7b6023183870d9ff34a1a3e19192d068dd22a5045a1f6c397fed8f078ba08bc8f6b45dc88a797bf0ed67d95f971f57eb1445054f326ef117bc643d3be272bc70670571ba209ddb22ab8aab8258ea6d64a91d7440a7bc1a261885e532e5d79a5e50311555048ac755240a8c77bb80dc61c43cc412e6e980fa827ae320fb8ad69aacc2e8c9b6d2b79e52ac51c750668f8888686b4cf3b47896d5ccd3203920ca2f695cee6afb402befe03c2c7c56fb069473f57da4851bbb168b9653bf4bb7ca761c531719006ba3d6db357c2710ddcec7717ca3cca65e7a8e92af73ede220fcb1af9b6ec453d78e70a77fc18e857796c3fa5fe0a3a112ba7ee4960c3bf91dc0a8c2560f1ffb3e4e8bffa809bdf09d615d1edb8672d1989ab9c57b6bf7dae5521c9043d443b2c8502be5d9f7cd4aefa8027f5e00aad762edba7f916767b955af2a713d19df678472a4a6c003b6bf8b2deb354379b47d2c762082649e74cba223d42f0e57c5e835b55275646f105b48576634aa8d21ae72eaa3b0669716927a840f5b37eea5a6fcfeee48b1eee8a4ac2f76c94c2ccab72af131736fb2473ec702a6c4e02599504800901e41820a4ef2dccaf8c0e0873aa38cd670edd62f219b178e80cee63cc7aa78edd7d68faafed64f9cb17e01dc4c37743b880d04b8565781928e0394c0cd27ae611de5c2ad9247d2f3e9f6c88b5e6d7907312ef95c7da555ce860645d6dd9ff13e1c656d8016477e056364d741734084673c529a01c99066d537c2d320e3dcce6a8d855f48f9d0bd1aa049e3d9a1f49416c165a18515b1daf7d76e220c6ac09aa3afeed696a4d0d3615b49a7f42f2163aa161e20c5cdbfa6995b685ba235471bbad2364630079c0af106c402a1e5447f354ff47beab0e7115e2a826307ab1a63d80b99b63e25fa55a85460871114a814ab5285fdd16b611c967c3b064d68824d9cbc1ee20b319c3babb43930dd456a7e1916038477e1d9512d0c1e25e511f208b0d10d5591a00e0cebbb44e1cd2658a4fb68caf77b35d560fc6f9a47b8bf03d5d6e7e9d4552ee5d00a0af950988545be842df1160bde6c674c50d861b3db8a5d59336dab50578449c9c3f3bacae298b67cc47014a937d0bd9a587a7de7ad17275facb879aaef8867d841db8f898f5e5b6119f1734179f6825ca60f1e37b120654b9692e426fcbc75d547b811d31f153f7f39ac2acfb47589a5c76a69a3327dbd63422fcc11532f0cb574e1db2d4acff0e1363e2e211569a89b34db17b56a3570650f47b1b6da68e990ac2b3d3a7a98d4d36962f16f93d524d6d57e3feea5874cbb7b563cad6c995c51d9f5ef7369deb2d0015a93bdbd55705aba1c0f19030acce38d8513efc0494f85d7893fc467fc95b9177813f81c341d5813a9fa88ca1546fdbd47b3ac27654c3a388c650ed3a03549369a21132c218c94ea2082a0e095d5dcd5b00b54febb27501d315f9c676850de47198ccceb6f02ca98aa3082755b768e53541b137f877d6f185a56ca1f2152af6ca160c002612af5ebe6ac5ca12dbf7956ecaf05894cea7c537e9a7ca52a37a66a9fef61dc527afbeb8d9eff7310535be4973c3117227aed1a9eabdcf3b6d4e9b5dc3195b1ba0444885802befa192a7e66958717f1c27448e518a4b9ba0e5c41caa0ccd768b560b10ede3797fb053c84c23009a640773680207d626f10192162d99c1c0a6d0332a7ba359824ba85998506478a9b49b846772ebcbde46d82301ce7f97fd4c6e1976a183a80daeecbc4a142cda649f271dc61b8aabb0f20eec09973ab291f1d43fbc8654ed9cd81214cf16828a552af57dd40de1afdd80b5eaefbe05a37fd3e4fe8237e3326718e601931db9cbb3cdaf84ace1f7a6766eb2a56df494acf40e8e073dd09501305dde4f83a8940f68fa5d26b25ef3c7f21926fb1ed6a6ce88d71f0994b44b5227606f2837b1415e036e6261c3eff96588188299d17cc09306411c4ccc367988648f41b1671a22f87112e1992562017d1821d557a447fe9d6f10e842f2a58035065ea2f59f2d4bec7c983ee8aa87910b146bd3a847630ed0fbe1bca2cfdea8a20a4dccd7c7392a5bd7f3979c8b7999552d2e4bb66cfc324689004f2538b4246622829dde73f5499b04a4da072439545650b73c3af3e14443d3a1f1748a1dff89960967d9a3bffb05895b87995d5be54c243ac43f15e4bfbd652a82fb2875ced3400e2d8423c710439f8368dd5bfacae079e7e242930b9ff94d760e8406e680a03317c22180426fcf6e6a6351aac597e5ef6b6133e2ed4aa5412b13277554671dd6fb7783c879d75c1e7389950a67ca45189de67d0ca84a0e2dba5e8f0b4e92028dded0ea7e06be71cbfeb8f33d51dce52a56a46ba831302ef9982491f8e4ccc6482bfccded1211eff603df8f072a8f28ff59011c5c482c410a41c0eea6636181034670086690d6d1e16d086b7379c8667146bb1b7325fc43b6f293dce410f9c445cec1f29dd554a4c6a62894b48a3f6f02c36861fb1d0217118ffae618111cced6000a048617e1dea8da15597791f4257a979c7e073c81bbac5a8eb21500b56798cd935c8f795c697101aee96d1341ac1918322e53a25e0d8f0e9cde7edea3d88f65a42d56bfe604987593d5a0909130924103ccb9baf501c142aa20d8ffb333be0180304964789fd036a8e7355603459e8be66641ce1c563003710cccee9a315dff9f7a9ac574fddbdd3f0a7003f508703f833edf13b3b3805a05f5c4d2520d4308a528143c41992956bed7efebacbfe06e271ba493e099c6150d7343527cb7886f8139cd9da730af6da384dda0c9e99985df42852624dc12febad4a2ec012cf5b3f72335951e6e56988cb93ee68e12e61b2665399b73c4b5aee91b3a35bf45cea4b8078f460a7fb04f78a56ea91d313aa9a8526795e7dcbf647ce5371f34ff73476f63b7319758ae43f61a2bae56e396e384ff59c2c0e669c127e79e917a642fb7f7a5239d3d63b16a16c018d334f38fcca0970f9b03baa689ea1df39f1a273afa1ba78bb4c07e5d48dc087cbe4bd76d824095150822ddca5231d15d03294353cb10092d5111bcd9"}}, &(0x7f0000bbdffc))
r0 = io_uring_setup(0xf90, &(0x7f0000000000)={0x0, 0x5146, 0x8, 0x1, 0x39d})
io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f00000000c0), 0x1)
dup2(r0, 0xffffffffffffffff)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x9)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg(r2, 0x0, 0x0, 0x20044000)
connect$inet(r2, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, 0x0, 0x800)
close(r2)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10022, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1080}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000540)='kfree\x00', r5}, 0x10)

105.599759ms ago: executing program 4 (id=1006):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYRES16=0x0], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000380)='./bus/file0\x00', 0x58e, &(0x7f0000000180), 0x1, 0x465, &(0x7f0000001240)="$eJzs28tvVNUfAPDvvW2B8vi1P8QHD7WKxsZHSwsqCzcaTVxoYuIGl7UtBCnU0JoIaRSNwaUhcW9cmvgXuNKNUVcmbnVvSIjpBnQ15s7c23kwU9ph4Fbm80mGnnPvuZzznXPPzLn3zA2gb41l/yQRuyPi94gYqWWbC4zV/txYXZn9e3VlNolK5e2/kmq566srs0XR4rhdeWY8jUg/S+Jgm3qXLlw8M7OwMH8+z08un31/cunCxedOn505NX9q/tz08ePHjk69+ML08z2J8/9ZWw98tHho/+vvXHlz9sSVd3/+dqCIvyWOHhlbb+eTlUqPqyvXnoZ0MlhiQ9iUbAxk3TVUHf8jMRD1zhuJ1z4ttXHAHVXJddh9qQLcw5IouwVAOYov+uz69/rqyvDdm3lsDdderl0AZfHfyF+1PYOR5mWGWq5ve2ksIk5c+uer7BV35j4EAECT77P5z7Nr87/Z+vwjjQcayv0vXxsazddS9kbEfRGxLyLuj6iWfTAiHtpk/a2LJDfPf9KrXQW2Qdn876V8bat5/lfM/mJ0IM/tqcY/lJw8vTB/JH9PxmNoe5afWqeOH1797YtO+xrnf9krq7+YC+btuDq4vfmYuZnlmduJudG1TyIODLaLP1lbCUgiYn9EHOiyjtNPf3Oo075bx7+OHqwzVb6OeCrr/4hL0RJ/IVl/fXJyRyzMH5kszoqb/fLr5bc61X9b8fdA1v87257/a/GPJo3rtUubr+PyH593vKaZ6Or8r2/Ylv/9cGZ5+fxUxLbkjVqjG7dP148t8kX5LP7xw+3H/96ovxMHIyI7iR+OiEci4tG87x6LiMcj4nBLXI3X1z+98sR7neLfCv0/19L/o81FWvq/ntgWrVvaJwbO/Phd8/9YT27s8+9YNTWeb9nI599G2tXd2QwAAAD/PWlE7I4knVhLD6cTE7Xf8O+LnenC4tLyMycXPzg3V3tGYDSG0uJO10jD/dCp/LK+yE+35I/m942/HBiu5idmFxfmyg4e+tyum8Z/Wh3/cSHiz4GyWwfccZ7Xgv7VMP6TMtsB3H2+/6F/Gf/Qv9qM/757EBD6Vbvv/49LaAdw97WM/47LftYD4d7j+h/6l/EP/atx/PsBAPSNpeG49UPy7RI7opujyk4MxZZoxr2QiHRLNKM3iaTLUbDRxO6yA9x8ouxPJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgN74NwAA//8KVurK")
writev(0xffffffffffffffff, &(0x7f0000000140)=[{0x0}], 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f0000000580)={0x5, 0x80, 0xea, 0x7, 0x40, 0xe5, 0x0, 0x0, 0xd000, 0x6, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x5, 0x2, @perf_bp={0x0, 0x2}, 0x9c7, 0xfc, 0x4, 0x0, 0x81, 0x9, 0x5, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil)
brk(0x400000ffc000)
brk(0x400000ffc020)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@dellink={0x20, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10820, 0x400}}, 0x20}}, 0x4084)

0s ago: executing program 2 (id=1007):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x6, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r0, 0x408c5333, &(0x7f0000000280)={0x0, 0x80000000, 0x0, 'queue0\x00', 0xffffff00})

kernel console output (not intermixed with test programs):

 EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.795618][ T4510] ext4 filesystem being mounted at /62/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   55.820572][ T4510] netlink: 'syz.1.311': attribute type 17 has an invalid length.
[   55.828344][ T4510] netlink: 148 bytes leftover after parsing attributes in process `syz.1.311'.
[   55.846454][ T4514] loop3: detected capacity change from 0 to 512
[   55.867621][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.882984][ T4514] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.896020][ T4514] ext4 filesystem being mounted at /61/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   55.943260][ T4514] EXT4-fs error (device loop3): ext4_xattr_block_get:597: inode #15: comm syz.3.312: corrupted xattr block 33: invalid ea_ino
[   55.961026][ T4514] EXT4-fs (loop3): Remounting filesystem read-only
[   55.967600][ T4514] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[   55.977488][ T4514] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[   55.986814][ T4514] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[   56.016627][ T4514] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   56.025122][ T4514] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   56.032671][ T4527] loop2: detected capacity change from 0 to 128
[   56.046265][ T4514] netlink: 8 bytes leftover after parsing attributes in process `syz.3.312'.
[   56.062388][ T4514] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   56.336704][ T4544] netlink: 4 bytes leftover after parsing attributes in process `syz.1.323'.
[   56.380041][ T4544] $Hÿ: entered promiscuous mode
[   56.385144][ T4544] bond_slave_0: entered promiscuous mode
[   56.391027][ T4544] bond_slave_1: entered promiscuous mode
[   56.432968][ T4550] lo speed is unknown, defaulting to 1000
[   56.558054][ T4567] netlink: 'syz.1.330': attribute type 30 has an invalid length.
[   56.595232][   T36] IPVS: starting estimator thread 0...
[   56.618735][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.689769][ T4572] IPVS: using max 2352 ests per chain, 117600 per kthread
[   56.708125][ T4580] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0
[   56.883849][ T4603] loop3: detected capacity change from 0 to 512
[   56.924923][ T4609] netlink: 'syz.4.345': attribute type 30 has an invalid length.
[   56.943288][ T4607] loop2: detected capacity change from 0 to 512
[   56.960706][ T4603] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.974033][ T4603] ext4 filesystem being mounted at /66/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   56.981279][ T4607] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.997443][ T4607] ext4 filesystem being mounted at /65/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   56.997450][ T4603] netdevsim netdevsim3: Direct firmware load for þ failed with error -2
[   57.045677][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.072537][ T4607] netdevsim netdevsim2: Direct firmware load for þ failed with error -2
[   57.145204][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.246382][ T4632] SELinux:  Context @ is not valid (left unmapped).
[   57.290522][ T4636] cgroup: Unexpected value for 'nofavordynmods'
[   57.322482][ T4638] loop0: detected capacity change from 0 to 128
[   57.329119][ T4638] ext4: Unknown parameter 'smackfsdef'
[   57.359326][ T4642] netlink: 'syz.4.358': attribute type 30 has an invalid length.
[   57.380326][ T4643] loop2: detected capacity change from 0 to 512
[   57.518958][ T4643] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.559684][ T4643] ext4 filesystem being mounted at /68/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   57.580809][ T4643] netdevsim netdevsim2: Direct firmware load for þ failed with error -2
[   57.623199][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.677602][ T4667] loop1: detected capacity change from 0 to 512
[   57.696082][ T4669] loop2: detected capacity change from 0 to 512
[   57.723298][ T4667] FAULT_INJECTION: forcing a failure.
[   57.723298][ T4667] name failslab, interval 1, probability 0, space 0, times 0
[   57.727457][ T4670] lo speed is unknown, defaulting to 1000
[   57.735999][ T4667] CPU: 0 UID: 0 PID: 4667 Comm: syz.1.369 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   57.736032][ T4667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   57.736050][ T4667] Call Trace:
[   57.736059][ T4667]  <TASK>
[   57.736070][ T4667]  __dump_stack+0x1d/0x30
[   57.736104][ T4667]  dump_stack_lvl+0xe8/0x140
[   57.736181][ T4667]  dump_stack+0x15/0x1b
[   57.736207][ T4667]  should_fail_ex+0x265/0x280
[   57.736236][ T4667]  should_failslab+0x8c/0xb0
[   57.736281][ T4667]  kmem_cache_alloc_noprof+0x50/0x480
[   57.736323][ T4667]  ? getname_flags+0x80/0x3b0
[   57.736394][ T4667]  getname_flags+0x80/0x3b0
[   57.736436][ T4667]  __se_sys_move_mount+0x168/0x490
[   57.736555][ T4667]  ? fput+0x8f/0xc0
[   57.736622][ T4667]  __x64_sys_move_mount+0x67/0x80
[   57.736661][ T4667]  x64_sys_call+0xcfe/0x3000
[   57.736694][ T4667]  do_syscall_64+0xd2/0x200
[   57.736722][ T4667]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   57.736775][ T4667]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   57.736870][ T4667]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.736963][ T4667] RIP: 0033:0x7f8e2febf6c9
[   57.736994][ T4667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.737018][ T4667] RSP: 002b:00007f8e2e91f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ad
[   57.737041][ T4667] RAX: ffffffffffffffda RBX: 00007f8e30115fa0 RCX: 00007f8e2febf6c9
[   57.737057][ T4667] RDX: ffffffffffffff9c RSI: 0000200000000140 RDI: 0000000000000004
[   57.737073][ T4667] RBP: 00007f8e2e91f090 R08: 0003000000000000 R09: 0000000000000000
[   57.737090][ T4667] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001
[   57.737120][ T4667] R13: 00007f8e30116038 R14: 00007f8e30115fa0 R15: 00007ffc4714eb08
[   57.737143][ T4667]  </TASK>
[   57.925385][ T4674] loop4: detected capacity change from 0 to 1024
[   57.966281][ T4674] EXT4-fs: Ignoring removed oldalloc option
[   57.972333][ T4674] EXT4-fs: Ignoring removed bh option
[   58.110269][ T4674] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.247905][ T4686] lo speed is unknown, defaulting to 1000
[   58.378865][ T4674] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[   58.703139][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.717247][ T4693] cgroup: No subsys list or none specified
[   59.096672][ T4702] FAULT_INJECTION: forcing a failure.
[   59.096672][ T4702] name failslab, interval 1, probability 0, space 0, times 0
[   59.109464][ T4702] CPU: 0 UID: 0 PID: 4702 Comm: syz.4.380 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   59.109493][ T4702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   59.109505][ T4702] Call Trace:
[   59.109510][ T4702]  <TASK>
[   59.109518][ T4702]  __dump_stack+0x1d/0x30
[   59.109546][ T4702]  dump_stack_lvl+0xe8/0x140
[   59.109572][ T4702]  dump_stack+0x15/0x1b
[   59.109644][ T4702]  should_fail_ex+0x265/0x280
[   59.109669][ T4702]  ? __se_sys_mount+0xef/0x2e0
[   59.109697][ T4702]  should_failslab+0x8c/0xb0
[   59.109737][ T4702]  __kmalloc_cache_noprof+0x4c/0x4a0
[   59.109853][ T4702]  ? memdup_user+0x99/0xd0
[   59.109888][ T4702]  __se_sys_mount+0xef/0x2e0
[   59.109918][ T4702]  ? fput+0x8f/0xc0
[   59.110010][ T4702]  ? ksys_write+0x192/0x1a0
[   59.110103][ T4702]  __x64_sys_mount+0x67/0x80
[   59.110137][ T4702]  x64_sys_call+0x2b51/0x3000
[   59.110184][ T4702]  do_syscall_64+0xd2/0x200
[   59.110205][ T4702]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   59.110242][ T4702]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   59.110347][ T4702]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.110402][ T4702] RIP: 0033:0x7fb189e6f6c9
[   59.110484][ T4702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.110502][ T4702] RSP: 002b:00007fb1888cf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   59.110526][ T4702] RAX: ffffffffffffffda RBX: 00007fb18a0c5fa0 RCX: 00007fb189e6f6c9
[   59.110543][ T4702] RDX: 0000200000000280 RSI: 0000200000000300 RDI: 0000000000000000
[   59.110589][ T4702] RBP: 00007fb1888cf090 R08: 0000200000000040 R09: 0000000000000000
[   59.110605][ T4702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.110618][ T4702] R13: 00007fb18a0c6038 R14: 00007fb18a0c5fa0 R15: 00007ffd22d736e8
[   59.110635][ T4702]  </TASK>
[   59.319185][ T4711] __nla_validate_parse: 6 callbacks suppressed
[   59.319207][ T4711] netlink: 4 bytes leftover after parsing attributes in process `syz.2.383'.
[   59.338408][   T29] kauditd_printk_skb: 286 callbacks suppressed
[   59.338433][   T29] audit: type=1326 audit(1762244667.312:1303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4709 comm="syz.3.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07bf94f6c9 code=0x7ffc0000
[   59.390001][ T4718] netlink: 12 bytes leftover after parsing attributes in process `syz.2.383'.
[   59.401007][   T29] audit: type=1326 audit(1762244667.312:1304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4709 comm="syz.3.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f07bf94f6c9 code=0x7ffc0000
[   59.424332][   T29] audit: type=1326 audit(1762244667.312:1305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4709 comm="syz.3.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07bf94f6c9 code=0x7ffc0000
[   59.507449][ T4724] netlink: 'syz.2.389': attribute type 12 has an invalid length.
[   59.525083][ T4725] loop2: detected capacity change from 0 to 512
[   59.541582][ T4725] EXT4-fs warning (device loop2): ext4_xattr_inode_get:560: inode #11: comm syz.2.389: EA inode hash validation failed
[   59.554602][ T4725] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   59.573821][ T4725] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #15: comm syz.2.389: corrupted inode contents
[   59.610526][ T4736] FAULT_INJECTION: forcing a failure.
[   59.610526][ T4736] name failslab, interval 1, probability 0, space 0, times 0
[   59.623290][ T4736] CPU: 1 UID: 0 PID: 4736 Comm: syz.3.392 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   59.623322][ T4736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   59.623337][ T4736] Call Trace:
[   59.623344][ T4736]  <TASK>
[   59.623352][ T4736]  __dump_stack+0x1d/0x30
[   59.623378][ T4736]  dump_stack_lvl+0xe8/0x140
[   59.623414][ T4736]  dump_stack+0x15/0x1b
[   59.623432][ T4736]  should_fail_ex+0x265/0x280
[   59.623455][ T4736]  should_failslab+0x8c/0xb0
[   59.623490][ T4736]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[   59.623539][ T4736]  ? security_context_to_sid_core+0x69/0x3b0
[   59.623576][ T4736]  kmemdup_nul+0x36/0xc0
[   59.623610][ T4736]  security_context_to_sid_core+0x69/0x3b0
[   59.623682][ T4736]  security_context_to_sid_force+0x30/0x40
[   59.623755][ T4736]  selinux_inode_setxattr+0x4e8/0x6e0
[   59.623794][ T4736]  ? mntput+0x4b/0x80
[   59.623817][ T4736]  security_inode_setxattr+0x13a/0x1b0
[   59.623847][ T4736]  __vfs_setxattr_locked+0x83/0x1d0
[   59.623930][ T4736]  vfs_setxattr+0x132/0x270
[   59.623964][ T4736]  file_setxattr+0x139/0x1b0
[   59.624009][ T4736]  path_setxattrat+0x290/0x310
[   59.624053][ T4736]  __x64_sys_fsetxattr+0x6b/0x80
[   59.624087][ T4736]  x64_sys_call+0x1ced/0x3000
[   59.624115][ T4736]  do_syscall_64+0xd2/0x200
[   59.624183][ T4736]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   59.624216][ T4736]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   59.624312][ T4736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.624338][ T4736] RIP: 0033:0x7f07bf94f6c9
[   59.624355][ T4736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.624373][ T4736] RSP: 002b:00007f07be3af038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[   59.624396][ T4736] RAX: ffffffffffffffda RBX: 00007f07bfba5fa0 RCX: 00007f07bf94f6c9
[   59.624451][ T4736] RDX: 0000200000000080 RSI: 0000200000000000 RDI: 0000000000000004
[   59.624469][ T4736] RBP: 00007f07be3af090 R08: 0000000000000000 R09: 0000000000000000
[   59.624483][ T4736] R10: 00000000000003c8 R11: 0000000000000246 R12: 0000000000000001
[   59.624498][ T4736] R13: 00007f07bfba6038 R14: 00007f07bfba5fa0 R15: 00007ffdb0c8c928
[   59.624521][ T4736]  </TASK>
[   59.847860][ T4725] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #15: comm syz.2.389: mark_inode_dirty error
[   59.862888][ T4721] loop4: detected capacity change from 0 to 1024
[   59.875096][ T4725] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #15: comm syz.2.389: corrupted inode contents
[   59.887131][ T4725] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2996: inode #15: comm syz.2.389: mark_inode_dirty error
[   59.904398][ T4725] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2999: inode #15: comm syz.2.389: mark inode dirty (error -117)
[   59.933965][ T4739] loop3: detected capacity change from 0 to 8192
[   59.937791][   T29] audit: type=1400 audit(1762244667.892:1306): avc:  denied  { ioctl } for  pid=4714 comm="syz.4.385" path="/85/file1/file1" dev="loop4" ino=15 ioctlcmd=0x5512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   59.957786][ T4725] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[   59.974523][ T4725] EXT4-fs (loop2): 1 orphan inode deleted
[   59.986358][ T4739]  loop3: p2 p3 p4
[   59.990756][ T4739] loop3: p2 start 2936012800 is beyond EOD, truncated
[   59.997570][ T4739] loop3: p3 start 1912602624 is beyond EOD, truncated
[   60.004426][ T4739] loop3: p4 size 656640 extends beyond EOD, truncated
[   60.027828][ T4739] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   60.038005][   T29] audit: type=1326 audit(1762244667.992:1307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4738 comm="syz.3.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07bf94f6c9 code=0x7ffc0000
[   60.061490][   T29] audit: type=1326 audit(1762244667.992:1308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4738 comm="syz.3.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f07bf94f6c9 code=0x7ffc0000
[   60.084856][   T29] audit: type=1326 audit(1762244667.992:1309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4738 comm="syz.3.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07bf94f6c9 code=0x7ffc0000
[   60.108242][   T29] audit: type=1326 audit(1762244667.992:1310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4738 comm="syz.3.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07bf94f6c9 code=0x7ffc0000
[   60.131612][   T29] audit: type=1326 audit(1762244667.992:1311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4738 comm="syz.3.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f07bf94f6c9 code=0x7ffc0000
[   60.154973][   T29] audit: type=1326 audit(1762244667.992:1312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4738 comm="syz.3.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07bf94f6c9 code=0x7ffc0000
[   60.180512][ T4739] netlink: 4 bytes leftover after parsing attributes in process `syz.3.393'.
[   60.223343][ T4739] SELinux:  Context system_u:object_r:getty_etc_t:s0 is not valid (left unmapped).
[   60.279151][ T4756] loop4: detected capacity change from 0 to 1024
[   60.295061][ T4759] netlink: 'syz.2.399': attribute type 30 has an invalid length.
[   60.347653][ T4770] netlink: 40 bytes leftover after parsing attributes in process `syz.0.402'.
[   60.396376][ T4775] netlink: 40 bytes leftover after parsing attributes in process `syz.4.403'.
[   60.657993][ T4799] lo speed is unknown, defaulting to 1000
[   60.737747][ T4803] netlink: 8 bytes leftover after parsing attributes in process `syz.0.413'.
[   60.763955][ T4805] netlink: 'syz.2.405': attribute type 1 has an invalid length.
[   60.771637][ T4805] netlink: 224 bytes leftover after parsing attributes in process `syz.2.405'.
[   60.784091][ T4806] 9pnet_fd: Insufficient options for proto=fd
[   60.851653][ T4809] netlink: 40 bytes leftover after parsing attributes in process `syz.4.415'.
[   61.030353][ T4814] FAULT_INJECTION: forcing a failure.
[   61.030353][ T4814] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   61.043674][ T4814] CPU: 1 UID: 0 PID: 4814 Comm: syz.4.416 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   61.043716][ T4814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   61.043731][ T4814] Call Trace:
[   61.043737][ T4814]  <TASK>
[   61.043750][ T4814]  __dump_stack+0x1d/0x30
[   61.043773][ T4814]  dump_stack_lvl+0xe8/0x140
[   61.043827][ T4814]  dump_stack+0x15/0x1b
[   61.043850][ T4814]  should_fail_ex+0x265/0x280
[   61.043875][ T4814]  should_fail+0xb/0x20
[   61.043893][ T4814]  should_fail_usercopy+0x1a/0x20
[   61.043920][ T4814]  _copy_from_user+0x1c/0xb0
[   61.044033][ T4814]  get_sg_io_hdr+0x82/0x360
[   61.044058][ T4814]  ? path_openat+0x1bf8/0x2170
[   61.044140][ T4814]  ? __rcu_read_unlock+0x4f/0x70
[   61.044175][ T4814]  sg_new_write+0xc3/0x890
[   61.044224][ T4814]  ? do_vfs_ioctl+0x866/0xe10
[   61.044285][ T4814]  sg_ioctl+0xb81/0x1360
[   61.044316][ T4814]  ? __pfx_sg_ioctl+0x10/0x10
[   61.044423][ T4814]  __se_sys_ioctl+0xce/0x140
[   61.044449][ T4814]  __x64_sys_ioctl+0x43/0x50
[   61.044541][ T4814]  x64_sys_call+0x1816/0x3000
[   61.044570][ T4814]  do_syscall_64+0xd2/0x200
[   61.044591][ T4814]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   61.044664][ T4814]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   61.044702][ T4814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.044763][ T4814] RIP: 0033:0x7fb189e6f6c9
[   61.044779][ T4814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.044867][ T4814] RSP: 002b:00007fb1888cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   61.044887][ T4814] RAX: ffffffffffffffda RBX: 00007fb18a0c5fa0 RCX: 00007fb189e6f6c9
[   61.044899][ T4814] RDX: 0000200000000040 RSI: 0000000000002285 RDI: 0000000000000005
[   61.044920][ T4814] RBP: 00007fb1888cf090 R08: 0000000000000000 R09: 0000000000000000
[   61.044935][ T4814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.044965][ T4814] R13: 00007fb18a0c6038 R14: 00007fb18a0c5fa0 R15: 00007ffd22d736e8
[   61.044998][ T4814]  </TASK>
[   61.298175][ T4818] loop1: detected capacity change from 0 to 512
[   61.326014][ T4818] ext4 filesystem being mounted at /85/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   61.355180][ T4822] loop4: detected capacity change from 0 to 512
[   61.363948][ T4818] netlink: 96 bytes leftover after parsing attributes in process `syz.1.418'.
[   61.448891][ T4818] netdevsim netdevsim1: Direct firmware load for þ failed with error -2
[   61.487372][ T4822] ext4 filesystem being mounted at /95/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   61.512803][ T4822] netlink: 96 bytes leftover after parsing attributes in process `syz.4.419'.
[   61.532026][ T4822] netdevsim netdevsim4: Direct firmware load for þ failed with error -2
[   61.621311][ T4835] loop1: detected capacity change from 0 to 1024
[   61.641424][ T4835] EXT4-fs: inline encryption not supported
[   61.647309][ T4835] EXT4-fs: Ignoring removed orlov option
[   61.655753][ T4835] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   61.690859][ T4835] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840c019, mo2=0002]
[   61.699151][ T4835] System zones: 0-1, 3-12
[   61.738312][ T4847] netlink: 'syz.4.427': attribute type 30 has an invalid length.
[   61.930175][ T4853] Driver unsupported XDP return value 0 on prog  (id 322) dev N/A, expect packet loss!
[   62.129727][ T4871] loop4: detected capacity change from 0 to 2048
[   62.199124][ T4850] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   62.223381][ T4850] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   62.254094][ T4839] loop2: detected capacity change from 0 to 2048
[   62.321855][ T4839] Alternate GPT is invalid, using primary GPT.
[   62.328312][ T4839]  loop2: p2 p3 p7
[   62.448241][ T4880] netlink: 'syz.3.440': attribute type 13 has an invalid length.
[   62.456049][ T4880] netlink: 'syz.3.440': attribute type 17 has an invalid length.
[   62.518695][ T4880] $Hÿ: left promiscuous mode
[   62.523625][ T4880] bond_slave_0: left promiscuous mode
[   62.529160][ T4880] bond_slave_1: left promiscuous mode
[   62.541132][ T4880] 8021q: adding VLAN 0 to HW filter on device $Hÿ
[   62.574585][ T4880] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   62.595933][ T4878] lo speed is unknown, defaulting to 1000
[   62.806205][ T4894] loop2: detected capacity change from 0 to 2048
[   62.876810][ T4898] syz.3.446 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   62.888330][ T4898] devpts: Invalid gid '0x00000000ffffffff'
[   62.898390][ T4894] Alternate GPT is invalid, using primary GPT.
[   62.904958][ T4894]  loop2: p1 p2 p3
[   62.932224][ T4908] loop0: detected capacity change from 0 to 128
[   62.975170][ T3304] udevd[3304]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   62.982148][ T3302] udevd[3302]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[   62.985902][ T3484] udevd[3484]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[   63.069533][ T4908] syz.0.448: attempt to access beyond end of device
[   63.069533][ T4908] loop0: rw=2049, sector=185, nr_sectors = 32 limit=128
[   63.087621][ T4908] syz.0.448: attempt to access beyond end of device
[   63.087621][ T4908] loop0: rw=2049, sector=225, nr_sectors = 8 limit=128
[   63.105694][ T4908] syz.0.448: attempt to access beyond end of device
[   63.105694][ T4908] loop0: rw=2049, sector=241, nr_sectors = 8 limit=128
[   63.132880][ T4908] syz.0.448: attempt to access beyond end of device
[   63.132880][ T4908] loop0: rw=2049, sector=257, nr_sectors = 8 limit=128
[   63.150041][ T4908] syz.0.448: attempt to access beyond end of device
[   63.150041][ T4908] loop0: rw=2049, sector=273, nr_sectors = 8 limit=128
[   63.167556][ T4908] syz.0.448: attempt to access beyond end of device
[   63.167556][ T4908] loop0: rw=2049, sector=289, nr_sectors = 8 limit=128
[   63.187648][ T4908] syz.0.448: attempt to access beyond end of device
[   63.187648][ T4908] loop0: rw=2049, sector=305, nr_sectors = 8 limit=128
[   63.214345][ T4908] syz.0.448: attempt to access beyond end of device
[   63.214345][ T4908] loop0: rw=2049, sector=321, nr_sectors = 8 limit=128
[   63.228190][ T4908] syz.0.448: attempt to access beyond end of device
[   63.228190][ T4908] loop0: rw=2049, sector=337, nr_sectors = 8 limit=128
[   63.254416][ T4930] FAULT_INJECTION: forcing a failure.
[   63.254416][ T4930] name failslab, interval 1, probability 0, space 0, times 0
[   63.267232][ T4930] CPU: 1 UID: 0 PID: 4930 Comm: syz.4.459 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   63.267330][ T4930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   63.267346][ T4930] Call Trace:
[   63.267353][ T4930]  <TASK>
[   63.267362][ T4930]  __dump_stack+0x1d/0x30
[   63.267391][ T4930]  dump_stack_lvl+0xe8/0x140
[   63.267425][ T4930]  dump_stack+0x15/0x1b
[   63.267447][ T4930]  should_fail_ex+0x265/0x280
[   63.267526][ T4930]  should_failslab+0x8c/0xb0
[   63.267564][ T4930]  kmem_cache_alloc_noprof+0x50/0x480
[   63.267612][ T4930]  ? audit_log_start+0x342/0x720
[   63.267650][ T4930]  audit_log_start+0x342/0x720
[   63.267676][ T4930]  ? kstrtouint+0x76/0xc0
[   63.267715][ T4930]  audit_seccomp+0x48/0x100
[   63.267843][ T4930]  ? __seccomp_filter+0x82d/0x1250
[   63.267868][ T4930]  __seccomp_filter+0x83e/0x1250
[   63.267894][ T4930]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   63.267990][ T4930]  ? vfs_write+0x7e8/0x960
[   63.268020][ T4930]  ? __rcu_read_unlock+0x4f/0x70
[   63.268051][ T4930]  ? __fget_files+0x184/0x1c0
[   63.268123][ T4930]  __secure_computing+0x82/0x150
[   63.268156][ T4930]  syscall_trace_enter+0xcf/0x1e0
[   63.268191][ T4930]  do_syscall_64+0xac/0x200
[   63.268214][ T4930]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   63.268256][ T4930]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   63.268304][ T4930]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.268330][ T4930] RIP: 0033:0x7fb189e6f6c9
[   63.268363][ T4930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.268384][ T4930] RSP: 002b:00007fb1888cf038 EFLAGS: 00000246 ORIG_RAX: 00000000000001c3
[   63.268406][ T4930] RAX: ffffffffffffffda RBX: 00007fb18a0c5fa0 RCX: 00007fb189e6f6c9
[   63.268442][ T4930] RDX: 00002000000014c0 RSI: 00002000000017c0 RDI: 0000000000000005
[   63.268457][ T4930] RBP: 00007fb1888cf090 R08: 0000000000000000 R09: 0000000000000000
[   63.268471][ T4930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   63.268594][ T4930] R13: 00007fb18a0c6038 R14: 00007fb18a0c5fa0 R15: 00007ffd22d736e8
[   63.268618][ T4930]  </TASK>
[   63.277615][ T4932] loop2: detected capacity change from 0 to 1024
[   63.282164][ T4908] syz.0.448: attempt to access beyond end of device
[   63.282164][ T4908] loop0: rw=2049, sector=353, nr_sectors = 8 limit=128
[   63.326847][ T4932] EXT4-fs: Ignoring removed oldalloc option
[   63.505714][ T4932] EXT4-fs: Ignoring removed bh option
[   63.546846][ T4932] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[   63.567507][ T4944] FAULT_INJECTION: forcing a failure.
[   63.567507][ T4944] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   63.580724][ T4944] CPU: 0 UID: 0 PID: 4944 Comm: syz.4.463 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   63.580758][ T4944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   63.580773][ T4944] Call Trace:
[   63.580780][ T4944]  <TASK>
[   63.580787][ T4944]  __dump_stack+0x1d/0x30
[   63.580817][ T4944]  dump_stack_lvl+0xe8/0x140
[   63.580893][ T4944]  dump_stack+0x15/0x1b
[   63.580918][ T4944]  should_fail_ex+0x265/0x280
[   63.580942][ T4944]  should_fail+0xb/0x20
[   63.580957][ T4944]  should_fail_usercopy+0x1a/0x20
[   63.580978][ T4944]  _copy_from_user+0x1c/0xb0
[   63.581086][ T4944]  get_sg_io_hdr+0x82/0x360
[   63.581120][ T4944]  ? path_openat+0x1bf8/0x2170
[   63.581141][ T4944]  ? __rcu_read_unlock+0x4f/0x70
[   63.581220][ T4944]  sg_new_write+0xc3/0x890
[   63.581257][ T4944]  ? do_vfs_ioctl+0x866/0xe10
[   63.581279][ T4944]  sg_ioctl+0xb81/0x1360
[   63.581325][ T4944]  ? __pfx_sg_ioctl+0x10/0x10
[   63.581397][ T4944]  __se_sys_ioctl+0xce/0x140
[   63.581418][ T4944]  __x64_sys_ioctl+0x43/0x50
[   63.581441][ T4944]  x64_sys_call+0x1816/0x3000
[   63.581470][ T4944]  do_syscall_64+0xd2/0x200
[   63.581539][ T4944]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   63.581611][ T4944]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   63.581647][ T4944]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.581675][ T4944] RIP: 0033:0x7fb189e6f6c9
[   63.581694][ T4944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.581717][ T4944] RSP: 002b:00007fb1888cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   63.581741][ T4944] RAX: ffffffffffffffda RBX: 00007fb18a0c5fa0 RCX: 00007fb189e6f6c9
[   63.581756][ T4944] RDX: 0000200000000040 RSI: 0000000000002285 RDI: 0000000000000004
[   63.581773][ T4944] RBP: 00007fb1888cf090 R08: 0000000000000000 R09: 0000000000000000
[   63.581788][ T4944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   63.581801][ T4944] R13: 00007fb18a0c6038 R14: 00007fb18a0c5fa0 R15: 00007ffd22d736e8
[   63.581824][ T4944]  </TASK>
[   63.902299][ T4959] 9p: Unknown Cache mode or invalid value reawahead
[   63.929072][ T4961] lo speed is unknown, defaulting to 1000
[   64.292865][ T4973] $Hÿ: entered promiscuous mode
[   64.298064][ T4973] bond_slave_0: entered promiscuous mode
[   64.303822][ T4973] bond_slave_1: entered promiscuous mode
[   64.320051][ T4977] __nla_validate_parse: 5 callbacks suppressed
[   64.320142][ T4977] netlink: 40 bytes leftover after parsing attributes in process `syz.4.478'.
[   64.457854][   T29] kauditd_printk_skb: 242 callbacks suppressed
[   64.457873][   T29] audit: type=1326 audit(1762244672.422:1553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4947 comm="syz.1.465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e2febf6c9 code=0x7ffc0000
[   64.511631][ T4987] loop3: detected capacity change from 0 to 512
[   64.525337][   T29] audit: type=1326 audit(1762244672.422:1554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4947 comm="syz.1.465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e2febf6c9 code=0x7ffc0000
[   64.561132][ T4987] ext4 filesystem being mounted at /96/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   64.576360][ T4987] netlink: 96 bytes leftover after parsing attributes in process `syz.3.482'.
[   64.587891][ T4987] netdevsim netdevsim3: Direct firmware load for þ failed with error -2
[   64.609148][ T4993] loop4: detected capacity change from 0 to 1024
[   64.629360][ T4993] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   64.639038][ T4995] FAULT_INJECTION: forcing a failure.
[   64.639038][ T4995] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   64.652214][ T4995] CPU: 0 UID: 0 PID: 4995 Comm: syz.1.486 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   64.652240][ T4995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   64.652252][ T4995] Call Trace:
[   64.652264][ T4995]  <TASK>
[   64.652273][ T4995]  __dump_stack+0x1d/0x30
[   64.652303][ T4995]  dump_stack_lvl+0xe8/0x140
[   64.652334][ T4995]  dump_stack+0x15/0x1b
[   64.652356][ T4995]  should_fail_ex+0x265/0x280
[   64.652382][ T4995]  should_fail+0xb/0x20
[   64.652402][ T4995]  should_fail_usercopy+0x1a/0x20
[   64.652497][ T4995]  _copy_from_user+0x1c/0xb0
[   64.652527][ T4995]  ___sys_sendmsg+0xc1/0x1d0
[   64.652600][ T4995]  __x64_sys_sendmsg+0xd4/0x160
[   64.652629][ T4995]  x64_sys_call+0x191e/0x3000
[   64.652706][ T4995]  do_syscall_64+0xd2/0x200
[   64.652729][ T4995]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   64.652757][ T4995]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   64.652786][ T4995]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.652840][ T4995] RIP: 0033:0x7f8e2febf6c9
[   64.652858][ T4995] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.652878][ T4995] RSP: 002b:00007f8e2e91f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   64.652985][ T4995] RAX: ffffffffffffffda RBX: 00007f8e30115fa0 RCX: 00007f8e2febf6c9
[   64.653002][ T4995] RDX: 0000000000000000 RSI: 00002000000005c0 RDI: 0000000000000006
[   64.653014][ T4995] RBP: 00007f8e2e91f090 R08: 0000000000000000 R09: 0000000000000000
[   64.653066][ T4995] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   64.653091][ T4995] R13: 00007f8e30116038 R14: 00007f8e30115fa0 R15: 00007ffc4714eb08
[   64.653114][ T4995]  </TASK>
[   64.854748][ T5002] netlink: 'syz.4.488': attribute type 10 has an invalid length.
[   64.873514][ T5002] team0: Port device dummy0 added
[   64.892520][ T5002] netlink: 'syz.4.488': attribute type 10 has an invalid length.
[   64.905037][ T5006] netlink: 40 bytes leftover after parsing attributes in process `syz.3.490'.
[   64.916157][ T5008] netlink: 'syz.0.489': attribute type 10 has an invalid length.
[   64.924757][ T5002] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   64.945449][ T5002] team0: Failed to send options change via netlink (err -105)
[   64.953556][ T5002] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   64.963815][ T5002] team0: Port device dummy0 removed
[   64.970582][ T5012] netlink: 'syz.0.489': attribute type 10 has an invalid length.
[   64.973265][ T5002] dummy0: entered promiscuous mode
[   64.991678][ T5002] $Hÿ: (slave dummy0): Enslaving as an active interface with an up link
[   65.034108][ T5008] team0: Port device dummy0 added
[   65.043648][ T5012] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   65.070387][ T5012] team0: Failed to send options change via netlink (err -105)
[   65.081217][ T5012] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   65.100974][ T5012] team0: Port device dummy0 removed
[   65.110711][ T5012] $Hÿ: (slave dummy0): Enslaving as an active interface with an up link
[   65.185398][   T29] audit: type=1326 audit(1762244673.152:1555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5029 comm="syz.1.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e2febf6c9 code=0x7ffc0000
[   65.208766][   T29] audit: type=1326 audit(1762244673.152:1556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5029 comm="syz.1.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e2febf6c9 code=0x7ffc0000
[   65.232237][   T29] audit: type=1326 audit(1762244673.152:1557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5029 comm="syz.1.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f8e2febf6c9 code=0x7ffc0000
[   65.255531][   T29] audit: type=1326 audit(1762244673.152:1558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5029 comm="syz.1.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e2febf6c9 code=0x7ffc0000
[   65.278951][   T29] audit: type=1326 audit(1762244673.152:1559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5029 comm="syz.1.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e2febf6c9 code=0x7ffc0000
[   65.302284][   T29] audit: type=1326 audit(1762244673.152:1560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5029 comm="syz.1.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e2febf6c9 code=0x7ffc0000
[   65.325786][   T29] audit: type=1326 audit(1762244673.152:1561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5029 comm="syz.1.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e2febf6c9 code=0x7ffc0000
[   65.349256][   T29] audit: type=1326 audit(1762244673.152:1562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5029 comm="syz.1.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f8e2febf6c9 code=0x7ffc0000
[   65.505831][ T5038] program syz.3.501 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   65.533898][ T5045] lo speed is unknown, defaulting to 1000
[   65.557683][ T5051] program syz.3.501 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   65.792578][ T5072] netlink: 'syz.3.503': attribute type 30 has an invalid length.
[   65.954194][ T5075] netlink: 76 bytes leftover after parsing attributes in process `syz.3.504'.
[   65.963144][ T5075] netlink: 76 bytes leftover after parsing attributes in process `syz.3.504'.
[   66.130402][ T5081] netlink: 40 bytes leftover after parsing attributes in process `syz.3.506'.
[   66.744033][ T5091] 9pnet_fd: Insufficient options for proto=fd
[   66.768046][ T5096] lo speed is unknown, defaulting to 1000
[   66.829980][ T5100] netlink: 'syz.0.507': attribute type 1 has an invalid length.
[   66.837689][ T5100] netlink: 224 bytes leftover after parsing attributes in process `syz.0.507'.
[   66.899527][ T5106] netlink: 'syz.4.515': attribute type 30 has an invalid length.
[   67.108672][ T5116] netlink: 40 bytes leftover after parsing attributes in process `syz.4.518'.
[   67.431249][ T5111] loop3: detected capacity change from 0 to 512
[   67.438627][ T5111] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   67.560014][ T5111] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   67.588003][ T5111] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.517: bg 0: block 248: padding at end of block bitmap is not set
[   67.658910][ T5136] 9pnet_fd: Insufficient options for proto=fd
[   67.755423][ T5111] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.517: Failed to acquire dquot type 1
[   67.839337][ T5111] EXT4-fs (loop3): 1 truncate cleaned up
[   68.020208][ T5145] loop1: detected capacity change from 0 to 1024
[   68.027052][ T5145] EXT4-fs: Ignoring removed oldalloc option
[   68.033092][ T5145] EXT4-fs: Ignoring removed bh option
[   68.064934][ T5111] syz.3.517 (5111) used greatest stack depth: 8936 bytes left
[   68.087319][ T5145] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[   68.181117][ T5161] loop3: detected capacity change from 0 to 512
[   68.194790][ T5161] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   68.290166][ T5179] FAT-fs (loop3): error, invalid access to FAT (entry 0x0fffff00)
[   68.337851][ T5184] sctp: [Deprecated]: syz.1.541 (pid 5184) Use of struct sctp_assoc_value in delayed_ack socket option.
[   68.337851][ T5184] Use struct sctp_sack_info instead
[   68.363368][ T5184] netlink: 14 bytes leftover after parsing attributes in process `syz.1.541'.
[   68.378752][ T5184] hsr_slave_0: left promiscuous mode
[   68.387747][ T5189] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[   68.389856][ T5184] hsr_slave_1: left promiscuous mode
[   68.394398][ T5189] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   68.394668][ T5189] vhci_hcd vhci_hcd.0: Device attached
[   68.416899][ T5190] usbip_core: unknown command
[   68.421874][ T5190] vhci_hcd: unknown pdu 2844066640
[   68.427178][ T5190] usbip_core: unknown command
[   68.432381][   T12] vhci_hcd: stop threads
[   68.436654][   T12] vhci_hcd: release socket
[   68.441244][   T12] vhci_hcd: disconnect device
[   68.497229][ T5199] FAULT_INJECTION: forcing a failure.
[   68.497229][ T5199] name failslab, interval 1, probability 0, space 0, times 0
[   68.509954][ T5199] CPU: 0 UID: 0 PID: 5199 Comm: syz.1.544 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   68.509990][ T5199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   68.510001][ T5199] Call Trace:
[   68.510018][ T5199]  <TASK>
[   68.510027][ T5199]  __dump_stack+0x1d/0x30
[   68.510055][ T5199]  dump_stack_lvl+0xe8/0x140
[   68.510079][ T5199]  dump_stack+0x15/0x1b
[   68.510165][ T5199]  should_fail_ex+0x265/0x280
[   68.510184][ T5199]  should_failslab+0x8c/0xb0
[   68.510268][ T5199]  kmem_cache_alloc_noprof+0x50/0x480
[   68.510330][ T5199]  ? getname_flags+0x80/0x3b0
[   68.510371][ T5199]  getname_flags+0x80/0x3b0
[   68.510408][ T5199]  __se_sys_quotactl+0x16a/0x670
[   68.510443][ T5199]  __x64_sys_quotactl+0x55/0x70
[   68.510492][ T5199]  x64_sys_call+0x15d6/0x3000
[   68.510521][ T5199]  do_syscall_64+0xd2/0x200
[   68.510544][ T5199]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   68.510575][ T5199]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   68.510678][ T5199]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.510719][ T5199] RIP: 0033:0x7f8e2febf6c9
[   68.510735][ T5199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.510788][ T5199] RSP: 002b:00007f8e2e91f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[   68.510807][ T5199] RAX: ffffffffffffffda RBX: 00007f8e30115fa0 RCX: 00007f8e2febf6c9
[   68.510821][ T5199] RDX: 0000000000000000 RSI: 0000200000000200 RDI: ffffffff80000401
[   68.510833][ T5199] RBP: 00007f8e2e91f090 R08: 0000000000000000 R09: 0000000000000000
[   68.510846][ T5199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.510858][ T5199] R13: 00007f8e30116038 R14: 00007f8e30115fa0 R15: 00007ffc4714eb08
[   68.510877][ T5199]  </TASK>
[   68.745268][ T5207] loop3: detected capacity change from 0 to 1024
[   68.752229][ T5207] EXT4-fs: Ignoring removed oldalloc option
[   68.758266][ T5207] EXT4-fs: Ignoring removed bh option
[   68.777655][ T5207] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[   68.845402][ T5216] FAULT_INJECTION: forcing a failure.
[   68.845402][ T5216] name failslab, interval 1, probability 0, space 0, times 0
[   68.858116][ T5216] CPU: 0 UID: 0 PID: 5216 Comm: {/}\ Not tainted syzkaller #0 PREEMPT(voluntary) 
[   68.858159][ T5216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   68.858175][ T5216] Call Trace:
[   68.858183][ T5216]  <TASK>
[   68.858192][ T5216]  __dump_stack+0x1d/0x30
[   68.858221][ T5216]  dump_stack_lvl+0xe8/0x140
[   68.858247][ T5216]  dump_stack+0x15/0x1b
[   68.858280][ T5216]  should_fail_ex+0x265/0x280
[   68.858303][ T5216]  ? alloc_pipe_info+0xae/0x350
[   68.858420][ T5216]  should_failslab+0x8c/0xb0
[   68.858456][ T5216]  __kmalloc_cache_noprof+0x4c/0x4a0
[   68.858535][ T5216]  alloc_pipe_info+0xae/0x350
[   68.858602][ T5216]  splice_direct_to_actor+0x592/0x680
[   68.858695][ T5216]  ? __pfx_direct_splice_actor+0x10/0x10
[   68.858773][ T5216]  ? selinux_file_permission+0x2f0/0x320
[   68.858852][ T5216]  do_splice_direct+0xda/0x150
[   68.858882][ T5216]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   68.858977][ T5216]  do_sendfile+0x380/0x650
[   68.859033][ T5216]  __x64_sys_sendfile64+0x105/0x150
[   68.859071][ T5216]  x64_sys_call+0x2bb4/0x3000
[   68.859102][ T5216]  do_syscall_64+0xd2/0x200
[   68.859120][ T5216]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   68.859272][ T5216]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   68.859315][ T5216]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.859344][ T5216] RIP: 0033:0x7f07bf94f6c9
[   68.859363][ T5216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.859385][ T5216] RSP: 002b:00007f07be3af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   68.859410][ T5216] RAX: ffffffffffffffda RBX: 00007f07bfba5fa0 RCX: 00007f07bf94f6c9
[   68.859492][ T5216] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006
[   68.859504][ T5216] RBP: 00007f07be3af090 R08: 0000000000000000 R09: 0000000000000000
[   68.859515][ T5216] R10: 000000007ffff088 R11: 0000000000000246 R12: 0000000000000001
[   68.859527][ T5216] R13: 00007f07bfba6038 R14: 00007f07bfba5fa0 R15: 00007ffdb0c8c928
[   68.859550][ T5216]  </TASK>
[   69.113770][ T5224] FAULT_INJECTION: forcing a failure.
[   69.113770][ T5224] name failslab, interval 1, probability 0, space 0, times 0
[   69.126484][ T5224] CPU: 1 UID: 0 PID: 5224 Comm: syz.0.555 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   69.126516][ T5224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   69.126532][ T5224] Call Trace:
[   69.126540][ T5224]  <TASK>
[   69.126547][ T5224]  __dump_stack+0x1d/0x30
[   69.126611][ T5224]  dump_stack_lvl+0xe8/0x140
[   69.126651][ T5224]  dump_stack+0x15/0x1b
[   69.126675][ T5224]  should_fail_ex+0x265/0x280
[   69.126701][ T5224]  should_failslab+0x8c/0xb0
[   69.126758][ T5224]  kmem_cache_alloc_noprof+0x50/0x480
[   69.126796][ T5224]  ? getname_flags+0x80/0x3b0
[   69.126838][ T5224]  getname_flags+0x80/0x3b0
[   69.126888][ T5224]  __se_sys_move_mount+0x168/0x490
[   69.126920][ T5224]  ? fput+0x8f/0xc0
[   69.126939][ T5224]  __x64_sys_move_mount+0x67/0x80
[   69.127088][ T5224]  x64_sys_call+0xcfe/0x3000
[   69.127112][ T5224]  do_syscall_64+0xd2/0x200
[   69.127131][ T5224]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   69.127166][ T5224]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   69.127251][ T5224]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.127276][ T5224] RIP: 0033:0x7fda2af7f6c9
[   69.127290][ T5224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.127308][ T5224] RSP: 002b:00007fda299df038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ad
[   69.127332][ T5224] RAX: ffffffffffffffda RBX: 00007fda2b1d5fa0 RCX: 00007fda2af7f6c9
[   69.127349][ T5224] RDX: ffffffffffffff9c RSI: 0000200000000140 RDI: 0000000000000007
[   69.127413][ T5224] RBP: 00007fda299df090 R08: 0003000000000000 R09: 0000000000000000
[   69.127425][ T5224] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001
[   69.127439][ T5224] R13: 00007fda2b1d6038 R14: 00007fda2b1d5fa0 R15: 00007ffd207597a8
[   69.127463][ T5224]  </TASK>
[   69.331081][ T5226] netlink: 'syz.3.556': attribute type 1 has an invalid length.
[   69.402956][ T5236] loop2: detected capacity change from 0 to 1024
[   69.410911][ T5239] netlink: 4 bytes leftover after parsing attributes in process `syz.3.562'.
[   69.440195][ T5236] EXT4-fs: Ignoring removed oldalloc option
[   69.446181][ T5236] EXT4-fs: Ignoring removed bh option
[   69.515021][ T5239] netlink: 'syz.3.562': attribute type 1 has an invalid length.
[   69.550376][ T5236] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[   69.591962][ T5261] netlink: 12 bytes leftover after parsing attributes in process `syz.3.570'.
[   69.601157][ T5261] netlink: 4 bytes leftover after parsing attributes in process `syz.3.570'.
[   69.630651][ T5266] process 'syz.1.572' launched '/dev/fd/5' with NULL argv: empty string added
[   69.640451][   T29] kauditd_printk_skb: 144 callbacks suppressed
[   69.640466][   T29] audit: type=1400 audit(1762244677.602:1705): avc:  denied  { execute } for  pid=5264 comm="syz.1.572" dev="tmpfs" ino=1093 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   69.669598][ T5261] netlink: 12 bytes leftover after parsing attributes in process `syz.3.570'.
[   69.676945][ T3334] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   69.678541][ T5261] netlink: 4 bytes leftover after parsing attributes in process `syz.3.570'.
[   69.698687][ T5261] netlink: 83992 bytes leftover after parsing attributes in process `syz.3.570'.
[   69.708841][ T3334] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   69.711564][ T5270] loop0: detected capacity change from 0 to 128
[   69.723932][ T5261] netlink: zone id is out of range
[   69.729071][ T5261] netlink: zone id is out of range
[   69.734992][ T5261] netlink: zone id is out of range
[   69.740188][ T5261] netlink: zone id is out of range
[   69.759503][ T5261] netlink: zone id is out of range
[   69.764694][ T5261] netlink: zone id is out of range
[   69.901993][ T5272] 9pnet_fd: Insufficient options for proto=fd
[   69.920222][ T5272] lo speed is unknown, defaulting to 1000
[   70.760321][ T3334] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   70.769164][ T3334] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   70.778575][   T29] audit: type=1400 audit(1762244677.682:1706): avc:  denied  { execute_no_trans } for  pid=5264 comm="syz.1.572" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=1093 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   70.808426][   T29] audit: type=1326 audit(1762244677.682:1707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5264 comm="syz.1.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e2febf6c9 code=0x7ffc0000
[   70.812798][ T5261] netlink: zone id is out of range
[   70.831833][   T29] audit: type=1326 audit(1762244677.682:1708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5264 comm="syz.1.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f8e2febf6c9 code=0x7ffc0000
[   70.837162][ T5261] netlink: zone id is out of range
[   70.860233][   T29] audit: type=1326 audit(1762244677.682:1709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5264 comm="syz.1.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e2febf6c9 code=0x7ffc0000
[   70.874997][ T5261] netlink: set zone limit has 8 unknown bytes
[   70.888617][   T29] audit: type=1326 audit(1762244677.682:1710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5264 comm="syz.1.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e2febf6c9 code=0x7ffc0000
[   70.918081][   T29] audit: type=1326 audit(1762244677.682:1711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5264 comm="syz.1.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8e2febf6c9 code=0x7ffc0000
[   70.941396][   T29] audit: type=1326 audit(1762244677.682:1712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5264 comm="syz.1.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e2febf6c9 code=0x7ffc0000
[   70.964758][   T29] audit: type=1326 audit(1762244677.682:1713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5264 comm="syz.1.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f8e2febf6c9 code=0x7ffc0000
[   70.988046][   T29] audit: type=1326 audit(1762244677.702:1714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5264 comm="syz.1.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e2febf6c9 code=0x7ffc0000
[   71.127796][ T3316] EXT4-fs unmount: 23 callbacks suppressed
[   71.127814][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.167723][ T5294] netlink: 4 bytes leftover after parsing attributes in process `syz.3.575'.
[   71.331072][ T5315] netlink: 'syz.1.586': attribute type 30 has an invalid length.
[   71.340921][ T5307] vhci_hcd: invalid port number 96
[   71.346079][ T5307] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[   71.359916][ T5317] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.482575][ T5317] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.499013][ T5324] FAULT_INJECTION: forcing a failure.
[   71.499013][ T5324] name failslab, interval 1, probability 0, space 0, times 0
[   71.511698][ T5324] CPU: 1 UID: 0 PID: 5324 Comm: syz.1.589 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   71.511734][ T5324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   71.511750][ T5324] Call Trace:
[   71.511758][ T5324]  <TASK>
[   71.511767][ T5324]  __dump_stack+0x1d/0x30
[   71.511790][ T5324]  dump_stack_lvl+0xe8/0x140
[   71.511809][ T5324]  dump_stack+0x15/0x1b
[   71.511856][ T5324]  should_fail_ex+0x265/0x280
[   71.511961][ T5324]  should_failslab+0x8c/0xb0
[   71.512002][ T5324]  kmem_cache_alloc_noprof+0x50/0x480
[   71.512080][ T5324]  ? audit_log_start+0x342/0x720
[   71.512108][ T5324]  audit_log_start+0x342/0x720
[   71.512172][ T5324]  ? kstrtouint+0x76/0xc0
[   71.512237][ T5324]  audit_seccomp+0x48/0x100
[   71.512278][ T5324]  ? __seccomp_filter+0x82d/0x1250
[   71.512334][ T5324]  __seccomp_filter+0x83e/0x1250
[   71.512392][ T5324]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   71.512467][ T5324]  ? vfs_write+0x7e8/0x960
[   71.512541][ T5324]  __secure_computing+0x82/0x150
[   71.512577][ T5324]  syscall_trace_enter+0xcf/0x1e0
[   71.512646][ T5324]  do_syscall_64+0xac/0x200
[   71.512671][ T5324]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   71.512705][ T5324]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   71.512764][ T5324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.512800][ T5324] RIP: 0033:0x7f8e2febf6c9
[   71.512819][ T5324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.512920][ T5324] RSP: 002b:00007f8e2e8fe038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[   71.512942][ T5324] RAX: ffffffffffffffda RBX: 00007f8e30116090 RCX: 00007f8e2febf6c9
[   71.512954][ T5324] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 00007f8e2e8ba000
[   71.512970][ T5324] RBP: 00007f8e2e8fe090 R08: 0000000000000000 R09: 0000000000000000
[   71.512991][ T5324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.513007][ T5324] R13: 00007f8e30116128 R14: 00007f8e30116090 R15: 00007ffc4714eb08
[   71.513031][ T5324]  </TASK>
[   71.734918][ T5325] lo speed is unknown, defaulting to 1000
[   71.744966][ T5317] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.794893][ T5325] netlink: 'syz.2.588': attribute type 1 has an invalid length.
[   71.802572][ T5325] netlink: 224 bytes leftover after parsing attributes in process `syz.2.588'.
[   71.832755][ T5317] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.926753][   T31] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.942815][ T4694] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.975932][   T31] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.001128][   T31] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.075040][ T5333] netlink: 4 bytes leftover after parsing attributes in process `syz.3.591'.
[   72.096919][ T5340] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   72.106823][ T5340] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.161150][ T5340] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   72.171003][ T5340] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.235366][ T5352] loop4: detected capacity change from 0 to 512
[   72.257317][ T5352] ext4: Unknown parameter 'permit_directio'
[   72.291290][ T5340] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   72.301152][ T5340] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.481123][ T5340] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   72.491004][ T5340] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.611350][ T5369] 9pnet_fd: Insufficient options for proto=fd
[   72.939202][   T52] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   72.947505][   T52] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.963626][   T52] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   72.971894][   T52] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.980843][   T52] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   72.989193][   T52] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.997731][   T52] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   73.005968][   T52] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.018081][ T5374] loop0: detected capacity change from 0 to 128
[   73.060753][ T5379] netlink: 4 bytes leftover after parsing attributes in process `syz.2.606'.
[   73.191218][ T5382] lo speed is unknown, defaulting to 1000
[   73.300660][ T5391] netlink: 'syz.3.610': attribute type 30 has an invalid length.
[   73.342765][ T5394] loop1: detected capacity change from 0 to 1024
[   73.350243][ T5394] EXT4-fs: Ignoring removed oldalloc option
[   73.356209][ T5394] EXT4-fs: Ignoring removed bh option
[   73.379923][ T5394] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.451298][ T5394] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[   73.466202][ T5404] loop3: detected capacity change from 0 to 1024
[   73.473278][ T5404] EXT4-fs: Ignoring removed oldalloc option
[   73.479458][ T5404] EXT4-fs: Ignoring removed bh option
[   73.511602][ T5404] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.527294][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.532039][ T5404] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[   73.582100][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.625293][ T5415] IPv6: Can't replace route, no match found
[   73.874185][ T5417] loop3: detected capacity change from 0 to 512
[   73.881492][ T5417] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   73.908525][ T5417] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   73.923304][ T5417] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.619: bg 0: block 248: padding at end of block bitmap is not set
[   73.938114][ T5417] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.619: Failed to acquire dquot type 1
[   73.950542][ T5417] EXT4-fs (loop3): 1 truncate cleaned up
[   73.957006][ T5417] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[   73.978698][ T5417] syz.3.619 (5417) used greatest stack depth: 8904 bytes left
[   74.061049][ T5427] 9pnet_fd: Insufficient options for proto=fd
[   74.182845][ T5429] netlink: 'syz.2.622': attribute type 30 has an invalid length.
[   74.269998][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[   74.413537][ T5431] loop4: detected capacity change from 0 to 512
[   74.485910][ T5436] netlink: 'syz.1.625': attribute type 30 has an invalid length.
[   74.506888][ T5438] loop3: detected capacity change from 0 to 512
[   74.541774][ T5438] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.555928][ T5438] ext4 filesystem being mounted at /136/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   74.572024][ T5438] __nla_validate_parse: 1 callbacks suppressed
[   74.572036][ T5438] netlink: 96 bytes leftover after parsing attributes in process `syz.3.626'.
[   74.626941][ T5446] netdevsim netdevsim3: Direct firmware load for þ failed with error -2
[   74.649223][ T5447] loop1: detected capacity change from 0 to 1024
[   74.663456][   T29] kauditd_printk_skb: 200 callbacks suppressed
[   74.663472][   T29] audit: type=1326 audit(1762244682.632:1911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5445 comm="syz.2.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085264f6c9 code=0x7ffc0000
[   74.693127][   T29] audit: type=1326 audit(1762244682.632:1912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5445 comm="syz.2.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085264f6c9 code=0x7ffc0000
[   74.716605][   T29] audit: type=1326 audit(1762244682.632:1913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5445 comm="syz.2.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7f085264f6c9 code=0x7ffc0000
[   74.739991][   T29] audit: type=1326 audit(1762244682.632:1914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5445 comm="syz.2.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085264f6c9 code=0x7ffc0000
[   74.763357][   T29] audit: type=1326 audit(1762244682.632:1915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5445 comm="syz.2.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085264f6c9 code=0x7ffc0000
[   74.786709][   T29] audit: type=1326 audit(1762244682.632:1916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5445 comm="syz.2.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f085264f6c9 code=0x7ffc0000
[   74.810084][   T29] audit: type=1326 audit(1762244682.632:1917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5445 comm="syz.2.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085264f6c9 code=0x7ffc0000
[   74.833551][   T29] audit: type=1326 audit(1762244682.632:1918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5445 comm="syz.2.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085264f6c9 code=0x7ffc0000
[   74.834390][ T5447] EXT4-fs: Ignoring removed oldalloc option
[   74.856966][   T29] audit: type=1326 audit(1762244682.632:1919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5445 comm="syz.2.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f085264f6c9 code=0x7ffc0000
[   74.862969][ T5447] EXT4-fs: Ignoring removed bh option
[   74.886595][   T29] audit: type=1326 audit(1762244682.632:1920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5445 comm="syz.2.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085264f6c9 code=0x7ffc0000
[   74.923457][ T5449] loop2: detected capacity change from 0 to 512
[   74.940386][ T5447] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.003840][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.141479][ T5447] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[   75.150408][ T5449] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-13, ino=3). Please run e2fsck to fix.
[   75.189206][ T5449] EXT4-fs (loop2): mount failed
[   75.223559][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.377946][ T5462] lo speed is unknown, defaulting to 1000
[   75.410934][ T5465] netlink: 'syz.0.631': attribute type 1 has an invalid length.
[   75.418612][ T5465] netlink: 224 bytes leftover after parsing attributes in process `syz.0.631'.
[   75.439719][ T5467] netlink: 4 bytes leftover after parsing attributes in process `syz.3.634'.
[   75.535785][ T5474] netlink: 4 bytes leftover after parsing attributes in process `syz.3.635'.
[   75.561346][ T5474] netlink: 12 bytes leftover after parsing attributes in process `syz.3.635'.
[   75.570412][ T5474] netlink: 8 bytes leftover after parsing attributes in process `syz.3.635'.
[   75.687436][ T5459] loop1: detected capacity change from 0 to 512
[   75.701688][ T5459] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   75.728810][ T5482] netlink: 'syz.3.639': attribute type 30 has an invalid length.
[   75.765454][ T5459] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   75.803649][ T5459] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.632: bg 0: block 248: padding at end of block bitmap is not set
[   75.807817][ T5488] loop2: detected capacity change from 0 to 1024
[   75.838768][ T5459] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.632: Failed to acquire dquot type 1
[   75.860539][ T5459] EXT4-fs (loop1): 1 truncate cleaned up
[   75.866756][ T5459] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[   75.921887][ T5488] EXT4-fs: Ignoring removed oldalloc option
[   75.927871][ T5488] EXT4-fs: Ignoring removed bh option
[   76.001465][ T5488] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.049964][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[   76.107545][ T5488] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[   76.145899][ T5496] loop4: detected capacity change from 0 to 512
[   76.171246][ T5500] RDS: rds_bind could not find a transport for ::ffff:100.1.1.0, load rds_tcp or rds_rdma?
[   76.196672][ T5500] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.646'.
[   76.213397][ T5496] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.232838][ T5496] ext4 filesystem being mounted at /154/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   76.244514][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.255802][   T36] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   76.266432][ T5496] netlink: 96 bytes leftover after parsing attributes in process `syz.4.640'.
[   76.275733][   T36] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   76.412359][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.515036][ T5506] xt_hashlimit: invalid interval
[   76.629772][ T5540] loop4: detected capacity change from 0 to 128
[   76.760358][ T5538] cgroup: No subsys list or none specified
[   76.818834][ T5544] 9pnet_fd: Insufficient options for proto=fd
[   78.000856][ T5552] netlink: 224 bytes leftover after parsing attributes in process `syz.0.659'.
[   78.085307][ T5552] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5552 comm=syz.0.659
[   78.107822][ T5561] FAULT_INJECTION: forcing a failure.
[   78.107822][ T5561] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   78.121153][ T5561] CPU: 1 UID: 0 PID: 5561 Comm: syz.3.662 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   78.121191][ T5561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   78.121206][ T5561] Call Trace:
[   78.121214][ T5561]  <TASK>
[   78.121222][ T5561]  __dump_stack+0x1d/0x30
[   78.121326][ T5561]  dump_stack_lvl+0xe8/0x140
[   78.121353][ T5561]  dump_stack+0x15/0x1b
[   78.121372][ T5561]  should_fail_ex+0x265/0x280
[   78.121476][ T5561]  should_fail_alloc_page+0xf2/0x100
[   78.121511][ T5561]  __alloc_frozen_pages_noprof+0xff/0x360
[   78.121537][ T5561]  alloc_pages_mpol+0xb3/0x260
[   78.121566][ T5561]  vma_alloc_folio_noprof+0x1aa/0x300
[   78.121599][ T5561]  handle_mm_fault+0xec2/0x2be0
[   78.121686][ T5561]  ? mt_find+0x208/0x320
[   78.121724][ T5561]  do_user_addr_fault+0x3fe/0x1080
[   78.121757][ T5561]  exc_page_fault+0x62/0xa0
[   78.121832][ T5561]  asm_exc_page_fault+0x26/0x30
[   78.121859][ T5561] RIP: 0010:rep_stos_alternative+0x40/0x80
[   78.121887][ T5561] Code: c9 75 f6 e9 02 07 02 00 48 89 07 48 83 c7 08 83 e9 08 74 ef 83 f9 08 73 ef eb de 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 <48> 89 07 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47
[   78.121995][ T5561] RSP: 0018:ffffc9000ed03bf0 EFLAGS: 00050202
[   78.122014][ T5561] RAX: 0000000000000000 RBX: 0000200000002380 RCX: 0000000000000380
[   78.122030][ T5561] RDX: 0000000000000000 RSI: 0000200000001380 RDI: 0000200000002000
[   78.122045][ T5561] RBP: 00007ffffffff001 R08: 0001c9000ed03dd7 R09: 0000000000000000
[   78.122078][ T5561] R10: 0000000000000005 R11: 0000000000000000 R12: 0000200000001380
[   78.122090][ T5561] R13: 0000000000001000 R14: 000000007ffff000 R15: ffffc9000ed03d90
[   78.122109][ T5561]  iov_iter_zero+0x384/0xd50
[   78.122203][ T5561]  ? _parse_integer_limit+0x170/0x190
[   78.122269][ T5561]  ? iovec_from_user+0x179/0x210
[   78.122314][ T5561]  read_iter_zero+0x5d/0x1d0
[   78.122360][ T5561]  do_iter_readv_writev+0x4a1/0x540
[   78.122403][ T5561]  vfs_readv+0x1ea/0x690
[   78.122476][ T5561]  __se_sys_preadv2+0xfc/0x1c0
[   78.122568][ T5561]  __x64_sys_preadv2+0x67/0x80
[   78.122612][ T5561]  x64_sys_call+0xe0d/0x3000
[   78.122642][ T5561]  do_syscall_64+0xd2/0x200
[   78.122665][ T5561]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   78.122693][ T5561]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   78.122766][ T5561]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.122793][ T5561] RIP: 0033:0x7f07bf94f6c9
[   78.122808][ T5561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.122825][ T5561] RSP: 002b:00007f07be3af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000147
[   78.122879][ T5561] RAX: ffffffffffffffda RBX: 00007f07bfba5fa0 RCX: 00007f07bf94f6c9
[   78.122900][ T5561] RDX: 0000000000000002 RSI: 0000200000001540 RDI: 0000000000000003
[   78.122916][ T5561] RBP: 00007f07be3af090 R08: 0000000000000000 R09: 0000000000000000
[   78.122929][ T5561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   78.123020][ T5561] R13: 00007f07bfba6038 R14: 00007f07bfba5fa0 R15: 00007ffdb0c8c928
[   78.123042][ T5561]  </TASK>
[   78.488470][ T5557] loop2: detected capacity change from 0 to 512
[   78.573486][ T5579] loop3: detected capacity change from 0 to 128
[   78.623533][ T5582] netlink: 4 bytes leftover after parsing attributes in process `syz.4.671'.
[   79.046133][ T5592] loop0: detected capacity change from 0 to 512
[   79.066740][ T5592] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   79.089520][ T5592] EXT4-fs (loop0): orphan cleanup on readonly fs
[   79.110285][ T5592] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.673: corrupted inode contents
[   79.136858][ T5592] EXT4-fs (loop0): Remounting filesystem read-only
[   79.152640][ T5592] EXT4-fs (loop0): 1 truncate cleaned up
[   79.158555][ T3334] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   79.169105][ T3334] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   79.197311][ T3334] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   79.220140][ T5592] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   79.261488][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.297639][ T5598] loop0: detected capacity change from 0 to 1024
[   79.305213][ T5598] EXT4-fs: Ignoring removed oldalloc option
[   79.311287][ T5598] EXT4-fs: Ignoring removed bh option
[   79.332762][ T5598] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.408250][ T5598] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[   79.556696][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.644813][ T5617] loop4: detected capacity change from 0 to 512
[   79.686971][ T5623] loop0: detected capacity change from 0 to 128
[   79.694014][ T5617] EXT4-fs (loop4): too many log groups per flexible block group
[   79.707080][   T29] kauditd_printk_skb: 313 callbacks suppressed
[   79.707094][   T29] audit: type=1326 audit(1762244687.672:2226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5619 comm="syz.3.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07bf94f6c9 code=0x7ffc0000
[   79.736782][   T29] audit: type=1326 audit(1762244687.672:2227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5619 comm="syz.3.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07bf94f6c9 code=0x7ffc0000
[   79.776363][ T5617] EXT4-fs (loop4): failed to initialize mballoc (-12)
[   79.794016][   T29] audit: type=1400 audit(1762244687.732:2228): avc:  denied  { mount } for  pid=5613 comm="syz.2.675" name="/" dev="ramfs" ino=12080 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   79.799989][ T5617] EXT4-fs (loop4): mount failed
[   79.816327][   T29] audit: type=1326 audit(1762244687.742:2229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5619 comm="syz.3.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f07bf94f6c9 code=0x7ffc0000
[   79.844634][   T29] audit: type=1326 audit(1762244687.742:2230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5619 comm="syz.3.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07bf94f6c9 code=0x7ffc0000
[   79.868014][   T29] audit: type=1326 audit(1762244687.742:2231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5619 comm="syz.3.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07bf94f6c9 code=0x7ffc0000
[   79.891526][   T29] audit: type=1326 audit(1762244687.742:2232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5619 comm="syz.3.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f07bf94f6c9 code=0x7ffc0000
[   79.915295][   T29] audit: type=1326 audit(1762244687.742:2233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5619 comm="syz.3.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07bf94f6c9 code=0x7ffc0000
[   79.938660][   T29] audit: type=1326 audit(1762244687.742:2234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5619 comm="syz.3.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07bf94f6c9 code=0x7ffc0000
[   79.946588][ T5627] x_tables: ip_tables: ah match: only valid for protocol 51
[   79.962056][   T29] audit: type=1326 audit(1762244687.742:2235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5619 comm="syz.3.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f07bf94f6c9 code=0x7ffc0000
[   80.074198][ T5635] __nla_validate_parse: 3 callbacks suppressed
[   80.074228][ T5635] netlink: 12 bytes leftover after parsing attributes in process `syz.4.686'.
[   80.104593][ T5632] netlink: 4 bytes leftover after parsing attributes in process `syz.1.684'.
[   80.127024][ T5638] netlink: 'syz.3.687': attribute type 30 has an invalid length.
[   80.128291][ T5632] netlink: 12 bytes leftover after parsing attributes in process `syz.1.684'.
[   80.143805][ T5632] netlink: 8 bytes leftover after parsing attributes in process `syz.1.684'.
[   80.351341][ T5661] FAULT_INJECTION: forcing a failure.
[   80.351341][ T5661] name failslab, interval 1, probability 0, space 0, times 0
[   80.364166][ T5661] CPU: 0 UID: 0 PID: 5661 Comm: syz.1.696 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   80.364209][ T5661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   80.364223][ T5661] Call Trace:
[   80.364228][ T5661]  <TASK>
[   80.364235][ T5661]  __dump_stack+0x1d/0x30
[   80.364259][ T5661]  dump_stack_lvl+0xe8/0x140
[   80.364284][ T5661]  dump_stack+0x15/0x1b
[   80.364326][ T5661]  should_fail_ex+0x265/0x280
[   80.364348][ T5661]  should_failslab+0x8c/0xb0
[   80.364405][ T5661]  __kmalloc_noprof+0xa5/0x570
[   80.364445][ T5661]  ? io_uring_alloc_async_data+0x48/0xa0
[   80.364530][ T5661]  ? __io_alloc_req_refill+0x12e/0x1d0
[   80.364562][ T5661]  io_uring_alloc_async_data+0x48/0xa0
[   80.364594][ T5661]  io_waitid_prep+0xc6/0x170
[   80.364622][ T5661]  io_submit_sqes+0x5ef/0x1060
[   80.364691][ T5661]  __se_sys_io_uring_enter+0x1c1/0x1b70
[   80.364736][ T5661]  ? 0xffffffff81000000
[   80.364755][ T5661]  ? __rcu_read_unlock+0x4f/0x70
[   80.364802][ T5661]  ? get_pid_task+0x96/0xd0
[   80.364835][ T5661]  ? proc_fail_nth_write+0x13b/0x160
[   80.364920][ T5661]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   80.364962][ T5661]  ? vfs_write+0x7e8/0x960
[   80.364996][ T5661]  ? __rcu_read_unlock+0x4f/0x70
[   80.365027][ T5661]  ? __fget_files+0x184/0x1c0
[   80.365080][ T5661]  ? fput+0x8f/0xc0
[   80.365101][ T5661]  __x64_sys_io_uring_enter+0x78/0x90
[   80.365146][ T5661]  x64_sys_call+0x2df0/0x3000
[   80.365176][ T5661]  do_syscall_64+0xd2/0x200
[   80.365247][ T5661]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   80.365276][ T5661]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   80.365386][ T5661]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.365413][ T5661] RIP: 0033:0x7f8e2febf6c9
[   80.365431][ T5661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.365452][ T5661] RSP: 002b:00007f8e2e91f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[   80.365501][ T5661] RAX: ffffffffffffffda RBX: 00007f8e30115fa0 RCX: 00007f8e2febf6c9
[   80.365516][ T5661] RDX: 0000000000000000 RSI: 00000000000047bc RDI: 0000000000000006
[   80.365533][ T5661] RBP: 00007f8e2e91f090 R08: 0000000000000000 R09: 0000000000000000
[   80.365547][ T5661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.365562][ T5661] R13: 00007f8e30116038 R14: 00007f8e30115fa0 R15: 00007ffc4714eb08
[   80.365588][ T5661]  </TASK>
[   80.610554][ T5666] netlink: 4 bytes leftover after parsing attributes in process `syz.3.698'.
[   80.623732][ T5666] netlink: 12 bytes leftover after parsing attributes in process `syz.3.698'.
[   80.632657][ T5666] netlink: 8 bytes leftover after parsing attributes in process `syz.3.698'.
[   80.666209][ T5669] netlink: 'syz.0.699': attribute type 30 has an invalid length.
[   80.682923][ T5673] netlink: 'syz.3.700': attribute type 30 has an invalid length.
[   80.744924][ T5677] loop1: detected capacity change from 0 to 512
[   80.765577][ T5677] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.778328][ T5677] ext4 filesystem being mounted at /151/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.794248][ T5677] EXT4-fs error (device loop1): ext4_xattr_block_get:597: inode #15: comm syz.1.702: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[   80.827017][ T5677] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[   80.858956][ T5677] EXT4-fs error (device loop1): ext4_xattr_block_get:597: inode #15: comm syz.1.702: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[   80.879767][ T5677] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[   80.914264][ T5692] netlink: 'syz.0.706': attribute type 30 has an invalid length.
[   80.925934][ T5677] EXT4-fs error (device loop1): ext4_xattr_block_get:597: inode #15: comm syz.1.702: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[   80.955100][ T5677] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[   81.039848][ T5699] netlink: 4 bytes leftover after parsing attributes in process `syz.0.710'.
[   81.049309][ T5699] netlink: 12 bytes leftover after parsing attributes in process `syz.0.710'.
[   81.058302][ T5699] netlink: 8 bytes leftover after parsing attributes in process `syz.0.710'.
[   81.067959][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.110811][ T5702] vhci_hcd: invalid port number 65
[   81.116035][ T5702] vhci_hcd: invalid port number 65
[   81.215063][ T5708] loop4: detected capacity change from 0 to 2048
[   81.252502][ T5708] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.355371][ T5702] loop1: detected capacity change from 0 to 32768
[   81.369016][ T5723] netlink: 'syz.2.717': attribute type 30 has an invalid length.
[   81.393944][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.667097][ T5735] loop2: detected capacity change from 0 to 512
[   81.684742][ T5740] loop1: detected capacity change from 0 to 2048
[   81.734828][ T5740] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.884042][ T5739] loop4: detected capacity change from 0 to 512
[   81.908976][ T5739] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   81.942140][ T5739] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   81.973124][ T5739] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.724: bg 0: block 248: padding at end of block bitmap is not set
[   82.006823][ T5739] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.724: Failed to acquire dquot type 1
[   82.081772][ T5739] EXT4-fs (loop4): 1 truncate cleaned up
[   82.105073][ T5739] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[   82.165676][ T5759] loop3: detected capacity change from 0 to 1024
[   82.181239][ T5759] EXT4-fs: Ignoring removed oldalloc option
[   82.187220][ T5759] EXT4-fs: Ignoring removed bh option
[   82.213955][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[   82.231895][ T5759] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.301387][ T5759] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[   82.345831][ T5774] loop0: detected capacity change from 0 to 128
[   82.415258][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.471329][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.748365][ T5783] loop4: detected capacity change from 0 to 32768
[   83.047336][ T5796] hub 2-0:1.0: USB hub found
[   83.052168][ T5796] hub 2-0:1.0: 8 ports detected
[   83.081540][ T5800] loop4: detected capacity change from 0 to 512
[   83.111627][ T5800] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.124259][ T5800] ext4 filesystem being mounted at /175/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   83.180961][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.273852][ T5813] loop4: detected capacity change from 0 to 128
[   83.646946][ T5839] loop1: detected capacity change from 0 to 128
[   83.901942][ T5845] loop3: detected capacity change from 0 to 2048
[   83.952056][ T5845] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.011296][   T12] Bluetooth: hci0: Frame reassembly failed (-84)
[   84.049059][ T5845] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #12: comm syz.3.755: corrupted in-inode xattr: e_name out of bounds
[   84.232523][ T5860] loop4: detected capacity change from 0 to 512
[   84.252659][ T5860] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.282420][ T5860] ext4 filesystem being mounted at /179/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   84.438608][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.550040][ T5851] loop2: detected capacity change from 0 to 512
[   84.580053][ T5851] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   84.640024][ T5851] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   84.691937][ T5851] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.757: bg 0: block 248: padding at end of block bitmap is not set
[   84.712801][ T5875] loop4: detected capacity change from 0 to 512
[   84.742012][ T5851] __quota_error: 249 callbacks suppressed
[   84.742028][ T5851] Quota error (device loop2): write_blk: dquota write failed
[   84.755232][ T5851] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[   84.765160][ T5851] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.757: Failed to acquire dquot type 1
[   84.823259][ T5851] EXT4-fs (loop2): 1 truncate cleaned up
[   84.829366][ T5851] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[   84.861891][ T5875] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.875095][   T29] audit: type=1326 audit(1762244692.842:2481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.2.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085264f6c9 code=0x7ffc0000
[   84.898811][ T5875] ext4 filesystem being mounted at /182/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   84.913349][   T29] audit: type=1326 audit(1762244692.842:2482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.2.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085264f6c9 code=0x7ffc0000
[   84.936738][   T29] audit: type=1326 audit(1762244692.842:2483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.2.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7f085264f6c9 code=0x7ffc0000
[   84.960324][   T29] audit: type=1326 audit(1762244692.842:2484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.2.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085264f6c9 code=0x7ffc0000
[   84.983722][   T29] audit: type=1326 audit(1762244692.842:2485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.2.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085264f6c9 code=0x7ffc0000
[   85.007069][   T29] audit: type=1326 audit(1762244692.842:2486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.2.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f085264f6c9 code=0x7ffc0000
[   85.030481][   T29] audit: type=1326 audit(1762244692.842:2487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.2.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085264f6c9 code=0x7ffc0000
[   85.053800][   T29] audit: type=1326 audit(1762244692.842:2488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.2.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085264f6c9 code=0x7ffc0000
[   85.204184][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[   85.230705][ T5891] __nla_validate_parse: 12 callbacks suppressed
[   85.230726][ T5891] netlink: 4 bytes leftover after parsing attributes in process `syz.0.769'.
[   85.247059][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.259802][ T5891] netlink: 12 bytes leftover after parsing attributes in process `syz.0.769'.
[   85.268704][ T5891] netlink: 8 bytes leftover after parsing attributes in process `syz.0.769'.
[   85.371773][ T5901] loop2: detected capacity change from 0 to 128
[   85.882185][ T5911] lo speed is unknown, defaulting to 1000
[   85.934862][ T5914] netlink: 'syz.0.782': attribute type 1 has an invalid length.
[   85.942562][ T5914] netlink: 224 bytes leftover after parsing attributes in process `syz.0.782'.
[   85.976889][ T5907] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   85.997437][ T5907] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   86.059643][ T3543] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   86.066207][ T5853] Bluetooth: hci0: command 0x1003 tx timeout
[   86.084240][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.190116][ T5921] netlink: 4 bytes leftover after parsing attributes in process `syz.3.776'.
[   86.262108][ T5921] team0 (unregistering): Port device team_slave_0 removed
[   86.294796][ T5921] team0 (unregistering): Port device team_slave_1 removed
[   86.354746][ T5925] pim6reg: entered allmulticast mode
[   86.384104][ T5921] pim6reg: left allmulticast mode
[   86.446029][ T5925] x_tables: ip_tables: osf match: only valid for protocol 6
[   87.268284][ T5936] loop1: detected capacity change from 0 to 1024
[   87.290272][ T5936] EXT4-fs: Ignoring removed oldalloc option
[   87.296324][ T5936] EXT4-fs: Ignoring removed bh option
[   87.341296][ T5936] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.381332][ T5944] loop2: detected capacity change from 0 to 512
[   87.403536][ T5936] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[   87.425388][ T5944] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.443598][ T5944] ext4 filesystem being mounted at /131/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   87.486354][ T5944] EXT4-fs error (device loop2): ext4_xattr_block_get:597: inode #15: comm syz.2.785: corrupted xattr block 33: invalid ea_ino
[   87.504556][ T5944] EXT4-fs (loop2): Remounting filesystem read-only
[   87.511210][ T5944] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[   87.526958][ T5944] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[   87.537688][ T5944] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[   87.560259][ T5934] loop3: detected capacity change from 0 to 512
[   87.568598][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.597105][ T5934] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   87.613441][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.624002][ T5934] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   87.648797][ T5934] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.780: bg 0: block 248: padding at end of block bitmap is not set
[   87.672723][ T5967] loop2: detected capacity change from 0 to 512
[   87.677570][ T5966] netlink: 'syz.1.790': attribute type 30 has an invalid length.
[   87.679121][ T5934] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.780: Failed to acquire dquot type 1
[   87.699516][ T5934] EXT4-fs (loop3): 1 truncate cleaned up
[   87.706707][ T5967] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.710450][ T5934] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[   87.719392][ T5967] ext4 filesystem being mounted at /132/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   87.802447][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[   87.831845][ T5967] EXT4-fs error (device loop2): ext4_xattr_block_get:597: inode #15: comm syz.2.792: corrupted xattr block 33: invalid ea_ino
[   87.889964][ T5967] EXT4-fs (loop2): Remounting filesystem read-only
[   87.896620][ T5967] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[   87.925053][ T5984] netlink: 4 bytes leftover after parsing attributes in process `syz.3.799'.
[   87.934071][ T5967] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[   87.943565][ T5984] netlink: 12 bytes leftover after parsing attributes in process `syz.3.799'.
[   87.952462][ T5984] netlink: 8 bytes leftover after parsing attributes in process `syz.3.799'.
[   87.962314][ T5967] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[   88.005725][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.130152][ T6001] netlink: 'syz.3.806': attribute type 30 has an invalid length.
[   88.180131][ T6007] loop2: detected capacity change from 0 to 512
[   88.231404][ T6007] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.258491][ T6007] ext4 filesystem being mounted at /135/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   88.285229][ T6007] netlink: 96 bytes leftover after parsing attributes in process `syz.2.809'.
[   88.298096][ T6007] netdevsim netdevsim2: Direct firmware load for þ failed with error -2
[   88.350580][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.365836][ T6016] netlink: 4 bytes leftover after parsing attributes in process `syz.0.812'.
[   88.388456][ T5999] loop1: detected capacity change from 0 to 512
[   88.409541][ T5999] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   88.454458][ T6016] team0 (unregistering): Port device team_slave_0 removed
[   88.498346][ T6016] team0 (unregistering): Port device team_slave_1 removed
[   88.515570][ T5999] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   88.535254][ T6019] pim6reg: entered allmulticast mode
[   88.542581][ T5999] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.805: bg 0: block 248: padding at end of block bitmap is not set
[   88.558154][ T6028] pim6reg: left allmulticast mode
[   88.570195][ T5999] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.805: Failed to acquire dquot type 1
[   88.649281][ T6016] Cannot find del_set index 0 as target
[   88.659972][ T5999] EXT4-fs (loop1): 1 truncate cleaned up
[   88.680180][ T5999] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[   88.753771][ T6043] loop2: detected capacity change from 0 to 512
[   88.820538][ T6043] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.868603][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[   88.870445][ T6043] ext4 filesystem being mounted at /138/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   89.059284][ T6043] EXT4-fs error (device loop2): ext4_xattr_block_get:597: inode #15: comm syz.2.822: corrupted xattr block 33: invalid ea_ino
[   89.122861][ T6043] EXT4-fs (loop2): Remounting filesystem read-only
[   89.129540][ T6043] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[   89.147493][ T6067] lo speed is unknown, defaulting to 1000
[   89.178905][ T6071] netlink: 'syz.0.826': attribute type 1 has an invalid length.
[   89.198466][ T6043] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[   89.222751][ T6043] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[   89.252766][ T6074] team0 (unregistering): Port device team_slave_0 removed
[   89.277704][ T6074] team0 (unregistering): Port device team_slave_1 removed
[   89.296170][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.323700][ T6081] pim6reg: entered allmulticast mode
[   89.350696][ T6081] pim6reg: left allmulticast mode
[   89.618281][ T6092] loop2: detected capacity change from 0 to 512
[   89.901919][   T29] kauditd_printk_skb: 269 callbacks suppressed
[   89.901978][   T29] audit: type=1400 audit(1762244697.872:2754): avc:  denied  { shutdown } for  pid=6106 comm="syz.3.845" laddr=fe80::12 lport=51306 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   90.163686][   T29] audit: type=1326 audit(1762244698.132:2755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6120 comm="syz.4.852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb189e6f6c9 code=0x7ffc0000
[   90.246706][ T6124] loop4: detected capacity change from 0 to 512
[   90.253352][   T29] audit: type=1326 audit(1762244698.162:2756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6120 comm="syz.4.852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=98 compat=0 ip=0x7fb189e6f6c9 code=0x7ffc0000
[   90.276749][   T29] audit: type=1326 audit(1762244698.162:2757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6120 comm="syz.4.852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb189e6f6c9 code=0x7ffc0000
[   90.300166][   T29] audit: type=1326 audit(1762244698.162:2758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6120 comm="syz.4.852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb189e6f6c9 code=0x7ffc0000
[   90.360791][ T6124] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.399870][ T6124] ext4 filesystem being mounted at /206/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   90.476359][ T6124] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #15: comm syz.4.853: corrupted xattr block 33: invalid ea_ino
[   90.513474][ T6124] EXT4-fs (loop4): Remounting filesystem read-only
[   90.520139][ T6124] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[   90.545987][ T6124] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[   90.569629][ T6124] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[   90.582765][ T6136] __nla_validate_parse: 6 callbacks suppressed
[   90.582779][ T6136] netlink: 8 bytes leftover after parsing attributes in process `syz.0.855'.
[   90.597889][ T6136] netlink: 8 bytes leftover after parsing attributes in process `syz.0.855'.
[   90.631532][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.883491][   T29] audit: type=1400 audit(1762244698.852:2759): avc:  denied  { bind } for  pid=6140 comm="syz.0.857" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   90.951795][ T6157] loop1: detected capacity change from 0 to 128
[   90.964860][   T29] audit: type=1400 audit(1762244698.882:2760): avc:  denied  { setopt } for  pid=6140 comm="syz.0.857" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   90.985471][   T29] audit: type=1400 audit(1762244698.892:2761): avc:  denied  { connect } for  pid=6140 comm="syz.0.857" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   91.359814][   T29] audit: type=1400 audit(1762244699.162:2762): avc:  denied  { kexec_image_load } for  pid=6160 comm="syz.3.865" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[   91.546237][ T6168] netlink: 4 bytes leftover after parsing attributes in process `syz.4.866'.
[   91.575207][ T6168] pim6reg: entered allmulticast mode
[   91.594116][   T29] audit: type=1400 audit(1762244699.562:2763): avc:  denied  { read write } for  pid=6170 comm="syz.0.868" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[   91.599357][ T6166] pim6reg: left allmulticast mode
[   91.758775][ T6178] sch_tbf: burst 19360 is lower than device lo mtu (65550) !
[   91.880377][ T6191] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[   91.886982][ T6191] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   91.894540][ T6191] vhci_hcd vhci_hcd.0: Device attached
[   91.913434][ T6192] usbip_core: unknown command
[   91.918190][ T6192] vhci_hcd: unknown pdu 2844066640
[   91.923379][ T6192] usbip_core: unknown command
[   91.936883][   T31] vhci_hcd: stop threads
[   91.941272][   T31] vhci_hcd: release socket
[   91.945703][   T31] vhci_hcd: disconnect device
[   91.989278][ T6195] loop1: detected capacity change from 0 to 512
[   92.116772][ T6207] loop4: detected capacity change from 0 to 1024
[   92.131326][ T6207] EXT4-fs: Ignoring removed oldalloc option
[   92.137298][ T6207] EXT4-fs: Ignoring removed bh option
[   92.172770][ T6207] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   92.234003][ T6207] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[   92.352002][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.881439][ T6224] netlink: 12 bytes leftover after parsing attributes in process `syz.4.887'.
[   92.890748][ T6222] loop2: detected capacity change from 0 to 512
[   92.897060][ T6224] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.905806][ T6224] FAULT_INJECTION: forcing a failure.
[   92.905806][ T6224] name failslab, interval 1, probability 0, space 0, times 0
[   92.915888][ T6222] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   92.918533][ T6224] CPU: 1 UID: 0 PID: 6224 Comm: syz.4.887 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   92.918572][ T6224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   92.918588][ T6224] Call Trace:
[   92.918597][ T6224]  <TASK>
[   92.918608][ T6224]  __dump_stack+0x1d/0x30
[   92.918648][ T6224]  dump_stack_lvl+0xe8/0x140
[   92.918678][ T6224]  dump_stack+0x15/0x1b
[   92.918704][ T6224]  should_fail_ex+0x265/0x280
[   92.918741][ T6224]  should_failslab+0x8c/0xb0
[   92.918804][ T6224]  kmem_cache_alloc_noprof+0x50/0x480
[   92.918846][ T6224]  ? skb_clone+0x151/0x1f0
[   92.918875][ T6224]  skb_clone+0x151/0x1f0
[   92.918901][ T6224]  __netlink_deliver_tap+0x2c9/0x500
[   92.919022][ T6224]  netlink_unicast+0x66b/0x690
[   92.919069][ T6224]  netlink_sendmsg+0x58b/0x6b0
[   92.919098][ T6224]  ? __pfx_netlink_sendmsg+0x10/0x10
[   92.919191][ T6224]  __sock_sendmsg+0x145/0x180
[   92.919227][ T6224]  ____sys_sendmsg+0x31e/0x4e0
[   92.919356][ T6224]  ___sys_sendmsg+0x17b/0x1d0
[   92.919398][ T6224]  __x64_sys_sendmsg+0xd4/0x160
[   92.919444][ T6224]  x64_sys_call+0x191e/0x3000
[   92.919475][ T6224]  do_syscall_64+0xd2/0x200
[   92.919562][ T6224]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   92.919606][ T6224]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   92.919733][ T6224]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.919764][ T6224] RIP: 0033:0x7fb189e6f6c9
[   92.919784][ T6224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.919809][ T6224] RSP: 002b:00007fb1888cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   92.919908][ T6224] RAX: ffffffffffffffda RBX: 00007fb18a0c5fa0 RCX: 00007fb189e6f6c9
[   92.919935][ T6224] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[   92.920006][ T6224] RBP: 00007fb1888cf090 R08: 0000000000000000 R09: 0000000000000000
[   92.920040][ T6224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   92.920057][ T6224] R13: 00007fb18a0c6038 R14: 00007fb18a0c5fa0 R15: 00007ffd22d736e8
[   92.920083][ T6224]  </TASK>
[   92.920139][ T6224] netlink: 4 bytes leftover after parsing attributes in process `syz.4.887'.
[   92.990910][ T6222] EXT4-fs (loop2): 1 orphan inode deleted
[   93.147128][ T6222] EXT4-fs (loop2): 1 truncate cleaned up
[   93.155047][ T6224] bond0 (unregistering): Released all slaves
[   93.161990][ T6222] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   93.178082][ T6222] netlink: 23 bytes leftover after parsing attributes in process `syz.2.888'.
[   93.250065][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.283496][ T6230] netlink: 8 bytes leftover after parsing attributes in process `syz.0.889'.
[   93.292426][ T6230] netlink: 8 bytes leftover after parsing attributes in process `syz.0.889'.
[   93.322518][ T6234] FAULT_INJECTION: forcing a failure.
[   93.322518][ T6234] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   93.335642][ T6234] CPU: 1 UID: 0 PID: 6234 Comm: syz.2.890 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   93.335674][ T6234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   93.335710][ T6234] Call Trace:
[   93.335718][ T6234]  <TASK>
[   93.335725][ T6234]  __dump_stack+0x1d/0x30
[   93.335747][ T6234]  dump_stack_lvl+0xe8/0x140
[   93.335787][ T6234]  dump_stack+0x15/0x1b
[   93.335868][ T6234]  should_fail_ex+0x265/0x280
[   93.335977][ T6234]  should_fail+0xb/0x20
[   93.336050][ T6234]  should_fail_usercopy+0x1a/0x20
[   93.336074][ T6234]  _copy_from_user+0x1c/0xb0
[   93.336200][ T6234]  io_register_mem_region+0xc7/0x2d0
[   93.336238][ T6234]  __se_sys_io_uring_register+0xc20/0xf30
[   93.336271][ T6234]  ? fput+0x8f/0xc0
[   93.336291][ T6234]  ? ksys_write+0x192/0x1a0
[   93.336395][ T6234]  __x64_sys_io_uring_register+0x55/0x70
[   93.336432][ T6234]  x64_sys_call+0x18a3/0x3000
[   93.336525][ T6234]  do_syscall_64+0xd2/0x200
[   93.336602][ T6234]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   93.336632][ T6234]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   93.336712][ T6234]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.336733][ T6234] RIP: 0033:0x7f085264f6c9
[   93.336749][ T6234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.336773][ T6234] RSP: 002b:00007f08510b7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[   93.336845][ T6234] RAX: ffffffffffffffda RBX: 00007f08528a5fa0 RCX: 00007f085264f6c9
[   93.336857][ T6234] RDX: 0000200000000380 RSI: 0000000000000022 RDI: 0000000000000003
[   93.336870][ T6234] RBP: 00007f08510b7090 R08: 0000000000000000 R09: 0000000000000000
[   93.336884][ T6234] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[   93.336900][ T6234] R13: 00007f08528a6038 R14: 00007f08528a5fa0 R15: 00007fffed9ba428
[   93.336925][ T6234]  </TASK>
[   93.614566][ T6240] bridge0: entered promiscuous mode
[   93.624009][ T6244] netlink: 4 bytes leftover after parsing attributes in process `syz.4.896'.
[   93.637341][ T6244] pim6reg: entered allmulticast mode
[   93.648758][ T6244] pim6reg: left allmulticast mode
[   93.701845][ T6240] bridge0: left promiscuous mode
[   94.009014][ T6260] FAULT_INJECTION: forcing a failure.
[   94.009014][ T6260] name failslab, interval 1, probability 0, space 0, times 0
[   94.021859][ T6260] CPU: 0 UID: 0 PID: 6260 Comm: syz.1.898 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   94.021887][ T6260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   94.021909][ T6260] Call Trace:
[   94.021916][ T6260]  <TASK>
[   94.021941][ T6260]  __dump_stack+0x1d/0x30
[   94.021970][ T6260]  dump_stack_lvl+0xe8/0x140
[   94.022002][ T6260]  dump_stack+0x15/0x1b
[   94.022024][ T6260]  should_fail_ex+0x265/0x280
[   94.022096][ T6260]  should_failslab+0x8c/0xb0
[   94.022125][ T6260]  __kmalloc_noprof+0xa5/0x570
[   94.022154][ T6260]  ? iter_file_splice_write+0xf9/0xa60
[   94.022184][ T6260]  ? bpf_probe_read_user+0x6c/0x70
[   94.022258][ T6260]  iter_file_splice_write+0xf9/0xa60
[   94.022281][ T6260]  ? copy_splice_read+0x623/0x660
[   94.022313][ T6260]  ? copy_splice_read+0x623/0x660
[   94.022344][ T6260]  ? copy_splice_read+0x623/0x660
[   94.022402][ T6260]  ? __pfx_iter_file_splice_write+0x10/0x10
[   94.022430][ T6260]  direct_splice_actor+0x156/0x2a0
[   94.022484][ T6260]  ? __pfx_shmem_file_splice_read+0x1/0x10
[   94.022571][ T6260]  splice_direct_to_actor+0x312/0x680
[   94.022621][ T6260]  ? __pfx_direct_splice_actor+0x10/0x10
[   94.022670][ T6260]  do_splice_direct+0xda/0x150
[   94.022697][ T6260]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   94.022731][ T6260]  do_sendfile+0x380/0x650
[   94.022772][ T6260]  __x64_sys_sendfile64+0x105/0x150
[   94.022878][ T6260]  x64_sys_call+0x2bb4/0x3000
[   94.022901][ T6260]  do_syscall_64+0xd2/0x200
[   94.022919][ T6260]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   94.022985][ T6260]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   94.023015][ T6260]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.023080][ T6260] RIP: 0033:0x7f8e2febf6c9
[   94.023095][ T6260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.023112][ T6260] RSP: 002b:00007f8e2e91f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   94.023174][ T6260] RAX: ffffffffffffffda RBX: 00007f8e30115fa0 RCX: 00007f8e2febf6c9
[   94.023187][ T6260] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000006
[   94.023199][ T6260] RBP: 00007f8e2e91f090 R08: 0000000000000000 R09: 0000000000000000
[   94.023210][ T6260] R10: 00008000fffffffc R11: 0000000000000246 R12: 0000000000000001
[   94.023222][ T6260] R13: 00007f8e30116038 R14: 00007f8e30115fa0 R15: 00007ffc4714eb08
[   94.023268][ T6260]  </TASK>
[   94.388895][ T6263] lo speed is unknown, defaulting to 1000
[   94.423466][ T6264] netlink: 'syz.4.899': attribute type 1 has an invalid length.
[   94.431334][ T6264] netlink: 224 bytes leftover after parsing attributes in process `syz.4.899'.
[   94.629167][ T6271] loop1: detected capacity change from 0 to 512
[   94.657848][ T6271] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   94.689763][ T6271] ext4 filesystem being mounted at /178/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   94.757183][ T6271] EXT4-fs error (device loop1): ext4_xattr_block_get:597: inode #15: comm syz.1.903: corrupted xattr block 33: invalid ea_ino
[   94.773080][ T6271] EXT4-fs (loop1): Remounting filesystem read-only
[   94.779726][ T6271] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[   94.788721][ T6271] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[   94.797766][ T6271] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[   94.893806][ T6271] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   94.912586][ T6271] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   95.331616][   T29] kauditd_printk_skb: 280 callbacks suppressed
[   95.331685][   T29] audit: type=1326 audit(1762244703.302:3044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6308 comm="syz.4.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb189e6f6c9 code=0x7ffc0000
[   95.391752][   T29] audit: type=1326 audit(1762244703.332:3045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6308 comm="syz.4.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb189e6f6c9 code=0x7ffc0000
[   95.415135][   T29] audit: type=1326 audit(1762244703.332:3046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6308 comm="syz.4.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb189e6f6c9 code=0x7ffc0000
[   95.438548][   T29] audit: type=1326 audit(1762244703.332:3047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6308 comm="syz.4.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb189e6f6c9 code=0x7ffc0000
[   95.461940][   T29] audit: type=1326 audit(1762244703.332:3048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6308 comm="syz.4.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=8 compat=0 ip=0x7fb189e6f6c9 code=0x7ffc0000
[   95.485204][   T29] audit: type=1326 audit(1762244703.332:3049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6308 comm="syz.4.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb189e6f6c9 code=0x7ffc0000
[   95.508575][   T29] audit: type=1326 audit(1762244703.332:3050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6308 comm="syz.4.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb189e6f6c9 code=0x7ffc0000
[   95.532024][   T29] audit: type=1326 audit(1762244703.332:3051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6308 comm="syz.4.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb189e6f6c9 code=0x7ffc0000
[   95.555309][   T29] audit: type=1326 audit(1762244703.332:3052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6308 comm="syz.4.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb189e6f6c9 code=0x7ffc0000
[   95.578649][   T29] audit: type=1326 audit(1762244703.332:3053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6308 comm="syz.4.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb189e6f6c9 code=0x7ffc0000
[   95.617702][ T6310] __nla_validate_parse: 2 callbacks suppressed
[   95.617732][ T6310] netlink: 96 bytes leftover after parsing attributes in process `syz.0.916'.
[   95.633366][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.970482][ T6330] erspan0: entered allmulticast mode
[   96.046257][ T6334] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=63827 sclass=netlink_audit_socket pid=6334 comm=syz.4.927
[   96.279998][ T6330] netlink: 'wÞ£ÿ': attribute type 13 has an invalid length.
[   96.315864][ T6330] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   96.356845][ T6328] netlink: 96 bytes leftover after parsing attributes in process `syz.1.923'.
[   96.455429][ T6342] lo speed is unknown, defaulting to 1000
[   96.498259][ T6343] netlink: 'syz.2.928': attribute type 1 has an invalid length.
[   96.505960][ T6343] netlink: 224 bytes leftover after parsing attributes in process `syz.2.928'.
[   96.531303][ T6346] loop4: detected capacity change from 0 to 1024
[   96.564072][ T6346] EXT4-fs: Ignoring removed oldalloc option
[   96.570071][ T6346] EXT4-fs: Ignoring removed bh option
[   96.603519][ T6346] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.633628][ T6353] loop1: detected capacity change from 0 to 512
[   96.701712][ T6353] ext4 filesystem being mounted at /185/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   96.732998][ T6346] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[   96.771351][ T6353] netlink: 96 bytes leftover after parsing attributes in process `syz.1.933'.
[   97.111156][ T6367] loop1: detected capacity change from 0 to 8192
[   97.125538][ T6348] netlink: 96 bytes leftover after parsing attributes in process `syz.0.930'.
[   97.292497][ T6379] netlink: 'syz.1.940': attribute type 30 has an invalid length.
[   97.311648][ T6382] loop4: detected capacity change from 0 to 128
[   97.546077][ T6387] loop4: detected capacity change from 0 to 512
[   97.599965][ T6387] ext4 filesystem being mounted at /231/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   97.654862][ T6395] netlink: 'syz.1.946': attribute type 30 has an invalid length.
[   97.673120][ T6387] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #15: comm syz.4.944: corrupted xattr block 33: invalid ea_ino
[   97.700201][ T6387] EXT4-fs (loop4): Remounting filesystem read-only
[   97.706763][ T6387] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[   97.717675][ T6387] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[   97.747209][ T6387] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[   97.796002][ T6387] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   97.805621][ T6405] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6405 comm=syz.1.949
[   97.826880][ T6387] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   97.927409][ T6416] loop1: detected capacity change from 0 to 1024
[   97.945174][ T6416] EXT4-fs: Ignoring removed oldalloc option
[   97.951233][ T6416] EXT4-fs: Ignoring removed bh option
[   97.982887][ T6416] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[   98.015308][ T6422] netlink: 8 bytes leftover after parsing attributes in process `syz.0.955'.
[   98.024157][ T6422] netlink: 8 bytes leftover after parsing attributes in process `syz.0.955'.
[   98.055548][ T6424] netlink: 'syz.1.956': attribute type 30 has an invalid length.
[   98.149534][ T6430] loop1: detected capacity change from 0 to 1024
[   98.491522][ T6445] netlink: 'syz.4.964': attribute type 30 has an invalid length.
[   98.640097][ T6450] loop4: detected capacity change from 0 to 128
[   98.874071][ T6458] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6458 comm=syz.0.969
[   98.917345][ T6462] loop2: detected capacity change from 0 to 512
[   98.961583][ T6462] ext4 filesystem being mounted at /161/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   98.997807][ T6462] netlink: 96 bytes leftover after parsing attributes in process `syz.2.971'.
[   99.024179][ T6462] netdevsim netdevsim2: Direct firmware load for þ failed with error -2
[   99.292316][ T6492] pim6reg: entered allmulticast mode
[   99.303056][ T6492] pim6reg: left allmulticast mode
[   99.315430][ T6461] netlink: 96 bytes leftover after parsing attributes in process `syz.4.970'.
[   99.380147][ T6498] loop4: detected capacity change from 0 to 512
[   99.402276][ T6498] ext4 filesystem being mounted at /238/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   99.437718][ T6498] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #15: comm syz.4.984: corrupted xattr block 33: invalid ea_ino
[   99.451532][ T6498] EXT4-fs (loop4): Remounting filesystem read-only
[   99.458149][ T6498] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[   99.469869][ T6498] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[   99.478940][ T6498] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[   99.898152][ T6528] netlink: 4 bytes leftover after parsing attributes in process `syz.3.995'.
[  100.241567][ T6535] loop1: detected capacity change from 0 to 512
[  100.274030][ T6532] loop2: detected capacity change from 0 to 512
[  100.281434][ T6532] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  100.283328][ T6535] ext4 filesystem being mounted at /200/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  100.311931][ T6532] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  100.337122][ T6532] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.997: bg 0: block 248: padding at end of block bitmap is not set
[  100.351817][ T6532] __quota_error: 366 callbacks suppressed
[  100.351834][ T6532] Quota error (device loop2): write_blk: dquota write failed
[  100.355417][ T6535] EXT4-fs error (device loop1): ext4_xattr_block_get:597: inode #15: comm syz.1.998: corrupted xattr block 33: invalid ea_ino
[  100.357568][ T6532] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  100.357591][ T6532] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.997: Failed to acquire dquot type 1
[  100.358321][ T6532] EXT4-fs (loop2): 1 truncate cleaned up
[  100.365957][ T6535] EXT4-fs (loop1): Remounting filesystem read-only
[  100.384347][   T29] audit: type=1326 audit(1762244708.352:3420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6531 comm="syz.2.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085264f6c9 code=0x7ffc0000
[  100.388161][ T6535] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[  100.399349][   T29] audit: type=1326 audit(1762244708.352:3421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6531 comm="syz.2.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085264f6c9 code=0x7ffc0000
[  100.410339][ T6535] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[  100.412101][   T29] audit: type=1326 audit(1762244708.382:3422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6531 comm="syz.2.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0852646567 code=0x7ffc0000
[  100.468801][ T6540] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  100.476180][   T29] audit: type=1326 audit(1762244708.382:3423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6531 comm="syz.2.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f08525eb779 code=0x7ffc0000
[  100.513830][ T6535] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[  100.530967][   T29] audit: type=1326 audit(1762244708.382:3424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6531 comm="syz.2.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7f085264f6c9 code=0x7ffc0000
[  100.531004][   T29] audit: type=1326 audit(1762244708.382:3425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6531 comm="syz.2.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085264f6c9 code=0x7ffc0000
[  100.540678][ T6540] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  100.563263][   T29] audit: type=1326 audit(1762244708.382:3426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6531 comm="syz.2.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f085264f6c9 code=0x7ffc0000
[  100.565502][   T29] audit: type=1326 audit(1762244708.512:3427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6531 comm="syz.2.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0852646567 code=0x7ffc0000
[  100.655114][ T6544] netlink: 224 bytes leftover after parsing attributes in process `syz.0.999'.
[  100.721277][ T6544] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6544 comm=syz.0.999
[  100.774557][ T6557] loop2: detected capacity change from 0 to 1024
[  100.789535][ T6557] EXT4-fs: Ignoring removed oldalloc option
[  100.795636][ T6557] EXT4-fs: Ignoring removed bh option
[  100.849323][ T6557] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  100.906325][ T6564] loop4: detected capacity change from 0 to 512
[  100.954189][ T3316] ==================================================================
[  100.962329][ T3316] BUG: KCSAN: data-race in blkdev_open / queue_limits_commit_update
[  100.970346][ T3316] 
[  100.972689][ T3316] read to 0xffff8881024f8108 of 4 bytes by task 3550 on cpu 1:
[  100.980250][ T3316]  blkdev_open+0x161/0x290
[  100.984702][ T3316]  do_dentry_open+0x649/0xa20
[  100.989413][ T3316]  vfs_open+0x37/0x1e0
[  100.993486][ T3316]  path_openat+0x1c5e/0x2170
[  100.998099][ T3316]  do_filp_open+0x109/0x230
[  101.002629][ T3316]  do_sys_openat2+0xa6/0x110
[  101.007230][ T3316]  __x64_sys_openat+0xf2/0x120
[  101.011999][ T3316]  x64_sys_call+0x2eab/0x3000
[  101.016701][ T3316]  do_syscall_64+0xd2/0x200
[  101.021211][ T3316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.027119][ T3316] 
[  101.029449][ T3316] write to 0xffff8881024f8078 of 192 bytes by task 3316 on cpu 0:
[  101.037258][ T3316]  queue_limits_commit_update+0x4b/0x160
[  101.042910][ T3316]  lo_release+0x1e9/0x400
[  101.047263][ T3316]  bdev_release+0x373/0x3d0
[  101.051782][ T3316]  blkdev_release+0x15/0x20
[  101.056301][ T3316]  __fput+0x29b/0x650
[  101.060288][ T3316]  fput_close_sync+0x6e/0x120
[  101.065128][ T3316]  __x64_sys_close+0x56/0xf0
[  101.069739][ T3316]  x64_sys_call+0x273c/0x3000
[  101.074516][ T3316]  do_syscall_64+0xd2/0x200
[  101.079032][ T3316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.084944][ T3316] 
[  101.087284][ T3316] Reported by Kernel Concurrency Sanitizer on:
[  101.093526][ T3316] CPU: 0 UID: 0 PID: 3316 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[  101.103429][ T3316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  101.113491][ T3316] ==================================================================
[  101.346962][ T3320] EXT4-fs unmount: 18 callbacks suppressed
[  101.346991][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.