last executing test programs:

8.037338411s ago: executing program 3 (id=1257):
r0 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='signal_generate\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x8000000000000000}, 0x18)
keyctl$restrict_keyring(0xa, r0, 0x0, &(0x7f0000000040)='\xf3\x1e\xfb')

7.898645271s ago: executing program 3 (id=1260):
socket$netlink(0x10, 0x3, 0x14)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'ip_vti0\x00', 0x0})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x34, r3, 0x1, 0x0, 0x0, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0)

3.832700266s ago: executing program 3 (id=1336):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000840)={[{@orlov}, {@grpjquota}, {@errors_remount}]}, 0x1, 0x4af, &(0x7f00000012c0)="$eJzs3c1rXFUbAPBnZpo0SfO+/VCkrWALFeoHzeQDaaJuXKmLglhwo1BjMo01k0zITGoTCm1114ULUSyIC/f+BW7syiKIa92LC6lojaCCMDJ3ZtJ8TRo0nZHc3w+mOeee23nOyfAc7px7b24AqXW89k8moj8ivomI/fXq2h2O138s37k8UXtlolo9+3Mm2a9Wb+7a/H/7IuJqRPRExMvPR7yR2Ri3vLg0PV4sFuYb9XxlZi5fXlw6dWFmfKowVZgdGj09NjY6ODI8tmNjvf7eW9fPfP5i92e/v3v71vtfflHrVn+jbfU4dlJ96F1xcNW2PRHx7P0I1gG5xnh6O90R/pHa5/dARJxI8n9/5JJPE0iDarVa/au6t0VrJmkHdqdscgycyQ5ERL2czQ4M1I/hH4y+bLFUrjx5vrQwO1k/Vj4QXdnzF4qFwcZ3hQPRlanVh5Ly3frwuvpIRHIM/EGuN6kPTJSKk22e64C19q3L/99y9fwHUsJXfkgv+Q/pJf8hveQ/pJf8h/SS/5Be8h/SS/5Desl/SC/5D+kl/yGVXjpzpvaqNu9/n7y4uDBdunhqslCeHphZmBiYKM3PDUyVSlPJPTsz93q/Yqk0N/RULFzKVwrlSr68uHRuprQwWzmX3Nd/rtDVllEB23Hw2M3vMhFx9ene5FXT3WiTq7C7Vavu8Ye0ynV6AgI6xtIfpJfv+MAmf6J3jZ5WDXM73xegPbKd7gDQMSePOP8HaWX9H9LL+j+kl2N8wPo/pI/1f0iv/hbP//rfqmd3DUbE/yPi21zX3uazvoDdIPtjpn78P3Vy/6P961u7M38kpwi6I+Ltj89+dGm8Upkfqm3/ZWV75UZj+3An+g9sVzNPm3kMAKTX8p3LE81XO+P+9Fz9IoSN8fc01iZ7knOUfcuZNdcqZHbo2oWr1yLi8GbxM43nndfPfPQt5zbEP9T4mam/RdLfPclz09sT/8iq+I+sin/0X/9WIB1u1uafwc3yL5vkdKzk39r5p3+Hrp1oPf9lV+a/XIv579g2Y7z5yTs/tIx/LeLopvGb8XqSWOvj1/p2cqV2Zcv4t1975aFWbdVP6++zWfymWilfmZnLlxeXTiV/R26qMDs0enpsbHRwZHgsn6xR55sr1Rs9c/jrW1uNv69F/K3GX9v2+JajvuvPh7969fgW8R87sfnnf2iL+L0R8cQ24/86/P3rrdpq8SdbjD+7RfzatpFtxi9/+MLebe4KALRBeXFperxYLMzfs3Aj7r2PgkI7Clf+G93Y1YVOz0zA/XY36TvdEwAAAAAAAAAAAGC72nE5cafHCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwG/wdAAD//1v01o8=")
syz_io_uring_submit(0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r0 = syz_clone(0x20001080, &(0x7f00000000c0)="0e03b0d5dd9f9ff7f595becc067da1700dfdfb9409261bcc5a9fac2572200c653255dbc3e5424410ed8555548c59e02ef464706cb255e457c3b015458fcee82456e2d445936d660f590e700742378e843db6fb48db9a0d1662585aa1c16d771b9f4fa5e71567ee", 0x67, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0)="8c79b9579f55ea879e2f4b3cd99be87c2e001ac97026a13488aefd8d5288909babd3acf1d7e97c1a50c911653171504368f8f5ed879a7cdb71cf89856b89cb0f2d474712b1bb3fd9d16f33c747604cd6f8521f257c590301f7b7362cf41a0a3494bf2605d4418a98f480eaa2cb88eb45f5486843d5956c97a5e5a95784f9d2c4ab7bfad1b2451dd4fc600ad59d22e852d086c55676d453e5530dc8dd709525f648c7b979d08dae9305edcd2b32fa64c29ba9fb1d0d820c9a1173e570c2082b5280402b6153cb30dcb585aad18e847aedbe4cf6581ea985985216d392038d7c21c780")
process_vm_writev(r0, &(0x7f0000000880)=[{&(0x7f00000003c0)=""/221, 0xdd}, {&(0x7f0000000600)=""/177, 0xb1}, {&(0x7f00000006c0)=""/202, 0xca}, {&(0x7f00000002c0)=""/93, 0x5d}, {&(0x7f0000001780)=""/4096, 0x1000}], 0x5, &(0x7f0000000800)=[{&(0x7f0000000900)=""/253, 0xfd}, {&(0x7f0000000a00)=""/146, 0x92}], 0x2, 0x0)
timer_create(0xfffffffd, 0x0, &(0x7f0000000040)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000080)={{0x0, 0x3938700}, {0x77359400}}, 0x0)
timer_gettime(r1, &(0x7f0000000240))
removexattr(&(0x7f0000000040)='./file2\x00', &(0x7f0000000000)=@known='trusted.overlay.upper\x00')
unshare(0x18040d00)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0xff08, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r3}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)
r4 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)="e9bed67a87ee4623d39c10780000000000000000", 0x14}, 0x1, 0x0, 0x0, 0xc0}, 0x20040814)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000ac0), 0x402, 0x0)

3.668035546s ago: executing program 3 (id=1339):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000002005d4800000000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r0}, 0x18)
pipe2$9p(&(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = socket(0xa, 0x40000000002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00', 0x19, 0x2, 0x208, [0x20000600, 0x0, 0x0, 0x20000630, 0x20000660], 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0200000005000000000000000000766574683098c76f5f7465616d00000064756d6d79300000000000000000000064756d0004300000000000000000000073797a6b616c6c8279a7e00000000000ffffffffffff000000000000ffffffff7fff00000000000000087000000070000000a000000072656469726563740000000000000000000000000000000000000000000000000800000000000000ffffffff000000000b00000000000000000073797a6b616c6c65723100000000000067726574617030000000000000000000766c616e30000000000000000000000064756d6d7930000000000000000000000180c2000000000000000000aaaaaaaaaabb00000000000000007000000070000000a8000000736e6174000000000000000000000000000000000000000001b700000000000010000000000000000000000000000000ffffffff00000000"]}, 0x280)
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000000880)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x2, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000021000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000400000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff020000000300000000000000ffff0000000000000000000000000000000062726983676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000d8010000d801000010020000636f6d6d656e7400000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073746174697374696300000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e3000e575dd73000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a8000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff00000000"]}, 0x3c0)
write$P9_RVERSION(r2, &(0x7f00000000c0)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r2)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x0, 0x0, {0x0, 0x0, 0x0, r7}}, 0x24}}, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="00000000000000000000000000f0000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000100000200000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000009500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b000000"], 0x7c8)
r9 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_DAEMON(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000a40)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="01000000000000000000090000003c0003800800010002000000140002007663616e300000000000000000000000080003000000000014000600ff"], 0x50}}, 0x4000044)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000840)={&(0x7f0000000a80)={0x148, r9, 0x300, 0x70bd27, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x13, 0x3}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x20, 0xc}}]}, @IPVS_CMD_ATTR_SERVICE={0x64, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@private2}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x7}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x69}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x77}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@private1={0xfc, 0x1, '\x00', 0x1}}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xc}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}, @IPVS_CMD_ATTR_SERVICE={0x24, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x87}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x51}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e21}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1ff}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x400}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x400}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2b}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x7}, @IPVS_SVC_ATTR_AF={0x6}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x63}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e24}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x0, 0x8}}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x20004000}, 0x24000000)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}})
umount2(&(0x7f0000000340)='./file0\x00', 0x0)

3.560815836s ago: executing program 3 (id=1342):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file3\x00', 0x2000480, &(0x7f0000000280), 0x1, 0x772, &(0x7f0000000a00)="$eJzs3d1rW+UfAPDvSd/Wbr9fKwg6rwqCFsZSO+um4MXECxEcDPTaLaRZmU2b0aRjLQU3RPBGUPFC0Jtd+zLvvPXlVv8LL2RjajeceCGVkyZbtiZdujXJIJ8PPM3znHPS5/nmOec5T3IOSQB9azL9k4k4GBEfJRHjteVJRAxVc4MRx7e2u7Wxnk9TEpubb/6RVLe5ubGej4bnpPbXCk9GxI/vRxzKbK+3vLq2kCsWC8u18nRl8dx0eXXt8NnF3HxhvrB0dGZ29sixF44d3btY//pl7cC1j1979pvj/7z3xJUPf0rieByorWuMY69MxmTtNRlKX8K7vLrXlfVY0usG8EDSQ3Ng6yiPgzEeA9VcC6PdbBkA0CnvRsQmANBnEud/AOgz9c8Bbm6s5+upt59IdNf1VyJi31b89eubW2sGa9fs9lWvg47dTO66MpJExMQe1D8ZEV989/ZXaYoOXYcEaObipYg4PTG5ffxPtt2zsFvPtbHN5D1l4x90z/fp/OfFZvO/zO35TzSZ/4w0OXYfxP2P/8zVPaimpXT+93LDvW23GuKvmRiolf5XnfMNJWfOFgvp2Pb/iJiKoZG0PLNDHVM3/r3Ral3j/O/PT975Mq0/fbyzRebq4Mjdz5nLVXIPE3Oj65cinhpsFn9yu/+TFvPfk23W8fpLH3zeal0afxpvPW2Pv7M2L0c807T/79zRlux4f+J0dXeYru8UTXz762djrepv7P80pfXX3wt0Q9r/YzvHP5E03q9Z3n0dP18e/6HVuvvH33z/H07equaHa8su5CqV5ZmI4eSN7cuP3HluvVzfPo1/6unmx/9O+3/6nvB0m/EPXvv96wePv7PS+Od21f+7z1y5tTDQqv72+n+2mpuqLWln/Gu3gQ/z2gEAAAAAAAAAAAAAAAAAAAAAAABAuzIRcSCSTPZ2PpPJZrd+w/vxGMsUS+XKoTOllaW5qP5W9kQMZepfdTne8H2oM7Xvw6+Xj9xTfj4iHouIT0dGq+VsvlSc63XwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCzv8Xv/6d+G+l16wCAjtnX6wYAAF3n/A8A/Wd35//RjrUDAOge7/8BoP84/wNA/3H+BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMNOnjiRps2/N9bzaXnu/OrKQun84blCeSG7uJLP5kvL57LzpdJ8sZDNlxZb/qOLWw/FUuncbCytXJiuFMqV6fLq2qnF0spS5dTZxdx84VRhqGuRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED7yqtrC7lisbAs05AZfjSaISPTs0zjKDHauwEKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4BH3XwAAAP//8QwqXg==")
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000, @void, @value}, 0x94)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000000)={0x1f, 0xffff, 0x2}, 0x6)
recvmmsg(r3, &(0x7f0000000580)=[{{&(0x7f0000000080)=@nl=@unspec, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000100)=""/230, 0xe6}, {&(0x7f0000000240)=""/200, 0xc8}, {&(0x7f0000000340)=""/175, 0xaf}, {&(0x7f0000000400)=""/53, 0x35}, {&(0x7f0000000440)=""/119, 0x77}], 0x5, &(0x7f0000000540)=""/55, 0x37}}], 0x400000000000222, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000740)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
timer_create(0x3, &(0x7f0000000040)={0x0, 0x11, 0x2, @thr={0x0, 0x0}}, 0x0)
r5 = io_uring_setup(0x1de0, &(0x7f0000000440)={0x0, 0x213e, 0x40, 0x0, 0xfffffffc})
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0x1a, 0x20000028, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8940, &(0x7f0000000080))
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file3\x00', 0x303080, 0x120)
sendmsg$nl_route(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="3800000028000100000000000000000007000000", @ANYRES32, @ANYRESHEX=0x0], 0x38}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffc}]})
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000031c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070015006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa80b0b8ed8fb1ec577c377f627daaf787a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bdeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aab926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb155481ef836eb0f8c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaed2b25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe514283707c70600000000000000b7561301bb997316db01ee601f2c9659db9bc04f7089a660d8dcc3ae83169cf331efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61ee2010000294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bfe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b2b458c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff00004043060000005dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df40600000000000000e9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1202000000b59fed817072a0da60160761fd3dffda0f7c742eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7000000000000000542954c167dd9b4acd946ffffffffffffffff1389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c9e281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b630500163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f700400fa0c61d5fe6d8ff353f631080405547d65375ae04f44f0c2543c772c5ccb137be7dc87746e1785a8214454d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b036e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e010000005a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb3985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1428c0805b4031a667e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a9cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab9100781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c1227c8bed10591958c906321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b863af34bac64c247672a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f27080ece2a94c360b002c77f82662675a7713c7067081cac1599a998c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc215a18ca0265400abf38e90000000000000000008faf2cddffbfa66bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942ce18e57bb7f337df5435bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de286553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c03f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c872a4882d21db2046a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265441d513a1294b8439276394945d94a589708e32a1cb30a8b07b391201385e0b92ecbb7b13d7a87284164018ace6ce58a82c5de321452461089cdd69259f5390f5f508646a524490583c30630bedb47e158ad41c0a653e86a4f4f255cd2a6e95f33b586823aef5564d9de1f5bdd8c80e193f0597b8003860302cd243c00bc5a82c52afb115d16258d507937966bb89409d6d47b8b652d0761d7c72875ae1efb9bc7c6807c2d783e31fd9cd7e84d3d50d8fc44ab8ac9ccd2c0d42e3bd4c029241320446bbf47e23d1320de30fbdf7ed13f80c28fb5c13fccc2e3f73509bdcddad8a2fe48cdd61f2f43611704af64eed8b0cbbd08754f93b8f3d6347aad5cde1ccc5cbd5eaa87e52cea257c856a4af5243eeb5e89f0000000000000000f420df5e4c6d856b3d55e455c08110b2ef4255a38f81555e8e1f22d59c0bc3c9013e66a1f5bda1b695e1602c0afb5c35b2f68f3b151b1e869f40ff4d1bef5e926e1ff95f6321131e4cb797f53455a093a95e67605222d6acc29c46e5db1ef3b8b07e2169fb24ced4b3ae87ebeca06df93212e465bbd1a7e41df2e1a0d508f86cfc7a469ac682685c44692877d03c34c23a65d2677acc73b5d276fdebd685c9b7a079eae228d8426188cb19b083548f5f29e493ab079f33d1965dcbb165015c46998ad410d60cc65fcfa73bd65a43fc024455c4bf530d663976cf71490577251780ab6b1cf8d397444b5be575229f687a3d95ea6b2aa62fce8acb3d4a6a130b4fefa55d0c1d6f3fa448ee24e588e2965c9a442f0baf90923dda91a6850fb7b9c7f432b63001423fedcf053fa28024cc9a178a07042dabc07176fc524032c2edb340c9c18a83565c431aeb0c869683507255254430f90f61e4eca9c8fa98c000b35fec357ee1ebd08439bd95c1ab0753dfd2603d1608bd8c589a1e160000a6ee0ad13346e08738c2d7b00b5d121d918f1dc8bceded939fa8605b54b37cdfcea0bf2bc63e655dc04a2e50212ff89d6587d49896ce18916cf3adc12839c345ca91bb232b891fae2fdd68aaa38281c0feb2c107af3e080d6cdd1c6646ec6804d7e9960c02aa0db9eda24bbcb287fd2a890fa7f9d6ae0c0b1f8dd1603c9ea2f66b572276f96a28b5b6dd9f9bf6ad4bdaa2139b90faf1f40b0f141258578bd825daaaf718d21b7ac05fe5d1b699e5422ca341fe1c944f68fe3a6d783dcf30b0e09d7688f696883b61cb64464b04d351a0a69b0733c348049b0430ed40e200f4ff0000000000000000000000996bcc1b721b152c892fab887e7d20466d90c049c0fdf51dcc16d226a2619c6f47bc25b7f5df5c09fed638922ed127ab36aa7b0c58a2ce5894b1b0f5375d340d96b69b966b05daaf585121a9c7605ed8e9964eef1f14b74cbb2ccdadc6d0b77cf0492b75e1cd11bfdcfddde91b20366715ba0cbe1041be2a65c25d7ca15ef8b71bd2ab9a4294899a1964b0152518fc2ac15a728bcb9e2bc4b551dfdf9011a2a607bc39ad2c4d7c64dcf967724e9b63c397d5265ad3f1da4395a5a800d8845257dcbf210d4f00fe0bd3deed05e506736e6bb6d40ee6cb960bcdb33633ee87f82beb665a9a4c2d4d2b06479ade3a4cd6bba765c9f52b52a0bdd0849ab92baae3775570accb5a57ee9f0035fc6d3df4eebec2e7eb4ff863d3979a20f4428ddca471037b49d4fd130743a97faa02c293b721e52bf53d64c6585e138162331ef98792e1e9b21a6a084fb7b42c64062ef1323a8a65a8ed6038f274f28ff4f78136a1ef108efbe8c4f4e347d50dcdbc33bf3ade4c3a39d316061930d7dd39b8acdecc3f27830e3eda40e648328d95a9aee65a9dd09fd4e96d5b852025dc53ec3f30cc753e6a796084b4e34f521dbb230ae0f3b79142073d437e1fd22d3b7503ffa95b1d5c7740b0ecbfd35dc0f8af895583dfcc2689f6e02c2dd4b57f3dcac54f40da013eb221fa3d65de760576031052c25a96ed4b20230b36d46d3d3fd6bb1d77cc8a48a6b10fa0149e55ccde4a2b26cca2d1ca9191c74ab006a602543fc24d1283e353cfb917620000000024bf3eed258c02a591ec4cd295212d9a98d38745f6f6c4530900000000000000f184f239098bf32551c7cf454e2865974f6520112743f73c619c3cab5609e00178f7393e53462f31559220c026bbde09837bf1b3ffe748a3247c9569f0c5e99f4494f93e0fa1badca90c888616eca97bddabd8003fc12a084d4b11d841979e161b998ddda92f194c4ec7947b7b303be11e0962d429a2c542a28c4932e14c123dfe2b8ec47a11cce134fd6e42a9f4e00ab6de6b45"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='thermal_power_allocator_pid\x00', r0, 0x0, 0x2000000000000009}, 0x18)
syz_open_dev$loop(&(0x7f00000003c0), 0x76, 0x597100)
fchdir(r2)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSBRKP(r6, 0x5425, 0x4)
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="002918d910d46be7099c66b02010b1f0b7c3dc1dabe625969fb0adc922385af53d57a1d35dd71c90d9dd649b53142dd3d4108b4c7db82e8475d5bb6fa2fa626cd92c7326ce1ba2f33b0aef2b2164e01d910058b51684696959ea7f5a607a6572d2640cf9312a07000000260e3651a0cbfd2c080990fb4c76e9e613a759863734a70d0600ec77e8ba76aacbb21e4b903aa4873a9951f269a9c0f87805a1a0cbdf6b8644a1de05a8d9dd9687d67c8af7f68cb59e60d1fbefb49b93d6b72cce4162edc4468a13987d94d428df36915621aeff6dc1358a7331fa69e05c417c2e1e6b8dc29c496c76d02dfc2d7b48616fb3f01b221f4f8f484a00090964922de8909a1f9f7ef655a12a68a56cb341a8fba4cd81cedec9cb518d13d2a2564427b63b037494748a24daa21fe1256df68d000b2778bf0437cc642cd83c5a1b34eeffdf93ecbd85bb340eeef68dd60101769c74f94d217264c171feea0305bfc87c36247d90b129a9973f00000001d99b195d2f75653a0193672783c6dbca5d1445110621d8095064f0a034f492cf5aa4767a772d6f4967722546bfd83d3202f76c20a9d7f40f9e7818d77129df7fd072804e0227ecaa03dddd303a318d6f7763ce011543587e6a306780ca2f37db7e8a5b64a5059ac91ff2110e40ea13d70e1504653ba9eebcf61b427797fb3fd79d2bb9aaa13c9729fe323c4ac222991981381e004684fb200b17d2f6ede181067662ad8a31f45b613869ca8fc5b1dbe62407a1f6dcb86a4c430210e9bcfca9b83283b87316c4d17f388e0bab0500000092a82e12f8e5348f11e7739033e9081bfc598746cf032fa55d9581470000000019ac65f89ca7d96da3ca2db52f8ec80462fddf42dbbca24b7200"/643], 0x1, 0x120b, &(0x7f00000036c0)="$eJzs3M9rXFUUB/CTNv1hajJRa7UF6UE3unk2WbhyEyQF6YDSNoVWEF7NRIeZzIS8ITBFbHdu/TvEpTtB/AeyceNacJeNyy7EJ84LtglxEcFOWz6fzRzm3i9zH28YeJd7Zu/9bzZ7G1WxUY7ixMxMzG5F5MOMjBNxMhoP4p1bv/z6xo3bd66ttNur1zOvrtxcei8zFy7/+MmX37350+jcre8XfjgTu4uf7v2+/Nvuhd2Le3/e/KJbZbfKwXCUZd4dDkfl3X4n17tVr8j8uN8pq052B1Vn+8D4Rn+4tTXOcrA+P7e13amqLAfj7HXGORrmaHuc5edld5BFUeT8XPDfnY61bx/WdR1R16fidNR1Xb8Qc3EuXoz5WIhWLMZL8XK8Eufj1bgQr8XrcXEya9orBwAAAAAAAAAAAAAAAAAAgOeL/n8AAAAAAAAAAAAAAAAAAACYPv3/AAAAAAAAAAAAAAAAAAAAMH36/wEAAAAAAAAAAAAAAAAAAGD6bty+c22l3V69nnk2YvPrnbWdtea1GV/ZiG70oxNXohV/xKT7v9HUVz9sr17JicV4d/P+fv7+ztrJg/mlyd8JHJlfavJ5MH8m5h7PL0crzh+dXz4yfzbefuuxfBGt+PmzGEY/1uPv7KP8V0uZH3zUPpS/NJkHAAAAz4Mi/3Hk83tR5MxMM/XQePPmv+8P1K1D+wOHnq9n49LsFC+ciWp8r1f2+53tZ6vY/0rGvV55+WlYj+IYxf69e/C0rOcZLU5FxP/4EVP8UeKJeXTTp70SAAAAAAAAAAAAjuMYBwNnm/O2xz9OOO1rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5iB44FAAAAAIT5W6fRsQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFcFAAD//78558w=")
rename(&(0x7f0000000040)='./file1\x00', &(0x7f0000001300)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)

3.378995117s ago: executing program 3 (id=1346):
socket$netlink(0x10, 0x3, 0x14)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'ip_vti0\x00', 0x0})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008000000"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x34, r3, 0x1, 0x0, 0x0, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0)

2.64016803s ago: executing program 2 (id=1357):
sendmsg$RDMA_NLDEV_CMD_GET(0xffffffffffffffff, 0x0, 0x400d0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000003c0)={0x4, <r0=>0x0}, 0x8)
r1 = socket$rds(0x15, 0x5, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000004495"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
bind$rds(r1, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r1, &(0x7f0000000380)={&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000300)=[@rdma_args={0x48, 0x114, 0x1, {{}, {&(0x7f0000000400)=""/196, 0xc4}, &(0x7f00000002c0)=[{&(0x7f0000000600)=""/183, 0xb7}], 0x1, 0x0, 0xfffffffffffffffc}}], 0x48}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000005e002200850000006d00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x4, 0x11, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x7}, {}, {}, [@cb_func={0x18, 0x8, 0x4, 0x0, 0x5}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000100)='syzkaller\x00', 0x5, 0xf6, &(0x7f0000000240)=""/246, 0x41100, 0x40, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000000340)={0x1, 0x6, 0x62bd2443, 0x1}, 0x5e, r0, r4, 0x4, &(0x7f0000000400)=[r5], &(0x7f0000000440)=[{0x5, 0x5, 0xa, 0x3}, {0x3, 0x5, 0xc}, {0x4, 0x3, 0xa, 0x6}, {0x40000002, 0x4, 0xb, 0x5}], 0x10, 0x7, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r7 = socket$kcm(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r8, 0x560a, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x0, 0x7, 0x5})
syz_genetlink_get_family_id$devlink(&(0x7f0000000380), 0xffffffffffffffff)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TCSETS(r9, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "000080f100df00000000000000000009f600"})
syz_open_pts(r9, 0x101)
write$binfmt_aout(0xffffffffffffffff, 0x0, 0x1a3)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r10}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$9p_tcp(&(0x7f0000000500), &(0x7f0000000540)='./file0\x00', &(0x7f0000000580), 0x0, &(0x7f0000000940)=ANY=[@ANYBLOB='trans=tcp'])
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a001400000002801687121f", 0x2e}], 0x1}, 0x4000850)
splice(r6, &(0x7f0000000540)=0x6, r4, &(0x7f0000000580)=0x2, 0x9, 0xb)

2.075188172s ago: executing program 1 (id=1364):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
mknod(&(0x7f0000000040)='./file0\x00', 0x8000, 0xe02)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c00)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000001a000000000000000000850000001700000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="0600"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000ffff00000000000000000000000000cfb9f6d2d5d3271742bd9b8e886e22f20000000000b5c653b1b9285367a67097f25cda30d0ed153cbef64e761bda3cf55ac145ec84b8ea00081d503d65fefa36366b0989b1b8c35af16ad51db47b27608f36d3c834125dfacc4552717b37df9d653ca8b197e0f9a0b348cee1bd697b061af1618b20a2dbe4d5e1d35699ce9dfebfe521c8e84fd2cad83360267e481006973c37a87116"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r5}, 0x10)
syz_io_uring_setup(0x24f9, &(0x7f0000000180)={0x0, 0x0, 0x10100, 0x0, 0x1000000}, &(0x7f0000000100), 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='rdma.current\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f00000000c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r7, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x0, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r8=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="440000001000010800"/20, @ANYRES32=r8, @ANYBLOB="00000000000000001c002b8008000100", @ANYRES32, @ANYBLOB="080003001900000008000800", @ANYRES32=r1], 0x44}}, 0x0)
r9 = open(&(0x7f0000000000)='./file0\x00', 0x615, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2, 0x11, r9, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRES64=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
r11 = syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000240)='./file1\x00', 0x3200010, &(0x7f0000000c00)=ANY=[], 0x3, 0x7b6, &(0x7f0000000280)="$eJzs3U1sHGf5APBn/Leb1JWiqn9UoihNJ0mREhHc3XXrYvVQtuuxM629a3bXKDmgtmqcKor7oVYVNAdKLi0gEOLEsfRa9cINxAGJA3BCogcuHJAq9YSKBBICISSjmd2NP7Jr58tJP36/VfZ9d+aZd96Zncyzs96ZCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgksZcpVJNYjFvrpxJR2vMtVtLO4wftPfrLcUO841Iin+xf38c7A06+IWN0fcXT8ficO/V4dhfFPvj0j333/v4/4+PDabfoUM36ug1xiUR3y06dfG5tbXVV/egI7fRD3513ZP8e714XsiaeaeVL9UXsjTvtNLZmZnKw6fnO+l8vph1zna62VLaaGf1bqudnmicTKuzs9NpNnW2tdJcmKsvZoOBj32lVqnMpE9NLWf1dqfVfPipqU7jdL64mDcXypha5VtRxDxWbIhP5920m9WX0vT8hbXV6d26WgRVtwzZt2XDOfzQvR+9/uE/LqwWG+SoRpL+hlmrVmu16syjs48+VqmM1yq1rQMq28SViBiLKCL2ZKPlU+TW7bzhJo31838sRh7NWIkzkUYaY+XzxmMi9sdctKMVS8XrP01sG39V/v/Sw3/7w07z3Zz/B1n+4MboQ1Hm/yO9V0dG5P9ip7y9H3v3aL7f683mYa/FG3EpLsZzsRZrsRqv3sb+3NBj7Na2txBZNCOPfRGRx1LUyyFp5NGJVqQxGzMxE5V4Jk7HfHQijfnIYzGy6MTZ6EQ3snKLakQ7sqhHN1rRjjRORCNORhrVmI3ZmI40spiKs9GKlWjGQsxFvWzlfFwo1/v0tn7d/51nf/nCHz96p6hfCarusCBJ8WGuCPr7DkH9ZP5g3ED+H0TI/581+/v7rGuNv5W7b7gp62X+H7/T3QAAAAD2UFJ++55ExEQ8UNbm86/f6U4BAAAAt1T5u+bDRTFR1B6IZD5fzCpDIj+47X0DAAAAbo2kPMcuiYjJeLBXG5wuNexLAAAAAOBTqPz7/5GimIx4sxzg+B8AAAA+Y7436hr7H97Vv0ZvZ3lf8n/96OUzDyUv1ota/cX+sH7xjSstducPJQf6jZTFzPile5KIGG9kh5PB1S//u69Xflw+H9q4AOGoa/0n7fZEcnl0B2LnDpSv4odxtBdz9FyvPDcY05vL5Hy+mE01WouPV5P+lyPd11+68O2IYu7fby4dSOL8hbXVqedfXjtX9uVy0crlF/uXh0+uoy/r/TUQDwxf4onyRIz+fCd7861sXv6x3uRjO88z2TzPt+JYL+bYZK+c3Lr8+4t5Vqcer0a9fmCsm53pvr6+aen7vaje5JK/Fcd7McdPHO8VQ3pR29KLl67uRW1zL65tXVxzL945+uaZf/62lWTTu/Vi+iZ7AXCnnC+v+rORhe4us9B/1nuK/L8t7949mPJ69nLnNz5lDKbflOvG47qy+yDZDNmjn+jFnOh9nhg/NCSvVIbs0V+58Mrv+nv0R9776c++eeT3P7/x7PZenOzF9Iu47zcjcmyxzD/allXfLaZ4d8R8i5e1JCZ6907YGL36wupLtdr0TOWRSuXRWkyUHxX6hdwDwBC73mPnGu7C88jwo+oYZLz7rvykYCqej5djLc7FqfJsg4h4cHirk5t+hnBql6PWyU13eDm187HlwY3TG2rbY/cdT2JEu9Ob1tgXf1IW/9q79wQA9tqxXfLwteT/U7scd2/N5Sd7N84dHB3H6Fw+zFf3eoUAwOdA1v44mey+nbTb+fIz1dnZar17OkvbrcbTaTufW8jSvNnN2o3T9eZCli63W91WY/DF8VzWSTsry8utdjedb7XT5VYnP1Pe+T3t3/q9ky3Vm9280VlezOqdLG20mt16o5vO5Z1Gurzy5GLeOZ21y4k7y1kjn88b9W7eaqad1kq7kU2laSfLNgXmc1mzm8/nRbWZLrfzpXr7ckQsrixl6VzWabTz5W6r1+BgXnlzvtVeKpudunrx/3q71zcAfBK89sali8+tra2+urWynmwfMrzy5zcuXRz8iX5kcMT6HV5KAGCzzVkaAAAAAAAAAAAAAAD4ZLr6dL1i6G6n/W2pTMR1BG+r7Bt91uDnsvLl93tvy61o8GbauXvLe3pXf2O58+vnuivPPvHExVExT7558PRfsojd2xn+P2XYqa5vH4i46xc/7g352u1a0g+itxQxfl2Tryc7xNyxXRIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjPS/AAAA//8zP0xn")
openat(r11, &(0x7f0000000a40)='./file0\x00', 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r9, 0xc018937b, &(0x7f0000000ac0)={{0x1, 0x1, 0x18, r0, {0xee00, 0xee01}}, './file0\x00'})
r12 = getuid()
setreuid(0xee00, r12)
r13 = socket$unix(0x1, 0x2, 0x0)
getsockopt$sock_cred(r13, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r14=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0xee01, r14, 0xffffffffffffffff)

2.029712482s ago: executing program 1 (id=1365):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
mknod(&(0x7f0000000040)='./file0\x00', 0x8000, 0xe02)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c00)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000001a000000000000000000850000001700000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="0600"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000ffff00000000000000000000000000cfb9f6d2d5d3271742bd9b8e886e22f20000000000b5c653b1b9285367a67097f25cda30d0ed153cbef64e761bda3cf55ac145ec84b8ea00081d503d65fefa36366b0989b1b8c35af16ad51db47b27608f36d3c834125dfacc4552717b37df9d653ca8b197e0f9a0b348cee1bd697b061af1618b20a2dbe4d5e1d35699ce9dfebfe521c8e84fd2cad83360267e481006973c37a87116"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r5}, 0x10)
syz_io_uring_setup(0x24f9, &(0x7f0000000180)={0x0, 0x0, 0x10100, 0x0, 0x1000000}, &(0x7f0000000100), 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='rdma.current\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f00000000c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r7, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x0, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r8=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="440000001000010800"/20, @ANYRES32=r8, @ANYBLOB="00000000000000001c002b8008000100", @ANYRES32, @ANYBLOB="080003001900000008000800", @ANYRES32=r1], 0x44}}, 0x0)
r9 = open(&(0x7f0000000000)='./file0\x00', 0x615, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2, 0x11, r9, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRES64=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
r11 = syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000240)='./file1\x00', 0x3200010, &(0x7f0000000c00)=ANY=[], 0x3, 0x7b6, &(0x7f0000000280)="$eJzs3U1sHGf5APBn/Leb1JWiqn9UoihNJ0mREhHc3XXrYvVQtuuxM629a3bXKDmgtmqcKor7oVYVNAdKLi0gEOLEsfRa9cINxAGJA3BCogcuHJAq9YSKBBICISSjmd2NP7Jr58tJP36/VfZ9d+aZd96Zncyzs96ZCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgksZcpVJNYjFvrpxJR2vMtVtLO4wftPfrLcUO841Iin+xf38c7A06+IWN0fcXT8ficO/V4dhfFPvj0j333/v4/4+PDabfoUM36ug1xiUR3y06dfG5tbXVV/egI7fRD3513ZP8e714XsiaeaeVL9UXsjTvtNLZmZnKw6fnO+l8vph1zna62VLaaGf1bqudnmicTKuzs9NpNnW2tdJcmKsvZoOBj32lVqnMpE9NLWf1dqfVfPipqU7jdL64mDcXypha5VtRxDxWbIhP5920m9WX0vT8hbXV6d26WgRVtwzZt2XDOfzQvR+9/uE/LqwWG+SoRpL+hlmrVmu16syjs48+VqmM1yq1rQMq28SViBiLKCL2ZKPlU+TW7bzhJo31838sRh7NWIkzkUYaY+XzxmMi9sdctKMVS8XrP01sG39V/v/Sw3/7w07z3Zz/B1n+4MboQ1Hm/yO9V0dG5P9ip7y9H3v3aL7f683mYa/FG3EpLsZzsRZrsRqv3sb+3NBj7Na2txBZNCOPfRGRx1LUyyFp5NGJVqQxGzMxE5V4Jk7HfHQijfnIYzGy6MTZ6EQ3snKLakQ7sqhHN1rRjjRORCNORhrVmI3ZmI40spiKs9GKlWjGQsxFvWzlfFwo1/v0tn7d/51nf/nCHz96p6hfCarusCBJ8WGuCPr7DkH9ZP5g3ED+H0TI/581+/v7rGuNv5W7b7gp62X+H7/T3QAAAAD2UFJ++55ExEQ8UNbm86/f6U4BAAAAt1T5u+bDRTFR1B6IZD5fzCpDIj+47X0DAAAAbo2kPMcuiYjJeLBXG5wuNexLAAAAAOBTqPz7/5GimIx4sxzg+B8AAAA+Y7436hr7H97Vv0ZvZ3lf8n/96OUzDyUv1ota/cX+sH7xjSstducPJQf6jZTFzPile5KIGG9kh5PB1S//u69Xflw+H9q4AOGoa/0n7fZEcnl0B2LnDpSv4odxtBdz9FyvPDcY05vL5Hy+mE01WouPV5P+lyPd11+68O2IYu7fby4dSOL8hbXVqedfXjtX9uVy0crlF/uXh0+uoy/r/TUQDwxf4onyRIz+fCd7861sXv6x3uRjO88z2TzPt+JYL+bYZK+c3Lr8+4t5Vqcer0a9fmCsm53pvr6+aen7vaje5JK/Fcd7McdPHO8VQ3pR29KLl67uRW1zL65tXVxzL945+uaZf/62lWTTu/Vi+iZ7AXCnnC+v+rORhe4us9B/1nuK/L8t7949mPJ69nLnNz5lDKbflOvG47qy+yDZDNmjn+jFnOh9nhg/NCSvVIbs0V+58Mrv+nv0R9776c++eeT3P7/x7PZenOzF9Iu47zcjcmyxzD/allXfLaZ4d8R8i5e1JCZ6907YGL36wupLtdr0TOWRSuXRWkyUHxX6hdwDwBC73mPnGu7C88jwo+oYZLz7rvykYCqej5djLc7FqfJsg4h4cHirk5t+hnBql6PWyU13eDm187HlwY3TG2rbY/cdT2JEu9Ob1tgXf1IW/9q79wQA9tqxXfLwteT/U7scd2/N5Sd7N84dHB3H6Fw+zFf3eoUAwOdA1v44mey+nbTb+fIz1dnZar17OkvbrcbTaTufW8jSvNnN2o3T9eZCli63W91WY/DF8VzWSTsry8utdjedb7XT5VYnP1Pe+T3t3/q9ky3Vm9280VlezOqdLG20mt16o5vO5Z1Gurzy5GLeOZ21y4k7y1kjn88b9W7eaqad1kq7kU2laSfLNgXmc1mzm8/nRbWZLrfzpXr7ckQsrixl6VzWabTz5W6r1+BgXnlzvtVeKpudunrx/3q71zcAfBK89sali8+tra2+urWynmwfMrzy5zcuXRz8iX5kcMT6HV5KAGCzzVkaAAAAAAAAAAAAAAD4ZLr6dL1i6G6n/W2pTMR1BG+r7Bt91uDnsvLl93tvy61o8GbauXvLe3pXf2O58+vnuivPPvHExVExT7558PRfsojd2xn+P2XYqa5vH4i46xc/7g352u1a0g+itxQxfl2Tryc7xNyxXRIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjPS/AAAA//8zP0xn")
openat(r11, &(0x7f0000000a40)='./file0\x00', 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r9, 0xc018937b, &(0x7f0000000ac0)={{0x1, 0x1, 0x18, r0, {0xee00, 0xee01}}, './file0\x00'})
r12 = getuid()
setreuid(0xee00, r12)
r13 = socket$unix(0x1, 0x2, 0x0)
getsockopt$sock_cred(r13, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r14=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0xee01, r14, 0xffffffffffffffff)

1.982210122s ago: executing program 1 (id=1366):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x401d031, 0xffffffffffffffff, 0x0)

1.967930652s ago: executing program 1 (id=1367):
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b0000000700000001000100090000000100000052caa5efc7be71f1eded496e5d1f39e44b98b69cbe4e4845943afacc5ef9b79946ae65e9219f9e949603ccf3cdb3da557efec9103f195e901184cfe8feefeef0bbd604ca77da10f0ab43652d9ec7a8c252c8d1cac5326f8964134bfa31ab52ecb4d5f11bc56b69ad73be9c8f9a634a4f9afbbd751062a29a024d6e17074b4f7bbb7a80326b127249c2a1de13eb40adf562a993a3def69ac5abd9b8acd11827b221be9d4f3525e167403029950e1e1d39e2499d2bfa805b286f03efcb15f658a1e5", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000000)={0x1f, 0xffff, 0x2}, 0x6)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2, <r3=>0xffffffffffffffff}, 0x4)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0006, &(0x7f0000000140)={[{@jqfmt_vfsold}, {@resgid={'resgid', 0x3d, 0xee00}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x444, &(0x7f0000000980)="$eJzs3MtvG8UfAPDv2nHS5y/5lfJoaCFQEBGPpEkf9MAFBBIHkJC4FHEKSVqFpg1qgkSrCAKHcESVuCOOSPwFnOCCgBMSV7ijShXKpYWT0dq7qZvYaZw4del+PtLGM96xZr67O/bsjJ0ACmso/ZNE7IuI3yOiv569vcBQ/eHmyuLk3yuLk0lUq2//ldTK3VhZnMyL5q/bW89Uq1m+r0m9y+9GTMzOTl/K8qMLFz4Ynb985YWZCxPnps9NXxw/ffrE8SO9p8ZPdiTONK4bgx/PHT70+jtX35w8c/W9n79N27sv298YR6cM1Y9uU09XOl1bd+1vSCc9XWwIbSlHRHq6KrX+3x/l2L26rz9e+6yrjQN2VLVarTb7fM4sVYH7WBLdbgHQHfkHfXr/m293aehxT7j+cv0GKI37ZrbV9/REKStTWXN/20lDEXFm6Z+v0i12aB4CAKDR9+n45/lm479SPNRQ7n/ZGspARPw/Ig5ExAMRcTAiHoyolX04Ih5ps/61KyTrxz+la1sKbJPS8d9L2drW7eO/fPQXA+Ust78WfyU5OzM7fSw7JsNR6UvzYxvU8cOrv33Ral/j+C/d0vrzsWDWjms9aybopiYWJrYTc6Prn0YM9jSLP4l8GSeJiEMRMbjFOmae/eZwq313jn8DHVhnqn4d8Uz9/C/FmvhzScv1ybEXT42fHN0Vs9PHRvOrYr1ffl1+q1X924q/A9Lzv6fp9b8a/0CyK2L+8pXztfXa+fbrWP7j85b3NFu7/mdWG9ebPX40sbBwaSyiN3lj/fPjt16b5/PyafzDR5v3/wNx60g8GhHpRXwkIh6LiMeztj8REU9GxNEN4v/plafebz/+DWblOyiNf+pO5z8az3/7ifL5H79rP/5cev5P1FLD2TObef/bbAO3c+wAAADgv6JU+w58UhpZTZdKIyP17/AfjD1LMTe/8NzZuQ8vTtW/Kz8QlVI+09XfMB86ls0N5/nxNfnj2bzxl+XdtfzI5NzsVLeDh4Lb26L/p/4sd7t1wI7zey0oLv0fikv/h+LS/6G49H8ormb9/5MutAO4+3z+Q3Hp/1Bc+j8Ul/4PhdTyt/Glbf3kf7uJpBuVSrSTiNI90Yz7P9Gz6X9mscVEX9Nd3X5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Ix/AwAA//+UFuN0")
chdir(&(0x7f0000000080)='./file0\x00')
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f00000003c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r4, 0x4c04, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, 0x1718, 0x0, 0x12, 0x0, 0xc, "ef359f413bb93852f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a4b78c660e677df701908b9aaa3f6a00400", "036c47c6780820d1cbf7896de1fdcf335263bdbcef0100a197fce47ddfdd753abd9501ce721b6ae9b49600002a000000000000000000000000000018c900", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x0, 0x2]})
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x10)
io_setup(0x9, &(0x7f0000000b80)=<r7=>0x0)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xb5ae}]})
io_getevents(0x0, 0x0, 0x0, 0x0, 0x0)
io_submit(r7, 0x1, &(0x7f00000002c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r8, 0x0}])
recvmmsg(r1, &(0x7f0000000580)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000400)='kfree\x00', r9}, 0x18)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000001c0)={'tunl0\x00', &(0x7f0000000040)={'sit0\x00', 0x0, 0x40, 0x7, 0x97be, 0x7e06, {{0x5, 0x4, 0x3, 0x5, 0x14, 0x66, 0x0, 0x8, 0x2f, 0x0, @private=0xa010102, @broadcast}}}})
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r11 = fcntl$dupfd(r10, 0x0, r10)
setsockopt$IPT_SO_SET_REPLACE(r11, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xc08, 0x3, 0x1e8, 0xc, 0x5002004a, 0xb, 0x310, 0xea02, 0x3d0, 0x3c8, 0x3c8, 0x3d0, 0x3c8, 0x3, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'erspan0\x00', 'ip6tnl0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x248)

1.760938863s ago: executing program 2 (id=1368):
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0b00000007000000d7c900000900000001"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r0, &(0x7f0000000000), &(0x7f0000000880)=""/120}, 0x20)
r3 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r3, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
connect$inet6(r3, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x20}}}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

1.711029474s ago: executing program 2 (id=1369):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r1=>0x0})
sendto$packet(r0, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0x2a, 0x0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local}, 0x14) (fail_nth: 3)

1.648539223s ago: executing program 2 (id=1370):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000c40)=ANY=[@ANYBLOB="000002f0d350dfa4fead756e7e919c73fabf35e7b1056280c7899d90c0fb7b890a2b94258278d2742cf0890ca47d12cdaf088aefa1cae58b9df369725fa3794fac7790192421e3b9ed5ae077a0864292fb63a67fb42b055b4968e9972d024ce17c6d2cc4e756dce768d39ffd9156f5fb000000000000007edc11018cd5eeea2125640dbc72529c73512dea17c31742c2e560cf815187d6d86e5e2746ccb6a9736bd5f2252117a28c8321e2ab286ad1207dd298d1023100000000000000ffe73f80e2123725ec8a33be78bca7932222a88e54852072aefce2a9c900000000000000006f140cb6b23f1ed07663decec4e06ab533223f5008db37cf33e10561737a0800"/272], 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
preadv(r1, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
r2 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r2, 0x84, 0x9, &(0x7f0000000380), 0x98)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=@newtfilter={0x24, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x3, 0xb}, {}, {0x5}}}, 0x24}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="17000000000000000400"], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r4)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000740)={0x34, r5, 0x1, 0x0, 0x0, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0)

1.103122115s ago: executing program 1 (id=1381):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001900)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x4c}}, 0x0)
fcntl$lock(r1, 0x25, &(0x7f0000000000)={0x1})
fcntl$lock(r1, 0x7, &(0x7f0000000440)={0x0, 0x0, 0x8000, 0x8})
fcntl$lock(r1, 0x7, &(0x7f00000006c0))
fcntl$lock(r1, 0x25, &(0x7f0000000180))
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="5176657b82a33458464746a08a79767a2508e12e093c14ed1a5456502db92ac5912075860ed89e15ea22206743e1c99873f69c854f47787b7aa76c9809edfb3523210d48b02c6c34865dfb38897e003c0ad3cef6f3b9d21955bfcee68dcd53d108a41f0ced4c8c18dba000eaaf997ec5e8ed29e6634d6adcc6c8b042d9409b0734a91e1bbd6608ac05bec8cef2cf4ab71a4f6aa434772f4c6d7cda0bdfea767cc1eb243cf9cddb57c8e4eb1034e2af8f8618add8e272eeae1688f91ebfb0a9a1e2b8b1e1cc885e2eedd02a7566"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r5}, 0x10)
syz_emit_ethernet(0x5e, &(0x7f0000003680)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x28, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @loopback={0x1000000, 0x1ff0000aa}, @private1}}}}}}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

964.059406ms ago: executing program 2 (id=1383):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = epoll_create1(0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r3 = socket$packet(0x11, 0x3, 0x300)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000040)={0x2000201e})
ppoll(&(0x7f0000000340)=[{r0}, {r1, 0x2201}], 0x2, 0x0, 0x0, 0x0)
io_setup(0x7, &(0x7f00000000c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x34, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0xffe0}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r7 = fcntl$dupfd(r6, 0x0, r6)
readv(r7, &(0x7f0000000000)=[{&(0x7f0000001140)=""/136, 0x88}], 0x1)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0x9}, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)

893.737816ms ago: executing program 4 (id=1385):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={0x1, <r1=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x19, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000500000000000000590a000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000851000000600000018490000feffffff000000000000000018190000", @ANYRES32=r1, @ANYBLOB="0000000000000000186400000b000000000000000600000018000000c4025d293a8c0641af5100008510000005000007bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000400)='kfree\x00', r2, 0x0, 0x800000000}, 0x18)
timer_create(0x8, 0x0, &(0x7f00000001c0))
timer_delete(0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0)
fcntl$lock(r4, 0x24, &(0x7f0000000140)={0x300, 0x1, 0xffffffffffffff7f, 0xfffffffffffffffc, 0xffffffffffffffff})
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f00000003c0)=<r5=>0x0)
statx(0xffffffffffffff9c, &(0x7f0000000500)='./file0\x00', 0x2000, 0x10, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
fchownat(r4, &(0x7f0000000000)='./file0\x00', r5, r6, 0x100)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'dummy0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}}, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r9}, 0x10)
r10 = epoll_create1(0x0)
r11 = socket$unix(0x1, 0x1, 0x0)
close(r11)
socket$inet6_dccp(0xa, 0x6, 0x0)
setsockopt$sock_int(r11, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r11, &(0x7f0000000080)={0xa002a008})

826.660666ms ago: executing program 4 (id=1387):
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
listen(r1, 0x101)
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r2, 0x0, 0x0)

825.467856ms ago: executing program 4 (id=1389):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, <r0=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x24, 0x24, 0xf0b, 0x4, 0x25dfdbfe, {0x0, 0x0, 0x0, r0, {}, {0x6, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000440)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r0, {0x0, 0xffff}, {}, {0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x4}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x8, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x4}]}]}}]}, 0x44}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r1)
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r5, &(0x7f0000000180)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="3c0000001000370400000000ffffffff00000000", @ANYRES32=r6, @ANYBLOB="0b120500020000001c0012800b00010069703667726500000c00028008000100", @ANYRES32=r6, @ANYBLOB], 0x3c}}, 0x0)
sendmmsg$inet(r4, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @empty, @multicast1}}}], 0x20}}], 0x1, 0x0)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000180)=<r7=>0x0, &(0x7f0000000280)=0x4)
r8 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r8, 0x8933, &(0x7f0000000600)={'team0\x00', <r9=>0x0})
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r9, {}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0xc, 0x2, [@TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x3}]}}]}, 0x3c}}, 0x0)
r11 = socket$inet6(0xa, 0x80002, 0x0)
sendmsg$AUDIT_GET_FEATURE(r10, &(0x7f0000000640)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x10, 0x3fb, 0x10, 0x70bd2c, 0x25dfdbfd, "", ["", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x20040041}, 0x10)
r12 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r12, 0x8933, &(0x7f0000001bc0)={'batadv_slave_1\x00', <r13=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r11, 0x8916, &(0x7f00000003c0)={@loopback, 0x0, r13})
sendmsg$ETHTOOL_MSG_RINGS_GET(r2, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x42094110}, 0xc, &(0x7f0000000380)={&(0x7f0000000a40)={0x23c, r3, 0x2, 0x70bd2b, 0x25dfdbfd, {}, [@HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}]}, @HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @HEADER={0x4}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r13}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x23c}, 0x1, 0x0, 0x0, 0x4040}, 0x40)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)

774.722307ms ago: executing program 4 (id=1390):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008"], 0x48)
mknod(&(0x7f0000000040)='./file0\x00', 0x8000, 0xe02)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c00)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000001a000000000000000000850000001700000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="0600"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000ffff00000000000000000000000000cfb9f6d2d5d3271742bd9b8e886e22f20000000000b5c653b1b9285367a67097f25cda30d0ed153cbef64e761bda3cf55ac145ec84b8ea00081d503d65fefa36366b0989b1b8c35af16ad51db47b27608f36d3c834125dfacc4552717b37df9d653ca8b197e0f9a0b348cee1bd697b061af1618b20a2dbe4d5e1d35699ce9dfebfe521c8e84fd2cad83360267e481006973c37a87116"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r5}, 0x10)
syz_io_uring_setup(0x24f9, &(0x7f0000000180)={0x0, 0x0, 0x10100, 0x0, 0x1000000}, &(0x7f0000000100), 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='rdma.current\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f00000000c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r7, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x0, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r8=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="440000001000010800"/20, @ANYRES32=r8, @ANYBLOB="00000000000000001c002b8008000100", @ANYRES32, @ANYBLOB="080003001900000008000800", @ANYRES32=r1], 0x44}}, 0x0)
r9 = open(&(0x7f0000000000)='./file0\x00', 0x615, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2, 0x11, r9, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRES64=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
r11 = syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000240)='./file1\x00', 0x3200010, &(0x7f0000000c00)=ANY=[], 0x3, 0x7b6, &(0x7f0000000280)="$eJzs3U1sHGf5APBn/Leb1JWiqn9UoihNJ0mREhHc3XXrYvVQtuuxM629a3bXKDmgtmqcKor7oVYVNAdKLi0gEOLEsfRa9cINxAGJA3BCogcuHJAq9YSKBBICISSjmd2NP7Jr58tJP36/VfZ9d+aZd96Zncyzs96ZCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgksZcpVJNYjFvrpxJR2vMtVtLO4wftPfrLcUO841Iin+xf38c7A06+IWN0fcXT8ficO/V4dhfFPvj0j333/v4/4+PDabfoUM36ug1xiUR3y06dfG5tbXVV/egI7fRD3513ZP8e714XsiaeaeVL9UXsjTvtNLZmZnKw6fnO+l8vph1zna62VLaaGf1bqudnmicTKuzs9NpNnW2tdJcmKsvZoOBj32lVqnMpE9NLWf1dqfVfPipqU7jdL64mDcXypha5VtRxDxWbIhP5920m9WX0vT8hbXV6d26WgRVtwzZt2XDOfzQvR+9/uE/LqwWG+SoRpL+hlmrVmu16syjs48+VqmM1yq1rQMq28SViBiLKCL2ZKPlU+TW7bzhJo31838sRh7NWIkzkUYaY+XzxmMi9sdctKMVS8XrP01sG39V/v/Sw3/7w07z3Zz/B1n+4MboQ1Hm/yO9V0dG5P9ip7y9H3v3aL7f683mYa/FG3EpLsZzsRZrsRqv3sb+3NBj7Na2txBZNCOPfRGRx1LUyyFp5NGJVqQxGzMxE5V4Jk7HfHQijfnIYzGy6MTZ6EQ3snKLakQ7sqhHN1rRjjRORCNORhrVmI3ZmI40spiKs9GKlWjGQsxFvWzlfFwo1/v0tn7d/51nf/nCHz96p6hfCarusCBJ8WGuCPr7DkH9ZP5g3ED+H0TI/581+/v7rGuNv5W7b7gp62X+H7/T3QAAAAD2UFJ++55ExEQ8UNbm86/f6U4BAAAAt1T5u+bDRTFR1B6IZD5fzCpDIj+47X0DAAAAbo2kPMcuiYjJeLBXG5wuNexLAAAAAOBTqPz7/5GimIx4sxzg+B8AAAA+Y7436hr7H97Vv0ZvZ3lf8n/96OUzDyUv1ota/cX+sH7xjSstducPJQf6jZTFzPile5KIGG9kh5PB1S//u69Xflw+H9q4AOGoa/0n7fZEcnl0B2LnDpSv4odxtBdz9FyvPDcY05vL5Hy+mE01WouPV5P+lyPd11+68O2IYu7fby4dSOL8hbXVqedfXjtX9uVy0crlF/uXh0+uoy/r/TUQDwxf4onyRIz+fCd7861sXv6x3uRjO88z2TzPt+JYL+bYZK+c3Lr8+4t5Vqcer0a9fmCsm53pvr6+aen7vaje5JK/Fcd7McdPHO8VQ3pR29KLl67uRW1zL65tXVxzL945+uaZf/62lWTTu/Vi+iZ7AXCnnC+v+rORhe4us9B/1nuK/L8t7949mPJ69nLnNz5lDKbflOvG47qy+yDZDNmjn+jFnOh9nhg/NCSvVIbs0V+58Mrv+nv0R9776c++eeT3P7/x7PZenOzF9Iu47zcjcmyxzD/allXfLaZ4d8R8i5e1JCZ6907YGL36wupLtdr0TOWRSuXRWkyUHxX6hdwDwBC73mPnGu7C88jwo+oYZLz7rvykYCqej5djLc7FqfJsg4h4cHirk5t+hnBql6PWyU13eDm187HlwY3TG2rbY/cdT2JEu9Ob1tgXf1IW/9q79wQA9tqxXfLwteT/U7scd2/N5Sd7N84dHB3H6Fw+zFf3eoUAwOdA1v44mey+nbTb+fIz1dnZar17OkvbrcbTaTufW8jSvNnN2o3T9eZCli63W91WY/DF8VzWSTsry8utdjedb7XT5VYnP1Pe+T3t3/q9ky3Vm9280VlezOqdLG20mt16o5vO5Z1Gurzy5GLeOZ21y4k7y1kjn88b9W7eaqad1kq7kU2laSfLNgXmc1mzm8/nRbWZLrfzpXr7ckQsrixl6VzWabTz5W6r1+BgXnlzvtVeKpudunrx/3q71zcAfBK89sali8+tra2+urWynmwfMrzy5zcuXRz8iX5kcMT6HV5KAGCzzVkaAAAAAAAAAAAAAAD4ZLr6dL1i6G6n/W2pTMR1BG+r7Bt91uDnsvLl93tvy61o8GbauXvLe3pXf2O58+vnuivPPvHExVExT7558PRfsojd2xn+P2XYqa5vH4i46xc/7g352u1a0g+itxQxfl2Tryc7xNyxXRIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjPS/AAAA//8zP0xn")
openat(r11, &(0x7f0000000a40)='./file0\x00', 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r9, 0xc018937b, &(0x7f0000000ac0)={{0x1, 0x1, 0x18, r0, {0xee00, 0xee01}}, './file0\x00'})
r12 = getuid()
setreuid(0xee00, r12)
r13 = socket$unix(0x1, 0x2, 0x0)
getsockopt$sock_cred(r13, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r14=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0xee01, r14, 0xffffffffffffffff)

710.321057ms ago: executing program 4 (id=1391):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000080)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000180)="aabbcc", 0x3}], 0x1}}, {{&(0x7f00000001c0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x18, &(0x7f0000000200)=[{&(0x7f0000000240)="aabbcc", 0x3}], 0x1}}], 0x2, 0x0)

681.632857ms ago: executing program 4 (id=1392):
socket$igmp6(0xa, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020800000100000000000001000000000100140003"], 0x18}}, 0x0)
io_setup(0x409, &(0x7f0000000600)=<r0=>0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0))
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
io_submit(r0, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000000c0)="01", 0x24}])
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000008e1c0100000000000000"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x18)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x80350, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r4, 0x545c, 0x0)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x0)
perf_event_open(&(0x7f0000000a00)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4, 0xb2321, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x0, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000b80)={'full', 0x20, 0x9, 0x20, 0x45be}, 0x2f)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xc, 0x4, &(0x7f0000001740)=ANY=[@ANYBLOB="b4050000200080006110a20000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b685b431c70ea948259c4c869b4fc8db714e4b94bdae214fa68a055ca683a4b6fc89008f2b9000f224891060017c4700de60beac671e8e8fdecb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c5907dcff414ed55b0d18a93ee341ab59016f81860324b800c00000000000092d9c5fe3476460a61ffcb3363073fd8962823ee4575d7394e9510f4a801efdf008499d7aca1afac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1fef7dac600"/319], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x1}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x49)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000040)={0x1b, 0x0, 0x0, 0x9, 0x0, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x9, 0x0, r6, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x40000000, 0x3, 0x0, @void, @value, @void, @value}, 0x50)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
r9 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r9, 0x84, 0x14, &(0x7f0000000100)=@assoc_value={<r10=>0x0}, &(0x7f0000000980)=0x59)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r8, 0x84, 0x75, &(0x7f0000000000)={r10, 0x401}, 0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000380)={<r11=>r10, 0xe, "d5ffbd58fa5e4ec172e8ce71bb85"}, &(0x7f00000003c0)=0x16)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000000340)={r7, 0x0, 0x20000000}, 0x20)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000700000000000000", @ANYRES32, @ANYRESHEX=r11, @ANYRES16=r5, @ANYRESHEX=r10, @ANYBLOB="01000000050000000500000000050000000000000000000000000000aa31b6a97b431d7366ad5be11d49ed3311612cf133861366ded940dd40fb6e53038c7503a9c69c7af8cd93e04192b378714d460886371aa2efc54e2d59c257755a1e23c21e8c2ce0ad8d3d09c7b73026bc5d34efc2f5a4a5560fa97e16cef881f3225e5d91e99e16a8"], 0x50)
r12 = syz_open_dev$usbfs(&(0x7f0000000480), 0xc, 0x141341)
ioctl$USBDEVFS_IOCTL(r12, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r12, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

650.363087ms ago: executing program 1 (id=1394):
socket$igmp6(0xa, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020800000100000000000001000000000100140003"], 0x18}}, 0x0)
io_setup(0x409, &(0x7f0000000600)=<r0=>0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0))
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
io_submit(r0, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000000c0)="01", 0x24}])
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000008e1c0100000000000000"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x18)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x80350, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r4, 0x545c, 0x0)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x0)
perf_event_open(&(0x7f0000000a00)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4, 0xb2321, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x0, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000b80)={'full', 0x20, 0x9, 0x20, 0x45be}, 0x2f)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xc, 0x4, &(0x7f0000001740)=ANY=[@ANYBLOB="b4050000200080006110a20000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b685b431c70ea948259c4c869b4fc8db714e4b94bdae214fa68a055ca683a4b6fc89008f2b9000f224891060017c4700de60beac671e8e8fdecb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c5907dcff414ed55b0d18a93ee341ab59016f81860324b800c00000000000092d9c5fe3476460a61ffcb3363073fd8962823ee4575d7394e9510f4a801efdf008499d7aca1afac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1fef7dac600"/319], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x1}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x49)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000040)={0x1b, 0x0, 0x0, 0x9, 0x0, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x9, 0x0, r6, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x40000000, 0x3, 0x0, @void, @value, @void, @value}, 0x50)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
r9 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r9, 0x84, 0x14, &(0x7f0000000100)=@assoc_value={<r10=>0x0}, &(0x7f0000000980)=0x59)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r8, 0x84, 0x75, &(0x7f0000000000)={r10, 0x401}, 0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000380)={<r11=>r10, 0xe, "d5ffbd58fa5e4ec172e8ce71bb85"}, &(0x7f00000003c0)=0x16)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000000340)={r7, 0x0, 0x20000000}, 0x20)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000700000000000000", @ANYRES32, @ANYRESHEX=r11, @ANYRES16=r5, @ANYRESHEX=r10, @ANYBLOB="01000000050000000500000000050000000000000000000000000000aa31b6a97b431d7366ad5be11d49ed3311612cf133861366ded940dd40fb6e53038c7503a9c69c7af8cd93e04192b378714d460886371aa2efc54e2d59c257755a1e23c21e8c2ce0ad8d3d09c7b73026bc5d34efc2f5a4a5560fa97e16cef881f3225e5d91e99e16a8"], 0x50)
r12 = syz_open_dev$usbfs(&(0x7f0000000480), 0xc, 0x141341)
ioctl$USBDEVFS_IOCTL(r12, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r12, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

456.662198ms ago: executing program 0 (id=1396):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000072000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
msgrcv(0x0, &(0x7f00000003c0)={0x0, ""/171}, 0xb3, 0x2, 0x2800)

456.366768ms ago: executing program 0 (id=1397):
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0b00000007000000d7c900000900000001"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r0, &(0x7f0000000000), &(0x7f0000000880)=""/120}, 0x20)
r3 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r3, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
connect$inet6(r3, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x20}}}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

437.427608ms ago: executing program 0 (id=1398):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000200"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./bus\x00', 0x1200040, &(0x7f0000000140)=ANY=[@ANYBLOB="757466383d312c73686f72746e616d653d77696e6e742c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c757466383d312c696f636861727365743d63703433372c73686f72746e616d653d77696e39352c756e695f786c6174653d312c757466383d302c757466383d302c6e66732c0034003fc9cd02a9"], 0x3, 0x377, &(0x7f00000002c0)="$eJzs3UFom+UbAPAn/dKm/bP924MgCsKnN0HLNgXRix2jg2EuU8LUgxjcptLUwYrB7tCsXsSj4FFP3jzowcNuXgRFdvPg1QkyFQ+628CxT77kS/KlSWqZdLP4+x3Cs/d9nvd9v+Rl+ZqSt6+uxNrZ2Th/48b1mJ+vRHXlxErcrMRSJNF3OcbNTWgDAA6Gm1kWf2Q9EV/upaSy/6sCAPZT9/3/9cOllne/3i0/8+4PAAde8fP/Qrkt2ZEzP634wr4tCwDYR6Of/0fEI2MppV/1V8fuDQCAg+eFl15+7ng94vk0nY9Yf6/daDfimWH/8fPxZrTiXByJxbgV0btRyB8q3ceTp+qrR9I07cTPS9HIK9qNiPVOu9G7UziedOtrcTQWY6moL+42sixLTn5RXz2adkXE5U53/livtBuzsVDM/8P/4lwcizTuG6uPOFVfPZYWAzTW+/WzEdvDzy3y9S/HYnz3WlyIVpyNvLZ/W1Nf3Tqapiey+qHKsL7TbtS6eT1TPwEBAAAAAAAAAAAAAAAAAAAAAIA7spwOLA3Oz8mG5/csL0/o756P06svzgfa7p0PlNWyyLLf33m88X4SI+cD7Tifp9NuVGPm3l46AAAAAAAAAAAAAAAAAAAA/GtsbM5Fs9U6d3Fj89JaOehc3NiciYi85a1vP/tqIUZzFooBRqtGgmqRUupKh1VZ0k/OkpGcIkjyySvVXsunVwYrLufUBlcxcRm16V2t1uGHf/po2PJQ0h/59jAniYnXdSnZsYxysP7/3pKmPy27BMf+JudalmXTyrdeGa+KSkR16lLvMMjy4JvrbzzwxEZ/E2Q9jz62eObah5/8utZs5TPnWq25ixu3srVm8e/Jm216kJT2T6XYbJXyTqg2n7x9+tCUkbdHW5rJ97+9+OAHV4uWmd1fpuzM1WHL2xNykt6kn+/smusF+TIHXc/mQf4cjY8zO2HzTwqein/0wt3/8UrzytaPv+y1qvSfhIM6AAAAAAAAAAAAAAAAAADgrih9V7xQfNl3dreqp0/v/8oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4O4Z/v3/QRAz2zta9hb82Yl+y5nod9XyAWOuNOPSPbxaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+q/4KAAD//1UBZGs=")
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x3d}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x7d}, @exit={0x95, 0x0, 0x33}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xb8000000, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={r2, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)

420.202068ms ago: executing program 0 (id=1399):
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
listen(r1, 0x101)
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r2, 0x0, 0x0)

336.437278ms ago: executing program 0 (id=1400):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e000000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000002640)=""/4096, 0x1000}, {&(0x7f0000000700)=""/167, 0xa7}], 0x2}, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000040000000804001b05bfdc6f6b559400", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)

247.575828ms ago: executing program 0 (id=1401):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d00000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
fcntl$lock(r0, 0x25, &(0x7f0000000000)={0x1})
fcntl$lock(r0, 0x7, &(0x7f0000000440)={0x0, 0x0, 0x8000, 0x8})
fcntl$lock(r0, 0x25, 0x0)

0s ago: executing program 2 (id=1402):
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000000)='./bus\x00', 0xa00a14, &(0x7f0000000080)=ANY=[], 0x1, 0x342, &(0x7f00000012c0)="$eJzs3M9LI2cYwPEnMeaXmHgoLS0UX9pL28Ogac+FUBRKAxU1pVoojDppQ6aJZIIlpVR76rX0P+ilB5GevAnt/gNe9rZ72cvevCzsYWWRnSXzQydxEmM0JK7fD8g8mfd5J++LRp4Z8r4n3/75U6VkaSW9IdGkkoiIyKnIjETFF/GOUSeOS9CefDz1/NH7K2vrX+ULhYVlpRbzq5/mlFKZ2f9+/jXlpR0l5Hjm+5NnuafHbx+/e/Jq9ceypcqWqtYaSlcbtScNfcM01FbZqmhKLZmGbhmqXLWMuttec9tLZm17u6n06tZ0ertuWJbSq01VMZqqUVONelPpP+jlqtI0TU2nJUw89Ox9VdxfXtbzA3bevOXBYFAvbdvu0WxH8vqEiKQutRT3hzouAAAwljrq/wmnpB+o/peMU/+3ki/q/4MPHjSmvjnMePX/UTys/v/ssXOphIhc1P9JEblZ/Z9sn2kyZPaXK6I7b/c6yTeq/zEeZgOfyImwhHo9r6e9z6/j9+8O5pyA+h8AAAAAAAAAAAAAAAAAAAAAgLvg1Laztm1n/aP388lFhntulGPE8HT5/WcT3oop//Wox4nhWFlbl6SzcC+WETH/2CnuFN2ju5BsxU+ck6ycOX8PnlbsrzxSLTPyv7nr9d/dKbpLkfIlKYsphsz7q4+C/W178cvCwrxytfeflHSwf06y8lbn+7v9c6H94/LRh4H+mmTl4abUxJSt1ijO7PP+v80r9cXXhY7+KScPAAAAAIA3gabOhd6/a1q3drf/+f11+/MBkcD9+Vzo/Xks+15stHMHAAAAAOC+sJq/VHTTNOo9gpRcneMHe94DgL6SnSDW55U7gsleOcFtUNuaZK/rlOPeDsHXG0b3wN9buK9k/4sUlXigKSl/e6cHGYY//1uaTkcQ7W9eHcGs2Al3VDd5d/+xUbecf5eGMuVAEOvS9M5f/7wY7MoRb5/tYNPnh8krZjq0YLKvfx526HbDAAAAAMaUX/SnLOdlZNTjAQAAAAAAAAAAAAAAAAAAAAAAAAAAAADgPuqxDVis7z3DYr1zRj1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYFy8DgAA///bZv5M")
creat(&(0x7f0000000240)='./bus\x00', 0x1a)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x8, &(0x7f00000002c0)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit, @alu={0x7, 0x1, 0xb, 0x0, 0x0, 0x1, 0x1}]}, &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001540)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000e12020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000006fd6850000002d000000850000002300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
unshare(0x22020600)

kernel console output (not intermixed with test programs):

638][ T5323] FAT-fs (loop2): Directory bread(block 69) failed
[   65.462920][ T5323] FAT-fs (loop2): Directory bread(block 70) failed
[   65.469620][ T5323] FAT-fs (loop2): Directory bread(block 71) failed
[   65.478692][ T5323] FAT-fs (loop2): Directory bread(block 72) failed
[   65.485292][ T5323] FAT-fs (loop2): Directory bread(block 73) failed
[   65.525383][ T5331] xt_CT: You must specify a L4 protocol and not use inversions on it
[   65.594233][ T5342] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=5342 comm=syz.2.633
[   65.602617][ T5334] __nla_validate_parse: 12 callbacks suppressed
[   65.602635][ T5334] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.629'.
[   65.655243][ T5346] loop2: detected capacity change from 0 to 128
[   65.817568][ T5353] loop2: detected capacity change from 0 to 512
[   65.824446][ T5353] EXT4-fs: Ignoring removed oldalloc option
[   65.831367][ T5353] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   65.843243][ T5353] EXT4-fs (loop2): 1 truncate cleaned up
[   65.849588][ T5353] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   65.878674][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.979358][ T5358] loop3: detected capacity change from 0 to 256
[   65.998516][ T5358] FAT-fs (loop3): Directory bread(block 64) failed
[   66.005486][ T5358] FAT-fs (loop3): Directory bread(block 65) failed
[   66.012140][ T5358] FAT-fs (loop3): Directory bread(block 66) failed
[   66.019055][ T5358] FAT-fs (loop3): Directory bread(block 67) failed
[   66.025868][ T5358] FAT-fs (loop3): Directory bread(block 68) failed
[   66.032491][ T5358] FAT-fs (loop3): Directory bread(block 69) failed
[   66.039269][ T5358] FAT-fs (loop3): Directory bread(block 70) failed
[   66.045924][ T5358] FAT-fs (loop3): Directory bread(block 71) failed
[   66.052600][ T5358] FAT-fs (loop3): Directory bread(block 72) failed
[   66.059253][ T5358] FAT-fs (loop3): Directory bread(block 73) failed
[   66.208551][ T5373] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=5373 comm=syz.1.645
[   66.246705][ T5375] bond1: entered promiscuous mode
[   66.251844][ T5375] bond1: entered allmulticast mode
[   66.264048][ T5375] 8021q: adding VLAN 0 to HW filter on device bond1
[   66.280637][ T5375] bond1 (unregistering): Released all slaves
[   66.342605][ T5384] rdma_op ffff88810222c980 conn xmit_rdma 0000000000000000
[   66.353408][ T5384] 9pnet_fd: p9_fd_create_tcp (5384): problem connecting socket to 127.0.0.1
[   66.394050][ T5386] ebtables: ebtables: counters copy to user failed while replacing table
[   66.420273][ T5386] netlink: 4 bytes leftover after parsing attributes in process `syz.1.651'.
[   66.658191][ T5409] xt_CT: You must specify a L4 protocol and not use inversions on it
[   66.843325][ T5426] rdma_op ffff88810222c580 conn xmit_rdma 0000000000000000
[   66.862469][ T5426] 9pnet_fd: p9_fd_create_tcp (5426): problem connecting socket to 127.0.0.1
[   66.871936][ T5426] netlink: 'syz.0.668': attribute type 10 has an invalid length.
[   66.993894][ T5433] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   67.015182][ T5441] bond1: entered promiscuous mode
[   67.020309][ T5441] bond1: entered allmulticast mode
[   67.025876][ T5441] 8021q: adding VLAN 0 to HW filter on device bond1
[   67.037842][ T5441] bond1 (unregistering): Released all slaves
[   67.048174][ T5433] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   67.097216][ T5433] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   67.156910][ T5433] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   67.180051][ T5447] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.675'.
[   67.190474][ T5444] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.675'.
[   67.211715][ T5433] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   67.223492][ T5433] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   67.235233][ T5433] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   67.247215][ T5433] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   67.270516][ T5451] netlink: 4 bytes leftover after parsing attributes in process `syz.0.678'.
[   67.332815][ T5460] rdma_op ffff888115f62980 conn xmit_rdma 0000000000000000
[   67.343706][ T5460] 9pnet_fd: p9_fd_create_tcp (5460): problem connecting socket to 127.0.0.1
[   67.352949][ T5460] netlink: 'syz.1.680': attribute type 10 has an invalid length.
[   67.405920][ T5470] loop3: detected capacity change from 0 to 512
[   67.417510][ T5470] EXT4-fs: Ignoring removed oldalloc option
[   67.424575][ T5470] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   67.444547][ T5472] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=5472 comm=syz.1.684
[   67.457518][ T5470] EXT4-fs (loop3): 1 truncate cleaned up
[   67.463788][ T5470] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.526879][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.617685][ T5485] hub 2-0:1.0: USB hub found
[   67.622429][ T5485] hub 2-0:1.0: 8 ports detected
[   67.641720][ T5491] FAULT_INJECTION: forcing a failure.
[   67.641720][ T5491] name failslab, interval 1, probability 0, space 0, times 0
[   67.642331][ T5490] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   67.654504][ T5491] CPU: 0 UID: 0 PID: 5491 Comm: syz.4.690 Not tainted 6.12.0-rc6-syzkaller-00279-gde2f378f2b77 #0
[   67.668771][ T5490] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   67.673538][ T5491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   67.673556][ T5491] Call Trace:
[   67.673563][ T5491]  <TASK>
[   67.697671][ T5491]  dump_stack_lvl+0xf2/0x150
[   67.702355][ T5491]  dump_stack+0x15/0x20
[   67.706561][ T5491]  should_fail_ex+0x223/0x230
[   67.711342][ T5491]  ? audit_log_start+0x34c/0x6b0
[   67.716526][ T5491]  should_failslab+0x8f/0xb0
[   67.721129][ T5491]  kmem_cache_alloc_noprof+0x4c/0x290
[   67.726679][ T5491]  audit_log_start+0x34c/0x6b0
[   67.731549][ T5491]  audit_seccomp+0x4b/0x130
[   67.736088][ T5491]  __seccomp_filter+0x6fa/0x1180
[   67.741070][ T5491]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   67.746721][ T5491]  ? vfs_write+0x596/0x920
[   67.751169][ T5491]  ? __schedule+0x6fa/0x930
[   67.755690][ T5491]  __secure_computing+0x9f/0x1c0
[   67.760717][ T5491]  syscall_trace_enter+0xd1/0x1f0
[   67.765771][ T5491]  do_syscall_64+0xaa/0x1c0
[   67.770354][ T5491]  ? clear_bhb_loop+0x55/0xb0
[   67.775043][ T5491]  ? clear_bhb_loop+0x55/0xb0
[   67.779735][ T5491]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.785726][ T5491] RIP: 0033:0x7fa544c9e719
[   67.790182][ T5491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.809928][ T5491] RSP: 002b:00007fa5438f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000001f
[   67.818474][ T5491] RAX: ffffffffffffffda RBX: 00007fa544e56058 RCX: 00007fa544c9e719
[   67.826455][ T5491] RDX: 0000000020000500 RSI: 000000000000000e RDI: 0000000000000000
[   67.834525][ T5491] RBP: 00007fa5438f6090 R08: 0000000000000000 R09: 0000000000000000
[   67.842606][ T5491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.850587][ T5491] R13: 0000000000000000 R14: 00007fa544e56058 R15: 00007ffd9306aff8
[   67.858573][ T5491]  </TASK>
[   67.871538][ T5493] rdma_op ffff8881155c7980 conn xmit_rdma 0000000000000000
[   67.932976][ T5495] netlink: 'syz.2.691': attribute type 10 has an invalid length.
[   68.385105][ T5497] net_ratelimit: 1 callbacks suppressed
[   68.385122][ T5497] ebtables: ebtables: counters copy to user failed while replacing table
[   68.416047][ T5497] netlink: 4 bytes leftover after parsing attributes in process `syz.0.692'.
[   68.586981][ T5522] bpf_get_probe_write_proto: 14 callbacks suppressed
[   68.586998][ T5522] syz.1.701[5522] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   68.593850][ T5522] syz.1.701[5522] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   68.607214][ T5522] syz.1.701[5522] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   68.704533][ T5525] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.702'.
[   68.725256][ T5493] 9pnet_fd: p9_fd_create_tcp (5493): problem connecting socket to 127.0.0.1
[   68.756000][ T5524] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.702'.
[   68.811775][ T5534] xt_CT: You must specify a L4 protocol and not use inversions on it
[   68.877293][   T29] kauditd_printk_skb: 572 callbacks suppressed
[   68.877312][   T29] audit: type=1326 audit(1731218156.767:3955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5542 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84eee2e719 code=0x7ffc0000
[   68.895869][ T5537] hub 2-0:1.0: USB hub found
[   68.916903][   T29] audit: type=1326 audit(1731218156.767:3956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5542 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84eee2e719 code=0x7ffc0000
[   68.922342][ T5537] hub 2-0:1.0: 8 ports detected
[   68.942971][   T29] audit: type=1326 audit(1731218156.767:3957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5542 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f84eee2e719 code=0x7ffc0000
[   68.943079][   T29] audit: type=1326 audit(1731218156.767:3958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5542 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84eee2e719 code=0x7ffc0000
[   68.994801][   T29] audit: type=1326 audit(1731218156.767:3959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5542 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f84eee2e719 code=0x7ffc0000
[   69.018148][   T29] audit: type=1326 audit(1731218156.767:3960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5542 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84eee2e719 code=0x7ffc0000
[   69.041493][   T29] audit: type=1326 audit(1731218156.767:3961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5542 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f84eee2e719 code=0x7ffc0000
[   69.064779][   T29] audit: type=1326 audit(1731218156.767:3962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5542 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84eee2e719 code=0x7ffc0000
[   69.088205][   T29] audit: type=1326 audit(1731218156.767:3963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5542 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f84eee2e719 code=0x7ffc0000
[   69.111477][   T29] audit: type=1326 audit(1731218156.767:3964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5542 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84eee2e719 code=0x7ffc0000
[   69.145849][ T5547] bond1: entered promiscuous mode
[   69.150923][ T5547] bond1: entered allmulticast mode
[   69.156285][ T5547] 8021q: adding VLAN 0 to HW filter on device bond1
[   69.166832][ T5547] bond1 (unregistering): Released all slaves
[   69.197201][ T5549] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.711'.
[   69.206848][ T5545] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.711'.
[   69.409812][ T5553] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.466740][ T5553] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.536585][ T5553] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.596557][ T5553] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.652612][ T5553] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.665303][ T5553] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.678261][ T5553] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.690113][ T5553] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.792481][ T5572] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=5572 comm=syz.4.720
[   69.799680][ T5574] syz.2.723[5574] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   69.810011][ T5574] syz.2.723[5574] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   69.834432][ T5574] syz.2.723[5574] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   69.874511][ T5574] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=5574 comm=syz.2.723
[   69.920459][ T5581] loop4: detected capacity change from 0 to 512
[   69.922810][ T5585] rdma_op ffff88811749e180 conn xmit_rdma 0000000000000000
[   69.944946][ T5581] EXT4-fs: Ignoring removed oldalloc option
[   69.951521][ T5581] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   69.958357][ T5583] ebtables: ebtables: counters copy to user failed while replacing table
[   69.964263][ T5581] EXT4-fs (loop4): 1 truncate cleaned up
[   69.977679][ T5581] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.996129][ T5583] IPVS: Error joining to the multicast group
[   70.004136][ T5592] netlink: 'syz.2.728': attribute type 10 has an invalid length.
[   70.033997][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.068853][ T5596] syz.4.730[5596] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   70.068906][ T5596] syz.4.730[5596] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   70.080734][ T5596] syz.4.730[5596] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   70.109202][ T5596] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=5596 comm=syz.4.730
[   70.150781][ T5599] hub 2-0:1.0: USB hub found
[   70.159907][ T5599] hub 2-0:1.0: 8 ports detected
[   70.195503][ T5598] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.246826][ T5598] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.296502][ T5598] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.356956][ T5598] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.598803][ T5604] loop3: detected capacity change from 0 to 512
[   70.606970][ T5604] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.733: bg 0: block 35: padding at end of block bitmap is not set
[   70.621481][ T5604] EXT4-fs (loop3): Remounting filesystem read-only
[   70.628194][ T5604] EXT4-fs (loop3): 1 truncate cleaned up
[   70.634371][ T5604] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.646562][ T5604] SELinux: (dev loop3, type ext4) getxattr errno 5
[   70.653549][ T5604] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.755594][ T5585] 9pnet_fd: p9_fd_create_tcp (5585): problem connecting socket to 127.0.0.1
[   70.917188][ T5620] loop2: detected capacity change from 0 to 512
[   70.923805][ T5620] EXT4-fs: Ignoring removed oldalloc option
[   70.930687][ T5620] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   70.941332][ T5620] EXT4-fs (loop2): 1 truncate cleaned up
[   70.947775][ T5620] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.977337][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.018094][ T5625] loop4: detected capacity change from 0 to 256
[   71.024915][ T5627] syz.2.742[5627] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   71.045742][ T5625] FAT-fs (loop4): Directory bread(block 64) failed
[   71.067601][ T5627] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=5627 comm=syz.2.742
[   71.081331][ T5625] FAT-fs (loop4): Directory bread(block 65) failed
[   71.089060][ T5625] FAT-fs (loop4): Directory bread(block 66) failed
[   71.098058][ T5625] FAT-fs (loop4): Directory bread(block 67) failed
[   71.104745][ T5625] FAT-fs (loop4): Directory bread(block 68) failed
[   71.111460][ T5625] FAT-fs (loop4): Directory bread(block 69) failed
[   71.118089][ T5625] FAT-fs (loop4): Directory bread(block 70) failed
[   71.131343][ T5625] FAT-fs (loop4): Directory bread(block 71) failed
[   71.139573][ T5625] FAT-fs (loop4): Directory bread(block 72) failed
[   71.152715][ T5625] FAT-fs (loop4): Directory bread(block 73) failed
[   71.273903][ T5598] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.304326][ T5598] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.316930][ T5598] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.328599][ T5598] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.346808][ T5645] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   71.367527][ T5645] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   71.387627][ T5648] hub 2-0:1.0: USB hub found
[   71.392885][ T5648] hub 2-0:1.0: 8 ports detected
[   71.420213][ T5650] ebtables: ebtables: counters copy to user failed while replacing table
[   71.421260][ T5656] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.449438][ T5650] __nla_validate_parse: 1 callbacks suppressed
[   71.449457][ T5650] netlink: 4 bytes leftover after parsing attributes in process `syz.0.752'.
[   71.467585][ T5650] IPVS: Error joining to the multicast group
[   71.479371][ T5656] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.542382][ T5661] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=5661 comm=syz.3.755
[   71.576468][ T5656] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.626564][ T5656] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.642592][ T5670] loop3: detected capacity change from 0 to 512
[   71.650554][ T5670] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.759: bg 0: block 35: padding at end of block bitmap is not set
[   71.665070][ T5670] EXT4-fs (loop3): Remounting filesystem read-only
[   71.671656][ T5670] EXT4-fs (loop3): 1 truncate cleaned up
[   71.677866][ T5670] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.690013][ T5670] SELinux: (dev loop3, type ext4) getxattr errno 5
[   71.697250][ T5670] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.987455][ T5684] ebtables: ebtables: counters copy to user failed while replacing table
[   71.989069][ T5688] bond1: entered promiscuous mode
[   72.001043][ T5688] bond1: entered allmulticast mode
[   72.006918][ T5688] 8021q: adding VLAN 0 to HW filter on device bond1
[   72.018486][ T5688] bond1 (unregistering): Released all slaves
[   72.028004][ T5684] netlink: 4 bytes leftover after parsing attributes in process `syz.3.765'.
[   72.038664][ T5684] netlink: 28 bytes leftover after parsing attributes in process `syz.3.765'.
[   72.138976][ T5702] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.176394][ T5702] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.226810][ T5702] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.266815][ T5702] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.310651][ T5702] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.322117][ T5702] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.333197][ T5702] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.344991][ T5702] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.418668][ T5711] loop4: detected capacity change from 0 to 512
[   72.430775][ T5711] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.773: bg 0: block 35: padding at end of block bitmap is not set
[   72.449009][ T5711] EXT4-fs (loop4): Remounting filesystem read-only
[   72.455799][ T5711] EXT4-fs (loop4): 1 truncate cleaned up
[   72.461868][ T5711] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.475959][ T5711] SELinux: (dev loop4, type ext4) getxattr errno 5
[   72.482959][ T5711] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.550164][ T5716] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.773'.
[   72.561587][ T5711] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.773'.
[   72.593631][ T5718] xt_CT: You must specify a L4 protocol and not use inversions on it
[   72.630964][ T5720] ebtables: ebtables: counters copy to user failed while replacing table
[   72.669384][ T5720] netlink: 4 bytes leftover after parsing attributes in process `syz.4.776'.
[   72.680261][ T5720] netlink: 28 bytes leftover after parsing attributes in process `syz.4.776'.
[   72.731844][ T5728] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=5728 comm=syz.4.778
[   72.791081][ T5734] netlink: 8 bytes leftover after parsing attributes in process `syz.4.781'.
[   72.805375][ T5734] loop4: detected capacity change from 0 to 764
[   72.812002][ T5734] iso9660: Unknown parameter ''
[   72.843174][ T5741] loop4: detected capacity change from 0 to 128
[   72.976572][ T5748] bond1: entered promiscuous mode
[   72.981676][ T5748] bond1: entered allmulticast mode
[   72.988584][ T5748] 8021q: adding VLAN 0 to HW filter on device bond1
[   73.000396][ T5748] bond1 (unregistering): Released all slaves
[   73.009253][ T5751] ebtables: ebtables: counters copy to user failed while replacing table
[   73.037429][ T5751] netlink: 4 bytes leftover after parsing attributes in process `syz.4.788'.
[   73.047974][ T5751] netlink: 28 bytes leftover after parsing attributes in process `syz.4.788'.
[   73.090529][ T5758] ebtables: ebtables: counters copy to user failed while replacing table
[   73.280784][ T5782] loop3: detected capacity change from 0 to 128
[   73.395761][ T5788] 9pnet_fd: Insufficient options for proto=fd
[   73.403905][ T5788] SELinux:  Context Œ©¿ßXÕ!nzu¼jõ‹8õ)Ä�Lñ4’;S‹ÁÌÅ]Úi^þŠÚE;Ï«TÀ²²Käp€Å *p–5Ô+¶<=N£}ÙowÎ+ is not valid (left unmapped).
[   73.403932][ T5790] bond1: entered promiscuous mode
[   73.422486][ T5790] bond1: entered allmulticast mode
[   73.428093][ T5790] 8021q: adding VLAN 0 to HW filter on device bond1
[   73.440479][ T5790] bond1 (unregistering): Released all slaves
[   73.452954][ T5793] xt_CT: You must specify a L4 protocol and not use inversions on it
[   73.484058][ T5795] ebtables: ebtables: counters copy to user failed while replacing table
[   73.524103][ T5795] IPVS: Error joining to the multicast group
[   73.589223][ T5809] xt_CT: You must specify a L4 protocol and not use inversions on it
[   73.619219][ T5811] loop3: detected capacity change from 0 to 128
[   73.773370][ T5823] loop3: detected capacity change from 0 to 256
[   73.787147][ T5823] FAT-fs (loop3): Directory bread(block 64) failed
[   73.793840][ T5823] FAT-fs (loop3): Directory bread(block 65) failed
[   73.800466][ T5823] FAT-fs (loop3): Directory bread(block 66) failed
[   73.807192][ T5823] FAT-fs (loop3): Directory bread(block 67) failed
[   73.813749][ T5823] FAT-fs (loop3): Directory bread(block 68) failed
[   73.820374][ T5823] FAT-fs (loop3): Directory bread(block 69) failed
[   73.826997][ T5823] FAT-fs (loop3): Directory bread(block 70) failed
[   73.833646][ T5823] FAT-fs (loop3): Directory bread(block 71) failed
[   73.840229][ T5823] FAT-fs (loop3): Directory bread(block 72) failed
[   73.846838][ T5823] FAT-fs (loop3): Directory bread(block 73) failed
[   73.892690][   T29] kauditd_printk_skb: 353 callbacks suppressed
[   73.892707][   T29] audit: type=1326 audit(1731218161.777:4318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5829 comm="syz.3.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32b812e719 code=0x7ffc0000
[   73.923052][ T5826] ebtables: ebtables: counters copy to user failed while replacing table
[   73.924727][ T5830] FAULT_INJECTION: forcing a failure.
[   73.924727][ T5830] name failslab, interval 1, probability 0, space 0, times 0
[   73.932262][   T29] audit: type=1326 audit(1731218161.777:4319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5829 comm="syz.3.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f32b812e719 code=0x7ffc0000
[   73.944114][ T5830] CPU: 0 UID: 0 PID: 5830 Comm: syz.3.815 Not tainted 6.12.0-rc6-syzkaller-00279-gde2f378f2b77 #0
[   73.967446][   T29] audit: type=1326 audit(1731218161.777:4320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5829 comm="syz.3.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32b812e719 code=0x7ffc0000
[   73.978024][ T5830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   73.978045][ T5830] Call Trace:
[   73.978053][ T5830]  <TASK>
[   73.978062][ T5830]  dump_stack_lvl+0xf2/0x150
[   73.978098][ T5830]  dump_stack+0x15/0x20
[   74.001415][   T29] audit: type=1326 audit(1731218161.777:4321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5829 comm="syz.3.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32b812e719 code=0x7ffc0000
[   74.011393][ T5830]  should_fail_ex+0x223/0x230
[   74.014774][   T29] audit: type=1326 audit(1731218161.777:4322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5829 comm="syz.3.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f32b812e719 code=0x7ffc0000
[   74.017656][ T5830]  ? sidtab_sid2str_get+0xb8/0x140
[   74.022258][   T29] audit: type=1326 audit(1731218161.807:4323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5829 comm="syz.3.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32b812e719 code=0x7ffc0000
[   74.026395][ T5830]  should_failslab+0x8f/0xb0
[   74.026426][ T5830]  __kmalloc_node_track_caller_noprof+0xa6/0x380
[   74.049800][   T29] audit: type=1326 audit(1731218161.807:4324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5829 comm="syz.3.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f32b812d0b0 code=0x7ffc0000
[   74.054516][ T5830]  ? vsnprintf+0xdd8/0xe30
[   74.077982][   T29] audit: type=1326 audit(1731218161.807:4325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5829 comm="syz.3.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f32b812d1ff code=0x7ffc0000
[   74.083046][ T5830]  kmemdup_noprof+0x2a/0x60
[   74.130572][ T5826] IPVS: Error joining to the multicast group
[   74.140547][ T5830]  sidtab_sid2str_get+0xb8/0x140
[   74.140591][ T5830]  security_sid_to_context_core+0x1eb/0x2f0
[   74.140636][ T5830]  security_sid_to_context+0x27/0x30
[   74.195041][ T5830]  selinux_secid_to_secctx+0x22/0x30
[   74.200489][ T5830]  security_secid_to_secctx+0x48/0x90
[   74.205891][ T5830]  audit_log_task_context+0x8c/0x1b0
[   74.211276][ T5830]  audit_log_task+0xfb/0x180
[   74.215889][ T5830]  audit_seccomp+0x68/0x130
[   74.220600][ T5830]  __seccomp_filter+0x6fa/0x1180
[   74.225599][ T5830]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   74.229383][   T29] audit: type=1326 audit(1731218162.117:4327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5834 comm="syz.2.816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef1d4ee719 code=0x7ffc0000
[   74.231256][ T5830]  ? vfs_write+0x596/0x920
[   74.254748][   T29] audit: type=1326 audit(1731218162.117:4328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5834 comm="syz.2.816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef1d4ee719 code=0x7ffc0000
[   74.258937][ T5830]  ? __rcu_read_unlock+0x4e/0x70
[   74.287327][ T5830]  ? __fget_files+0x1d4/0x210
[   74.292071][ T5830]  __secure_computing+0x9f/0x1c0
[   74.297075][ T5830]  syscall_trace_enter+0xd1/0x1f0
[   74.302153][ T5830]  ? fpregs_assert_state_consistent+0x83/0xa0
[   74.308381][ T5830]  do_syscall_64+0xaa/0x1c0
[   74.312916][ T5830]  ? clear_bhb_loop+0x55/0xb0
[   74.317662][ T5830]  ? clear_bhb_loop+0x55/0xb0
[   74.322369][ T5830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.328377][ T5830] RIP: 0033:0x7f32b812e719
[   74.332912][ T5830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.352546][ T5830] RSP: 002b:00007f32b6da7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3
[   74.361180][ T5830] RAX: ffffffffffffffda RBX: 00007f32b82e5f80 RCX: 00007f32b812e719
[   74.369206][ T5830] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   74.377260][ T5830] RBP: 00007f32b6da7090 R08: 0000000000000000 R09: 0000000000000000
[   74.385317][ T5830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.393410][ T5830] R13: 0000000000000000 R14: 00007f32b82e5f80 R15: 00007ffd29353548
[   74.401498][ T5830]  </TASK>
[   74.432371][ T5841] ebtables: ebtables: counters copy to user failed while replacing table
[   74.452055][ T5841] IPVS: Error joining to the multicast group
[   74.557851][ T5857] loop4: detected capacity change from 0 to 512
[   74.568184][ T5859] FAULT_INJECTION: forcing a failure.
[   74.568184][ T5859] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   74.581483][ T5859] CPU: 1 UID: 0 PID: 5859 Comm: syz.2.825 Not tainted 6.12.0-rc6-syzkaller-00279-gde2f378f2b77 #0
[   74.586702][ T5861] loop3: detected capacity change from 0 to 512
[   74.592104][ T5859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   74.592122][ T5859] Call Trace:
[   74.592131][ T5859]  <TASK>
[   74.603838][ T5861] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.824: bg 0: block 35: padding at end of block bitmap is not set
[   74.608406][ T5859]  dump_stack_lvl+0xf2/0x150
[   74.608442][ T5859]  dump_stack+0x15/0x20
[   74.608504][ T5859]  should_fail_ex+0x223/0x230
[   74.611960][ T5861] EXT4-fs (loop3): Remounting filesystem read-only
[   74.614735][ T5859]  should_fail+0xb/0x10
[   74.614777][ T5859]  should_fail_usercopy+0x1a/0x20
[   74.614800][ T5859]  _copy_from_user+0x1e/0xb0
[   74.629347][ T5861] EXT4-fs (loop3): 1 truncate cleaned up
[   74.633431][ T5859]  copy_msghdr_from_user+0x54/0x2a0
[   74.640110][ T5861] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.642255][ T5859]  __sys_sendmsg+0x171/0x270
[   74.648803][ T5861] SELinux: (dev loop3, type ext4) getxattr errno 5
[   74.652904][ T5859]  __x64_sys_sendmsg+0x46/0x50
[   74.658302][ T5861] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.662502][ T5859]  x64_sys_call+0x2689/0x2d60
[   74.715360][ T5859]  do_syscall_64+0xc9/0x1c0
[   74.719894][ T5859]  ? clear_bhb_loop+0x55/0xb0
[   74.724582][ T5859]  ? clear_bhb_loop+0x55/0xb0
[   74.729403][ T5859]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.735321][ T5859] RIP: 0033:0x7fef1d4ee719
[   74.739758][ T5859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.759419][ T5859] RSP: 002b:00007fef1c161038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   74.767873][ T5859] RAX: ffffffffffffffda RBX: 00007fef1d6a5f80 RCX: 00007fef1d4ee719
[   74.775957][ T5859] RDX: 0000000024008000 RSI: 0000000020000840 RDI: 0000000000000004
[   74.783937][ T5859] RBP: 00007fef1c161090 R08: 0000000000000000 R09: 0000000000000000
[   74.791995][ T5859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.799979][ T5859] R13: 0000000000000000 R14: 00007fef1d6a5f80 R15: 00007fff7002feb8
[   74.807990][ T5859]  </TASK>
[   74.811611][ T5857] EXT4-fs: Ignoring removed orlov option
[   74.822881][ T5857] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   74.836836][ T5863] xt_CT: You must specify a L4 protocol and not use inversions on it
[   74.863926][ T5857] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.867645][ T5872] loop2: detected capacity change from 0 to 512
[   74.876461][ T5857] ext4 filesystem being mounted at /157/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   74.901637][ T5872] EXT4-fs: Ignoring removed oldalloc option
[   74.912226][ T5872] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   74.921678][ T5857] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.823: bg 0: block 255: padding at end of block bitmap is not set
[   74.924092][ T5872] EXT4-fs (loop2): 1 truncate cleaned up
[   74.939247][ T5857] EXT4-fs (loop4): Remounting filesystem read-only
[   74.944444][ T5872] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.966876][ T5857] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=16
[   74.975831][ T5857] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=16
[   75.011072][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.021308][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.043645][ T5882] bpf_get_probe_write_proto: 11 callbacks suppressed
[   75.043661][ T5882] syz.4.831[5882] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.055803][ T5882] syz.4.831[5882] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.067461][ T5882] syz.4.831[5882] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.140944][ T5892] rdma_op ffff8881136b2980 conn xmit_rdma 0000000000000000
[   75.214479][ T5898] netlink: 'syz.2.834': attribute type 10 has an invalid length.
[   75.427739][ T5910] loop3: detected capacity change from 0 to 256
[   75.444069][ T5910] FAT-fs (loop3): Directory bread(block 64) failed
[   75.450832][ T5910] FAT-fs (loop3): Directory bread(block 65) failed
[   75.457460][ T5910] FAT-fs (loop3): Directory bread(block 66) failed
[   75.464098][ T5910] FAT-fs (loop3): Directory bread(block 67) failed
[   75.470746][ T5910] FAT-fs (loop3): Directory bread(block 68) failed
[   75.477399][ T5910] FAT-fs (loop3): Directory bread(block 69) failed
[   75.483981][ T5910] FAT-fs (loop3): Directory bread(block 70) failed
[   75.490577][ T5910] FAT-fs (loop3): Directory bread(block 71) failed
[   75.497149][ T5910] FAT-fs (loop3): Directory bread(block 72) failed
[   75.503663][ T5910] FAT-fs (loop3): Directory bread(block 73) failed
[   75.519597][ T5911] hub 2-0:1.0: USB hub found
[   75.524716][ T5911] hub 2-0:1.0: 8 ports detected
[   75.927621][ T5918] loop4: detected capacity change from 0 to 256
[   75.941355][ T5918] FAT-fs (loop4): Directory bread(block 64) failed
[   75.948158][ T5918] FAT-fs (loop4): Directory bread(block 65) failed
[   75.955053][ T5918] FAT-fs (loop4): Directory bread(block 66) failed
[   75.961587][ T5918] FAT-fs (loop4): Directory bread(block 67) failed
[   75.968443][ T5918] FAT-fs (loop4): Directory bread(block 68) failed
[   75.975032][ T5918] FAT-fs (loop4): Directory bread(block 69) failed
[   75.981718][ T5918] FAT-fs (loop4): Directory bread(block 70) failed
[   75.988299][ T5892] 9pnet_fd: p9_fd_create_tcp (5892): problem connecting socket to 127.0.0.1
[   75.988536][ T5918] FAT-fs (loop4): Directory bread(block 71) failed
[   76.003875][ T5918] FAT-fs (loop4): Directory bread(block 72) failed
[   76.015131][ T5918] FAT-fs (loop4): Directory bread(block 73) failed
[   76.170312][ T5932] loop4: detected capacity change from 0 to 256
[   76.183904][ T5933] loop2: detected capacity change from 0 to 512
[   76.187472][ T5932] FAT-fs (loop4): Directory bread(block 64) failed
[   76.193908][ T5656] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.197628][ T5932] FAT-fs (loop4): Directory bread(block 65) failed
[   76.213272][ T5933] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.850: bg 0: block 35: padding at end of block bitmap is not set
[   76.213351][ T5932] FAT-fs (loop4): Directory bread(block 66) failed
[   76.213413][ T5932] FAT-fs (loop4): Directory bread(block 67) failed
[   76.231641][ T5656] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.234937][ T5932] FAT-fs (loop4): Directory bread(block 68) failed
[   76.240839][ T5933] EXT4-fs (loop2): Remounting filesystem read-only
[   76.249099][ T5932] FAT-fs (loop4): Directory bread(block 69) failed
[   76.268879][ T5932] FAT-fs (loop4): Directory bread(block 70) failed
[   76.270728][ T5656] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.275536][ T5932] FAT-fs (loop4): Directory bread(block 71) failed
[   76.290209][ T5933] EXT4-fs (loop2): 1 truncate cleaned up
[   76.290583][ T5932] FAT-fs (loop4): Directory bread(block 72) failed
[   76.300418][ T5656] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.302456][ T5932] FAT-fs (loop4): Directory bread(block 73) failed
[   76.311364][ T5933] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.330759][ T5933] SELinux: (dev loop2, type ext4) getxattr errno 5
[   76.338826][ T5933] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.358346][ T5938] syz.4.853[5938] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   76.358410][ T5938] syz.4.853[5938] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   76.384423][ T5938] syz.4.853[5938] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   76.428674][ T5942] rdma_op ffff888114a21580 conn xmit_rdma 0000000000000000
[   76.455058][ T5942] 9pnet_fd: p9_fd_create_tcp (5942): problem connecting socket to 127.0.0.1
[   76.482616][ T5942] netlink: 'syz.1.855': attribute type 10 has an invalid length.
[   76.523702][ T5951] syz.1.859[5951] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   76.523769][ T5951] syz.1.859[5951] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   76.535955][ T5951] syz.1.859[5951] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   76.563979][ T5951] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=5951 comm=syz.1.859
[   76.598760][ T5955] process 'syz.0.860' launched '/dev/fd/3' with NULL argv: empty string added
[   76.776729][ T5972] ebtables: ebtables: counters copy to user failed while replacing table
[   76.812622][ T5972] __nla_validate_parse: 7 callbacks suppressed
[   76.812643][ T5972] netlink: 4 bytes leftover after parsing attributes in process `syz.1.867'.
[   76.829474][ T5972] IPVS: Error joining to the multicast group
[   76.855658][ T5980] rdma_op ffff888115f63180 conn xmit_rdma 0000000000000000
[   76.866258][ T5980] 9pnet_fd: p9_fd_create_tcp (5980): problem connecting socket to 127.0.0.1
[   76.875527][ T5980] netlink: 'syz.0.869': attribute type 10 has an invalid length.
[   76.894104][ T5981] hub 2-0:1.0: USB hub found
[   76.903036][ T5981] hub 2-0:1.0: 8 ports detected
[   76.903992][ T5983] syz.1.871[5983] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   76.924282][ T5985] bond1: entered promiscuous mode
[   76.940713][ T5985] bond1: entered allmulticast mode
[   76.946119][ T5985] 8021q: adding VLAN 0 to HW filter on device bond1
[   76.957415][ T5985] bond1 (unregistering): Released all slaves
[   76.969540][ T5983] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=5983 comm=syz.1.871
[   77.045871][ T5995] rdma_op ffff88811749f980 conn xmit_rdma 0000000000000000
[   77.126009][ T6003] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.877'.
[   77.137361][ T5999] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.877'.
[   77.213261][ T6013] rdma_op ffff888115f63580 conn xmit_rdma 0000000000000000
[   77.224035][ T6013] 9pnet_fd: p9_fd_create_tcp (6013): problem connecting socket to 127.0.0.1
[   77.236230][ T6013] netlink: 'syz.0.881': attribute type 10 has an invalid length.
[   77.249019][ T6017] loop4: detected capacity change from 0 to 128
[   77.291816][ T6023] xt_CT: You must specify a L4 protocol and not use inversions on it
[   77.389002][ T6031] loop4: detected capacity change from 0 to 256
[   77.416663][ T6031] FAT-fs (loop4): Directory bread(block 64) failed
[   77.423226][ T6031] FAT-fs (loop4): Directory bread(block 65) failed
[   77.432529][ T6031] FAT-fs (loop4): Directory bread(block 66) failed
[   77.439140][ T6031] FAT-fs (loop4): Directory bread(block 67) failed
[   77.447701][ T6031] FAT-fs (loop4): Directory bread(block 68) failed
[   77.454245][ T6031] FAT-fs (loop4): Directory bread(block 69) failed
[   77.461163][ T6031] FAT-fs (loop4): Directory bread(block 70) failed
[   77.467819][ T6031] FAT-fs (loop4): Directory bread(block 71) failed
[   77.474456][ T6031] FAT-fs (loop4): Directory bread(block 72) failed
[   77.481909][ T6031] FAT-fs (loop4): Directory bread(block 73) failed
[   77.531812][ T6044] rdma_op ffff8881155c4980 conn xmit_rdma 0000000000000000
[   77.593011][ T6046] netlink: 'syz.4.894': attribute type 10 has an invalid length.
[   77.800278][ T6053] ebtables: ebtables: counters copy to user failed while replacing table
[   77.826725][ T6053] netlink: 4 bytes leftover after parsing attributes in process `syz.3.897'.
[   77.854276][ T6059] xt_CT: You must specify a L4 protocol and not use inversions on it
[   77.874397][ T5995] 9pnet_fd: p9_fd_create_tcp (5995): problem connecting socket to 127.0.0.1
[   77.983214][ T6071] loop2: detected capacity change from 0 to 512
[   77.992618][ T6071] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.903: bg 0: block 35: padding at end of block bitmap is not set
[   78.009030][ T6071] EXT4-fs (loop2): Remounting filesystem read-only
[   78.016286][ T6071] EXT4-fs (loop2): 1 truncate cleaned up
[   78.022691][ T6071] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.035185][ T6071] SELinux: (dev loop2, type ext4) getxattr errno 5
[   78.042072][ T6071] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.077281][ T6067] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.108058][ T6076] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.903'.
[   78.121778][ T6067] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.134846][ T6071] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.903'.
[   78.176620][ T6067] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.212096][ T6085] ebtables: ebtables: counters copy to user failed while replacing table
[   78.224598][ T6083] hub 2-0:1.0: USB hub found
[   78.231020][ T6067] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.231350][ T6083] hub 2-0:1.0: 8 ports detected
[   78.256208][ T6085] netlink: 4 bytes leftover after parsing attributes in process `syz.2.908'.
[   78.271587][ T6067] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.288552][ T6067] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.297022][ T6091] xt_CT: You must specify a L4 protocol and not use inversions on it
[   78.300019][ T6067] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.328399][ T6067] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.364039][ T6044] 9pnet_fd: p9_fd_create_tcp (6044): problem connecting socket to 127.0.0.1
[   78.492666][ T6116] xt_CT: You must specify a L4 protocol and not use inversions on it
[   78.541423][ T6122] ebtables: ebtables: counters copy to user failed while replacing table
[   78.644614][ T6129] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.687798][ T6129] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.736581][ T6129] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.770433][ T6151] xt_CT: You must specify a L4 protocol and not use inversions on it
[   78.776941][ T6129] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.791190][ T6152] ebtables: ebtables: counters copy to user failed while replacing table
[   78.826147][ T6152] netlink: 4 bytes leftover after parsing attributes in process `syz.4.931'.
[   78.846123][ T6160] ebtables: ebtables: counters copy to user failed while replacing table
[   78.872110][ T6160] netlink: 4 bytes leftover after parsing attributes in process `syz.0.934'.
[   78.882975][ T6160] netlink: 20 bytes leftover after parsing attributes in process `syz.0.934'.
[   78.892357][ T6166] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[   78.936488][ T6168] ebtables: ebtables: counters copy to user failed while replacing table
[   78.975055][   T29] kauditd_printk_skb: 341 callbacks suppressed
[   78.975073][   T29] audit: type=1326 audit(1731218166.867:4664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6175 comm="syz.0.937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   79.007962][   T29] audit: type=1326 audit(1731218166.867:4665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6175 comm="syz.0.937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   79.031399][   T29] audit: type=1326 audit(1731218166.867:4666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6175 comm="syz.0.937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   79.054794][   T29] audit: type=1326 audit(1731218166.867:4667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6175 comm="syz.0.937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   79.078270][   T29] audit: type=1326 audit(1731218166.867:4668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6175 comm="syz.0.937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   79.124779][   T29] audit: type=1326 audit(1731218167.007:4669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6183 comm="syz.4.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa544c9e719 code=0x7ffc0000
[   79.148279][   T29] audit: type=1326 audit(1731218167.007:4670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6183 comm="syz.4.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa544c9e719 code=0x7ffc0000
[   79.171804][   T29] audit: type=1326 audit(1731218167.007:4671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6183 comm="syz.4.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa544c9e719 code=0x7ffc0000
[   79.195170][   T29] audit: type=1326 audit(1731218167.007:4672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6183 comm="syz.4.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa544c9e719 code=0x7ffc0000
[   79.218529][   T29] audit: type=1326 audit(1731218167.007:4673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6183 comm="syz.4.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa544c9e719 code=0x7ffc0000
[   79.252185][ T6192] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=6192 comm=syz.0.944
[   79.425998][ T6211] ebtables: ebtables: counters copy to user failed while replacing table
[   79.494785][ T6211] IPVS: Error joining to the multicast group
[   79.521559][ T6228] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=6228 comm=syz.2.956
[   79.563111][ T6217] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.566110][ T6231] loop2: detected capacity change from 0 to 1024
[   79.583615][ T6231] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.646563][ T6217] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.686130][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.706470][ T6217] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.766731][ T6217] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.789309][ T6243] loop2: detected capacity change from 0 to 512
[   79.796074][ T6243] EXT4-fs: Ignoring removed oldalloc option
[   79.803967][ T6243] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   79.809059][ T6245] FAULT_INJECTION: forcing a failure.
[   79.809059][ T6245] name failslab, interval 1, probability 0, space 0, times 0
[   79.817259][ T6243] EXT4-fs (loop2): 1 truncate cleaned up
[   79.826451][ T6245] CPU: 1 UID: 0 PID: 6245 Comm: syz.1.961 Not tainted 6.12.0-rc6-syzkaller-00279-gde2f378f2b77 #0
[   79.834265][ T6243] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.842642][ T6245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   79.842659][ T6245] Call Trace:
[   79.842668][ T6245]  <TASK>
[   79.842678][ T6245]  dump_stack_lvl+0xf2/0x150
[   79.876061][ T6245]  dump_stack+0x15/0x20
[   79.880225][ T6245]  should_fail_ex+0x223/0x230
[   79.884985][ T6245]  ? __alloc_skb+0x10b/0x310
[   79.889630][ T6245]  should_failslab+0x8f/0xb0
[   79.894260][ T6245]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[   79.900167][ T6245]  ? security_capable+0x81/0x90
[   79.905082][ T6245]  __alloc_skb+0x10b/0x310
[   79.909528][ T6245]  netlink_ack+0xef/0x4f0
[   79.913908][ T6245]  ? ref_tracker_free+0x3a5/0x410
[   79.919028][ T6245]  ? should_fail_ex+0xd7/0x230
[   79.923845][ T6245]  netlink_rcv_skb+0x19c/0x230
[   79.928647][ T6245]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   79.934125][ T6245]  rtnetlink_rcv+0x1c/0x30
[   79.938574][ T6245]  netlink_unicast+0x599/0x670
[   79.943362][ T6245]  netlink_sendmsg+0x5cc/0x6e0
[   79.948139][ T6245]  ? __pfx_netlink_sendmsg+0x10/0x10
[   79.953446][ T6245]  __sock_sendmsg+0x140/0x180
[   79.958142][ T6245]  sock_write_iter+0x15e/0x1a0
[   79.962986][ T6245]  vfs_write+0x77f/0x920
[   79.967299][ T6245]  ? __pfx_kfree_link+0x10/0x10
[   79.972208][ T6245]  ? __pfx_sock_write_iter+0x10/0x10
[   79.977585][ T6245]  ksys_write+0xeb/0x1b0
[   79.981924][ T6245]  __x64_sys_write+0x42/0x50
[   79.986615][ T6245]  x64_sys_call+0x27dd/0x2d60
[   79.991424][ T6245]  do_syscall_64+0xc9/0x1c0
[   79.995948][ T6245]  ? clear_bhb_loop+0x55/0xb0
[   80.000890][ T6245]  ? clear_bhb_loop+0x55/0xb0
[   80.005650][ T6245]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.011640][ T6245] RIP: 0033:0x7f84eee2e719
[   80.016092][ T6245] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.035826][ T6245] RSP: 002b:00007f84edaa1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   80.044255][ T6245] RAX: ffffffffffffffda RBX: 00007f84eefe5f80 RCX: 00007f84eee2e719
[   80.052255][ T6245] RDX: 000000000000fe33 RSI: 0000000020000000 RDI: 0000000000000003
[   80.060245][ T6245] RBP: 00007f84edaa1090 R08: 0000000000000000 R09: 0000000000000000
[   80.068258][ T6245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.076239][ T6245] R13: 0000000000000000 R14: 00007f84eefe5f80 R15: 00007fff207c6db8
[   80.084234][ T6245]  </TASK>
[   80.091963][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.122943][ T6217] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   80.131733][ T6250] serio: Serial port ttyS3
[   80.135535][ T6217] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   80.148249][ T6217] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   80.160511][ T6217] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   80.191709][ T6255] xt_CT: You must specify a L4 protocol and not use inversions on it
[   80.222413][ T6260] bpf_get_probe_write_proto: 14 callbacks suppressed
[   80.222436][ T6260] syz.1.967[6260] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   80.237863][ T6260] syz.1.967[6260] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   80.249627][ T6260] syz.1.967[6260] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   80.260315][ T6258] ebtables: ebtables: counters copy to user failed while replacing table
[   80.289218][ T6260] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=6260 comm=syz.1.967
[   80.336008][ T6272] xt_CT: You must specify a L4 protocol and not use inversions on it
[   80.362461][ T6277] loop4: detected capacity change from 0 to 512
[   80.378719][ T6277] EXT4-fs: Ignoring removed orlov option
[   80.385061][ T6277] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   80.407850][ T6277] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.420591][ T6277] ext4 filesystem being mounted at /185/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.436949][ T6277] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.972: bg 0: block 255: padding at end of block bitmap is not set
[   80.453226][ T6277] EXT4-fs (loop4): Remounting filesystem read-only
[   80.469947][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.547989][ T6293] xt_CT: You must specify a L4 protocol and not use inversions on it
[   80.606584][ T6303] xt_CT: You must specify a L4 protocol and not use inversions on it
[   80.644529][ T6305] ebtables: ebtables: counters copy to user failed while replacing table
[   80.995806][ T6340] xt_CT: You must specify a L4 protocol and not use inversions on it
[   81.007924][ T6341] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=6341 comm=syz.0.997
[   81.047473][ T6343] bond1: entered promiscuous mode
[   81.052551][ T6343] bond1: entered allmulticast mode
[   81.068382][ T6343] 8021q: adding VLAN 0 to HW filter on device bond1
[   81.091293][ T6343] bond1 (unregistering): Released all slaves
[   81.247989][ T6377] syz.4.1011[6377] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   81.248136][ T6377] syz.4.1011[6377] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   81.277006][ T6377] syz.4.1011[6377] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   81.305397][ T6377] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=6377 comm=syz.4.1011
[   81.360269][ T6388] syz.1.1017[6388] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   81.360376][ T6388] syz.1.1017[6388] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   81.383685][ T6388] syz.1.1017[6388] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   81.411208][ T6397] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=6397 comm=syz.1.1017
[   81.468909][ T6402] loop4: detected capacity change from 0 to 512
[   81.483499][ T6402] EXT4-fs: Ignoring removed oldalloc option
[   81.490028][ T6406] xt_CT: You must specify a L4 protocol and not use inversions on it
[   81.492793][ T6402] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   81.516980][ T6402] EXT4-fs (loop4): 1 truncate cleaned up
[   81.526632][ T6402] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.625569][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.738645][ T6436] loop2: detected capacity change from 0 to 512
[   81.746181][ T6434] loop4: detected capacity change from 0 to 128
[   81.765395][ T6436] EXT4-fs: Ignoring removed oldalloc option
[   81.773252][ T6436] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   81.806472][ T6436] EXT4-fs (loop2): 1 truncate cleaned up
[   81.831001][ T6443] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=6443 comm=syz.1.1036
[   81.845043][ T6436] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.926244][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.967431][ T6449] 9pnet: Could not find request transport: tc
[   82.008511][ T6450] ebtables: ebtables: counters copy to user failed while replacing table
[   82.051110][ T6450] __nla_validate_parse: 4 callbacks suppressed
[   82.051127][ T6450] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1039'.
[   82.076062][ T6460] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.132720][ T6466] 9pnet: Could not find request transport: t
[   82.141022][ T6460] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.161552][ T6468] ebtables: ebtables: counters copy to user failed while replacing table
[   82.178107][ T6460] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.220223][ T6468] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1045'.
[   82.226431][ T6477] rdma_op ffff88811749e580 conn xmit_rdma 0000000000000000
[   82.246764][ T6460] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.272930][ T6479] bond1: entered promiscuous mode
[   82.278143][ T6479] bond1: entered allmulticast mode
[   82.284607][ T6477] 9pnet_fd: p9_fd_create_tcp (6477): problem connecting socket to 127.0.0.1
[   82.311785][ T6479] 8021q: adding VLAN 0 to HW filter on device bond1
[   82.322915][ T6479] bond1 (unregistering): Released all slaves
[   82.339553][ T6460] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.367998][ T6129] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.402749][ T6129] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.425466][ T6460] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.449566][ T6460] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.484025][ T6129] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.508892][ T6460] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.528927][ T6129] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.552312][ T6491] loop4: detected capacity change from 0 to 512
[   82.595268][ T6491] EXT4-fs: Ignoring removed oldalloc option
[   82.618863][ T6491] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   82.655457][ T6491] EXT4-fs (loop4): 1 truncate cleaned up
[   82.661488][ T6491] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.729467][ T6511] tipc: Can't bind to reserved service type 1
[   82.743963][ T6499] ebtables: ebtables: counters copy to user failed while replacing table
[   82.796414][ T6499] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1056'.
[   82.826395][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.173744][ T6542] bond1: entered promiscuous mode
[   83.178931][ T6542] bond1: entered allmulticast mode
[   83.210904][ T6542] 8021q: adding VLAN 0 to HW filter on device bond1
[   83.252524][ T6542] bond1 (unregistering): Released all slaves
[   83.293140][ T6549] loop4: detected capacity change from 0 to 512
[   83.328442][ T6549] EXT4-fs: Ignoring removed orlov option
[   83.369049][ T6549] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   83.397961][ T6549] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.416435][ T6553] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.447211][ T6549] ext4 filesystem being mounted at /210/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.477130][ T6549] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1072: bg 0: block 255: padding at end of block bitmap is not set
[   83.497224][ T6553] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.533414][ T6549] EXT4-fs (loop4): Remounting filesystem read-only
[   83.556658][ T6553] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.580935][ T6560] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=16
[   83.604111][ T6560] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=16
[   83.618667][ T6553] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.661083][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.751818][ T6585] bond1: entered promiscuous mode
[   83.757044][ T6585] bond1: entered allmulticast mode
[   83.762525][ T6585] 8021q: adding VLAN 0 to HW filter on device bond1
[   83.778120][ T6585] bond1 (unregistering): Released all slaves
[   83.889091][ T6603] loop4: detected capacity change from 0 to 512
[   83.899730][ T6603] EXT4-fs: Ignoring removed orlov option
[   83.911020][ T6603] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   83.947916][ T6603] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.966603][ T6603] ext4 filesystem being mounted at /214/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   84.008673][ T6603] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1092: bg 0: block 255: padding at end of block bitmap is not set
[   84.034879][ T6603] EXT4-fs (loop4): Remounting filesystem read-only
[   84.052821][ T6616] rdma_op ffff8881166a1580 conn xmit_rdma 0000000000000000
[   84.060823][ T6614] xt_ct_set_timeout: 1 callbacks suppressed
[   84.060890][ T6614] xt_CT: You must specify a L4 protocol and not use inversions on it
[   84.065976][ T6603] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=16
[   84.087368][ T6616] 9pnet_fd: p9_fd_create_tcp (6616): problem connecting socket to 127.0.0.1
[   84.089470][ T6603] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=16
[   84.096614][ T6616] netlink: 'syz.1.1097': attribute type 10 has an invalid length.
[   84.123668][   T29] kauditd_printk_skb: 519 callbacks suppressed
[   84.123688][   T29] audit: type=1326 audit(1731218171.997:5189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6618 comm="syz.0.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   84.153607][   T29] audit: type=1326 audit(1731218171.997:5190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6618 comm="syz.0.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   84.177143][   T29] audit: type=1326 audit(1731218171.997:5191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6618 comm="syz.0.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   84.200773][   T29] audit: type=1326 audit(1731218171.997:5192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6618 comm="syz.0.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   84.224444][   T29] audit: type=1326 audit(1731218171.997:5193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6618 comm="syz.0.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   84.248057][   T29] audit: type=1326 audit(1731218171.997:5194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6618 comm="syz.0.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   84.271650][   T29] audit: type=1326 audit(1731218171.997:5195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6618 comm="syz.0.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   84.295179][   T29] audit: type=1326 audit(1731218171.997:5196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6618 comm="syz.0.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   84.318651][   T29] audit: type=1326 audit(1731218171.997:5197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6618 comm="syz.0.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   84.342129][   T29] audit: type=1326 audit(1731218171.997:5198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6618 comm="syz.0.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   84.366556][ T6624] xt_CT: You must specify a L4 protocol and not use inversions on it
[   84.382109][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.537856][ T6666] xt_CT: You must specify a L4 protocol and not use inversions on it
[   84.553526][ T6670] syz.0.1118[6670] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   84.569516][ T6670] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=6670 comm=syz.0.1118
[   84.618056][ T6677] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=6677 comm=syz.0.1121
[   84.671085][ T6679] ebtables: ebtables: counters copy to user failed while replacing table
[   84.708746][ T6679] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1122'.
[   84.838496][ T6697] dccp_close: ABORT with 32 bytes unread
[   84.848103][ T6698] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   84.859032][ T6698] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   84.914303][ T6701] xt_CT: You must specify a L4 protocol and not use inversions on it
[   84.920006][ T6704] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=6704 comm=syz.0.1129
[   84.966268][ T6708] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=6708 comm=syz.0.1131
[   85.090089][ T6712] hub 2-0:1.0: USB hub found
[   85.095025][ T6712] hub 2-0:1.0: 8 ports detected
[   85.387570][ T6720] ebtables: ebtables: counters copy to user failed while replacing table
[   85.412519][ T6720] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1136'.
[   85.805843][ T6732] xt_CT: You must specify a L4 protocol and not use inversions on it
[   85.850997][ T6734] loop2: detected capacity change from 0 to 8192
[   85.931356][ T6740] rdma_op ffff888115fc4580 conn xmit_rdma 0000000000000000
[   85.993954][ T6745] netlink: 'syz.2.1143': attribute type 10 has an invalid length.
[   86.058597][ T6751] bpf_get_probe_write_proto: 11 callbacks suppressed
[   86.058611][ T6751] syz.0.1148[6751] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   86.065745][ T6751] syz.0.1148[6751] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   86.077411][ T6751] syz.0.1148[6751] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   86.335903][ T6755] loop4: detected capacity change from 0 to 128
[   86.760490][ T6553] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.769358][ T6740] 9pnet_fd: p9_fd_create_tcp (6740): problem connecting socket to 127.0.0.1
[   86.781151][ T6553] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.796350][ T6553] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.814540][ T6553] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.864010][ T6764] loop2: detected capacity change from 0 to 8192
[   86.916853][ T6770] syz.0.1155[6770] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   86.916961][ T6770] syz.0.1155[6770] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   86.954913][ T6770] syz.0.1155[6770] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   86.978430][ T6770] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=6770 comm=syz.0.1155
[   87.038547][ T6782] loop2: detected capacity change from 0 to 2048
[   87.066088][ T6784] xt_CT: You must specify a L4 protocol and not use inversions on it
[   87.068145][ T6782] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.091229][ T6789] loop3: detected capacity change from 0 to 512
[   87.097863][ T6789] EXT4-fs: Ignoring removed oldalloc option
[   87.108663][ T6789] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   87.116070][ T6782] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1161'.
[   87.131363][ T6789] EXT4-fs (loop3): 1 truncate cleaned up
[   87.139168][ T6789] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.166425][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.205658][ T6794] xt_CT: You must specify a L4 protocol and not use inversions on it
[   87.243754][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.279579][ T6800] xt_CT: You must specify a L4 protocol and not use inversions on it
[   87.307297][ T6798] loop3: detected capacity change from 0 to 8192
[   87.463468][ T6814] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   87.481440][ T6814] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   87.481573][ T6818] FAULT_INJECTION: forcing a failure.
[   87.481573][ T6818] name fail_futex, interval 1, probability 0, space 0, times 1
[   87.502270][ T6818] CPU: 0 UID: 0 PID: 6818 Comm: syz.2.1173 Not tainted 6.12.0-rc6-syzkaller-00279-gde2f378f2b77 #0
[   87.513055][ T6818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   87.523238][ T6818] Call Trace:
[   87.526599][ T6818]  <TASK>
[   87.529539][ T6818]  dump_stack_lvl+0xf2/0x150
[   87.534187][ T6818]  dump_stack+0x15/0x20
[   87.538352][ T6818]  should_fail_ex+0x223/0x230
[   87.543165][ T6818]  should_fail+0xb/0x10
[   87.547501][ T6818]  get_futex_key+0x109/0x720
[   87.552139][ T6818]  futex_wait_setup+0x61/0x1d0
[   87.556942][ T6818]  futex_wait_requeue_pi+0x1bb/0x6d0
[   87.562284][ T6818]  ? __pfx_futex_wake_mark+0x10/0x10
[   87.567642][ T6818]  do_futex+0x146/0x370
[   87.571866][ T6818]  __se_sys_futex+0x25d/0x3a0
[   87.576573][ T6818]  ? fput+0x14e/0x190
[   87.580615][ T6818]  __x64_sys_futex+0x78/0x90
[   87.585272][ T6818]  x64_sys_call+0x23c4/0x2d60
[   87.590042][ T6818]  do_syscall_64+0xc9/0x1c0
[   87.594625][ T6818]  ? clear_bhb_loop+0x55/0xb0
[   87.599326][ T6818]  ? clear_bhb_loop+0x55/0xb0
[   87.604050][ T6818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.609990][ T6818] RIP: 0033:0x7fef1d4ee719
[   87.614410][ T6818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.634124][ T6818] RSP: 002b:00007fef1c161038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[   87.642608][ T6818] RAX: ffffffffffffffda RBX: 00007fef1d6a5f80 RCX: 00007fef1d4ee719
[   87.650739][ T6818] RDX: 0000000000000000 RSI: 000080000000000b RDI: 000000002000cffc
[   87.658804][ T6818] RBP: 00007fef1c161090 R08: 0000000020000040 R09: 0000000000000000
[   87.666786][ T6818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   87.674767][ T6818] R13: 0000000000000000 R14: 00007fef1d6a5f80 R15: 00007fff7002feb8
[   87.682987][ T6818]  </TASK>
[   87.779363][ T6828] loop4: detected capacity change from 0 to 512
[   87.789606][ T6828] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #12: comm syz.4.1178: corrupted in-inode xattr: invalid ea_ino
[   87.806600][ T6828] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.1178: couldn't read orphan inode 12 (err -117)
[   87.820003][ T6828] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.835118][ T6828] EXT4-fs error (device loop4): ext4_add_entry:2437: inode #2: comm syz.4.1178: Directory hole found for htree leaf block 0
[   87.868761][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.886353][ T6833] ebtables: ebtables: counters copy to user failed while replacing table
[   87.906380][ T6841] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   87.916606][ T6841] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   87.920941][ T6833] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1180'.
[   87.938528][ T6833] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1180'.
[   87.947959][ T6845] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[   87.957849][ T6846] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1182'.
[   87.974147][ T6844] hub 2-0:1.0: USB hub found
[   87.981512][ T6844] hub 2-0:1.0: 8 ports detected
[   87.986884][ T6839] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1182'.
[   88.027428][ T6853] xt_CT: You must specify a L4 protocol and not use inversions on it
[   88.048354][ T6857] FAULT_INJECTION: forcing a failure.
[   88.048354][ T6857] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   88.069882][ T6857] CPU: 0 UID: 0 PID: 6857 Comm: syz.2.1186 Not tainted 6.12.0-rc6-syzkaller-00279-gde2f378f2b77 #0
[   88.080610][ T6857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   88.090778][ T6857] Call Trace:
[   88.094061][ T6857]  <TASK>
[   88.096993][ T6857]  dump_stack_lvl+0xf2/0x150
[   88.101681][ T6857]  dump_stack+0x15/0x20
[   88.105866][ T6857]  should_fail_ex+0x223/0x230
[   88.110630][ T6857]  should_fail+0xb/0x10
[   88.114849][ T6857]  should_fail_usercopy+0x1a/0x20
[   88.119883][ T6857]  _copy_from_user+0x1e/0xb0
[   88.124633][ T6857]  move_addr_to_kernel+0x82/0x120
[   88.129737][ T6857]  __sys_sendto+0x15c/0x260
[   88.134369][ T6857]  __x64_sys_sendto+0x78/0x90
[   88.139098][ T6857]  x64_sys_call+0x2959/0x2d60
[   88.143886][ T6857]  do_syscall_64+0xc9/0x1c0
[   88.148461][ T6857]  ? clear_bhb_loop+0x55/0xb0
[   88.153173][ T6857]  ? clear_bhb_loop+0x55/0xb0
[   88.157909][ T6857]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.163933][ T6857] RIP: 0033:0x7fef1d4ee719
[   88.168409][ T6857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.188120][ T6857] RSP: 002b:00007fef1c161038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   88.196627][ T6857] RAX: ffffffffffffffda RBX: 00007fef1d6a5f80 RCX: 00007fef1d4ee719
[   88.204691][ T6857] RDX: 000000000000ffe0 RSI: 0000000020000100 RDI: 0000000000000005
[   88.212720][ T6857] RBP: 00007fef1c161090 R08: 0000000020000140 R09: 000000000000001c
[   88.220762][ T6857] R10: 000000002000c851 R11: 0000000000000246 R12: 0000000000000001
[   88.228763][ T6857] R13: 0000000000000000 R14: 00007fef1d6a5f80 R15: 00007fff7002feb8
[   88.236782][ T6857]  </TASK>
[   88.319129][ T6870] loop3: detected capacity change from 0 to 512
[   88.330633][ T6870] EXT4-fs: Ignoring removed orlov option
[   88.349907][ T6870] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   88.386881][ T6870] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.403447][ T6870] ext4 filesystem being mounted at /191/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.427240][ T6880] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1195'.
[   88.428772][ T6870] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1193: bg 0: block 255: padding at end of block bitmap is not set
[   88.449994][ T6876] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1195'.
[   88.451760][ T6870] EXT4-fs (loop3): Remounting filesystem read-only
[   88.474534][ T6870] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=16
[   88.483479][ T6870] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=16
[   88.542004][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.596838][ T6888] loop3: detected capacity change from 0 to 512
[   88.607160][ T6888] EXT4-fs: Ignoring removed orlov option
[   88.618608][ T6888] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   88.626669][ T6882] loop2: detected capacity change from 0 to 8192
[   88.646560][ T6888] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.659482][ T6888] ext4 filesystem being mounted at /192/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.676175][ T6888] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1198: bg 0: block 255: padding at end of block bitmap is not set
[   88.690800][ T6888] EXT4-fs (loop3): Remounting filesystem read-only
[   88.721788][ T6888] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=16
[   88.730801][ T6888] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=16
[   88.782190][ T6899] bond2: entered promiscuous mode
[   88.787410][ T6899] bond2: entered allmulticast mode
[   88.793920][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.804866][ T6899] 8021q: adding VLAN 0 to HW filter on device bond2
[   88.817075][ T6901] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[   88.817075][ T6901] The task syz.4.1200 (6901) triggered the difference, watch for misbehavior.
[   88.839849][ T6899] bond2 (unregistering): Released all slaves
[   88.946953][ T6910] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1205'.
[   89.066650][ T6929] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1209'.
[   89.083179][ T6924] hub 2-0:1.0: USB hub found
[   89.089139][ T6923] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1209'.
[   89.098483][ T6924] hub 2-0:1.0: 8 ports detected
[   89.163756][ T6934] loop2: detected capacity change from 0 to 512
[   89.186128][ T6934] EXT4-fs: Ignoring removed orlov option
[   89.209564][ T6934] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   89.218241][ T6932] loop3: detected capacity change from 0 to 8192
[   89.254237][ T6934] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.273235][ T6934] ext4 filesystem being mounted at /212/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.318437][ T6934] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1212: bg 0: block 255: padding at end of block bitmap is not set
[   89.341146][ T6940] xt_CT: You must specify a L4 protocol and not use inversions on it
[   89.361882][ T6934] EXT4-fs (loop2): Remounting filesystem read-only
[   89.420156][ T6934] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=16
[   89.431027][ T6934] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=16
[   89.469067][ T6949] xt_CT: You must specify a L4 protocol and not use inversions on it
[   89.478370][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.495583][  T149] __quota_error: 398 callbacks suppressed
[   89.495600][  T149] Quota error (device loop2): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync!
[   89.513733][ T6951] loop3: detected capacity change from 0 to 512
[   89.516084][  T149] Quota error (device loop2): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync!
[   89.537024][ T6951] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #12: comm syz.3.1217: corrupted in-inode xattr: invalid ea_ino
[   89.551695][ T6951] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.1217: couldn't read orphan inode 12 (err -117)
[   89.583253][ T6951] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.584003][ T6954] loop4: detected capacity change from 0 to 128
[   89.615831][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.660795][ T6956] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.677821][ T6962] xt_CT: You must specify a L4 protocol and not use inversions on it
[   89.685667][ T6963] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   89.750289][ T6965] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.786682][ T6956] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.830451][ T6965] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.863840][ T6969] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.897171][ T6956] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.939857][ T6965] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.982969][ T6969] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.019571][ T6956] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.057669][ T6965] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.095353][ T6969] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.132067][ T6956] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.146032][ T6956] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.164455][ T6956] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.204415][ T6969] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.219629][ T6956] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.254522][ T6983] xt_CT: You must specify a L4 protocol and not use inversions on it
[   90.281074][ T6969] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.316150][ T6969] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.317885][ T6985] ebtables: ebtables: counters copy to user failed while replacing table
[   90.328094][ T6969] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.368948][ T6969] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.469404][ T6994] xt_CT: You must specify a L4 protocol and not use inversions on it
[   90.486471][ T6995] bond1: entered promiscuous mode
[   90.499730][ T6995] bond1: entered allmulticast mode
[   90.519940][ T6995] 8021q: adding VLAN 0 to HW filter on device bond1
[   90.548354][ T7000] rdma_op ffff8881155c6580 conn xmit_rdma 0000000000000000
[   90.556357][ T6995] bond1 (unregistering): Released all slaves
[   90.587729][ T7004] loop2: detected capacity change from 0 to 512
[   90.594555][ T7004] EXT4-fs: Ignoring removed orlov option
[   90.608335][ T7004] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   90.626842][ T7000] 9pnet_fd: p9_fd_create_tcp (7000): problem connecting socket to 127.0.0.1
[   90.675653][ T7004] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.695042][ T7004] ext4 filesystem being mounted at /219/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   90.709338][ T7006] loop4: detected capacity change from 0 to 8192
[   90.751570][ T7004] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1236: bg 0: block 255: padding at end of block bitmap is not set
[   90.769377][   T29] audit: type=1326 audit(1731218178.657:5591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7010 comm="syz.0.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   90.811925][ T7004] EXT4-fs (loop2): Remounting filesystem read-only
[   90.846342][ T7015] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=16
[   90.866250][   T29] audit: type=1326 audit(1731218178.687:5592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7010 comm="syz.0.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   90.879701][ T7015] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=16
[   90.889679][   T29] audit: type=1326 audit(1731218178.687:5593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7010 comm="syz.0.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   90.889765][   T29] audit: type=1326 audit(1731218178.687:5594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7010 comm="syz.0.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   90.889792][   T29] audit: type=1326 audit(1731218178.687:5595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7010 comm="syz.0.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   90.936164][ T7021] FAULT_INJECTION: forcing a failure.
[   90.936164][ T7021] name failslab, interval 1, probability 0, space 0, times 0
[   90.945826][   T29] audit: type=1326 audit(1731218178.687:5596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7010 comm="syz.0.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   90.969136][ T7021] CPU: 1 UID: 0 PID: 7021 Comm: syz.4.1240 Not tainted 6.12.0-rc6-syzkaller-00279-gde2f378f2b77 #0
[   90.981917][   T29] audit: type=1326 audit(1731218178.687:5597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7010 comm="syz.0.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   91.005220][ T7021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   91.005239][ T7021] Call Trace:
[   91.005247][ T7021]  <TASK>
[   91.005257][ T7021]  dump_stack_lvl+0xf2/0x150
[   91.015925][   T29] audit: type=1326 audit(1731218178.687:5598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7010 comm="syz.0.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   91.039236][ T7021]  dump_stack+0x15/0x20
[   91.087924][ T7021]  should_fail_ex+0x223/0x230
[   91.092710][ T7021]  ? __alloc_skb+0x10b/0x310
[   91.097376][ T7021]  should_failslab+0x8f/0xb0
[   91.102058][ T7021]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[   91.107897][ T7021]  __alloc_skb+0x10b/0x310
[   91.112422][ T7021]  ? avc_has_perm+0xd4/0x160
[   91.117092][ T7021]  alloc_skb_with_frags+0x80/0x450
[   91.122234][ T7021]  ? selinux_file_open+0x34a/0x3b0
[   91.127447][ T7021]  sock_alloc_send_pskb+0x435/0x4f0
[   91.132686][ T7021]  ? mntput+0x49/0x70
[   91.136783][ T7021]  tun_get_user+0xa33/0x24e0
[   91.141409][ T7021]  ? _parse_integer+0x27/0x30
[   91.146226][ T7021]  ? ref_tracker_alloc+0x1f5/0x2f0
[   91.151376][ T7021]  tun_chr_write_iter+0x188/0x240
[   91.156450][ T7021]  vfs_write+0x77f/0x920
[   91.160730][ T7021]  ? __pfx_kfree_link+0x10/0x10
[   91.165623][ T7021]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   91.171218][ T7021]  ksys_write+0xeb/0x1b0
[   91.175510][ T7021]  __x64_sys_write+0x42/0x50
[   91.180147][ T7021]  x64_sys_call+0x27dd/0x2d60
[   91.184915][ T7021]  do_syscall_64+0xc9/0x1c0
[   91.189452][ T7021]  ? clear_bhb_loop+0x55/0xb0
[   91.194146][ T7021]  ? clear_bhb_loop+0x55/0xb0
[   91.198849][ T7021]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.204829][ T7021] RIP: 0033:0x7fa544c9e719
[   91.209258][ T7021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.228894][ T7021] RSP: 002b:00007fa543917038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   91.237397][ T7021] RAX: ffffffffffffffda RBX: 00007fa544e55f80 RCX: 00007fa544c9e719
[   91.245404][ T7021] RDX: 000000000000fdef RSI: 00000000200004c0 RDI: 00000000000000c8
[   91.253393][ T7021] RBP: 00007fa543917090 R08: 0000000000000000 R09: 0000000000000000
[   91.261385][ T7021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.269645][ T7021] R13: 0000000000000000 R14: 00007fa544e55f80 R15: 00007ffd9306aff8
[   91.277719][ T7021]  </TASK>
[   91.283179][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.353301][ T7028] ebtables: ebtables: counters copy to user failed while replacing table
[   91.387238][ T7024] ebtables: ebtables: counters copy to user failed while replacing table
[   91.409443][ T7019] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.432632][ T7035] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   91.544771][ T7019] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.665187][ T7019] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.704574][ T7052] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.743256][ T6965] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.753548][ T7019] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.769084][ T6965] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.780166][ T6965] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.805861][ T7052] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.827782][ T6965] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.845828][ T7019] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.878090][ T7052] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.908218][ T7019] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.924720][ T7059] ebtables: ebtables: counters copy to user failed while replacing table
[   91.938871][ T7019] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.955694][ T7052] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.963789][ T7061] loop3: detected capacity change from 0 to 8192
[   91.979323][ T7019] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.005101][ T7071] loop4: detected capacity change from 0 to 512
[   92.029350][ T7071] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #12: comm syz.4.1252: corrupted in-inode xattr: invalid ea_ino
[   92.046885][ T7071] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.1252: couldn't read orphan inode 12 (err -117)
[   92.084101][ T7075] rdma_op ffff888114364580 conn xmit_rdma 0000000000000000
[   92.107763][ T7071] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.125592][ T7075] 9pnet_fd: p9_fd_create_tcp (7075): problem connecting socket to 127.0.0.1
[   92.134954][ T7075] netlink: 'syz.1.1253': attribute type 10 has an invalid length.
[   92.155341][ T7077] xt_CT: You must specify a L4 protocol and not use inversions on it
[   92.208671][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.235721][ T7081] ebtables: ebtables: counters copy to user failed while replacing table
[   92.272617][ T7081] __nla_validate_parse: 4 callbacks suppressed
[   92.272639][ T7081] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1256'.
[   92.304164][ T7094] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.356992][ T7103] bond1: entered promiscuous mode
[   92.362082][ T7103] bond1: entered allmulticast mode
[   92.367591][ T7103] 8021q: adding VLAN 0 to HW filter on device bond1
[   92.378308][ T7103] bond1 (unregistering): Released all slaves
[   92.388583][ T7094] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.402382][ T7098] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1261'.
[   92.466649][ T7094] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.499508][ T7112] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1266'.
[   92.530217][ T7120] rdma_op ffff8881166a0580 conn xmit_rdma 0000000000000000
[   92.546401][ T7094] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.575785][ T7125] ebtables: ebtables: counters copy to user failed while replacing table
[   92.593991][ T7131] netlink: 'syz.4.1267': attribute type 10 has an invalid length.
[   92.607696][ T7125] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1269'.
[   92.618842][ T7125] IPVS: Error joining to the multicast group
[   92.683215][ T7137] xt_CT: You must specify a L4 protocol and not use inversions on it
[   92.724850][ T7135] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.743865][ T7142] IPv6: Can't replace route, no match found
[   92.766672][ T7135] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.826393][ T7135] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.866716][ T7135] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.892425][ T7151] ebtables: ebtables: counters copy to user failed while replacing table
[   92.918104][ T7151] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1278'.
[   92.928806][ T7151] IPVS: Error joining to the multicast group
[   92.935306][ T7151] 9pnet_fd: Insufficient options for proto=fd
[   92.948837][ T7135] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.961194][ T7135] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.974389][ T7135] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.987393][ T7135] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.136829][ T7173] syz.0.1285[7173] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   93.136883][ T7173] syz.0.1285[7173] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   93.148551][ T7173] syz.0.1285[7173] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   93.167850][ T7173] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=7173 comm=syz.0.1285
[   93.376254][ T7120] 9pnet_fd: p9_fd_create_tcp (7120): problem connecting socket to 127.0.0.1
[   93.489771][ T7194] rdma_op ffff8881166a2580 conn xmit_rdma 0000000000000000
[   93.644306][ T7199] syz.0.1296[7199] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   93.644447][ T7199] syz.0.1296[7199] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   93.656054][ T7199] syz.0.1296[7199] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   93.675440][ T7199] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=7199 comm=syz.0.1296
[   93.760108][ T7205] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1299'.
[   93.914245][ T7213] bond1: entered promiscuous mode
[   93.919518][ T7213] bond1: entered allmulticast mode
[   93.925228][ T7213] 8021q: adding VLAN 0 to HW filter on device bond1
[   93.935808][ T7213] bond1 (unregistering): Released all slaves
[   94.013279][ T7222] Cannot find add_set index 0 as target
[   94.035473][ T7228] xt_CT: You must specify a L4 protocol and not use inversions on it
[   94.059447][ T7231] FAULT_INJECTION: forcing a failure.
[   94.059447][ T7231] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   94.080924][ T7231] CPU: 0 UID: 0 PID: 7231 Comm: syz.0.1310 Not tainted 6.12.0-rc6-syzkaller-00279-gde2f378f2b77 #0
[   94.091666][ T7231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   94.101766][ T7231] Call Trace:
[   94.105190][ T7231]  <TASK>
[   94.108158][ T7231]  dump_stack_lvl+0xf2/0x150
[   94.112769][ T7231]  dump_stack+0x15/0x20
[   94.116985][ T7231]  should_fail_ex+0x223/0x230
[   94.121685][ T7231]  should_fail+0xb/0x10
[   94.125903][ T7231]  should_fail_usercopy+0x1a/0x20
[   94.130987][ T7231]  _copy_from_user+0x1e/0xb0
[   94.135618][ T7231]  memdup_user+0x64/0xc0
[   94.139914][ T7231]  strndup_user+0x68/0xa0
[   94.144253][ T7231]  __se_sys_mount+0x4e/0x2d0
[   94.148909][ T7231]  ? __secure_computing+0x9f/0x1c0
[   94.154108][ T7231]  __x64_sys_mount+0x67/0x80
[   94.158713][ T7231]  x64_sys_call+0x203e/0x2d60
[   94.163479][ T7231]  do_syscall_64+0xc9/0x1c0
[   94.168028][ T7231]  ? clear_bhb_loop+0x55/0xb0
[   94.172739][ T7231]  ? clear_bhb_loop+0x55/0xb0
[   94.177494][ T7231]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.183436][ T7231] RIP: 0033:0x7fea8f70e719
[   94.187869][ T7231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.207643][ T7231] RSP: 002b:00007fea8e387038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   94.216095][ T7231] RAX: ffffffffffffffda RBX: 00007fea8f8c5f80 RCX: 00007fea8f70e719
[   94.224185][ T7231] RDX: 0000000020003000 RSI: 0000000020002fc0 RDI: 0000000020002f80
[   94.232207][ T7231] RBP: 00007fea8e387090 R08: 0000000020003040 R09: 0000000000000000
[   94.240208][ T7231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.248212][ T7231] R13: 0000000000000000 R14: 00007fea8f8c5f80 R15: 00007fffd3f6ee58
[   94.256221][ T7231]  </TASK>
[   94.320631][ T7194] 9pnet_fd: p9_fd_create_tcp (7194): problem connecting socket to 127.0.0.1
[   94.446387][ T7244] loop4: detected capacity change from 0 to 2048
[   94.471781][ T7244] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   94.526819][ T7244] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1314'.
[   94.547153][   T29] kauditd_printk_skb: 404 callbacks suppressed
[   94.547170][   T29] audit: type=1326 audit(1731218182.437:6001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7243 comm="syz.4.1314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa544c9e719 code=0x7ffc0000
[   94.630439][   T29] audit: type=1326 audit(1731218182.467:6002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7243 comm="syz.4.1314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fa544c9e719 code=0x7ffc0000
[   94.654027][   T29] audit: type=1326 audit(1731218182.467:6003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7243 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa544c9e719 code=0x7ffc0000
[   94.677093][   T29] audit: type=1326 audit(1731218182.467:6004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7243 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa544c9e719 code=0x7ffc0000
[   94.700057][   T29] audit: type=1326 audit(1731218182.467:6005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7243 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa544c9e719 code=0x7ffc0000
[   94.723069][   T29] audit: type=1326 audit(1731218182.467:6006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7243 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa544c9e719 code=0x7ffc0000
[   94.745984][   T29] audit: type=1326 audit(1731218182.467:6007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7243 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa544c9e719 code=0x7ffc0000
[   94.768923][   T29] audit: type=1326 audit(1731218182.467:6008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7243 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa544c9d0b0 code=0x7ffc0000
[   94.791881][   T29] audit: type=1326 audit(1731218182.467:6009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7243 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa544c9e719 code=0x7ffc0000
[   94.814873][   T29] audit: type=1326 audit(1731218182.467:6010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7243 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=81 compat=0 ip=0x7fa544c9e719 code=0x7ffc0000
[   94.834550][ T7255] FAULT_INJECTION: forcing a failure.
[   94.834550][ T7255] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   94.851050][ T7255] CPU: 0 UID: 0 PID: 7255 Comm: syz.1.1317 Not tainted 6.12.0-rc6-syzkaller-00279-gde2f378f2b77 #0
[   94.861787][ T7255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   94.871872][ T7255] Call Trace:
[   94.875213][ T7255]  <TASK>
[   94.878177][ T7255]  dump_stack_lvl+0xf2/0x150
[   94.879755][ T7052] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.882804][ T7255]  dump_stack+0x15/0x20
[   94.895212][ T7255]  should_fail_ex+0x223/0x230
[   94.900016][ T7255]  should_fail_alloc_page+0xfd/0x110
[   94.905404][ T7255]  __alloc_pages_noprof+0x109/0x340
[   94.910629][ T7255]  alloc_pages_mpol_noprof+0xb1/0x1e0
[   94.916058][ T7255]  folio_alloc_mpol_noprof+0x36/0x70
[   94.921370][ T7255]  shmem_get_folio_gfp+0x3d1/0xd90
[   94.926513][ T7255]  shmem_write_begin+0xa2/0x180
[   94.931390][ T7255]  generic_perform_write+0x1a8/0x4a0
[   94.936692][ T7255]  shmem_file_write_iter+0xc2/0xe0
[   94.941818][ T7255]  vfs_write+0x77f/0x920
[   94.946084][ T7255]  ? handle_mm_fault+0x170a/0x2aa0
[   94.951245][ T7255]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   94.957074][ T7255]  ksys_write+0xeb/0x1b0
[   94.961386][ T7255]  __x64_sys_write+0x42/0x50
[   94.966045][ T7255]  x64_sys_call+0x27dd/0x2d60
[   94.970849][ T7255]  do_syscall_64+0xc9/0x1c0
[   94.975383][ T7255]  ? clear_bhb_loop+0x55/0xb0
[   94.980080][ T7255]  ? clear_bhb_loop+0x55/0xb0
[   94.984852][ T7255]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.990775][ T7255] RIP: 0033:0x7f84eee2d1ff
[   94.995199][ T7255] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[   95.014844][ T7255] RSP: 002b:00007f84edaa0df0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   95.023349][ T7255] RAX: ffffffffffffffda RBX: 0000000000100000 RCX: 00007f84eee2d1ff
[   95.031336][ T7255] RDX: 0000000000100000 RSI: 00007f84e5681000 RDI: 0000000000000004
[   95.039322][ T7255] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000528
[   95.047332][ T7255] R10: 0000000020000602 R11: 0000000000000293 R12: 0000000000000004
[   95.055315][ T7255] R13: 00007f84edaa0ef0 R14: 00007f84edaa0eb0 R15: 00007f84e5681000
[   95.063306][ T7255]  </TASK>
[   95.069983][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.070386][ T7052] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.091107][ T7052] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.102433][ T7052] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.137331][ T7261] rdma_op ffff888115f6d980 conn xmit_rdma 0000000000000000
[   95.191518][ T7269] geneve0: entered allmulticast mode
[   95.211783][ T7271] loop4: detected capacity change from 0 to 256
[   95.218771][ T7273] netlink: 'syz.2.1320': attribute type 10 has an invalid length.
[   95.244570][ T7271] FAT-fs (loop4): Directory bread(block 64) failed
[   95.264206][ T7251] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.269210][ T7271] FAT-fs (loop4): Directory bread(block 65) failed
[   95.282680][ T7276] syz.1.1323[7276] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   95.282790][ T7276] syz.1.1323[7276] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   95.294597][ T7271] FAT-fs (loop4): Directory bread(block 66) failed
[   95.314526][ T7271] FAT-fs (loop4): Directory bread(block 67) failed
[   95.322294][ T7276] syz.1.1323[7276] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   95.322526][ T7271] FAT-fs (loop4): Directory bread(block 68) failed
[   95.343658][ T7251] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.344066][ T7271] FAT-fs (loop4): Directory bread(block 69) failed
[   95.361767][ T7271] FAT-fs (loop4): Directory bread(block 70) failed
[   95.368477][ T7271] FAT-fs (loop4): Directory bread(block 71) failed
[   95.375391][ T7271] FAT-fs (loop4): Directory bread(block 72) failed
[   95.382124][ T7271] FAT-fs (loop4): Directory bread(block 73) failed
[   95.394333][ T7276] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=7276 comm=syz.1.1323
[   95.428557][ T7251] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.480689][ T7278] ebtables: ebtables: counters copy to user failed while replacing table
[   95.501601][ T7251] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.518891][ T7278] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1325'.
[   95.532255][ T7286] loop4: detected capacity change from 0 to 128
[   95.540313][ T7278] IPVS: Error joining to the multicast group
[   95.624189][ T7289] xt_CT: You must specify a L4 protocol and not use inversions on it
[   95.748112][ T7291] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1328'.
[   95.844258][ T7296] loop4: detected capacity change from 0 to 512
[   95.863301][ T7296] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[   95.882894][ T7296] EXT4-fs (loop4): Errors on filesystem, clearing orphan list.
[   95.891107][ T7296] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.913882][ T7301] rdma_op ffff88810222d980 conn xmit_rdma 0000000000000000
[   95.984979][ T7261] 9pnet_fd: p9_fd_create_tcp (7261): problem connecting socket to 127.0.0.1
[   96.026070][ T7305] loop2: detected capacity change from 0 to 256
[   96.041155][ T7305] FAT-fs (loop2): Directory bread(block 64) failed
[   96.047925][ T7305] FAT-fs (loop2): Directory bread(block 65) failed
[   96.054619][ T7305] FAT-fs (loop2): Directory bread(block 66) failed
[   96.061258][ T7305] FAT-fs (loop2): Directory bread(block 67) failed
[   96.068023][ T7305] FAT-fs (loop2): Directory bread(block 68) failed
[   96.074620][ T7305] FAT-fs (loop2): Directory bread(block 69) failed
[   96.081291][ T7305] FAT-fs (loop2): Directory bread(block 70) failed
[   96.087981][ T7305] FAT-fs (loop2): Directory bread(block 71) failed
[   96.094689][ T7305] FAT-fs (loop2): Directory bread(block 72) failed
[   96.101367][ T7305] FAT-fs (loop2): Directory bread(block 73) failed
[   96.202179][ T7307] loop2: detected capacity change from 0 to 2048
[   96.310468][ T7094] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.322127][ T7094] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.334504][ T7094] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.347712][ T7308] xt_CT: No such helper "syz0"
[   96.359889][ T7094] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.392499][ T7311] loop3: detected capacity change from 0 to 512
[   96.399155][ T7311] EXT4-fs: Ignoring removed orlov option
[   96.406994][ T7311] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   96.426745][ T7311] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.439597][ T7311] ext4 filesystem being mounted at /208/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   96.472038][ T7311] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1336: bg 0: block 255: padding at end of block bitmap is not set
[   96.486697][ T7311] EXT4-fs (loop3): Remounting filesystem read-only
[   96.499569][ T7317] ebtables: ebtables: counters copy to user failed while replacing table
[   96.500107][ T7311] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=16
[   96.519351][ T7311] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=16
[   96.544089][ T7317] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1338'.
[   96.549631][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.596713][ T7324] ebtables: ebtables: counters copy to user failed while replacing table
[   96.629370][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.639986][ T7330] loop2: detected capacity change from 0 to 256
[   96.671125][ T7332] loop3: detected capacity change from 0 to 2048
[   96.685155][ T7330] FAT-fs (loop2): Directory bread(block 64) failed
[   96.691887][ T7330] FAT-fs (loop2): Directory bread(block 65) failed
[   96.696711][ T7332] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.698833][ T7330] FAT-fs (loop2): Directory bread(block 66) failed
[   96.717110][ T7330] FAT-fs (loop2): Directory bread(block 67) failed
[   96.723729][ T7330] FAT-fs (loop2): Directory bread(block 68) failed
[   96.730498][ T7330] FAT-fs (loop2): Directory bread(block 69) failed
[   96.737194][ T7330] FAT-fs (loop2): Directory bread(block 70) failed
[   96.743729][ T7330] FAT-fs (loop2): Directory bread(block 71) failed
[   96.750691][ T7330] FAT-fs (loop2): Directory bread(block 72) failed
[   96.750899][ T7301] 9pnet_fd: p9_fd_create_tcp (7301): problem connecting socket to 127.0.0.1
[   96.760309][ T7330] FAT-fs (loop2): Directory bread(block 73) failed
[   96.819764][ T7340] loop4: detected capacity change from 0 to 256
[   96.841324][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.870963][ T7340] FAT-fs (loop4): Directory bread(block 64) failed
[   96.887909][ T7340] FAT-fs (loop4): Directory bread(block 65) failed
[   96.897305][ T7345] ebtables: ebtables: counters copy to user failed while replacing table
[   96.911557][ T7349] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.923167][ T7340] FAT-fs (loop4): Directory bread(block 66) failed
[   96.932562][ T7340] FAT-fs (loop4): Directory bread(block 67) failed
[   96.954512][ T7340] FAT-fs (loop4): Directory bread(block 68) failed
[   96.961278][ T7345] IPVS: Error joining to the multicast group
[   96.983093][ T7340] FAT-fs (loop4): Directory bread(block 69) failed
[   96.991364][ T7340] FAT-fs (loop4): Directory bread(block 70) failed
[   96.991698][ T7349] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.997933][ T7340] FAT-fs (loop4): Directory bread(block 71) failed
[   96.997973][ T7340] FAT-fs (loop4): Directory bread(block 72) failed
[   97.021222][ T7340] FAT-fs (loop4): Directory bread(block 73) failed
[   97.076675][ T7349] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.121788][ T7349] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.145274][ T7361] ebtables: ebtables: counters copy to user failed while replacing table
[   97.203054][ T7374] rdma_op ffff888115fc4580 conn xmit_rdma 0000000000000000
[   97.221716][ T7377] xt_CT: You must specify a L4 protocol and not use inversions on it
[   97.236288][ T7379] loop2: detected capacity change from 0 to 256
[   97.259078][ T7381] FAULT_INJECTION: forcing a failure.
[   97.259078][ T7381] name failslab, interval 1, probability 0, space 0, times 0
[   97.259810][ T7379] FAT-fs (loop2): Directory bread(block 64) failed
[   97.271742][ T7381] CPU: 0 UID: 0 PID: 7381 Comm: syz.4.1356 Not tainted 6.12.0-rc6-syzkaller-00279-gde2f378f2b77 #0
[   97.271777][ T7381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   97.271792][ T7381] Call Trace:
[   97.271800][ T7381]  <TASK>
[   97.271808][ T7381]  dump_stack_lvl+0xf2/0x150
[   97.271841][ T7381]  dump_stack+0x15/0x20
[   97.280441][ T7379] FAT-fs (loop2): Directory bread(block 65) failed
[   97.288985][ T7381]  should_fail_ex+0x223/0x230
[   97.289032][ T7381]  ? __alloc_skb+0x10b/0x310
[   97.300170][ T7379] FAT-fs (loop2): Directory bread(block 66) failed
[   97.302367][ T7381]  should_failslab+0x8f/0xb0
[   97.305341][ T7379] FAT-fs (loop2): Directory bread(block 67) failed
[   97.305367][ T7379] FAT-fs (loop2): Directory bread(block 68) failed
[   97.309938][ T7381]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[   97.309984][ T7381]  __alloc_skb+0x10b/0x310
[   97.314319][ T7379] FAT-fs (loop2): Directory bread(block 69) failed
[   97.320679][ T7381]  alloc_uevent_skb+0x5b/0x120
[   97.320710][ T7381]  kobject_uevent_net_broadcast+0x242/0x420
[   97.320741][ T7381]  kobject_uevent_env+0x415/0x550
[   97.320767][ T7381]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[   97.328070][ T7379] FAT-fs (loop2): Directory bread(block 70) failed
[   97.330025][ T7381]  ? device_pm_check_callbacks+0x632/0x650
[   97.336720][ T7379] FAT-fs (loop2): Directory bread(block 71) failed
[   97.341103][ T7381]  kobject_uevent+0x1c/0x30
[   97.348037][ T7379] FAT-fs (loop2): Directory bread(block 72) failed
[   97.354088][ T7381]  device_del+0x6fa/0x780
[   97.360050][ T7379] FAT-fs (loop2): Directory bread(block 73) failed
[   97.364330][ T7381]  ? mntput+0x49/0x70
[   97.437380][ T7381]  device_unregister+0x15/0x40
[   97.442168][ T7381]  bdi_unregister+0x307/0x3a0
[   97.446946][ T7381]  del_gendisk+0x2f2/0x600
[   97.451442][ T7381]  loop_control_ioctl+0x3ae/0x440
[   97.456581][ T7381]  ? __pfx_loop_control_ioctl+0x10/0x10
[   97.462286][ T7381]  __se_sys_ioctl+0xcd/0x140
[   97.466908][ T7381]  __x64_sys_ioctl+0x43/0x50
[   97.471517][ T7381]  x64_sys_call+0x15cc/0x2d60
[   97.476219][ T7381]  do_syscall_64+0xc9/0x1c0
[   97.480728][ T7381]  ? clear_bhb_loop+0x55/0xb0
[   97.485438][ T7381]  ? clear_bhb_loop+0x55/0xb0
[   97.490115][ T7381]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.496064][ T7381] RIP: 0033:0x7fa544c9e719
[   97.500474][ T7381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.520104][ T7381] RSP: 002b:00007fa543917038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   97.528526][ T7381] RAX: ffffffffffffffda RBX: 00007fa544e55f80 RCX: 00007fa544c9e719
[   97.536537][ T7381] RDX: 0000000000000003 RSI: 0000000000004c81 RDI: 0000000000000003
[   97.544508][ T7381] RBP: 00007fa543917090 R08: 0000000000000000 R09: 0000000000000000
[   97.552532][ T7381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.560566][ T7381] R13: 0000000000000000 R14: 00007fa544e55f80 R15: 00007ffd9306aff8
[   97.568553][ T7381]  </TASK>
[   97.602747][ T7385] rdma_op ffff888114a21580 conn xmit_rdma 0000000000000000
[   97.663959][ T7388] netlink: 'syz.2.1357': attribute type 10 has an invalid length.
[   97.676851][ T7251] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.687933][ T7251] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.699515][ T7251] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.710753][ T7251] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.750484][ T7391] xt_CT: You must specify a L4 protocol and not use inversions on it
[   97.765187][ T7394] rdma_op ffff888115fc5d80 conn xmit_rdma 0000000000000000
[   98.035612][ T7374] 9pnet_fd: p9_fd_create_tcp (7374): problem connecting socket to 127.0.0.1
[   98.058003][ T7396] syz.1.1362[7396] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   98.068156][ T7396] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=7396 comm=syz.1.1362
[   98.434987][ T7385] 9pnet_fd: p9_fd_create_tcp (7385): problem connecting socket to 127.0.0.1
[   98.597979][ T7394] 9pnet_fd: p9_fd_create_tcp (7394): problem connecting socket to 127.0.0.1
[   98.618417][ T7424] loop4: detected capacity change from 0 to 256
[   98.643421][ T7424] FAT-fs (loop4): Directory bread(block 64) failed
[   98.650762][ T7424] FAT-fs (loop4): Directory bread(block 65) failed
[   98.657721][ T7424] FAT-fs (loop4): Directory bread(block 66) failed
[   98.665099][ T7424] FAT-fs (loop4): Directory bread(block 67) failed
[   98.673901][ T7424] FAT-fs (loop4): Directory bread(block 68) failed
[   98.681725][ T7424] FAT-fs (loop4): Directory bread(block 69) failed
[   98.688504][ T7424] FAT-fs (loop4): Directory bread(block 70) failed
[   98.695653][ T7424] FAT-fs (loop4): Directory bread(block 71) failed
[   98.705780][ T7424] FAT-fs (loop4): Directory bread(block 72) failed
[   98.712579][ T7424] FAT-fs (loop4): Directory bread(block 73) failed
[   98.721394][ T7421] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.733179][ T7431] __nla_validate_parse: 6 callbacks suppressed
[   98.733191][ T7431] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1374'.
[   98.766739][ T7421] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.808132][ T7421] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.830265][ T7440] xt_CT: You must specify a L4 protocol and not use inversions on it
[   98.856327][ T7421] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.869115][ T7443] loop4: detected capacity change from 0 to 512
[   98.883286][ T7443] EXT4-fs: Ignoring removed oldalloc option
[   98.901663][ T7443] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.1378: Parent and EA inode have the same ino 15
[   98.914255][ T7443] EXT4-fs (loop4): Remounting filesystem read-only
[   98.920997][ T7443] EXT4-fs warning (device loop4): ext4_evict_inode:259: couldn't mark inode dirty (err -5)
[   98.931287][ T7443] EXT4-fs (loop4): 1 orphan inode deleted
[   98.937454][ T7443] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.949622][ T7443] SELinux: (dev loop4, type ext4) getxattr errno 5
[   98.956851][ T7443] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.081135][ T7449] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1379'.
[   99.091859][ T7448] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1379'.
[   99.120234][ T7421] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.138367][ T7421] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.158479][ T7421] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.177625][ T7421] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.186998][ T7455] ebtables: ebtables: counters copy to user failed while replacing table
[   99.218052][ T7455] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1382'.
[   99.298744][ T7465] ebtables: ebtables: counters copy to user failed while replacing table
[   99.329331][ T7465] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1384'.
[   99.399561][ T7481] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=7481 comm=syz.4.1389
[   99.406902][ T7478] ebtables: ebtables: counters copy to user failed while replacing table
[   99.441060][ T7478] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1388'.
[   99.617202][ T7500] hub 2-0:1.0: USB hub found
[   99.622151][ T7500] hub 2-0:1.0: 8 ports detected
[   99.631920][ T7505] hub 2-0:1.0: USB hub found
[   99.637060][ T7505] hub 2-0:1.0: 8 ports detected
[   99.799105][   T29] kauditd_printk_skb: 387 callbacks suppressed
[   99.799120][   T29] audit: type=1326 audit(1731218187.687:6396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7512 comm="syz.0.1399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   99.828914][   T29] audit: type=1326 audit(1731218187.687:6397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7512 comm="syz.0.1399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   99.852401][   T29] audit: type=1326 audit(1731218187.687:6398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7512 comm="syz.0.1399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   99.875879][   T29] audit: type=1326 audit(1731218187.687:6399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7512 comm="syz.0.1399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   99.897283][ T7516] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1400'.
[   99.899471][   T29] audit: type=1326 audit(1731218187.687:6400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7512 comm="syz.0.1399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   99.911126][ T7515] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1400'.
[   99.931825][   T29] audit: type=1326 audit(1731218187.687:6401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7512 comm="syz.0.1399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   99.931862][   T29] audit: type=1326 audit(1731218187.687:6402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7512 comm="syz.0.1399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[   99.988129][   T29] audit: type=1326 audit(1731218187.687:6403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7512 comm="syz.0.1399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[  100.011597][   T29] audit: type=1326 audit(1731218187.687:6404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7512 comm="syz.0.1399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[  100.035041][   T29] audit: type=1326 audit(1731218187.687:6405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7512 comm="syz.0.1399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea8f70e719 code=0x7ffc0000
[  100.218104][ T7521] loop2: detected capacity change from 0 to 128
[  100.224841][ T7521] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  100.321425][ T7521] ==================================================================
[  100.329595][ T7521] BUG: KCSAN: data-race in __mark_inode_dirty / __mark_inode_dirty
[  100.337561][ T7521] 
[  100.339897][ T7521] write to 0xffff88810675ae28 of 4 bytes by task 7522 on cpu 1:
[  100.347553][ T7521]  __mark_inode_dirty+0x24e/0x7e0
[  100.352612][ T7521]  fat_update_time+0x1f5/0x210
[  100.357420][ T7521]  touch_atime+0x14f/0x350
[  100.361870][ T7521]  filemap_splice_read+0x8a5/0x910
[  100.367016][ T7521]  splice_direct_to_actor+0x269/0x670
[  100.372502][ T7521]  do_splice_direct+0xd7/0x150
[  100.377292][ T7521]  do_sendfile+0x39b/0x970
[  100.381732][ T7521]  __x64_sys_sendfile64+0x110/0x150
[  100.386968][ T7521]  x64_sys_call+0xed5/0x2d60
[  100.391588][ T7521]  do_syscall_64+0xc9/0x1c0
[  100.396123][ T7521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.402058][ T7521] 
[  100.404392][ T7521] read to 0xffff88810675ae28 of 4 bytes by task 7521 on cpu 0:
[  100.411957][ T7521]  __mark_inode_dirty+0x58/0x7e0
[  100.416936][ T7521]  fat_update_time+0x1f5/0x210
[  100.421732][ T7521]  touch_atime+0x14f/0x350
[  100.426173][ T7521]  filemap_splice_read+0x8a5/0x910
[  100.431332][ T7521]  splice_direct_to_actor+0x269/0x670
[  100.436921][ T7521]  do_splice_direct+0xd7/0x150
[  100.441741][ T7521]  do_sendfile+0x39b/0x970
[  100.446251][ T7521]  __x64_sys_sendfile64+0x110/0x150
[  100.451489][ T7521]  x64_sys_call+0xed5/0x2d60
[  100.456125][ T7521]  do_syscall_64+0xc9/0x1c0
[  100.460659][ T7521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.466602][ T7521] 
[  100.468953][ T7521] value changed: 0x00000000 -> 0x00000038
[  100.474731][ T7521] 
[  100.477068][ T7521] Reported by Kernel Concurrency Sanitizer on:
[  100.483230][ T7521] CPU: 0 UID: 0 PID: 7521 Comm: syz.2.1402 Not tainted 6.12.0-rc6-syzkaller-00279-gde2f378f2b77 #0
[  100.493933][ T7521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  100.504110][ T7521] ==================================================================
[  100.649745][ T7349] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.662803][ T7349] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.678004][ T7349] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.689860][ T7349] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.762774][ T7522] ==================================================================
[  100.770932][ T7522] BUG: KCSAN: data-race in filemap_splice_read / filemap_splice_read
[  100.779075][ T7522] 
[  100.781418][ T7522] write to 0xffff888110257d70 of 8 bytes by task 7521 on cpu 1:
[  100.789059][ T7522]  filemap_splice_read+0x6c4/0x910
[  100.794212][ T7522]  splice_direct_to_actor+0x269/0x670
[  100.799616][ T7522]  do_splice_direct+0xd7/0x150
[  100.804414][ T7522]  do_sendfile+0x39b/0x970
[  100.808896][ T7522]  __x64_sys_sendfile64+0x110/0x150
[  100.814133][ T7522]  x64_sys_call+0xed5/0x2d60
[  100.818744][ T7522]  do_syscall_64+0xc9/0x1c0
[  100.823271][ T7522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.829196][ T7522] 
[  100.831529][ T7522] write to 0xffff888110257d70 of 8 bytes by task 7522 on cpu 0:
[  100.839186][ T7522]  filemap_splice_read+0x6c4/0x910
[  100.844368][ T7522]  splice_direct_to_actor+0x269/0x670
[  100.849802][ T7522]  do_splice_direct+0xd7/0x150
[  100.854593][ T7522]  do_sendfile+0x39b/0x970
[  100.859044][ T7522]  __x64_sys_sendfile64+0x110/0x150
[  100.864270][ T7522]  x64_sys_call+0xed5/0x2d60
[  100.868899][ T7522]  do_syscall_64+0xc9/0x1c0
[  100.873438][ T7522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.879380][ T7522] 
[  100.881718][ T7522] value changed: 0x000000000000079d -> 0x000000000000079e
[  100.888843][ T7522] 
[  100.891185][ T7522] Reported by Kernel Concurrency Sanitizer on:
[  100.897345][ T7522] CPU: 0 UID: 0 PID: 7522 Comm: syz.2.1402 Not tainted 6.12.0-rc6-syzkaller-00279-gde2f378f2b77 #0
[  100.908062][ T7522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  100.918146][ T7522] ==================================================================
[  101.096649][   T56] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)