last executing test programs:

3.617754084s ago: executing program 1 (id=538):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020641700000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) (async)
r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f0000000240)='4', 0x1}], 0x1) (async)
add_key(&(0x7f0000000280)='rxrpc\x00', 0x0, &(0x7f0000000100)="0100000000000000e7ffff0ad4000000000000630b00c145", 0x18, 0xffffffffffffffff)
getpeername$packet(r1, &(0x7f0000000080)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000000c0)=0x14)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140)={0x2, 0x4, 0x8, 0x1, 0x80, r1, 0x9, '\x00', r2, r1, 0x1, 0x1, 0x4}, 0x50)

3.528307705s ago: executing program 1 (id=540):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000011c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000088500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6, 0xb6, 0x2, 0x9}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r4, 0xc0182101, &(0x7f0000000140)={0x0, 0x32, 0x7fff})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$USBDEVFS_FORBID_SUSPEND(r2, 0x5521)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r5}, 0x10)
syz_emit_ethernet(0x76, &(0x7f0000001800)={@link_local, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2, 0x0, @empty=0x1000000, @broadcast}, @timestamp_reply={0x11, 0xe0, 0x0, 0x300, 0x0, 0x10002, 0x0, 0x40}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r3}, 0x10)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r6, &(0x7f0000000180), 0x40010)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0202000311000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000bb000000000000000002000100000007000000000b000000000200090000000000000000000000000005000600000000000a00000000000000fe8800000000000000000000000000010000000000000000010018"], 0x88}}, 0x20000000)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)={0x114, 0x28, 0x1, 0x4, 0x25dfdbfc, "", [@nested={0x104, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2d}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82", @typed={0x4, 0xe9}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

3.454384807s ago: executing program 4 (id=544):
clock_gettime(0x0, &(0x7f0000000040)={<r0=>0x0, <r1=>0x0})
futex(&(0x7f0000000000)=0x1, 0x4, 0x2, &(0x7f0000000080)={r0, r1+60000000}, &(0x7f00000000c0), 0x1)
futex_waitv(&(0x7f00000007c0)=[{0x4, &(0x7f0000000100)=0x1000, 0x82}, {0x2, &(0x7f0000000140)=0x7, 0x82}, {0x6, &(0x7f0000000180)=0x1, 0x2}, {0x7, &(0x7f00000001c0)=0x8, 0x2}, {0x2, &(0x7f0000000200)=0x8, 0x2}, {0x7, &(0x7f0000000240)=0xb, 0x82}, {0x1, &(0x7f0000000280)=0x9, 0x82}, {0x7, &(0x7f00000002c0)=0x5, 0x82}, {0x6, &(0x7f0000000300), 0x82}, {0xa, &(0x7f0000000340)=0x4844c72b, 0x2}, {0x1, &(0x7f0000000380)=0x2, 0x2}, {0x0, &(0x7f00000003c0)=0xd2a3, 0x82}, {0x10001, &(0x7f0000000400)=0x8, 0x82}, {0x6, &(0x7f0000000440)=0x5a2, 0x82}, {0xe6, &(0x7f0000000480), 0x2}, {0x1, &(0x7f00000004c0)=0xffffffffffffff2a, 0x82}, {0x2, &(0x7f0000000500)=0x8, 0x2}, {0x7, &(0x7f0000000540)=0x1, 0x2}, {0x2, &(0x7f0000000580)=0x6, 0x82}, {0x1, &(0x7f00000005c0)=0xdbc6, 0x2}, {0x5, &(0x7f0000000600)=0x5, 0x82}, {0x7, &(0x7f0000000640)=0x1, 0x2}, {0x3, &(0x7f0000000680)=0xff, 0x82}, {0x8001, &(0x7f00000006c0)=0x7, 0x80}, {0x3, &(0x7f0000000700)=0x3, 0x2}, {0x4, &(0x7f0000000740)=0x6, 0x2}, {0x4, &(0x7f0000000780)=0x8, 0x82}], 0x1b, 0x0, &(0x7f0000000a80), 0xa36be3bdc2433f6)

3.397759467s ago: executing program 4 (id=546):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000440), 0x103940)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x4058534c, &(0x7f0000000180)={0x80, 0x2a, 0x3})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x4058534c, &(0x7f0000000040)={0x80, 0x18, 0x2, 0xfffffff7, 0x0, 0x9})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
sendfile(r3, r3, 0x0, 0x40000f63c)

2.750503648s ago: executing program 0 (id=556):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000003c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x5, 0x7fff0006}]})
syz_usb_connect$printer(0x3, 0x36, &(0x7f0000000080)=ANY=[], 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0xc6, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c2000000bbbbbbbbbbbb86dd6003000000903a00fe8000004000000000000000000000bbff0200000000070000000000000000010402907800000fff6055c0e400033cffff02000000000000000000000500000100000000000000000000ffffffffffff2b000400073009003a0a0405032800000001ff02000000000000000000000000000120010000000000000000000000000001ff0200000000004a927900000000000000000100000000000000000000000000000000711a19b20f735958c8a2028e7d4d454e828303895b297b723330e09703b4ac227e807f9f338bafdebb55c7c0381a9c34afa2347ab1f60efcff9e24c132442e22958d6053839926f3a99af3f3247a1a025a6082c07029692478eedea16570e3c33b3acf0c41d79776733f84685c03f3f1b789f96812101fc51da000000100f8bdedb97a1e5f614e9f6a5094d400"/341], 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000001c0)={'syztnl2\x00', &(0x7f0000000180)={'syztnl2\x00', 0x0, 0x80, 0x700, 0x10000, 0x8, {{0x6, 0x4, 0x2, 0x0, 0x18, 0x66, 0x0, 0x6, 0x2f, 0x0, @multicast1, @remote, {[@noop]}}}}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_io_uring_setup(0x2cdb, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r3=>0x0, 0x0)
syz_io_uring_submit(r3, 0x0, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x1a, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0, 0x0, 0x1})
mount$9p_unix(0x0, 0x0, &(0x7f0000000280), 0x808008, &(0x7f00000004c0)=ANY=[@ANYBLOB='trqyans=unix'])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x3)

2.663745149s ago: executing program 1 (id=559):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0xfffffffffffffffd}, 0x18)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01032757c38d085641a7260000000c000180080001"], 0x20}, 0x1, 0x0, 0x0, 0x20040005}, 0x0)

2.61889705s ago: executing program 1 (id=561):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x1000000000000)

2.522396181s ago: executing program 1 (id=562):
syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000040340000000000000800000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000357500007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
mount$nfs(&(0x7f0000000280)='$\x00', &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x40, &(0x7f0000000340)={[{'\x00'}, {}, {'].)*-$,./.@'}, {'.]\xda'}, {'\x00'}, {}], [{@smackfshat={'smackfshat', 0x3d, '/dev/input/event#\x00'}}, {@dont_measure}, {@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@obj_user={'obj_user', 0x3d, '\x00'}}, {@fsuuid={'fsuuid', 0x3d, {[0x63, 0x1, 0x30, 0x35, 0x35, 0x61, 0x34, 0x66], 0x2d, [0x33, 0x38, 0x36, 0x32], 0x2d, [0x63, 0x0, 0x65, 0x36], 0x2d, [0x30, 0x5, 0x33, 0x62], 0x2d, [0x39, 0x23, 0x62, 0x65, 0x64, 0x65, 0x65, 0x61]}}}, {@smackfstransmute={'smackfstransmute', 0x3d, '*'}}, {@audit}]})
r3 = socket(0x2a, 0x2, 0x0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newtfilter={0x90, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xfffa}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x60, 0x2, [@TCA_FLOWER_ACT={0x54, 0x3, [@m_connmark={0x50, 0x1, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xfffffff8, 0xfff, 0x0, 0x5, 0xb}, 0x3}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}, @TCA_FLOWER_FLAGS={0x8, 0x16, 0x12}]}}]}, 0x90}}, 0x24000000)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r6 = socket(0x10, 0x803, 0x0)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, &(0x7f0000000000)={0x1, 0x1, 0xc, 0xd, 0xc4, 0x0})
sendto(r6, &(0x7f00000005c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x20000090, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
sendmsg$nl_route_sched(r2, &(0x7f0000000f80)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001040)=@newtaction={0xf8, 0x30, 0xffff, 0x70bd25, 0x0, {}, [{0xe4, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x5, 0x0, 0x4, 0x0, {}, {0x0, 0x0, 0x0, 0x40}, 0x0, 0x0, 0x6}}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x48, 0x2, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}, @m_bpf={0x2c, 0x3, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xf8}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2982, 0x0)

2.485508032s ago: executing program 4 (id=564):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2(&(0x7f0000001440)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x1, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4, 0x0, 0xffffffffffffffff}, 0x18)
splice(r2, 0x0, r1, 0x0, 0x6, 0x0)
fcntl$setpipe(r1, 0x407, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
sendmsg$NFNL_MSG_CTHELPER_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000"], 0x14}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x13, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.144247907s ago: executing program 0 (id=572):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0xfffffffffffffffd}, 0x18)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01032757c38d085641a7260000000c000180080001"], 0x20}, 0x1, 0x0, 0x0, 0x20040005}, 0x0)

2.123729387s ago: executing program 0 (id=574):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_rdma(0x10, 0x3, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
accept4$x25(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000040)=0x12, 0x80800)
socket(0x10, 0x803, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r3, 0x0, 0x487, &(0x7f0000000000)={{0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e1f, 0x3, 'lc\x00', 0x4, 0x81, 0x5}, {@rand_addr=0x64010102, 0x4e26, 0x0, 0xcb, 0x12d5c, 0x12d5c}}, 0x44)
setsockopt$IP_VS_SO_SET_EDITDEST(r2, 0x0, 0x489, &(0x7f0000000380)={{0x84, @multicast1, 0x4e20, 0x3, 'sh\x00', 0x0, 0x60000000, 0xc}, {@rand_addr=0x64010102, 0x4e26, 0x12002, 0x3, 0x8001, 0x1}}, 0x44)
socket(0x400000000010, 0x3, 0x0)
r4 = socket$inet(0xa, 0x801, 0x84)
r5 = socket$inet(0xa, 0x801, 0x84)
listen(r5, 0xfffffffd)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r7}, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r8, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0xea5, './file0\x00'}})
listen(0xffffffffffffffff, 0xfffffffd)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
listen(r4, 0x8)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r10 = socket(0x400000000010, 0x3, 0x0)
r11 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfc, {0x0, 0x0, 0x0, r12, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x8, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x7, 0xa, 0x4}}}}]}, 0x44}}, 0x0)

1.410382588s ago: executing program 4 (id=586):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)={0x30, r1, 0xc4fc9e906872338b, 0x20, 0x200, {{0x15}, {@void, @val={0xc, 0x99, {0x40, 0x52}}}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x8, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4, 0x3, 0x0, 0x0}]}]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

1.390302078s ago: executing program 4 (id=588):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x10000}, 0x28)
r2 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x862b01)
write$char_usb(r2, &(0x7f0000000040)="e2", 0x2250)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000540)={@empty, 0x19})
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000e868495fb58d00b6ad1f50ad32d6ad25dfd73a015e0ca6a0f68a7d007dc6751dfb265a0e3ccae669e173a64bc1cfd514600650a58f145ff1205fc9ddaa275e687d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983cd44c05bd0a48dfe3e26e7a23129d6606ed28a69989d552af6d9a9df2c3af36e0360070011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a1a83109753f54b21cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b81a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a928903000000cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba739cd0c31b05c00fba8a4aee676d7caa2e53b91a68ff2e60da7b01a2e5785a238afa4aba70c08b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf78b04963d679d5a5d07e618a1ef9057fec00f9e93021f5a8d30e716de8cde9c6000000000c3b64d10f0939b42b33ab2a8717096c58bb3bb1d457d8bb96870f5a7e2ba31fd69bb80235d957eaa9a40b764e5381ffa604aaafb76a980e72b408f686b185736693089213b4e140f8f38e5589663115093889deb646122a5dc5a9e5ba4d37749a36b880110e2bf524b79bc91105f1d3f7d0de694a9417d68694f17ba5e27ea1cec518b93fadcfe0de010ae9be3273ff73c34b5695080a35bfa5c69e3b533e1b939c81b3beda037b7191cb0000000000000000000010e5d683b8938db5c305cf7e6e62a6890ba9e1f4ee64f8202b59de5036569febfaa95f4633db108b2f786333ec7bacc927f4a1785165b5d2444b4c022bb5cff472e6a0c8ee9d6d8df83b704669147b732ac508c9b9f0ca0a1ce45319d43d4643eb285835daf2065b57bebd61ad6671296c27253a5f9688d57c91ccd40ffe2dbc5dd1613a2e6f5b363cc8d205ce6ef3c3c6ded7dd3dfdb39008d8997213f68cdc971c1d6fdacb7729a5560880a77525e9cfb94ef1735dfe74e6b948697f7e3580436b532a82e315d56b17a5dba98436cc24babaae409f0aab0b40af116001bc85492455956e853ead08b5793d4ecf72378a3dfd9cc837b1c66212d9a2be8fd6341c2f837c7fe09924a51ec42912856cce3d3b2d092c80813aad03e1e63a655f4138730f302df339f30a4fbd453c9a0fba381d071ad7cb80a52bec572e29b0b9b55c235806b97e166609f8083ce776075c"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1, 0x2}, 0x10)
bind$tipc(r5, 0x0, 0x0)
close(r5)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
r7 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r7, 0x8008551d, 0x0)
inotify_add_watch(0xffffffffffffffff, 0x0, 0x42000773)
r8 = getpid()
sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x7)
socket$nl_audit(0x10, 0x3, 0x9)

1.240221411s ago: executing program 3 (id=590):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000004080)={{r1}, &(0x7f0000004000), &(0x7f0000004040)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r2, 0x0, 0x8000000000004}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4004110)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101804bc9555e1affd5020000000900010001797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000000009000300737975320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x480d5}, 0x0)
dup2(r0, r3)

1.206305871s ago: executing program 0 (id=591):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
r1 = syz_io_uring_setup(0x49f, &(0x7f0000001000)={0x0, 0x54eb, 0x0, 0x4, 0x40024e}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ffffffff850000002d00"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='kfree\x00', r4}, 0x10)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x318}, 0x0, 0x4040000})
io_uring_enter(r1, 0x3d0e, 0x4c1, 0x43, 0x0, 0x0)

1.195838392s ago: executing program 3 (id=592):
pipe(&(0x7f0000000200))
r0 = socket(0x2, 0x80805, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet(0x2, 0x2, 0x1)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
epoll_create1(0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f0000000040)={<r3=>0x0, 0x5, 0xf9f}, &(0x7f00000001c0)=0x8)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000280)={r3, 0xff, "a2a063e4585f20736ef04c01496615be1bf228827cb50fdfe2869c260bfb82b04a0084a69545b2ec1a81146fd1f1d44254301a48b8563dfbeb228a513f3a6a755b6a16d9174ffb57ccd85231e50ba75642f0c970bd421cfe386add9b8692d3885e8f0af196dbaefbd63fe332c7f5aebdc272d7497297d919e7b3b09948bacb172911334b275357dbccafd1733ceaeb6a3fd1441bcf4da61a45fd5309b3eb590de84fff6d00d0c1a5a3baa709d36e3c9f6d956237dcc9691d5e34a1509d7ee2c0531673367cab869c4e1e4d7aec7f9436ce5be469e69d1f8d63fd219e9262ac039b5dec6c57b03fa17f209d26fb93e283b5b232ed5066f5eab5aa5b50f3b2b4"}, &(0x7f00000003c0)=0x107)
socket$nl_rdma(0x10, 0x3, 0x14)
socket$packet(0x11, 0x3, 0x300)
socket(0x15, 0x5, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
fadvise64(r1, 0xffff, 0x6, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = signalfd4(r5, &(0x7f0000000400)={[0xffffffffffffffc0]}, 0x8, 0x80000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='afs_silly_rename\x00', r6, 0x0, 0x4}, 0x18)
clock_getres(0x6, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000000)=ANY=[@ANYRESOCT], 0x20)

1.116762693s ago: executing program 3 (id=593):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0xfcfa, &(0x7f0000000280)={&(0x7f0000000140)=@deltfilter={0x0, 0x2d, 0x200, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0x10}, {0x4, 0xe}, {0x4}}}, 0x24}}, 0x50)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b40000001000090400000000000000", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0xb4}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.111775543s ago: executing program 0 (id=594):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a0904000000000000000002000000400004803c0001800e000100696d6d656469617465000000280002801c000280180002800900020073797a300000000008000180fffffffc08000140000000000900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000ade12f2fa73f71645a34aff4e28b39f000baab7f6fc411a80d9646773e8aff1498f8fa7dcb8d2833e5615871597804ffa869cda152de46fe601f55cdac8f5c573f87122e454dbcf474e046b3f2d0d7d44a2a1c98c5821735782fd57540465ebf5063d5eda667730adba721f04ba1e942832661be47a2b678486a930500473ba949281c14a77ee"], 0x94}}, 0x0)
r0 = socket$kcm(0x2, 0x5, 0x84)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000001180)=@raw={'raw\x00', 0x8, 0x3, 0x4d8, 0x0, 0x11, 0x148, 0x0, 0x0, 0x440, 0x2a8, 0x2a8, 0x440, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x88000000, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}, {0x0, 0x0, 0x81}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x538)
sendmsg$inet(r2, &(0x7f0000000240)={&(0x7f0000000080)={0x2, 0x4e24, @multicast1}, 0x10, &(0x7f0000001100)=[{&(0x7f0000000540)="0be5e9e7d00d2edfcee82e17e782dd5f553a46a3e874ad4fb93bfe11229b468723993cda284020658be767a262573897735ecde7999ef5b9dcec465fcc72a00b177b83ad068fa311e3e66e9943a6a264c5fc2bee7c9f3c01ff3099d5480228eb183ea7aac1978e7b93dba064f414e257ef0b", 0x72}, {&(0x7f0000000740)="96eae1a224f180d9b3e1ba00affedf688e0b431c8a1fd3d0ce07d5fa464629145450d88e14edd01b3ac9294aeb606e9658227fdbde983cb50df0b9f09fe16dcbbdc5bcfd32a6c6", 0x47}, {&(0x7f0000000880)="272b21537b7eceb49fa499b455abe598d14c129bf2f38791621a127c79a2b8f59e4be600831b2c7f9a2f6b990b66c0d7303c91efff51027e1013af4139a5d62f18b4e740e0d8e996045e98ecaa8a54ed481bfd2fde7cf0e5301b2e85a08ab89dded996520e7f1273d57699944be046b0b4e35ce1030791d9d8653eb4316ff02dbe8c6dcad2f77d5d925480bd0f876aa0064bc63096473fdec6cf559ce21740a4ce747fbfac7204ccf797e648bb25d3b0f5e72dbb9fa4", 0xb6}, {&(0x7f0000000f40)="b9fdcce6ae30d08ff89fcb34cece082f0c05ef5bf3f1de23b5bd0c4ebeb04bcf4f0d5be261e066f4d715be3ca69b8547a91b06220655bf366c6472848c039ba9f71b4ee221d5d0704f31f6e18c4e71ad5aa599e40b7e89ce41afdeb3a5402229f9c8e4c7099bb56505880d89af73d234ff9b9174b84e556eaf541ef5c9369daa3e6b711bbc4879517d2bb95bbf479e759e10680424670da3dc93116ef4e940e6278b1ccd23e17d9f1fc7a8c79e87ac8369b314ea3915", 0xb6}, {&(0x7f0000001000)="61dd86365acac68a42ba3be73b92747f65a59166d9859114d48445a488a0f7cecf467bc11ad9dab1dcabeb34ad01a4761eadaefe6d8465f49ffa09ba23a8201f54863396f76b576c5ad48e2307e4e0c41dc8a2219f2e3de6c843edc68765d3c488e51c5264bccd94fdf69e386b12dd61c12eb6bea79e8903452cf103033bdbe39c847742f04f252f40d875140e341b1a7f2f85987f42f7032dbf7c47ef3e78773013d24c267398ec388a7d3f8f4742b0843eb4189cb5961071b0ab4bb121deff4b6049ec6cadae", 0xc7}, {&(0x7f00000016c0)="5a0fc2b44eebb57989d6a82628ac026af15f98851984039ba844d7e0d2db8f39c42f0e8f3ca888e47fdbe0c7b2bcb3cab2bab99b4f2fe9c696e52cb6a32eb49b1634265ce23e6290482041c08a9eba7e4b2ae78c95f2907954d39f7f5bc12c896b858560898ed22edf686ca52dc7faf8a91b122af18aa63adb349ff83d02d379905cc8a2bb94f4cb1fc7e1d7b107213e3170270f75ba9c830656520f1e6ba4", 0x9f}, {&(0x7f0000001780)="987fe23057dc65d962eb266e9a48bccecfb252bb28918452a1bede2dd2b9abb0b07640a8db346ac0fe1622d624280530b4b2ec58d6382c517f2d72c792255f487cbe0c81a73c19c2a71964770fee478a8e4df78d80d34c0ffafe95fd0548c66a8758bd6346f47b500f73036eb8e503cc934eb8e994ad94d7b8c9fcf81d529be84125d38a325e414129e25e5caad0e9a3e2b3d05fd282ad64a3ea636821b853bf43690f2164e861275ae505f89d63ef3529ef937fe9a0fbba", 0xb8}], 0x7}, 0x24000900)
sendmsg$inet(r0, &(0x7f0000000680)={&(0x7f0000000140)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000180)='W', 0x1}], 0x1}, 0x0)
r3 = socket$kcm(0x10, 0x5, 0x4)
recvmsg(r3, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x10000)
sendmsg$inet(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="5c00000014006b03000000d86e6c1d0002847ea622fb564500004e23e3f58e76110165f450e71b0075e3002500028d459e37000f0000000000bf9367b47e51f60a64c9f4d4938037e786a6d0bdd700"/92, 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r4, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x0, @private=0xa010104}, 0x10, 0x0, 0x0, &(0x7f0000000100)=[@cswp={0xc, 0x114, 0x7, {{}, 0x0, 0x0, 0x1, 0x10000, 0x2, 0xffffffffffffffff}}], 0x58}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYRESHEX, @ANYRES8=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{}, &(0x7f0000000600), &(0x7f0000000800)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x67, 0x52b, &(0x7f0000000a00)="$eJzs3V9rLGcZAPBnNrvHk3NymlS90IK12krOQc9u0tg2eFEriF4V1HpfY7IJIZtsyG7ak1BMDn4AQUQFr/TGG8EPIEjBGy9FKOi1oqKInuqFF9qR2Z1Nc5L913aTTZPfDybzvjPvzPO8G2Z2ZmeYCeDKeiIiXoiIt9I0vRMR0/n0Qj7EYXvI2r354LXlbEgiTV/6RxJJPq2zriQf38wXux4RX/tyxDeT03Ebe/sbS7VadSevV5qb25XG3v7d9c2ltepadWthYf7ZxecWn1mcG0k/b0XE81/8y/e/89MvPf/Lz7z6x5f/dvtbWVpT+fzj/XiHiv1mtrtean0WxxfYeZfBLqJiq4e5yW4tJk5NuX/GOQEA0F12jP/BiPhkRNyJ6ZjofzgLAAAAvA+ln5+K/yYRaXfXekwHAAAA3kcKrXtgk0I5vxdgKgqFcrl9D++H40ahVm80P71a391aad8rOxOlwup6rTqX3ys8E6Ukq8+3ym/Xnz5RX4iIRyPie9OTrXp5uV5bGfePHwAAAHBF3Dxx/v/v6fb5f8fBOJMDAAAARmdm3AkAAAAAZ27Y8/8bZ5wHAAAAcHZc/wcAAIBL7SsvvpgNaef91yuv7O1u1F+5u1JtbJQ3d5fLy/Wd7fJavb7Wembf5qD11er17c/G1u69SrPaaFYae9djs7671Xx5/aFXYAMAAADn6NGPv/77JCIOPzfZGjLXhlt0yGbARVU8KiX5uMtm/YdH2uM/n1NSwLmYGHcCwNgUx50AMDalcScAjF0yYH7Pm3d+k48/Mdp8AACA0Zv9aO/r/4W+Sx72nw1ceDZiuLpc/4erq3X9f9g7eR0swKVSGnQE0HebPxhxNsA4vOfr/wOl6TtKCAAAGLmp1pAUysVOvVAolyNutV4LUEpW12vVuYh4JCJ+N136QFafb7VMBp4zAAAAAAAAAAAAAAAAAAAAAAAAAABtaZpECgAAAFxqEYW/Jr9qP8t/dvqpqZO/D1xL/jMd+StCX/3RSz+4t9Rs7sxn0/95NL35w3z60+P4BQMAAACuhAEv8H9Y5zy9cx4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKP05oPXljvDecb9+xciYqZb/GJcb42vRykibvwrieKx5ZKImBhB/Mnsz0e6xU+ytI5Cdos/OYL4h/f7xo/D/FPoFv/mCOLDVfZ6tv95odv2V4gnWuPu218x4qH6u9V7/xdH+7+JHtv/rSFjPPbGzys949+PeKx4Kv5BFqETP+kR/8kh43/j6/v7vealP46Y7fr9k3SaZHvIqDQ3tyuNvf2765tLa9W16tbCwvyzi88tPrM4V1ldr1Xzv11jfPdjv3irX/9v9Ig/M6D/T51a27WuMf73xr0HH2oXS93i336yS/xf/yRvcTp+If/u+1RezubPdsqH7fJxj//st4/36/9Kj/4P+v/f7rXSE+589dt/GrIpAHAOGnv7G0u1WnXn0hays/QhG2dHZxciZ4XzKRyMdIVpmqbZNvUe1pPERfhYWoVx75kAAIBRe/ugf9yZAAAAAAAAAAAAAAAAAAAAwNV1Ho8TOxnz8KiUjOIR2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/H/AAAA///s19ky")
r6 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r7 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
write$binfmt_register(r7, &(0x7f0000000440)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x0, 0x3a, 'usrjquota=', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x32)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r6, 0x7, 0x0, 0x0, 0x0)

1.111070813s ago: executing program 3 (id=595):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200), 0x121001, 0x0)
ioctl$SNAPSHOT_FREE(r1, 0x3305)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000001480)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r4, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kmem_cache_free\x00', r5}, 0x18)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdfd0c365addb2123da800c00020007009400000000000c0800234d7f623e591a04d84115fddccb679c23b544cbe985a342fc0e04b66572f8d246a05425152e87cd52b686d378c0"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r8, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r9 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r9, &(0x7f0000001500), 0x12)
r10 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r10, 0x0, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000001980)=<r11=>0x0)
stat(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, <r12=>0x0})
chown(&(0x7f0000000280)='./file0\x00', r12, 0x0)
statx(0xffffffffffffff9c, &(0x7f00000019c0)='./file0\x00', 0x6000, 0x4, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000001b00)=<r13=>0x0)
r14 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r14, 0x1, 0x11, &(0x7f0000000040)={0x0, <r15=>0x0}, &(0x7f00000000c0)=0xc)
sendmsg$nl_generic(r14, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x28, 0x18, 0x1, 0x0, 0x0, {0x2}, [@typed={0x8, 0x800, 0x0, 0x0, @u32=0x4}, @nested={0xc, 0x8, 0x0, 0x1, [@typed={0x8, 0xc, 0x0, 0x0, @uid=r15}]}]}, 0x28}}, 0x0)
lstat(&(0x7f0000001b40)='./file0\x00', &(0x7f0000001b80)={0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0})
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001580)=@file={0x0, '.\x00'}, 0x6e, &(0x7f0000001940)=[{&(0x7f0000001600)="33f6dff262ac9890066b34592c84d50fe8a1104ea9ab0ef21352724b3132e944009be4b7392d4a076cfecabe11b6d2cf73bdf98a6f0d9c68bcef42dde2f024ddf0a745d992521f2fcd54a67b3ea0c4f5538108321e93c932f935008f9e138713de2b5a9b03775e68a1253a069e5331f4e50352f27139641be51bebfcbd992f4ea4411d7e66e27a6a77", 0x89}, {&(0x7f00000016c0)="c5a6dc809a0c40dbbf2eba3aa5297b879c97a38c3cce5a9871a96fd5570a22abda44851060e647cf23ee1e601f23beccfcfe00b8fb58ef36a7e8cdd361a67ccde21e37db53a70a77308ed55bd75115ade84dd48b4181cdfcea5b457a77de51f56fbf18cd3429aac4512fa38ac3c03dbd452fb80a4480addd9192062f952871b9fdf9da1403e56799f80f1d83288e40ea20aef6032face91ce4ee00af64651013f153ded44f05383b", 0xa8}, {&(0x7f0000001780)="fa9f6026ae76a7876ffe2f8a0d2489e8565d4fd1d70556ef75087b6f87ae405e4cc9d27639b67c672f5e8f0f913b7cbb93d885e7df2ee3bd15426cfefad25d7f56b4c57a7976969e4d2f5a2ef79f25055e19cfd2fc6ec0002476868685c9253f904bc2dc7256b5c3d14116bb1c99945bdd88248cbae0b79b7ccd51cc3664d846938a9cd60b317e86821e659dad411bc164007348d3fb83cc536e812b67f60bf74171a1422412d3c5f2b94de5e1569b8d404179577198a9576f3d540a954395e57335e79bf91c", 0xc6}, {&(0x7f0000001880)="63d37eeaee970c4cfb3ffa7e9af49724b8076361aaee6252ca33918016bf4ef3ec28b829f4ebb52ff75d8aee2683e137ce769a333d92aadc41a786ace6d63949550c70c6e71190e67c21206ac7dc9a414c452f847ac0ca6246bc6b764b83df236ce76ed23446d065b8fd2ca3be8c8c4fd16fddb83d496ecfe64bd118121727beb1272338271c65ec557e838b2f4866120a29e59e043c8dc24d5cadb5ec929ef1cbbb6019d8e8540ce5f13d1b121aaa17534948daaf62c7541389b42acd68", 0xbe}], 0x4, &(0x7f0000001c00)=[@rights={{0x14, 0x1, 0x1, [r6]}}, @cred={{0x1c, 0x1, 0x2, {r11, r12}}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, r2, r9, r7, r1, r10, r1, r8, r3, r5]}}, @cred={{0x1c, 0x1, 0x2, {r13, r15, r16}}}], 0x90, 0x1}, 0x24004000)
setsockopt$sock_int(r10, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x2, 0x12, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
close_range(r8, 0xffffffffffffffff, 0x0)

1.009933784s ago: executing program 3 (id=597):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = memfd_create(&(0x7f00000005c0)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f\x19\xf7]#\xed,\xc7\x11\tp\xf4\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4U\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96\r[n\xc6\x99\x1fr<\x06\xb3\xbcT\x00\xda6\x18/\x18', 0x0)
ftruncate(r1, 0x400000)
lseek(r1, 0x0, 0x3)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xe, 0x0, 0x7ffc1ffb}]})
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
set_mempolicy_home_node(&(0x7f0000349000/0xa000)=nil, 0xa000, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0xd, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r3}, 0x10)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x100)
ioctl$SNDRV_TIMER_IOCTL_STATUS32(r4, 0xc0f85403, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r5, 0xc0105500, &(0x7f0000000040)={0x0, 0x3, 0x1, 0x3, 0x0, 0x7, 0x0})

753.724649ms ago: executing program 3 (id=598):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a0904000000000000000002000000400004803c0001800e000100696d6d656469617465000000280002801c000280180002800900020073797a300000000008000180fffffffc08000140000000000900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000ade12f2fa73f71645a34aff4e28b39f000baab7f6fc411a80d9646773e8aff1498f8fa7dcb8d2833e5615871597804ffa869cda152de46fe601f55cdac8f5c573f87122e454dbcf474e046b3f2d0d7d44a2a1c98c5821735782fd57540465ebf5063d5eda667730adba721f04ba1e942832661be47a2b678486a930500473ba949281c14a77ee"], 0x94}}, 0x0)
r0 = socket$kcm(0x2, 0x5, 0x84)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000001180)=@raw={'raw\x00', 0x8, 0x3, 0x4d8, 0x0, 0x11, 0x148, 0x0, 0x0, 0x440, 0x2a8, 0x2a8, 0x440, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x88000000, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}, {0x0, 0x0, 0x81}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x538)
sendmsg$inet(r2, &(0x7f0000000240)={&(0x7f0000000080)={0x2, 0x4e24, @multicast1}, 0x10, &(0x7f0000001100)=[{&(0x7f0000000540)="0be5e9e7d00d2edfcee82e17e782dd5f553a46a3e874ad4fb93bfe11229b468723993cda284020658be767a262573897735ecde7999ef5b9dcec465fcc72a00b177b83ad068fa311e3e66e9943a6a264c5fc2bee7c9f3c01ff3099d5480228eb183ea7aac1978e7b93dba064f414e257ef0b", 0x72}, {&(0x7f0000000740)="96eae1a224f180d9b3e1ba00affedf688e0b431c8a1fd3d0ce07d5fa464629145450d88e14edd01b3ac9294aeb606e9658227fdbde983cb50df0b9f09fe16dcbbdc5bcfd32a6c6", 0x47}, {&(0x7f0000000880)="272b21537b7eceb49fa499b455abe598d14c129bf2f38791621a127c79a2b8f59e4be600831b2c7f9a2f6b990b66c0d7303c91efff51027e1013af4139a5d62f18b4e740e0d8e996045e98ecaa8a54ed481bfd2fde7cf0e5301b2e85a08ab89dded996520e7f1273d57699944be046b0b4e35ce1030791d9d8653eb4316ff02dbe8c6dcad2f77d5d925480bd0f876aa0064bc63096473fdec6cf559ce21740a4ce747fbfac7204ccf797e648bb25d3b0f5e72dbb9fa4", 0xb6}, {&(0x7f0000000f40)="b9fdcce6ae30d08ff89fcb34cece082f0c05ef5bf3f1de23b5bd0c4ebeb04bcf4f0d5be261e066f4d715be3ca69b8547a91b06220655bf366c6472848c039ba9f71b4ee221d5d0704f31f6e18c4e71ad5aa599e40b7e89ce41afdeb3a5402229f9c8e4c7099bb56505880d89af73d234ff9b9174b84e556eaf541ef5c9369daa3e6b711bbc4879517d2bb95bbf479e759e10680424670da3dc93116ef4e940e6278b1ccd23e17d9f1fc7a8c79e87ac8369b314ea3915", 0xb6}, {&(0x7f0000001000)="61dd86365acac68a42ba3be73b92747f65a59166d9859114d48445a488a0f7cecf467bc11ad9dab1dcabeb34ad01a4761eadaefe6d8465f49ffa09ba23a8201f54863396f76b576c5ad48e2307e4e0c41dc8a2219f2e3de6c843edc68765d3c488e51c5264bccd94fdf69e386b12dd61c12eb6bea79e8903452cf103033bdbe39c847742f04f252f40d875140e341b1a7f2f85987f42f7032dbf7c47ef3e78773013d24c267398ec388a7d3f8f4742b0843eb4189cb5961071b0ab4bb121deff4b6049ec6cadae", 0xc7}, {&(0x7f00000016c0)="5a0fc2b44eebb57989d6a82628ac026af15f98851984039ba844d7e0d2db8f39c42f0e8f3ca888e47fdbe0c7b2bcb3cab2bab99b4f2fe9c696e52cb6a32eb49b1634265ce23e6290482041c08a9eba7e4b2ae78c95f2907954d39f7f5bc12c896b858560898ed22edf686ca52dc7faf8a91b122af18aa63adb349ff83d02d379905cc8a2bb94f4cb1fc7e1d7b107213e3170270f75ba9c830656520f1e6ba4", 0x9f}, {&(0x7f0000001780)="987fe23057dc65d962eb266e9a48bccecfb252bb28918452a1bede2dd2b9abb0b07640a8db346ac0fe1622d624280530b4b2ec58d6382c517f2d72c792255f487cbe0c81a73c19c2a71964770fee478a8e4df78d80d34c0ffafe95fd0548c66a8758bd6346f47b500f73036eb8e503cc934eb8e994ad94d7b8c9fcf81d529be84125d38a325e414129e25e5caad0e9a3e2b3d05fd282ad64a3ea636821b853bf43690f2164e861275ae505f89d63ef3529ef937fe9a0fbba", 0xb8}], 0x7}, 0x24000900)
sendmsg$inet(r0, &(0x7f0000000680)={&(0x7f0000000140)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000180)='W', 0x1}], 0x1}, 0x0)
r3 = socket$kcm(0x10, 0x5, 0x4)
recvmsg(r3, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x10000)
sendmsg$inet(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="5c00000014006b03000000d86e6c1d0002847ea622fb564500004e23e3f58e76110165f450e71b0075e3002500028d459e37000f0000000000bf9367b47e51f60a64c9f4d4938037e786a6d0bdd700"/92, 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r4, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x0, @private=0xa010104}, 0x10, 0x0, 0x0, &(0x7f0000000100)=[@cswp={0xc, 0x114, 0x7, {{}, 0x0, 0x0, 0x1, 0x10000, 0x2, 0xffffffffffffffff}}], 0x58}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYRESHEX, @ANYRES8=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{}, &(0x7f0000000600), &(0x7f0000000800)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x67, 0x52b, &(0x7f0000000a00)="$eJzs3V9rLGcZAPBnNrvHk3NymlS90IK12krOQc9u0tg2eFEriF4V1HpfY7IJIZtsyG7ak1BMDn4AQUQFr/TGG8EPIEjBGy9FKOi1oqKInuqFF9qR2Z1Nc5L913aTTZPfDybzvjPvzPO8G2Z2ZmeYCeDKeiIiXoiIt9I0vRMR0/n0Qj7EYXvI2r354LXlbEgiTV/6RxJJPq2zriQf38wXux4RX/tyxDeT03Ebe/sbS7VadSevV5qb25XG3v7d9c2ltepadWthYf7ZxecWn1mcG0k/b0XE81/8y/e/89MvPf/Lz7z6x5f/dvtbWVpT+fzj/XiHiv1mtrtean0WxxfYeZfBLqJiq4e5yW4tJk5NuX/GOQEA0F12jP/BiPhkRNyJ6ZjofzgLAAAAvA+ln5+K/yYRaXfXekwHAAAA3kcKrXtgk0I5vxdgKgqFcrl9D++H40ahVm80P71a391aad8rOxOlwup6rTqX3ys8E6Ukq8+3ym/Xnz5RX4iIRyPie9OTrXp5uV5bGfePHwAAAHBF3Dxx/v/v6fb5f8fBOJMDAAAARmdm3AkAAAAAZ27Y8/8bZ5wHAAAAcHZc/wcAAIBL7SsvvpgNaef91yuv7O1u1F+5u1JtbJQ3d5fLy/Wd7fJavb7Wembf5qD11er17c/G1u69SrPaaFYae9djs7671Xx5/aFXYAMAAADn6NGPv/77JCIOPzfZGjLXhlt0yGbARVU8KiX5uMtm/YdH2uM/n1NSwLmYGHcCwNgUx50AMDalcScAjF0yYH7Pm3d+k48/Mdp8AACA0Zv9aO/r/4W+Sx72nw1ceDZiuLpc/4erq3X9f9g7eR0swKVSGnQE0HebPxhxNsA4vOfr/wOl6TtKCAAAGLmp1pAUysVOvVAolyNutV4LUEpW12vVuYh4JCJ+N136QFafb7VMBp4zAAAAAAAAAAAAAAAAAAAAAAAAAABtaZpECgAAAFxqEYW/Jr9qP8t/dvqpqZO/D1xL/jMd+StCX/3RSz+4t9Rs7sxn0/95NL35w3z60+P4BQMAAACuhAEv8H9Y5zy9cx4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKP05oPXljvDecb9+xciYqZb/GJcb42vRykibvwrieKx5ZKImBhB/Mnsz0e6xU+ytI5Cdos/OYL4h/f7xo/D/FPoFv/mCOLDVfZ6tv95odv2V4gnWuPu218x4qH6u9V7/xdH+7+JHtv/rSFjPPbGzys949+PeKx4Kv5BFqETP+kR/8kh43/j6/v7vealP46Y7fr9k3SaZHvIqDQ3tyuNvf2765tLa9W16tbCwvyzi88tPrM4V1ldr1Xzv11jfPdjv3irX/9v9Ig/M6D/T51a27WuMf73xr0HH2oXS93i336yS/xf/yRvcTp+If/u+1RezubPdsqH7fJxj//st4/36/9Kj/4P+v/f7rXSE+589dt/GrIpAHAOGnv7G0u1WnXn0hays/QhG2dHZxciZ4XzKRyMdIVpmqbZNvUe1pPERfhYWoVx75kAAIBRe/ugf9yZAAAAAAAAAAAAAAAAAAAAwNV1Ho8TOxnz8KiUjOIR2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/H/AAAA///s19ky")
r6 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r7 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
write$binfmt_register(r7, &(0x7f0000000440)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x0, 0x3a, 'usrjquota=', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x32)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r6, 0x7, 0x0, 0x0, 0x0)

689.75225ms ago: executing program 1 (id=600):
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0e00000004000000080000000800000000000000", @ANYRES32, @ANYBLOB="00010000000000000000000000000000c904f6b7cf53768e24260c00000200", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000800000000300"/28], 0x48)
clock_gettime(0xfffffffffffffff6, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000140))
fcntl$lock(r0, 0x24, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
r2 = dup2(r0, r1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000005c0)='cpuset.memory_pressure\x00', 0x275a, 0x0)
gettid()
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f0000000040)})
wait4(0x0, 0x0, 0x4, 0x0)
syz_clone3(&(0x7f0000000280)={0x80000000, &(0x7f0000000080)=<r3=>0xffffffffffffffff, &(0x7f00000000c0), 0x0, {0x25}, &(0x7f0000000140)=""/97, 0x61, &(0x7f00000001c0)=""/70, &(0x7f0000000240)=[0xffffffffffffffff], 0x1}, 0x58)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRESDEC=r0], &(0x7f0000000440)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000580)='fsi_master_acf_cmd_abs_addr\x00', r2, 0x0, 0x400000005}, 0x18)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/profiling', 0x22042, 0x0)
write$binfmt_misc(r5, &(0x7f0000000000), 0xfffffecc)
splice(r4, 0x0, r6, 0x0, 0xbfd1, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r7}, 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x0, 0x0, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r8}, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r6, 0x560a, &(0x7f0000000080)={0x4, 0x0, 0x4, 0x4, 0x4})
openat$rfkill(0xffffff9c, &(0x7f0000000180), 0xc81, 0x0)
write$rfkill(r1, &(0x7f0000000080)={0x5, 0x8, 0x3, 0x1}, 0x8)
accept4$packet(r4, 0x0, 0x0, 0x800)
waitid$P_PIDFD(0x3, r3, 0x0, 0x1, &(0x7f0000000380))
mount$cgroup(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x20100c0, &(0x7f0000000340)={[{@none}, {@subsystem='hugetlb'}]})

493.342123ms ago: executing program 2 (id=604):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
r1 = syz_io_uring_setup(0x49f, &(0x7f0000001000)={0x0, 0x54eb, 0x0, 0x4, 0x40024e}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ffffffff850000002d00"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='kfree\x00', r4}, 0x10)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x318}, 0x0, 0x4040000})
io_uring_enter(r1, 0x3d0e, 0x4c1, 0x43, 0x0, 0x0)

479.287673ms ago: executing program 4 (id=605):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x8}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
socket$packet(0x11, 0x3, 0x300)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x2001}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000800), r2)
r3 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff})
pipe(&(0x7f00000008c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
socket$packet(0x11, 0x3, 0x300)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
r9 = socket(0x1e, 0x2, 0x0)
sendmsg$tipc(r9, &(0x7f0000000200)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x8}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x24040014}, 0x4000000)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000880)={0x4, &(0x7f0000000840)=[{0x2, 0xf4, 0x9, 0x5}, {0xfff9, 0xb2, 0x4, 0xf613}, {0x4, 0x6, 0xf3, 0x8}, {0x4, 0xde, 0xe, 0x8}]})
splice(r4, 0x0, r6, 0x0, 0x7, 0x9)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x3c1, 0x3, 0x3a8, 0x1c8, 0xc8, 0x8, 0x0, 0x5803, 0x2d8, 0x2e8, 0x2e8, 0x2d8, 0x2e8, 0x3, 0x0, {[{{@ipv6={@local, @private1, [0xffffff00, 0xff000000], [0xff, 0x34da508f3e8fb0eb, 0xff000000, 0xff], 'veth0_to_batadv\x00', 'veth1_to_team\x00', {0xff}, {0xff}, 0x0, 0x7, 0x7, 0x1d}, 0x0, 0x190, 0x1c8, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x100, 'bm\x00', "cfcaf80c672f61cd17ae5119b5135c2aee0500000000000000ecef50c1234e082555f67222476147864fa03182f5cf11d8c348cbd06d7d4e252c3394fed47bf78c70f607b0178fa5ea3350ebc989f1f34a214e67442ce98bbaa8e0f7323a4ca0a7be6c60c527bac2b500", 0x1, 0x3}}, @common=@hl={{0x28}, {0x3, 0x11}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x3, 0x4, 0x7}, {0x3, 0x3, 0x6}, {0x1, 0x1, 0x2}, 0x3, 0x29b}}}, {{@ipv6={@remote, @loopback, [], [], 'macvtap0\x00', 'syzkaller1\x00', {}, {0xff}, 0x16, 0x0, 0x2}, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00', {0xfffffffffffffffd}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3fc)
r10 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r6, 0x89f2, &(0x7f00000007c0)={'ip6_vti0\x00', &(0x7f0000000740)={'ip6gre0\x00', <r11=>0x0, 0x2f, 0x7, 0x3, 0x6, 0x10, @ipv4={'\x00', '\xff\xff', @loopback}, @empty, 0x80, 0x80, 0x2}})
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r11, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r12}, 0x10)
write$P9_RWRITE(r6, &(0x7f0000000040)={0xb, 0x77, 0x87}, 0x10c00)
read(r5, &(0x7f0000032440)=""/102364, 0x18fdc)

430.367014ms ago: executing program 2 (id=606):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0xfcfa, &(0x7f0000000280)={&(0x7f0000000140)=@deltfilter={0x0, 0x2d, 0x200, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0x10}, {0x4, 0xe}, {0x4}}}, 0x24}}, 0x50)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b40000001000090400000000000000", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0xb4}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

388.318955ms ago: executing program 2 (id=607):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200), 0x121001, 0x0)
ioctl$SNAPSHOT_FREE(r1, 0x3305)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000001480)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r4, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kmem_cache_free\x00', r5}, 0x18)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdfd0c365addb2123da800c00020007009400000000000c0800234d7f623e591a04d84115fddccb679c23b544cbe985a342fc0e04b66572f8d246a05425152e87cd52b686d378c0"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r8, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r9 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r9, &(0x7f0000001500), 0x12)
r10 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r10, 0x0, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000001980)=<r11=>0x0)
stat(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, <r12=>0x0})
chown(&(0x7f0000000280)='./file0\x00', r12, 0x0)
statx(0xffffffffffffff9c, &(0x7f00000019c0)='./file0\x00', 0x6000, 0x4, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000001b00)=<r13=>0x0)
r14 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r14, 0x1, 0x11, &(0x7f0000000040)={0x0, <r15=>0x0}, &(0x7f00000000c0)=0xc)
sendmsg$nl_generic(r14, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x28, 0x18, 0x1, 0x0, 0x0, {0x2}, [@typed={0x8, 0x800, 0x0, 0x0, @u32=0x4}, @nested={0xc, 0x8, 0x0, 0x1, [@typed={0x8, 0xc, 0x0, 0x0, @uid=r15}]}]}, 0x28}}, 0x0)
lstat(&(0x7f0000001b40)='./file0\x00', &(0x7f0000001b80)={0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0})
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001cc0)={&(0x7f0000001580)=@file={0x0, '.\x00'}, 0x6e, &(0x7f0000001940)=[{&(0x7f0000001600)="33f6dff262ac9890066b34592c84d50fe8a1104ea9ab0ef21352724b3132e944009be4b7392d4a076cfecabe11b6d2cf73bdf98a6f0d9c68bcef42dde2f024ddf0a745d992521f2fcd54a67b3ea0c4f5538108321e93c932f935008f9e138713de2b5a9b03775e68a1253a069e5331f4e50352f27139641be51bebfcbd992f4ea4411d7e66e27a6a77", 0x89}, {&(0x7f00000016c0)="c5a6dc809a0c40dbbf2eba3aa5297b879c97a38c3cce5a9871a96fd5570a22abda44851060e647cf23ee1e601f23beccfcfe00b8fb58ef36a7e8cdd361a67ccde21e37db53a70a77308ed55bd75115ade84dd48b4181cdfcea5b457a77de51f56fbf18cd3429aac4512fa38ac3c03dbd452fb80a4480addd9192062f952871b9fdf9da1403e56799f80f1d83288e40ea20aef6032face91ce4ee00af64651013f153ded44f05383b", 0xa8}, {&(0x7f0000001780)="fa9f6026ae76a7876ffe2f8a0d2489e8565d4fd1d70556ef75087b6f87ae405e4cc9d27639b67c672f5e8f0f913b7cbb93d885e7df2ee3bd15426cfefad25d7f56b4c57a7976969e4d2f5a2ef79f25055e19cfd2fc6ec0002476868685c9253f904bc2dc7256b5c3d14116bb1c99945bdd88248cbae0b79b7ccd51cc3664d846938a9cd60b317e86821e659dad411bc164007348d3fb83cc536e812b67f60bf74171a1422412d3c5f2b94de5e1569b8d404179577198a9576f3d540a954395e57335e79bf91c", 0xc6}, {&(0x7f0000001880)="63d37eeaee970c4cfb3ffa7e9af49724b8076361aaee6252ca33918016bf4ef3ec28b829f4ebb52ff75d8aee2683e137ce769a333d92aadc41a786ace6d63949550c70c6e71190e67c21206ac7dc9a414c452f847ac0ca6246bc6b764b83df236ce76ed23446d065b8fd2ca3be8c8c4fd16fddb83d496ecfe64bd118121727beb1272338271c65ec557e838b2f4866120a29e59e043c8dc24d5cadb5ec929ef1cbbb6019d8e8540ce5f13d1b121aaa17534948daaf62c7541389b42acd68", 0xbe}], 0x4, &(0x7f0000001c00)=[@rights={{0x14, 0x1, 0x1, [r6]}}, @cred={{0x1c, 0x1, 0x2, {r11, r12}}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, r2, r9, r7, r1, r10, r1, r8, r3, r5]}}, @cred={{0x1c, 0x1, 0x2, {r13, r15, r16}}}], 0x90, 0x1}, 0x24004000)
setsockopt$sock_int(r10, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x2, 0x12, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
close_range(r8, 0xffffffffffffffff, 0x0)

344.538845ms ago: executing program 2 (id=608):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setxattr$incfs_metadata(0x0, 0x0, 0x0, 0x0, 0x1)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)=ANY=[@ANYRES32=r4, @ANYRES32=r3, @ANYBLOB='&\x00'/11, @ANYRES32], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
recvmsg$unix(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x0) (fail_nth: 10)
sendmsg$inet(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x0)

26.86628ms ago: executing program 2 (id=609):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r2, &(0x7f0000000000)={0x18, 0x2, {0xffff, @multicast1}}, 0x1e)
connect$pptp(r2, &(0x7f0000000040)={0x18, 0x2, {0x0, @empty}}, 0x1e)
accept(0xffffffffffffffff, &(0x7f0000000080)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000100)=0x80)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)={0x30, 0x0, 0xc4fc9e906872338b, 0x20, 0x200, {{0x15}, {@void, @val={0xc, 0x99, {0x40, 0x52}}}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x8, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4, 0x3, 0x0, 0x0}]}]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

25.56881ms ago: executing program 0 (id=610):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)={0x30, r1, 0xc4fc9e906872338b, 0x20, 0x200, {{0x15}, {@void, @val={0xc, 0x99, {0x40, 0x52}}}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x8, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4, 0x3, 0x0, 0x0}]}]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

0s ago: executing program 2 (id=611):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='sched_switch\x00'}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x100006, 0x220104, 0xe2a4, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000001940), 0x2000cc0, r1}, 0x38)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x1b, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240), 0x0, 0x2, r1}, 0x38)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_emit_ethernet(0x5a, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000008004e00004c0000000000059078ac1e0001ac141434441405030000000000000000ac14142b00003ffc890bceffffff00000000004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c00000190780000"], 0x0)
pipe2(&(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
symlink(&(0x7f0000002a00)='./file0\x00', &(0x7f0000002a40)='./file0/file0\x00')
ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f0000000000)=<r5=>0x0)
sendmmsg$sock(r3, &(0x7f0000000340)=[{{&(0x7f00000001c0)=@nfc={0x27, r5, 0x0, 0x3}, 0x80, &(0x7f0000000640)=[{&(0x7f00000002c0)="e0cd9b9b757cc219ae10acd24a352c11d8976d87df2663d22826d213f62d251c1beda0df7ef17430d720f7794595fa9874472c99e766203738a0d34bede331be02e59143a2b8017041a3eb4f40b3d31842b3089c6ba1770a9baa11b1d54a0522f0b9d7", 0x63}, {&(0x7f0000000a00)="87d581533556545fc1402f91adb6affd43e05210e4d660a113ca702957cee92b0069466f6509a6db32039aa807a6cb93aadea16139c07e991a27bb9af094edc81e76393a0f5b654d80a8a6f944c7254ee3ee2a74074ce74a7555bfeecac69faf73d2b17cebf0d993ae3b6da90368a92432e8f63390063987f6f4d479583050a46351868a222a8f94f90ab69e9c648e36b1246c03f9dd296f8e6bfe226bb16a7d76c367e40c396c932e8feb63d4e63f2b3879f6a74b300246d7e5243b90e53fb6ee19f6d8d3b98f1d1f2350f3a9e0620a0ef8e5be4c98f65bd53a0c8ff115e734a08119474b0a467af096f3daa5916a8709e8e7cd1dbcdb9f4588549df41f4120985f15ed73daff79d2d1e9d46c09500fd345a89dc44b5ad65a6df596ac06511b165d2b8a794a7b3ce643d3508aa98fbae8b4a3b4ddd032f2be12bd652a21ceddf6b8edb4068ee561e7c515be00058ad7f78935246d65e574af74fc94381bb221f7506305a6e1b5f01778d0657b0f9d790b0e09615060d6c0c21c425cfcb27e8639e1d45a0351dc500e9171838e07f2ff9cfeab3c38994374bb2324d9efeb7f3f0c006317f77dc6f1e86cd1f49e5303e0a04d55c4aa8b23d2c5e0d24d5eef7bff9cafa6f2f4cdc8c05224efd1982e3069eedbdbafd99c1f1bb69e2cf0bf8b90394646f70a30d1be018f9d371cc3c7bd5c4b3bbdc676b1f989ddd0648e761b0d2da1b7f994a068f108b11d1fc124d446a5f2c186e70069072596edbf8ab4eafac440aa659f1609e1556fceb4222f936d71524efeffd5672dadfae92865932d61912b2a578f041e84050b01c5c60295c345e79263fe65dbd8ea84d87eed259f8812ac79dd6a7ac2c4a6b5df06aa4be819f501496147dc0682c8bb88a12833643b9ee3527e6e6af73b08c35dc54a03c8462964da420d1a81eaf778ca2b61187bcf1176d639bb979de7c41d611c68a0143a632e37746b63dec83b47a85b9bbb3e0376b352ca41b5831ed20e338ad6b60813ade792e337f92e55beb4279d4701e8d293ba7465feda683118256c3cc8544dc1425db249f0e75a414c6d8dbfa3ce2d45341fb220caffe3452718c9343975b54745a6975e44c5a2afc9edd659b0a7638a34bee99a59a190862748e6e1696a16f509bd2569b2380d64b78f7c5ea53716c70df26b954a0a1ce11e43eec4cef6feb56a7a12f8754bdfbdc98d5f9ebae643b55ca5fc7fd7d96555abbc6dadeaf676ae5b585416a1b6d5991f14aa75b2b19c032f532dd4db915842680c8ed82cd1c31e245286065c3f9ceafa1a81c2ef6cd2a53de2518e489c00e3d2bc8d892c66a253c79babfaa6217c1297381af55584533631b4913c1b4c19cfe0b3170dd6ab58b80f85bcb31ba18b44e0ef51908788348e4d8ebbede789d57e645026aa2b4ff4e86f9266b19e971dddec3b4a462cb4d38dcd42c0ca416dae4c29b93e825ef7d10de6817477ca5522b60a08eb169228f0b4e3f54c8a53118d6302eddda7f2ded7cd780f9a9973f6c1ab3dc575d6a0f4fa4f3b50b4309983f60ff454c798216df4721349b0320cfb04a5bfeea87c3aea032b562273a698de3de76ee7ad21c28e2ce8a81d2be48041e08aeb997bf861d5f13aee06bef42dab972a08eec9cca4461e0e567e522da942bf053d5134f36c5a3355494eaa150a7ac3a2f5fbe047c4852f178ccf4550f42474eb67ab3b7aafccefb5ff4078167568e623c7763ec4413d9d49377b15d91921cee28a68553f413ae6f69b61042b1e12dd94073db49c944fcf5ef228d1c9076873cdf62e7c87c2a61e065e45cc22483b7fe1fa4d58b2e741ee37bb05b72c2e1f36ea93d214d93e9cfa48c1384cb62c4e74f5c53e93c1cc9b3b9e9c76d9848481664c18298a25a9dab16b88ed759873dc27d9d1aa023e2aeeb63cacee99a518f4c5437c81146a664fb32992c5697b31ef402bbe8822e1f2f03149d1ee80b76b3b8d06d545405dc8261961a792b7858510c708d3d27ae46277cafbf8146f702c3a104fba854c6f03bb0d2c01c2149c37c623dd492b1603e96a0f9dcf5c462061e9378c2f55999a2d073b8bbd894e1c29597920a7d5582571257a4b0d54571acc4b01053772ebf176de41cd9c654ff06b716437ee1841821005590a492267606abbfcd8ae8900a30866f40c4043b71965084c468984b8a9ee65f9e6a10a3f7244c54e161a1443ae373a771feb4c41d37847ef169eabe0ea85965409cd7dec6757b79255e416cf1a4a0129882c5763c00d5affca9c3ed4b6749ec320feef9e133091b914151bf02ef2fe7b847f6db8db13c641effcba047261385d99ab073d34d054a54b34a99fb509e3a5143f1e78d4c9f99e90f4b2ec333ba0f39271412b2b7b47bc05cd48a81bd85dc7064bad4509f4224904a3811d6edcf82e2176b1f420973b6be2ccf1a850eded9566c04302dffe9fd1a673dc765c285aefe3a9e96dce5d0ae465b923cdb9fa63606951cb4885c663760af4003f903794ec974cef92f9322a77a189230caddc435aa259f43772da2d5df2d38ed0c429387e81db8594ab3edaf3b4f1c4fe6775dd1bf9271920b5db2ae8168c59d985ebd583af9b00255bf4472a797ef3ea22256b8def6bd2a90a79354c9a9398b3636a195f1cb0fd216b298127f6f919c5975d93a42265ca12e74faf72b4626eced76fe03536893799e6fb49b1d4c11094420e5c801ed2f7bd698245496a89c76a6b504481418b18a3fc553045b7b97fd7960eed0c7c7fe6da9f07a3208dafd086d3098f9a74f4e5525dfeb966c686b7eb84be8f21c0e6e02c2510d767296aeed29b411e36675441fb6e1b8ca5a6ebb43a3e8241bb9776616ef3df2512b73734073031c55e587ec13c74c0d6b2308f416f434b45c0ed59608bcabf5607c0cd9f26f518ebe12afea014995c11ba8d476c28fecb64c43c0a2aa2bd05b8fa9b8949ea708cf028294e7f34ec01dd2f1f88784a4f632ca32014eaf191cc597e1892bf76fb277e76d712d23213c6760dfa23933cbbca5e259f606717877475c7b07ab2c2b3fc577a452ca53d56ac9dc68dc9a61c0611e6002183cb0a122eea5f4f7fa2fb19d963654e9cbe5e1521159a2d8159e2b56d7accad99efd9b05655fbe2f58e354c34d10d0a6b1efa0b30c1b836a99fff79d2841319e1acc065243fa862808a2a4dbc1b29cdc82314fd7ab6239cd309a4db7ee7337585cc15c468ba1c9a58d8e776df76d42cd8a18dea3a9b2ae000e04fe08df8cbaa05c3cb30970adb56b1adaf4c3b7966369f4e8022062b38d3b176f013e3ad52a26d018013382db82e69bdc95158bb486d2578f8ffc7e91eb4be5703e5d4ec597af49604fa5077e82420c70882e450c4ef0fa7e424bb44fb073b9f6d523f8221d0cc49450c412368e189f35765f348e00125f41255616829b975791937901851a15f4c5b198094b353e6a32b07db95959b21a926ff595864de436ac421856753d02045c9d74b6daf2dc634bc4ccfcc967dabbb5a02327e4bf5fbba2593dfd8f373d47d0549baa3761aa478776e5a07bb9c517b93bbaed5136a7314cd38a93c3afbc4868d9742c320ac633d75f51f0028bf8e28c96af5ad71d619306ef663ebf35413b340958d5b29d9b087b3586f276dc08f5820c9e9fdd0610e9d326edc5d3a4d16cb7490fa6d54a3c2841131321a14a6e368709b9fded3a4e2a4fc4b931352becf946bd825d9a055e8c68734aa3245d73b310bc4d103a77865900b54c7a43d1e4f9a71a37ac204c8a66295853e21ac2070e0e3a11efbb0af4eb2f123c9b784eb2bc7b1170e5c03b3025fe9a627b9419f2194395cf6b0b43ccb31f38f347eb5aa86123af358d770f79db966eb9ffb3f65a352598f4d5968d2c003f086aaf46cf6e4c242ce77fa2fc5a7bd6e22ea5a1e1f1812d3b2e7813040c1c07e88555b283e675c8dc1a50e24930c6f2ea69b0f8bd7ba229baeacddf1a20545f3e270ecaec2ae67d920bff09066644f7ca2c771f55e720ebe70564691d379af0085dd82414e6c50bd4408926050ec38eaee8a052b03712bc9ee461d0a27ac675f8f1865909a72f82dd955bb782c7cca1adbc267402b5f5c7ea6744fb9a13637a6152d76dd4b9b0661a3cead59582515dd47ce2ddbdc6ccfbd78cfb296b63e9675783390c31a22f1f41cced72a1a6d170349df1225aa6324c779012c10c10a0544bd9281333636258f89d3dfd4d504d4b3d7dff96dc5526a36f53753deac960b0ba56ec0cc0bafe85f9ab3b63af2c61868e4cf8bf691eaf718a436a1b3a43ec0f4ff3a3bfb7e6c742b54469bd417e3ecc8591debf74ae88d5be6190aec67fed090b30eeee0ab1d84fae61c5c0ab8d7c291c2af066a597d09690b9e0ae58b2189e25c7bbae4cadc78577913cd60364bf01e5b8d981f93ca000b6c191cfcd465ba71942bc501ef89fec20cb267ca6d65225c7f8f41241ec23b632287c691925ceac07ec6b5bb54dea0f10c019e296a28e990163c9a366da3bbd04ba19f0e68f65783b9a5087af2a8e160b7e62355583a50c8a7924836a682938c93fba27b0cbe6963975d32d0f43ecffcec53a182f988923aeff0d7596e6741ea608c7a5739660f287a7c1c17bc5fc40eb1b83b1b850f2b904ac61ae03dec928a7d96636688a4b73b329c547621599c0f27003a55b50328661cb87bda1c12a5d02204fbd7a048d77cfcd8d3967d5d2280b3be8a018a2064bb2faf4d5383fd76134840842ecbbbc7493cb71bfd4f1cbfd8e105cdd08c488faccdb69adafddcb02a3ffa440d21f6ca7974b6b6d786ef58c1b17b3db0084393610da3b69cbc1124ad6fe9a40ad0b35904cd6c3d03d2859b5c2213172df5e1d98d88efbc142e629c1148529371a31a296e6e997ee9a3bd6100d9dd01effba1e0460dbfd00beb1d72d0a7d5f04b02c09adfe10d22e2a99fb06ce24f73cff7d7d94525fe9e5e3051bd75703c0d43b8312ea76765ce22f475c8e5b90de6d37c4e4356f6a858f9848c1c3cdd634ff25a1c84a4c4db8a35022ee0af5955c07ed39fa8011b44c1fed9452016105311fc5fbb47e6f99debb11142a12fa301d8d1dc75fcaf5bf54698e8e89418b7069d3798952c0a29f07b58036c5d11c7fe7a77f5e324ac18c8adade84734630e83b9710f4d3d8ee708b2184771080471dacf5bf10ebe24975fad00bf144a3fdbbc67a5afd8d4476ffc8462ba400c0bc9ccf45de193451bb3d3d79781dbefa7fa2df9a24e7fc4350943d386f1a6ba162515b3cabd943884fc07b811b4a3c9cd1af6dad655b5127572d2c0bf94eae07e820fa05eb1241d1a6f223141a4e502d3f3a8e0062ce298580cdbbaf33dd043ca770e65776ba2c245e4019c3bc6b0461486581c4fc9d4d1fcfbff234aa265edd42201b9a82daae42c360c1130b895ba73aafcd0cd3d3d023f5f4d15b63da9420c69b2d60a84f2f537d7d1f65a19532d02bc1e581237eb9e772b780d02f8acf745d1f3222246c42677d044d1b84595f6dba82b65021bad1f56486c3ecf0684565c6449d86f7537b4594763e3cf2aec412a096cb270a4c88abbfc6bf62a5ee295fefd66bdf1c6139404f6bd5007603154544b4efabf18a9dc81d2cfd026b341b3d1adc7fd86eadd2c91eca31ed163a2d0f9106923d5c1870dac3ab2de3f000c657a4858a6e219e9172019296f7cd1b9975068271a70110a29ea87ad2604c6404124e60ad5d6e805702147c8f0e855dae18b1d0b800991951130de63eb3ff827b01ff2884818f0aa1adfbccb0b0f68143595aa124dbc68c78ac53a59eebbd068", 0x1000}, {&(0x7f00000004c0)}, {&(0x7f00000005c0)="26ddbd5e44a7e0b6e83c52dfac2456ac3b7a641b4fe18e10f006a1d1d53e9dca190d3797749fe2c2f5cb15cc5e9dce03208db27c8ba0f94893b8a54a70fee185e2fae86b9a93a0d23bf545a324f8aa3e6f8f04f8f1e9", 0x56}, {&(0x7f0000001a00)="96c1aeee6131fef97f5e38e1ba9b16f5bf3f2df2bca932773e9543ce14f77dea0bd663c9122824f89ff6648c316aa199ee4c0036e676a4030e88b0c0a8c15733041a8680ca2a1ff4f57eee8d2e473fced70485f4747a8418a35ebe45fb8b0a38cc4127bde41aad69ee02c52b5be96b98eb46b8c8e19dc2939e628850833dc444090c2dd5ae448881b3767d6de7528497b0ae875069dd6f3ba81003121181ea4949a6f4a1c3694ff227446ca5ec5b113110b0171c9ca5e0d8f9ac8e85f8e99487950450659701823d271e82ecb3835f0a0070c5a696c5ab7754c016d775ab473d3d23bcae7887e52339b622f95c599199fce0bfbb82090a6f6aa80e7061d4e2f721ff1b7a0cfd1b5fb658f4e147c3f7d7e3a242b780f6422ed7e24a78dae14c36e8478845e366c412330aa05237282d13941e231f31dab3ea32f8e51f5c9a6c3e5c0c18c8dcfefacd410c34f5c8a3e00a7b7b1015bc7ec57c909b73d95d0f8025de7af65a55efbd1a3727d150d51174dfe2ed26a5fdb08297bc497c9913802dbbc954f0f16ba54cfc2fa7cda165aad82bf47f5265006b633579e68b727fb36e6ac392eb15360a5555ecea13e226047c374ee4444a28b6870de69a5ac019a99e2c84d67607bfd9fbd622792947f2e08e57dcfc3d5d39bf6e96d7c5dae82f1f2aa1dfe035da8b167150843c73b42cc0f78874ee20126966b76c40d6424cb6391ef3b55964bbbfd92fe82dc8edb65117bc1e4901ab3fd1b93995c4d2a8d67057b3fe78b47780554a1050666f57e95b9cd7174bb4a62614e68652c4b095404c7fbce6b8df8f2201b6bdadd29e9378c02ed56184ff3110731b6d89d13afe1d0b136977cb2a697146bb7744dbc97d2d7574053f650b6db2048766fbaf7bf6e54853fb80b545b639cd21a9218d20d5ad03b4191c08ca8bd76710a85a85e0687662bcdddd467aff1c90205f58b46773b9b9be81456e48866090bb22f9b4ab300f6d303c497876a22965d520750facc6b5a985428a723c9f58a4826d9938abcaac85b625976309d1eca2c141220c5533c13ab3b6db4f66319eb8fa521960874f8535160a412f688fe47bb959dfb0ad7b2ea7c76b2fa4cd760161a0b12995bc4de59fe59f52229a67434154f660b347be5c5acf62b46e3e5b0e4600c265107c47cc95a3d9143b07631fadfa0ac009e6a9f29ade19b8c6789b112b0c262755e10ff54da326f7609f7a3e0e8e7b23e2c51b45e103eb4d190de2e96889e94e262542570fc1aaed87ed515019c999990550cd2d0e76668f9ed865e814810bdb1a733f324770f37529209268d561ddea67b9d6311a43c65958568fbc9a559df0f42740d1c93ae460c065a3db4f4ed5592185fc0520e20f1e379f1c9fdae76cdcbf8b46d935d7400bde632d0afdf07e9d41054c2f575ee21916b56fd15705f7ba0898c7b275a81d7a6d3b7c67a80e4f3e047469758ab24e582574b3b89a02c63f790a6d95d846f3f0061bd436db5c76d4a3be0440c62e3d7c4e60f7a102afeace268d2fee7b84704195a418e625b75046a18431738d8d2b4d035c1acd8664674b964b33602bb9d2ce112b335beb5bf454f04298600d09c16ff80cdf4bf747233ff58b9c8c9d94016302918e373479d950be7d0f9df4e6d9f5a22e136637a01c5e499b901aadca5d1f6f2efa669fd12ede7aaeeb00601dd177755a30068342ebae2466d7e14584ba9283c1c8d677119978ba7255b545cf7a496c2d17a863b64a84d5186b44581b62c464edd9eac18309fafc95394a8e4ff348d56a3a951aa54b047da97cafeb343c289316d2fff2b75eab217b528170f7ee8cc3f49c0c23ca0704ea3583d7a6c7fbc7cfc79d188eba78d5ec3fc0161a1bd0662da67379b849f6ae7f6d6b8af6ebc5a085204d9a6244d1f7235a4f69a1325fc0a7c642d0e177d1b1cdf00a678997ce5bb693409586df4318f8127ada2797e8769b872c94fb9c8489103e273746ac5ce40a6050209feea8d787b4e7f65bff4970a15d9fd438f6dee9cd054aa440cdfb15fd064dc16041602545f38d2bf8c68223970a402672c5f983bf89a339a386143217f0993e95fe65ce7440abb8e430d1d4a065ab31606160c09efcc96577efbd0137bd7e3172fd5050d4a24579bbbfab019dc9d6ed6bcc5e236d3bc781ba81c51d6868d20ff7f890b3be53da96f3b28d947f23d26d548fa853d3624d1bbb5457aff167d0ec5bf8242889e63aa4b9b5e63266eb677800fb9637613218f5ed5a27afc95ab1716a37e637b4cb9cc2e9d904dc56f4f1a59f5afeda90eb0cc512bfadcdfb232eebde30b6d62537669419d8f0f3cf6a4bda984c1fbd2365a753201b88ef9270bd08f172712848157eee668328aa45020152d08abccf65b7a2627acc40de14ba44c58c883c806efe79d7326c1bff7118d3d425c78cf6717853b9e4cb95934fca662b826719e9c657e9b04264f60d3ff63b9086b93e5b5910cc494de693d3652e9ddfaa39b11f3dae99bd4c51e55f2f4b24b5d18e5b99eb65bdf34318de1b30983075be99abd9d1593b289e8bf93a78996f5651e3a6b51995351f1aad44115647fa4a7fee0762c5291792eb359ec4dc091033a2a57dfa40f42a93c01c7a4a203fd528fb09f692cc9a7da645e1a3fd1904f0cc17b63b64e1317b88f7250298f229f4e35cfd062056e26c7dbc004b70c1973051b6e634a00ba90e0c5b149fc0bb6d83d99510220bfce37cc16ef082b59506e97551e721f095b49f75d92b24aeca929c6497a281e029b5204495da8ce8a5578b253c5e3a0a707866026f00c7d192b1ad5ab369df8509eb527b51cd41311b7b5f61c807f12a27ee8f305d9f49016d8f16db7e2e90c51040062849965635310503d5d588237f258853da8b4866e3667d0c84f632b3a08d7890b6bac63b752670bfa23ab71d6a627592deafb2be102b11d70454b7b11bf5c54e1a50ec82e57702785aabe0aea65e8e8f8f82a837d5825b3a8231f2f5529d866ee5526c1d1814f62c40f55a2d63ce941c37280afe0c66ec13e7c4a769f9b7bcc76e3a85ba81bcc59748730451da82a3fe28d214af3dd892838b4adb0fbe87464dc8c2414705ab22e583d42c48833e15d8691c969f4c10477754ac371fd5bc3177884edd087ba2bc373cbe957c11cb367a330443a8870bd4426956f3345f41d70c7fda60f3963bdd8c46a6d22602eab03f7396d9bcd4a2d98350d3392f3940a6dcf5b385498f036ee2e7653bfdf57cb3a381f48a746bf075ca8f5e1208917d9e608546a647d7fb3951324c83292418e0327581505a8a408c9b410a54a1e3c24c25d543a6c0fd0767a15dbd92130b2bc20f9c00e3bfe71414e123945dffec54f84cdce068086721a6100c108c8ce0b75a7ab2fe30884db0446bebdaa033febd0abcbac3214577a5d54264cb6b5c838feddce21c7f9610c9b60f16377a6616049935e95d71d88c46e8c62630c7d54fb3b2da0ee43d8c6745814be08ccabe151ebcbc1d4bbf93b95000138e0ae89b000637ba6ead5076fba597a0943ac4b6d2f338b4373350b36a1f3c26f94f8b93400850e468947920af04bfb72257c9de23e56671ae64188e52da8c4ed437f429c4eddf1cb521d83313229fd27989e61b27aa9df8395c81721ac27b9b06ed981d7909e4a1cf850e77d989a993059b2c0932106b5b8342c38175069fee6448fb7fc9d2517c82748da72d8c1e42208c4d58234c32ea58325719f0ec17e9b7acb7dc2474a8d3d725464c6ee42d2a073fc42d19594810347839a6aebe6fe7a6a3f70b967450e96b6d813270887dd9971c7d875248dd072cce9e650d134111bbf6e621c5a49328b89295475be7816af718261972d621982c7a0155a05d72c1413ab92e8da93af3e4284accf9a563e8d83573e153bdcea6f4f368d232c03cdf13988b9e3875f260864be28d8bfca3c770d45e491a875618a6a9db7fccd2e9428c4e9f4d1d39bed08d4403659e9951e0fb0c56cae6f665686a932953d6cf59db900f06f8e75d25d0fd7c04097eee05e4f1f922f75f5116637c3079a5b3b715f03ad8c22ef3e250def25cff97244f8aefc29d7835bf6fae473008be1caa9b6e05a75b8a43d5d7efb4dfe2a7c20966b7a647cab44959c2d42d1a7e6d1e48a8365f778b68e946fa8bbe9184d2c4e63b59b1f1fa45dbcde299262c112d7e39d72adb972a2f88b314577a08108d857921f565a518f6d276bef17009219afc6801f78d7b84a506d1cd51d3965d024f06e5c95d9ce16eb8ec9765f5b7066dc172cfe8c8b34492f7704199b0c2748a789be8d052178effa1a3d2abdbbdf7246ed473c2c9f838aaaefccc6164fce43643c54d1dc9cf560db46bd9f5dc1b4dd8bdb59eade0eae3a857d11eb0d316bb0924f86d70ee1555c5d8ec1f115c034d306f28ba14fe347c8d6200af357ef8f65128a9726e374703b7e6145a54fe430bea5172b09d5f27b7c73c239f8b6468083cd13f4a6ee78f8e77b2ee72d028106054c1858401be94e0e72e523e64a4b328f546a7f23c3bfba3949afab1560f00550648cb8629befaed7a0ead1e5e1c9bbab95a0a57194a68e58253d4e5ffb0ac5f2a7e72900bac115df41a471e92c9954f6d09e1952cfecd40b1bf601add854cd004b10d76cc6f0193ec042c3d80d1633838dd4aefa980e431cbe4404e49c67f60d9988cddf98b49fdafc54637fa646d523e7f5655deb9e21e511d851e658edefe39d7a1370f5e0489859a5da6cdd904661ad263198785155ec5fc14a0c4a5c77e8e3be5344d8386a1f4fd4ede7f98a8e6dbbb6bcb8284d393c6a8ea56c8db27d4751dfb92b5fa86e650d41fd32be143477089ebc391996b7e82ad338807f6f7915b13a19826fef695875e101443cda51569d2b08a69f2b7b6d8468068a2e0d52ccda9febde27613bed2877d4b90486bffec2a975575ec5b7222397e5b668f2459d763f6795cc1a5f229582ac499de92542234e429365377c6a64edd1c4cac47036eb6b117f5a4893529f7b9ecd96f0a1f94eaec6728be6a466fbae6c663ade391b672b475cb40aa13ba7ef998c851d70de652b981429fa33fd0258437a70385084fa7814de35a3d872523ead6f2fbebe14e40bc6a95ab4073427232c39c84df71278ca14ce23bcaa855353eae50861952f72924b5876511864297cff9ba3d90cc55b02f2d957abc7e42c3754bbac5bf5e173a6b185c8451939abcae15af472f1b04262898a47b7d14d554cce35c1db200b6548011863c54bb6d737e2270471bd584928dc4899e6f4519d8f6b5e69ad62655771c6cf5297acaa5e6e2d149d45356515edb35b49da322ae45d90abfce97602b16ad6460eb501da417cbfaedaa3fe616a7b9e5e7cb335ef4f88c41c1ffd53d4916a8ed53f1471ed024a90ffbdac411686071162522abe5541cd945e3fe689cecc1c9cebf33262d668e64f84875b0018b58e2c52e53fc9759174416003d53f212303dae4cb09aef46863ec85c3ecbf0925cb789da963f2d776eafb39500bc184f727c4accc66c958c95838775d0e7f3ea83071d41d062c04c88ceca5d2890cf4cab050ee778990e9bc8e1dad999c3f935b9727a77610dd72df8637beeb4ad49ed6740af1eb9da4211eaf49089239b413c9b89ce940ddd49b9bc52feba182df691f05e0f495d3235ee032ebe910e6e4b43500ad1677b10cb9fc5b90eb38d1bc4df3c226ccf201b26d0e2cde001b760f373ccafd4635781d87bb52b0ec792c0a8b9c63122d89f810ca474612e21962ba3e648d48b6467b019a64d6f3a5867dab13b00b6", 0x1000}], 0x5, &(0x7f00000006c0)=[@mark={{0x14, 0x1, 0x24, 0x400}}, @txtime={{0x18, 0x1, 0x3d, 0xe05}}, @mark={{0x14, 0x1, 0x24, 0x6}}], 0x48}}], 0x1, 0xc001)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r6, 0x0, r4, 0x0, 0x6, 0x0)
pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
tee(r3, r7, 0x4e, 0x0)
write$binfmt_script(r4, &(0x7f0000000800)={'#! ', './file0'}, 0xb)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
socket(0x10, 0x3, 0x0)
r8 = socket$rds(0x15, 0x5, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r8, 0x114, 0xa, &(0x7f0000000000)=ANY=[@ANYBLOB="c1"], 0x4)

kernel console output (not intermixed with test programs):

nied  { create } for  pid=4029 comm="syz.3.129" name=E91F7189591E9233614B scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1
[   43.916514][   T29] audit: type=1326 audit(1750842070.566:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4029 comm="syz.3.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faef8d6e929 code=0x7ffc0000
[   43.940061][   T29] audit: type=1326 audit(1750842070.566:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4029 comm="syz.3.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faef8d6e929 code=0x7ffc0000
[   43.963424][   T29] audit: type=1326 audit(1750842070.566:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4029 comm="syz.3.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7faef8d6e929 code=0x7ffc0000
[   43.986717][   T29] audit: type=1326 audit(1750842070.566:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4029 comm="syz.3.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faef8d6e929 code=0x7ffc0000
[   44.010104][   T29] audit: type=1326 audit(1750842070.566:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4029 comm="syz.3.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7faef8d6e929 code=0x7ffc0000
[   44.033460][   T29] audit: type=1326 audit(1750842070.566:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4029 comm="syz.3.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faef8d6e929 code=0x7ffc0000
[   44.056777][   T29] audit: type=1326 audit(1750842070.566:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4029 comm="syz.3.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7faef8d6e929 code=0x7ffc0000
[   44.215259][ T4038] netlink: 96 bytes leftover after parsing attributes in process `syz.1.131'.
[   44.241415][ T4040] netlink: 8 bytes leftover after parsing attributes in process `syz.1.132'.
[   44.267521][ T4042] xt_hashlimit: max too large, truncated to 1048576
[   44.330757][ T4043] loop1: detected capacity change from 0 to 512
[   44.342810][ T4043] EXT4-fs (loop1): orphan cleanup on readonly fs
[   44.350266][ T4043] EXT4-fs error (device loop1): ext4_orphan_get:1419: comm syz.1.133: bad orphan inode 13
[   44.361099][ T4043] ext4_test_bit(bit=12, block=18) = 1
[   44.366529][ T4043] is_bad_inode(inode)=0
[   44.370742][ T4043] NEXT_ORPHAN(inode)=2130706432
[   44.375637][ T4043] max_ino=32
[   44.378988][ T4043] i_nlink=1
[   44.382502][ T4043] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   44.397731][ T4043] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[   44.408481][ T4043] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.133: bg 0: block 248: padding at end of block bitmap is not set
[   44.422927][ T4043] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.133: Failed to acquire dquot type 1
[   44.434437][ T4043] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   44.491910][ T4047] loop0: detected capacity change from 0 to 764
[   44.529406][ T4049] netlink: 'syz.0.144': attribute type 13 has an invalid length.
[   44.613823][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.615732][ T4055] loop2: detected capacity change from 0 to 1024
[   44.634757][ T4055] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   44.647946][ T4055] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   44.661027][ T4058] random: crng reseeded on system resumption
[   44.663869][ T4055] EXT4-fs (loop2): orphan cleanup on readonly fs
[   44.675190][ T4058] Restarting kernel threads ...
[   44.680258][ T4058] Done restarting kernel threads.
[   44.681028][ T4055] EXT4-fs error (device loop2): __ext4_get_inode_loc:4792: comm syz.2.136: Invalid inode table block 0 in block_group 0
[   44.706959][ T4055] EXT4-fs (loop2): Remounting filesystem read-only
[   44.715103][ T4055] EXT4-fs (loop2): 1 truncate cleaned up
[   44.721864][ T4055] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   44.725344][ T4060] random: crng reseeded on system resumption
[   44.749637][ T4060] Restarting kernel threads ...
[   44.756441][ T4060] Done restarting kernel threads.
[   44.773013][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.841445][ T4062] netlink: 4 bytes leftover after parsing attributes in process `syz.3.140'.
[   44.850343][ T4062] netlink: 4 bytes leftover after parsing attributes in process `syz.3.140'.
[   44.859469][ T4062] netlink: 4 bytes leftover after parsing attributes in process `syz.3.140'.
[   44.879873][ T4062] netlink: 4 bytes leftover after parsing attributes in process `syz.3.140'.
[   44.888865][ T4062] netlink: 4 bytes leftover after parsing attributes in process `syz.3.140'.
[   44.899518][ T4062] netlink: 4 bytes leftover after parsing attributes in process `syz.3.140'.
[   44.928852][ T4062] netlink: 4 bytes leftover after parsing attributes in process `syz.3.140'.
[   45.045366][ T4079] loop3: detected capacity change from 0 to 764
[   45.075101][ T4081] netlink: 'syz.3.146': attribute type 13 has an invalid length.
[   45.111077][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.258611][ T4089] hsr0: entered promiscuous mode
[   45.263754][ T4089] vlan2: entered promiscuous mode
[   45.346143][ T4095] lo speed is unknown, defaulting to 1000
[   45.411428][ T4098] loop0: detected capacity change from 0 to 1024
[   45.423752][ T4098] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   45.444083][ T4098] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   45.454266][ T4098] EXT4-fs (loop0): orphan cleanup on readonly fs
[   45.461613][ T4098] EXT4-fs error (device loop0): __ext4_get_inode_loc:4792: comm syz.0.151: Invalid inode table block 0 in block_group 0
[   45.476126][ T4098] EXT4-fs (loop0): Remounting filesystem read-only
[   45.483630][ T4098] EXT4-fs (loop0): 1 truncate cleaned up
[   45.491037][ T4098] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   45.546747][ T4104] FAULT_INJECTION: forcing a failure.
[   45.546747][ T4104] name failslab, interval 1, probability 0, space 0, times 0
[   45.559504][ T4104] CPU: 1 UID: 0 PID: 4104 Comm: syz.1.152 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(voluntary) 
[   45.559597][ T4104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   45.559617][ T4104] Call Trace:
[   45.559625][ T4104]  <TASK>
[   45.559633][ T4104]  __dump_stack+0x1d/0x30
[   45.559663][ T4104]  dump_stack_lvl+0xe8/0x140
[   45.559722][ T4104]  dump_stack+0x15/0x1b
[   45.559738][ T4104]  should_fail_ex+0x265/0x280
[   45.559775][ T4104]  should_failslab+0x8c/0xb0
[   45.559805][ T4104]  __kvmalloc_node_noprof+0x123/0x4e0
[   45.559841][ T4104]  ? nf_hook_entries_grow+0x1bc/0x450
[   45.559908][ T4104]  ? rcu_segcblist_enqueue+0x92/0xb0
[   45.559944][ T4104]  nf_hook_entries_grow+0x1bc/0x450
[   45.559997][ T4104]  __nf_register_net_hook+0x18e/0x480
[   45.560040][ T4104]  nf_register_net_hook+0x88/0x130
[   45.560093][ T4104]  nf_register_net_hooks+0x44/0x150
[   45.560158][ T4104]  nf_ct_netns_do_get+0x188/0x380
[   45.560209][ T4104]  nf_ct_netns_get+0x87/0xc0
[   45.560245][ T4104]  connbytes_mt_check+0x84/0x170
[   45.560273][ T4104]  xt_check_match+0x2aa/0x4f0
[   45.560349][ T4104]  ? xt_find_match+0x1d1/0x210
[   45.560402][ T4104]  ? xt_find_match+0x1b5/0x210
[   45.560436][ T4104]  translate_table+0xb4b/0x1070
[   45.560477][ T4104]  do_ip6t_set_ctl+0x678/0x840
[   45.560566][ T4104]  ? kstrtoull+0x111/0x140
[   45.560594][ T4104]  ? __rcu_read_unlock+0x4f/0x70
[   45.560662][ T4104]  nf_setsockopt+0x196/0x1b0
[   45.560693][ T4104]  ipv6_setsockopt+0x11a/0x130
[   45.560753][ T4104]  rawv6_setsockopt+0x1d2/0x420
[   45.560784][ T4104]  sock_common_setsockopt+0x66/0x80
[   45.560859][ T4104]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   45.560890][ T4104]  __sys_setsockopt+0x181/0x200
[   45.560930][ T4104]  __x64_sys_setsockopt+0x64/0x80
[   45.560981][ T4104]  x64_sys_call+0x2bd5/0x2fb0
[   45.561046][ T4104]  do_syscall_64+0xd2/0x200
[   45.561064][ T4104]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   45.561103][ T4104]  ? clear_bhb_loop+0x40/0x90
[   45.561130][ T4104]  ? clear_bhb_loop+0x40/0x90
[   45.561157][ T4104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.561238][ T4104] RIP: 0033:0x7f8a7ce5e929
[   45.561257][ T4104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.561274][ T4104] RSP: 002b:00007f8a7b4c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   45.561366][ T4104] RAX: ffffffffffffffda RBX: 00007f8a7d085fa0 RCX: 00007f8a7ce5e929
[   45.561383][ T4104] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[   45.561402][ T4104] RBP: 00007f8a7b4c7090 R08: 00000000000005d0 R09: 0000000000000000
[   45.561418][ T4104] R10: 0000200000001340 R11: 0000000000000246 R12: 0000000000000001
[   45.561484][ T4104] R13: 0000000000000000 R14: 00007f8a7d085fa0 R15: 00007fffa2294168
[   45.561509][ T4104]  </TASK>
[   45.561545][ T4104] xt_connbytes: cannot load conntrack support for proto=10
[   45.849025][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.944661][ T4108] SELinux:  Context system_u:object_r:hald_sonypic_exec_t:s0 is not valid (left unmapped).
[   46.054874][ T4120] loop1: detected capacity change from 0 to 1024
[   46.065281][ T4120] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   46.079809][ T4120] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   46.088105][ T4120] EXT4-fs (loop1): orphan cleanup on readonly fs
[   46.095107][ T4120] EXT4-fs error (device loop1): __ext4_get_inode_loc:4792: comm syz.1.158: Invalid inode table block 0 in block_group 0
[   46.110773][ T4120] EXT4-fs (loop1): Remounting filesystem read-only
[   46.117388][ T4120] EXT4-fs (loop1): 1 truncate cleaned up
[   46.124283][ T4120] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   46.466337][ T4128] lo speed is unknown, defaulting to 1000
[   46.535754][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.566433][ T4131] loop1: detected capacity change from 0 to 512
[   46.579876][ T4131] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   46.617318][ T4131] EXT4-fs (loop1): 1 truncate cleaned up
[   46.624500][ T4131] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.661302][ T4131] xt_connbytes: Forcing CT accounting to be enabled
[   46.670935][ T4131] set match dimension is over the limit!
[   46.924817][ T3960] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   46.939123][ T3960] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.951717][ T3960] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   46.970286][ T4148] xt_hashlimit: max too large, truncated to 1048576
[   46.970636][ T3960] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.034969][ T4154] loop0: detected capacity change from 0 to 512
[   47.057305][ T4158] loop2: detected capacity change from 0 to 128
[   47.116506][ T4154] EXT4-fs (loop0): orphan cleanup on readonly fs
[   47.150234][ T4154] EXT4-fs error (device loop0): ext4_orphan_get:1419: comm syz.0.169: bad orphan inode 13
[   47.193028][ T4154] ext4_test_bit(bit=12, block=18) = 1
[   47.198536][ T4154] is_bad_inode(inode)=0
[   47.202725][ T4154] NEXT_ORPHAN(inode)=2130706432
[   47.207615][ T4154] max_ino=32
[   47.210870][ T4154] i_nlink=1
[   47.232442][ T4166] loop3: detected capacity change from 0 to 1024
[   47.240119][ T4154] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   47.254074][ T4166] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   47.264972][ T4154] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[   47.265328][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.285483][ T4166] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   47.294115][ T4166] EXT4-fs (loop3): orphan cleanup on readonly fs
[   47.309092][ T4154] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.169: bg 0: block 248: padding at end of block bitmap is not set
[   47.385279][ T4174] lo speed is unknown, defaulting to 1000
[   47.643769][ T4166] EXT4-fs error (device loop3): __ext4_get_inode_loc:4792: comm syz.3.175: Invalid inode table block 0 in block_group 0
[   47.699940][ T4154] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.169: Failed to acquire dquot type 1
[   47.757658][ T4166] EXT4-fs (loop3): Remounting filesystem read-only
[   47.824862][ T4166] EXT4-fs (loop3): 1 truncate cleaned up
[   48.258293][ T4166] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   48.275330][ T4154] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   48.290513][ T4183] SELinux: failed to load policy
[   48.364468][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.374694][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.387404][ T4188] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[   48.422747][ T4188] pim6reg1: entered promiscuous mode
[   48.428214][ T4188] pim6reg1: entered allmulticast mode
[   48.484150][ T4198] loop0: detected capacity change from 0 to 1024
[   48.514010][ T4198] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   48.539121][ T4198] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   48.546934][ T4203] SELinux: failed to load policy
[   48.547612][ T4198] EXT4-fs (loop0): orphan cleanup on readonly fs
[   48.559443][ T4198] EXT4-fs error (device loop0): __ext4_get_inode_loc:4792: comm syz.0.186: Invalid inode table block 0 in block_group 0
[   48.576620][ T4198] EXT4-fs (loop0): Remounting filesystem read-only
[   48.588791][ T4198] EXT4-fs (loop0): 1 truncate cleaned up
[   48.595042][ T4198] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   48.631079][ T4214] loop3: detected capacity change from 0 to 128
[   48.654965][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.668194][ T4215] netlink: 'syz.2.191': attribute type 1 has an invalid length.
[   48.864425][ T4235] random: crng reseeded on system resumption
[   48.875365][ T4235] Restarting kernel threads ...
[   48.881196][ T4235] Done restarting kernel threads.
[   48.953550][ T4236] lo speed is unknown, defaulting to 1000
[   49.716362][ T4241] loop1: detected capacity change from 0 to 1024
[   49.724873][   T29] kauditd_printk_skb: 363 callbacks suppressed
[   49.724889][   T29] audit: type=1400 audit(1750842076.376:817): avc:  denied  { write } for  pid=4242 comm="syz.0.207" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   49.768854][ T4243] __nla_validate_parse: 37 callbacks suppressed
[   49.768874][ T4243] netlink: 28 bytes leftover after parsing attributes in process `syz.0.207'.
[   49.796857][ T4241] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   49.816295][ T4241] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   49.827416][ T4241] EXT4-fs (loop1): orphan cleanup on readonly fs
[   49.835623][ T4241] EXT4-fs error (device loop1): __ext4_get_inode_loc:4792: comm syz.1.206: Invalid inode table block 0 in block_group 0
[   49.848647][ T4250] FAULT_INJECTION: forcing a failure.
[   49.848647][ T4250] name failslab, interval 1, probability 0, space 0, times 0
[   49.849786][ T4241] EXT4-fs (loop1): Remounting filesystem read-only
[   49.861336][ T4250] CPU: 1 UID: 0 PID: 4250 Comm: syz.3.209 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(voluntary) 
[   49.861405][ T4250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   49.861424][ T4250] Call Trace:
[   49.861433][ T4250]  <TASK>
[   49.861444][ T4250]  __dump_stack+0x1d/0x30
[   49.861482][ T4250]  dump_stack_lvl+0xe8/0x140
[   49.861565][ T4250]  dump_stack+0x15/0x1b
[   49.861588][ T4250]  should_fail_ex+0x265/0x280
[   49.861631][ T4250]  should_failslab+0x8c/0xb0
[   49.861718][ T4250]  __kmalloc_cache_node_noprof+0x54/0x320
[   49.861758][ T4250]  ? __get_vm_area_node+0x106/0x1d0
[   49.861834][ T4250]  __get_vm_area_node+0x106/0x1d0
[   49.861863][ T4250]  __vmalloc_node_range_noprof+0x273/0xe00
[   49.861893][ T4250]  ? n_tty_open+0x1b/0xf0
[   49.861990][ T4250]  ? klist_next+0x1c2/0x220
[   49.862019][ T4250]  ? kobject_put+0x10b/0x190
[   49.862098][ T4250]  ? class_find_device+0x24d/0x2a0
[   49.862185][ T4250]  ? __pfx_device_match_devt+0x10/0x10
[   49.862225][ T4250]  ? n_tty_open+0x1b/0xf0
[   49.862256][ T4250]  vzalloc_noprof+0x82/0xc0
[   49.862297][ T4250]  ? n_tty_open+0x1b/0xf0
[   49.862341][ T4250]  n_tty_open+0x1b/0xf0
[   49.862367][ T4250]  tty_ldisc_setup+0x83/0x220
[   49.862465][ T4250]  tty_init_dev+0x183/0x330
[   49.862511][ T4250]  ptmx_open+0xda/0x240
[   49.862544][ T4250]  chrdev_open+0x2eb/0x3a0
[   49.862598][ T4250]  do_dentry_open+0x649/0xa20
[   49.862632][ T4250]  ? __pfx_chrdev_open+0x10/0x10
[   49.862701][ T4250]  vfs_open+0x37/0x1e0
[   49.862734][ T4250]  path_openat+0x1c5e/0x2170
[   49.862788][ T4250]  do_filp_open+0x109/0x230
[   49.862843][ T4250]  do_sys_openat2+0xa6/0x110
[   49.862933][ T4250]  __x64_sys_openat+0xf2/0x120
[   49.862972][ T4250]  x64_sys_call+0x1af/0x2fb0
[   49.863100][ T4250]  do_syscall_64+0xd2/0x200
[   49.863123][ T4250]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   49.863160][ T4250]  ? clear_bhb_loop+0x40/0x90
[   49.863189][ T4250]  ? clear_bhb_loop+0x40/0x90
[   49.863218][ T4250]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.863260][ T4250] RIP: 0033:0x7faef8d6e929
[   49.863280][ T4250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.863333][ T4250] RSP: 002b:00007faef73d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   49.863359][ T4250] RAX: ffffffffffffffda RBX: 00007faef8f95fa0 RCX: 00007faef8d6e929
[   49.863392][ T4250] RDX: 000000000000c840 RSI: 0000200000000080 RDI: ffffffffffffff9c
[   49.863408][ T4250] RBP: 00007faef73d7090 R08: 0000000000000000 R09: 0000000000000000
[   49.863424][ T4250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   49.863521][ T4250] R13: 0000000000000000 R14: 00007faef8f95fa0 R15: 00007ffd6016e0b8
[   49.863547][ T4250]  </TASK>
[   49.863558][ T4250] syz.3.209: vmalloc error: size 8904, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null)
[   49.867844][ T4241] Quota error (device loop1): write_blk: dquota write failed
[   49.880176][ T4250] ,cpuset=/,mems_allowed=0
[   49.890387][ T4241] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[   49.893569][ T4250] 
[   49.935238][ T4241] EXT4-fs (loop1): 1 truncate cleaned up
[   49.935844][ T4241] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   49.941105][ T4250] CPU: 1 UID: 0 PID: 4250 Comm: syz.3.209 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(voluntary) 
[   49.941138][ T4250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   49.941173][ T4250] Call Trace:
[   49.941183][ T4250]  <TASK>
[   49.941194][ T4250]  __dump_stack+0x1d/0x30
[   49.941222][ T4250]  dump_stack_lvl+0xe8/0x140
[   49.941257][ T4250]  dump_stack+0x15/0x1b
[   49.941281][ T4250]  warn_alloc+0x12b/0x1a0
[   49.941408][ T4250]  __vmalloc_node_range_noprof+0x297/0xe00
[   49.941518][ T4250]  ? klist_next+0x1c2/0x220
[   49.941548][ T4250]  ? kobject_put+0x10b/0x190
[   49.941580][ T4250]  ? class_find_device+0x24d/0x2a0
[   49.941632][ T4250]  ? __pfx_device_match_devt+0x10/0x10
[   49.941744][ T4250]  ? n_tty_open+0x1b/0xf0
[   49.941772][ T4250]  vzalloc_noprof+0x82/0xc0
[   49.941814][ T4250]  ? n_tty_open+0x1b/0xf0
[   49.941930][ T4250]  n_tty_open+0x1b/0xf0
[   49.941963][ T4250]  tty_ldisc_setup+0x83/0x220
[   49.942004][ T4250]  tty_init_dev+0x183/0x330
[   49.942096][ T4250]  ptmx_open+0xda/0x240
[   49.942209][ T4250]  chrdev_open+0x2eb/0x3a0
[   49.942238][ T4250]  do_dentry_open+0x649/0xa20
[   49.942317][ T4250]  ? __pfx_chrdev_open+0x10/0x10
[   49.942348][ T4250]  vfs_open+0x37/0x1e0
[   49.942382][ T4250]  path_openat+0x1c5e/0x2170
[   49.942435][ T4250]  do_filp_open+0x109/0x230
[   49.942518][ T4250]  do_sys_openat2+0xa6/0x110
[   49.942633][ T4250]  __x64_sys_openat+0xf2/0x120
[   49.942673][ T4250]  x64_sys_call+0x1af/0x2fb0
[   49.942776][ T4250]  do_syscall_64+0xd2/0x200
[   49.942799][ T4250]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   49.942835][ T4250]  ? clear_bhb_loop+0x40/0x90
[   49.942903][ T4250]  ? clear_bhb_loop+0x40/0x90
[   49.942932][ T4250]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.942962][ T4250] RIP: 0033:0x7faef8d6e929
[   49.943003][ T4250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.943028][ T4250] RSP: 002b:00007faef73d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   49.943087][ T4250] RAX: ffffffffffffffda RBX: 00007faef8f95fa0 RCX: 00007faef8d6e929
[   49.943102][ T4250] RDX: 000000000000c840 RSI: 0000200000000080 RDI: ffffffffffffff9c
[   49.943118][ T4250] RBP: 00007faef73d7090 R08: 0000000000000000 R09: 0000000000000000
[   49.943135][ T4250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   49.943152][ T4250] R13: 0000000000000000 R14: 00007faef8f95fa0 R15: 00007ffd6016e0b8
[   49.943178][ T4250]  </TASK>
[   49.943197][ T4250] Mem-Info:
[   50.442776][ T4250] active_anon:6509 inactive_anon:0 isolated_anon:0
[   50.442776][ T4250]  active_file:6325 inactive_file:2187 isolated_file:0
[   50.442776][ T4250]  unevictable:0 dirty:1546 writeback:0
[   50.442776][ T4250]  slab_reclaimable:2961 slab_unreclaimable:19248
[   50.442776][ T4250]  mapped:32321 shmem:306 pagetables:1063
[   50.442776][ T4250]  sec_pagetables:0 bounce:0
[   50.442776][ T4250]  kernel_misc_reclaimable:0
[   50.442776][ T4250]  free:1886151 free_pcp:17023 free_cma:0
[   50.487671][ T4250] Node 0 active_anon:26036kB inactive_anon:0kB active_file:25300kB inactive_file:8748kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:129284kB dirty:6184kB writeback:0kB shmem:1224kB writeback_tmp:0kB kernel_stack:3392kB pagetables:4252kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   50.516482][ T4250] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   50.545188][ T4250] lowmem_reserve[]: 0 2882 7860 7860
[   50.550638][ T4250] Node 0 DMA32 free:2947732kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2951360kB mlocked:0kB bounce:0kB free_pcp:3628kB local_pcp:3528kB free_cma:0kB
[   50.580976][ T4250] lowmem_reserve[]: 0 0 4978 4978
[   50.586059][ T4250] Node 0 Normal free:4581512kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:26036kB inactive_anon:0kB active_file:25300kB inactive_file:8748kB unevictable:0kB writepending:6184kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:64464kB local_pcp:37824kB free_cma:0kB
[   50.618089][ T4250] lowmem_reserve[]: 0 0 0 0
[   50.622725][ T4250] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   50.635558][ T4250] Node 0 DMA32: 3*4kB (M) 1*8kB (M) 4*16kB (M) 2*32kB (M) 4*64kB (M) 4*128kB (M) 3*256kB (M) 4*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2947732kB
[   50.652010][ T4250] Node 0 Normal: 316*4kB (UME) 155*8kB (UME) 74*16kB (UME) 143*32kB (UME) 65*64kB (UME) 42*128kB (UME) 25*256kB (UM) 35*512kB (UME) 27*1024kB (UME) 9*2048kB (UE) 1097*4096kB (UM) = 4581512kB
[   50.671162][ T4250] Node 0 hugepages_total=8 hugepages_free=0 hugepages_surp=4 hugepages_size=2048kB
[   50.680550][ T4250] 8815 total pagecache pages
[   50.685210][ T4250] 0 pages in swap cache
[   50.689402][ T4250] Free swap  = 124996kB
[   50.693669][ T4250] Total swap = 124996kB
[   50.697906][ T4250] 2097051 pages RAM
[   50.701726][ T4250] 0 pages HighMem/MovableOnly
[   50.706471][ T4250] 80811 pages reserved
[   50.710618][ T4250] ptm ptm0: ldisc open failed (-12), clearing slot 0
[   50.720401][ T4256] blktrace: Concurrent blktraces are not allowed on sg0
[   50.737224][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.766651][ T4258] loop3: detected capacity change from 0 to 512
[   50.779753][ T4261] netlink: 4 bytes leftover after parsing attributes in process `syz.2.211'.
[   50.788654][ T4261] netlink: 4 bytes leftover after parsing attributes in process `syz.2.211'.
[   50.798098][ T4261] netlink: 4 bytes leftover after parsing attributes in process `syz.2.211'.
[   50.810506][ T4260] loop1: detected capacity change from 0 to 764
[   50.826392][ T4261] netlink: 4 bytes leftover after parsing attributes in process `syz.2.211'.
[   50.835325][ T4261] netlink: 4 bytes leftover after parsing attributes in process `syz.2.211'.
[   50.840026][ T4264] netlink: 148 bytes leftover after parsing attributes in process `syz.0.214'.
[   50.879996][ T4261] netlink: 4 bytes leftover after parsing attributes in process `syz.2.211'.
[   50.880058][   T29] audit: type=1326 audit(1750842077.526:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4265 comm="syz.1.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a7ce5e929 code=0x7ffc0000
[   50.912199][   T29] audit: type=1326 audit(1750842077.526:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4265 comm="syz.1.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a7ce5e929 code=0x7ffc0000
[   50.935523][   T29] audit: type=1326 audit(1750842077.536:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4265 comm="syz.1.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8a7ce5e929 code=0x7ffc0000
[   50.958897][   T29] audit: type=1326 audit(1750842077.536:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4265 comm="syz.1.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a7ce5e929 code=0x7ffc0000
[   50.975505][ T4261] netlink: 4 bytes leftover after parsing attributes in process `syz.2.211'.
[   50.982224][   T29] audit: type=1326 audit(1750842077.536:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4265 comm="syz.1.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a7ce5e929 code=0x7ffc0000
[   50.991040][ T4261] netlink: 4 bytes leftover after parsing attributes in process `syz.2.211'.
[   50.995038][ T4258] EXT4-fs (loop3): 1 orphan inode deleted
[   51.014286][   T29] audit: type=1326 audit(1750842077.536:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4265 comm="syz.1.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8a7ce5e929 code=0x7ffc0000
[   51.014324][   T29] audit: type=1326 audit(1750842077.536:824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4265 comm="syz.1.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a7ce5e929 code=0x7ffc0000
[   51.025883][ T4258] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.033258][   T12] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 1
[   51.100083][ T4258] ext4 filesystem being mounted at /47/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   51.170654][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.210179][ T4277] syz.2.217 uses obsolete (PF_INET,SOCK_PACKET)
[   51.239098][ T4277] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   51.248449][ T4277] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   51.298642][ T4286] loop1: detected capacity change from 0 to 764
[   51.320469][ T4284] SELinux: failed to load policy
[   51.385225][ T4290] loop3: detected capacity change from 0 to 1024
[   51.392553][ T4290] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   51.408265][ T4290] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   51.419916][ T4290] EXT4-fs (loop3): orphan cleanup on readonly fs
[   51.427125][ T4290] EXT4-fs error (device loop3): __ext4_get_inode_loc:4792: comm syz.3.223: Invalid inode table block 0 in block_group 0
[   51.453986][ T4290] EXT4-fs (loop3): Remounting filesystem read-only
[   51.462002][ T4290] EXT4-fs (loop3): 1 truncate cleaned up
[   51.471391][ T4299] netlink: 'syz.0.228': attribute type 13 has an invalid length.
[   51.476260][ T4290] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   51.520136][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.621959][ T4313] loop1: detected capacity change from 0 to 512
[   51.630208][ T4313] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[   51.642878][ T4313] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.232: iget: bogus i_mode (5)
[   51.654490][ T4313] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.232: couldn't read orphan inode 15 (err -117)
[   51.667096][ T4313] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.680011][ T4313] ext2 filesystem being mounted at /49/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   51.702922][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.922414][ T4321] loop2: detected capacity change from 0 to 764
[   52.235742][ T4329] loop1: detected capacity change from 0 to 512
[   52.297740][ T4329] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.313633][ T4329] ext4 filesystem being mounted at /53/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   52.356876][ T4329] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.239: corrupted xattr block 32: bad e_name length
[   52.372474][ T4329] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[   52.401206][ T4329] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.239: corrupted xattr block 32: bad e_name length
[   52.414862][ T4329] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[   52.485435][ T4352] random: crng reseeded on system resumption
[   52.495895][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.496678][ T4352] Restarting kernel threads ...
[   52.512948][ T4352] Done restarting kernel threads.
[   52.529239][ T4356] loop0: detected capacity change from 0 to 764
[   52.652555][ T4367] loop0: detected capacity change from 0 to 512
[   52.692612][ T4366] Illegal XDP return value 97 on prog  (id 207) dev syz_tun, expect packet loss!
[   52.706823][ T4366] loop1: detected capacity change from 0 to 1024
[   52.754717][ T4366] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.767320][ T4367] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   52.777350][ T4367] EXT4-fs (loop0): orphan cleanup on readonly fs
[   52.785841][ T4366] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4113: comm syz.1.251: Allocating blocks 385-513 which overlap fs metadata
[   52.803943][ T4367] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.249: corrupted inode contents
[   52.816662][ T4365] EXT4-fs (loop1): pa ffff888106a5a0e0: logic 16, phys. 129, len 24
[   52.824787][ T4365] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[   52.844358][ T4367] EXT4-fs (loop0): Remounting filesystem read-only
[   52.856604][ T4367] EXT4-fs (loop0): 1 truncate cleaned up
[   52.863616][   T37] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   52.874410][   T37] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   52.891193][   T37] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   52.902690][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.915507][ T4367] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   52.948579][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.037324][ T4389] cgroup: none used incorrectly
[   53.045177][ T4389] xt_hashlimit: max too large, truncated to 1048576
[   53.096208][   T10] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x4
[   53.103992][   T10] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x2
[   53.113081][ T4391] loop1: detected capacity change from 0 to 764
[   53.115713][   T10] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   53.127097][   T10] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   53.134876][   T10] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   53.142714][   T10] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   53.150556][   T10] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   53.158344][   T10] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   53.166139][   T10] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   53.173861][   T10] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   53.181619][   T10] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   53.182496][ T4395] FAULT_INJECTION: forcing a failure.
[   53.182496][ T4395] name failslab, interval 1, probability 0, space 0, times 0
[   53.189306][   T10] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   53.189414][   T10] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   53.201945][ T4395] CPU: 1 UID: 0 PID: 4395 Comm: syz.2.260 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(voluntary) 
[   53.201992][ T4395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   53.202010][ T4395] Call Trace:
[   53.202018][ T4395]  <TASK>
[   53.202069][ T4395]  __dump_stack+0x1d/0x30
[   53.202169][ T4395]  dump_stack_lvl+0xe8/0x140
[   53.202195][ T4395]  dump_stack+0x15/0x1b
[   53.202216][ T4395]  should_fail_ex+0x265/0x280
[   53.202263][ T4395]  should_failslab+0x8c/0xb0
[   53.202293][ T4395]  kmem_cache_alloc_node_noprof+0x57/0x320
[   53.202330][ T4395]  ? __alloc_skb+0x101/0x320
[   53.202371][ T4395]  __alloc_skb+0x101/0x320
[   53.202446][ T4395]  alloc_skb_with_frags+0x7d/0x470
[   53.202486][ T4395]  ? xa_load+0xb1/0xe0
[   53.202560][ T4395]  ? __account_obj_stock+0x211/0x350
[   53.202590][ T4395]  sock_alloc_send_pskb+0x43a/0x4f0
[   53.202689][ T4395]  unix_dgram_sendmsg+0x394/0xfa0
[   53.202792][ T4395]  ? selinux_socket_sendmsg+0x175/0x1b0
[   53.202871][ T4395]  unix_seqpacket_sendmsg+0xd1/0x110
[   53.202910][ T4395]  ? __pfx_unix_seqpacket_sendmsg+0x10/0x10
[   53.202949][ T4395]  __sock_sendmsg+0x142/0x180
[   53.203098][ T4395]  ____sys_sendmsg+0x31e/0x4e0
[   53.203146][ T4395]  __sys_sendmsg_sock+0x28/0x40
[   53.203191][ T4395]  io_sendmsg+0x163/0x4b0
[   53.203317][ T4395]  __io_issue_sqe+0xfe/0x2e0
[   53.203382][ T4395]  ? io_assign_file+0xc9/0x200
[   53.203422][ T4395]  io_issue_sqe+0x53/0x970
[   53.203450][ T4395]  io_submit_sqes+0x667/0xfd0
[   53.203504][ T4395]  __se_sys_io_uring_enter+0x1c1/0x1b70
[   53.203547][ T4395]  ? 0xffffffff81000000
[   53.203567][ T4395]  ? __rcu_read_unlock+0x4f/0x70
[   53.203639][ T4395]  ? get_pid_task+0x96/0xd0
[   53.203666][ T4395]  ? proc_fail_nth_write+0x12d/0x160
[   53.203692][ T4395]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   53.203851][ T4395]  ? vfs_write+0x75e/0x8e0
[   53.203903][ T4395]  ? __rcu_read_unlock+0x4f/0x70
[   53.203931][ T4395]  ? __fget_files+0x184/0x1c0
[   53.203960][ T4395]  ? fput+0x8f/0xc0
[   53.203997][ T4395]  __x64_sys_io_uring_enter+0x78/0x90
[   53.204040][ T4395]  x64_sys_call+0x28c8/0x2fb0
[   53.204069][ T4395]  do_syscall_64+0xd2/0x200
[   53.204094][ T4395]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   53.204160][ T4395]  ? clear_bhb_loop+0x40/0x90
[   53.204236][ T4395]  ? clear_bhb_loop+0x40/0x90
[   53.204328][ T4395]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.204356][ T4395] RIP: 0033:0x7eff0291e929
[   53.204376][ T4395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.204401][ T4395] RSP: 002b:00007eff00f87038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[   53.204426][ T4395] RAX: ffffffffffffffda RBX: 00007eff02b45fa0 RCX: 00007eff0291e929
[   53.204519][ T4395] RDX: 0000000000000000 RSI: 0000000000003516 RDI: 0000000000000007
[   53.204535][ T4395] RBP: 00007eff00f87090 R08: 0000000000000000 R09: 0000000000000000
[   53.204552][ T4395] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[   53.204569][ T4395] R13: 0000000000000000 R14: 00007eff02b45fa0 R15: 00007fff1fd40f08
[   53.204596][ T4395]  </TASK>
[   53.217432][   T10] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   53.250574][   T10] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   53.538154][   T10] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   53.539302][   T10] hid-generic 0000:3000000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   53.736307][ T4428] netlink: 'syz.1.262': attribute type 1 has an invalid length.
[   53.759815][ T4430] loop0: detected capacity change from 0 to 764
[   53.866862][ T4441] loop0: detected capacity change from 0 to 2048
[   53.919609][ T4444] loop3: detected capacity change from 0 to 1024
[   53.943025][ T4444] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   53.965717][ T4441] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.986939][ T4441] ext4 filesystem being mounted at /57/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   54.005632][ T4441] tipc: Started in network mode
[   54.010783][ T4441] tipc: Node identity ac1414aa, cluster identity 4711
[   54.018456][ T4441] tipc: Enabled bearer <udp:syz2>, priority 10
[   54.036808][ T4444] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   54.045206][ T4444] EXT4-fs (loop3): orphan cleanup on readonly fs
[   54.049704][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.064075][ T4444] EXT4-fs error (device loop3): __ext4_get_inode_loc:4792: comm syz.3.278: Invalid inode table block 0 in block_group 0
[   54.120155][ T4444] EXT4-fs (loop3): Remounting filesystem read-only
[   54.130953][ T4444] EXT4-fs (loop3): 1 truncate cleaned up
[   54.152021][ T4444] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   54.189740][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.200271][ T4458] xt_hashlimit: max too large, truncated to 1048576
[   54.215049][ T4460] loop4: detected capacity change from 0 to 764
[   54.276609][ T4464] loop0: detected capacity change from 0 to 512
[   54.288206][ T4467] FAULT_INJECTION: forcing a failure.
[   54.288206][ T4467] name failslab, interval 1, probability 0, space 0, times 0
[   54.292884][ T4464] EXT4-fs (loop0): orphan cleanup on readonly fs
[   54.301022][ T4467] CPU: 1 UID: 0 PID: 4467 Comm: syz.4.285 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(voluntary) 
[   54.301062][ T4467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   54.301080][ T4467] Call Trace:
[   54.301152][ T4467]  <TASK>
[   54.301162][ T4467]  __dump_stack+0x1d/0x30
[   54.301191][ T4467]  dump_stack_lvl+0xe8/0x140
[   54.301217][ T4467]  dump_stack+0x15/0x1b
[   54.301239][ T4467]  should_fail_ex+0x265/0x280
[   54.301280][ T4467]  ? genl_start+0x117/0x390
[   54.301341][ T4467]  should_failslab+0x8c/0xb0
[   54.301372][ T4467]  __kmalloc_cache_noprof+0x4c/0x320
[   54.301415][ T4467]  genl_start+0x117/0x390
[   54.301451][ T4467]  __netlink_dump_start+0x331/0x520
[   54.301580][ T4467]  genl_family_rcv_msg_dumpit+0x115/0x180
[   54.301616][ T4467]  ? __pfx_genl_start+0x10/0x10
[   54.301647][ T4467]  ? __pfx_genl_dumpit+0x10/0x10
[   54.301733][ T4467]  ? __pfx_genl_done+0x10/0x10
[   54.301793][ T4467]  genl_rcv_msg+0x3f0/0x460
[   54.301826][ T4467]  ? __pfx_ethnl_rss_dump_start+0x10/0x10
[   54.301859][ T4467]  ? __pfx_ethnl_rss_dumpit+0x10/0x10
[   54.301912][ T4467]  netlink_rcv_skb+0x120/0x220
[   54.302022][ T4467]  ? __pfx_genl_rcv_msg+0x10/0x10
[   54.302076][ T4467]  genl_rcv+0x28/0x40
[   54.302105][ T4467]  netlink_unicast+0x59e/0x670
[   54.302224][ T4467]  netlink_sendmsg+0x58b/0x6b0
[   54.302253][ T4467]  ? __pfx_netlink_sendmsg+0x10/0x10
[   54.302393][ T4467]  __sock_sendmsg+0x142/0x180
[   54.302429][ T4467]  ____sys_sendmsg+0x31e/0x4e0
[   54.302549][ T4467]  ___sys_sendmsg+0x17b/0x1d0
[   54.302624][ T4467]  __x64_sys_sendmsg+0xd4/0x160
[   54.302725][ T4467]  x64_sys_call+0x2999/0x2fb0
[   54.302754][ T4467]  do_syscall_64+0xd2/0x200
[   54.302824][ T4467]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   54.302861][ T4467]  ? clear_bhb_loop+0x40/0x90
[   54.302888][ T4467]  ? clear_bhb_loop+0x40/0x90
[   54.302916][ T4467]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.302944][ T4467] RIP: 0033:0x7fdfdbdce929
[   54.303032][ T4467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.303056][ T4467] RSP: 002b:00007fdfda437038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   54.303079][ T4467] RAX: ffffffffffffffda RBX: 00007fdfdbff5fa0 RCX: 00007fdfdbdce929
[   54.303096][ T4467] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000004
[   54.303112][ T4467] RBP: 00007fdfda437090 R08: 0000000000000000 R09: 0000000000000000
[   54.303128][ T4467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.303144][ T4467] R13: 0000000000000000 R14: 00007fdfdbff5fa0 R15: 00007ffea7e09928
[   54.303170][ T4467]  </TASK>
[   54.569794][ T4464] EXT4-fs error (device loop0): ext4_orphan_get:1419: comm syz.0.282: bad orphan inode 13
[   54.579918][ T4464] ext4_test_bit(bit=12, block=18) = 1
[   54.585431][ T4464] is_bad_inode(inode)=0
[   54.589744][ T4464] NEXT_ORPHAN(inode)=2130706432
[   54.594624][ T4464] max_ino=32
[   54.597901][ T4464] i_nlink=1
[   54.601739][ T4464] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   54.619400][ T4464] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[   54.650564][ T4464] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.282: bg 0: block 248: padding at end of block bitmap is not set
[   54.652929][ T4475] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4475 comm=syz.3.288
[   54.678747][ T4464] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.282: Failed to acquire dquot type 1
[   54.702850][ T4464] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   54.736684][ T4481] lo speed is unknown, defaulting to 1000
[   54.743080][ T4481] lo speed is unknown, defaulting to 1000
[   54.780547][ T4481] lo speed is unknown, defaulting to 1000
[   54.787151][ T4481] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   54.798384][ T4481] lo speed is unknown, defaulting to 1000
[   54.809779][ T4481] lo speed is unknown, defaulting to 1000
[   54.842404][ T4481] lo speed is unknown, defaulting to 1000
[   54.855541][ T4481] lo speed is unknown, defaulting to 1000
[   54.861736][ T4481] lo speed is unknown, defaulting to 1000
[   54.880054][ T4492] __nla_validate_parse: 42 callbacks suppressed
[   54.880153][ T4492] netlink: 12 bytes leftover after parsing attributes in process `syz.2.294'.
[   54.899979][   T29] kauditd_printk_skb: 197 callbacks suppressed
[   54.900003][   T29] audit: type=1400 audit(1750842081.556:1009): avc:  denied  { setopt } for  pid=4487 comm="syz.4.293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   54.968783][ T4494] loop2: detected capacity change from 0 to 764
[   55.017843][   T36] tipc: Node number set to 2886997162
[   55.035689][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.071540][ T4500] netlink: 88 bytes leftover after parsing attributes in process `syz.0.297'.
[   55.080543][ T4500] netlink: 88 bytes leftover after parsing attributes in process `syz.0.297'.
[   55.150230][   T29] audit: type=1326 audit(1750842081.806:1010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4503 comm="syz.0.299" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0b42a5e929 code=0x0
[   55.179626][   T29] audit: type=1400 audit(1750842081.836:1011): avc:  denied  { mount } for  pid=4504 comm="syz.2.300" name="/" dev="autofs" ino=7168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[   55.185290][ T4506] netlink: 'syz.2.300': attribute type 13 has an invalid length.
[   55.206769][   T29] audit: type=1400 audit(1750842081.836:1012): avc:  denied  { lock } for  pid=4504 comm="syz.2.300" path="socket:[7166]" dev="sockfs" ino=7166 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   55.260014][ T4506] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   55.279217][ T4512] netlink: 'syz.0.299': attribute type 1 has an invalid length.
[   55.287011][ T4512] netlink: 224 bytes leftover after parsing attributes in process `syz.0.299'.
[   55.303315][ T4514] netlink: 16 bytes leftover after parsing attributes in process `syz.4.301'.
[   55.312636][ T4514] netlink: 'syz.4.301': attribute type 1 has an invalid length.
[   55.325810][   T29] audit: type=1400 audit(1750842081.976:1013): avc:  denied  { create } for  pid=4513 comm="syz.4.301" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[   55.332536][ T4516] FAULT_INJECTION: forcing a failure.
[   55.332536][ T4516] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   55.358467][ T4516] CPU: 1 UID: 0 PID: 4516 Comm: syz.2.302 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(voluntary) 
[   55.358525][ T4516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   55.358540][ T4516] Call Trace:
[   55.358547][ T4516]  <TASK>
[   55.358556][ T4516]  __dump_stack+0x1d/0x30
[   55.358582][ T4516]  dump_stack_lvl+0xe8/0x140
[   55.358687][ T4516]  dump_stack+0x15/0x1b
[   55.358719][ T4516]  should_fail_ex+0x265/0x280
[   55.358759][ T4516]  should_fail+0xb/0x20
[   55.358902][ T4516]  should_fail_usercopy+0x1a/0x20
[   55.358939][ T4516]  _copy_to_user+0x20/0xa0
[   55.358965][ T4516]  simple_read_from_buffer+0xb5/0x130
[   55.359006][ T4516]  proc_fail_nth_read+0x100/0x140
[   55.359045][ T4516]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   55.359099][ T4516]  vfs_read+0x19d/0x6f0
[   55.359133][ T4516]  ? ldsem_up_read+0x8a/0xd0
[   55.359171][ T4516]  ? __rcu_read_unlock+0x4f/0x70
[   55.359197][ T4516]  ? __fget_files+0x184/0x1c0
[   55.359218][ T4516]  ? tiocsti+0x19b/0x1d0
[   55.359256][ T4516]  ksys_read+0xda/0x1a0
[   55.359291][ T4516]  __x64_sys_read+0x40/0x50
[   55.359395][ T4516]  x64_sys_call+0x2d77/0x2fb0
[   55.359436][ T4516]  do_syscall_64+0xd2/0x200
[   55.359499][ T4516]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   55.359578][ T4516]  ? clear_bhb_loop+0x40/0x90
[   55.359606][ T4516]  ? clear_bhb_loop+0x40/0x90
[   55.359686][ T4516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.359706][ T4516] RIP: 0033:0x7eff0291d33c
[   55.359721][ T4516] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   55.359739][ T4516] RSP: 002b:00007eff00f87030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   55.359757][ T4516] RAX: ffffffffffffffda RBX: 00007eff02b45fa0 RCX: 00007eff0291d33c
[   55.359772][ T4516] RDX: 000000000000000f RSI: 00007eff00f870a0 RDI: 0000000000000004
[   55.359815][ T4516] RBP: 00007eff00f87090 R08: 0000000000000000 R09: 0000000000000000
[   55.359927][ T4516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.359944][ T4516] R13: 0000000000000000 R14: 00007eff02b45fa0 R15: 00007fff1fd40f08
[   55.359968][ T4516]  </TASK>
[   55.644927][ T4525] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4525 comm=syz.2.305
[   55.665167][ T4525] siw: device registration error -23
[   55.736290][ T4529] pim6reg1: entered promiscuous mode
[   55.741729][ T4529] pim6reg1: entered allmulticast mode
[   55.812092][ T4532] random: crng reseeded on system resumption
[   55.822588][ T4532] Restarting kernel threads ...
[   55.827583][ T4532] Done restarting kernel threads.
[   55.874697][ T4536] netlink: 88 bytes leftover after parsing attributes in process `syz.2.309'.
[   55.883805][ T4536] netlink: 88 bytes leftover after parsing attributes in process `syz.2.309'.
[   55.896304][ T4534] netlink: 4 bytes leftover after parsing attributes in process `syz.4.308'.
[   55.905407][ T4534] netlink: 4 bytes leftover after parsing attributes in process `syz.4.308'.
[   55.914635][ T4534] netlink: 4 bytes leftover after parsing attributes in process `syz.4.308'.
[   56.004307][ T4546] netlink: 'syz.0.312': attribute type 4 has an invalid length.
[   56.020302][ T4546] netlink: 'syz.0.312': attribute type 4 has an invalid length.
[   56.025748][   T29] audit: type=1400 audit(1750842082.676:1014): avc:  denied  { append } for  pid=4547 comm="syz.2.313" name="001" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   56.087565][ T4552] loop2: detected capacity change from 0 to 1024
[   56.096560][ T4554] loop0: detected capacity change from 0 to 128
[   56.106492][ T4554] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[   56.114391][ T4554] FAT-fs (loop0): Filesystem has been set read-only
[   56.121488][ T4554] syz.0.316: attempt to access beyond end of device
[   56.121488][ T4554] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   56.136246][ T4554] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[   56.144223][ T4554] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[   56.163290][ T4554] syz.0.316: attempt to access beyond end of device
[   56.163290][ T4554] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[   56.177176][ T4557] FAULT_INJECTION: forcing a failure.
[   56.177176][ T4557] name failslab, interval 1, probability 0, space 0, times 0
[   56.182072][ T4554] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[   56.189920][ T4557] CPU: 1 UID: 0 PID: 4557 Comm: syz.4.317 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(voluntary) 
[   56.190035][ T4557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   56.190051][ T4557] Call Trace:
[   56.190060][ T4557]  <TASK>
[   56.190072][ T4557]  __dump_stack+0x1d/0x30
[   56.190100][ T4557]  dump_stack_lvl+0xe8/0x140
[   56.190127][ T4557]  dump_stack+0x15/0x1b
[   56.190149][ T4557]  should_fail_ex+0x265/0x280
[   56.190193][ T4557]  should_failslab+0x8c/0xb0
[   56.190281][ T4557]  kmem_cache_alloc_node_noprof+0x57/0x320
[   56.190320][ T4557]  ? __alloc_skb+0x101/0x320
[   56.190420][ T4557]  __alloc_skb+0x101/0x320
[   56.190460][ T4557]  netlink_ack+0xfd/0x500
[   56.190578][ T4557]  netlink_rcv_skb+0x192/0x220
[   56.190621][ T4557]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[   56.190747][ T4557]  xfrm_netlink_rcv+0x48/0x60
[   56.190844][ T4557]  netlink_unicast+0x59e/0x670
[   56.191017][ T4557]  netlink_sendmsg+0x58b/0x6b0
[   56.191047][ T4557]  ? __pfx_netlink_sendmsg+0x10/0x10
[   56.191074][ T4557]  __sock_sendmsg+0x142/0x180
[   56.191130][ T4557]  ____sys_sendmsg+0x31e/0x4e0
[   56.191180][ T4557]  ___sys_sendmsg+0x17b/0x1d0
[   56.191244][ T4557]  __x64_sys_sendmsg+0xd4/0x160
[   56.191331][ T4557]  x64_sys_call+0x2999/0x2fb0
[   56.191414][ T4557]  do_syscall_64+0xd2/0x200
[   56.191439][ T4557]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   56.191586][ T4557]  ? clear_bhb_loop+0x40/0x90
[   56.191615][ T4557]  ? clear_bhb_loop+0x40/0x90
[   56.191644][ T4557]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.191673][ T4557] RIP: 0033:0x7fdfdbdce929
[   56.191696][ T4557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.191748][ T4557] RSP: 002b:00007fdfda437038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   56.191774][ T4557] RAX: ffffffffffffffda RBX: 00007fdfdbff5fa0 RCX: 00007fdfdbdce929
[   56.191792][ T4557] RDX: 0000000020040880 RSI: 0000200000000180 RDI: 0000000000000003
[   56.191807][ T4557] RBP: 00007fdfda437090 R08: 0000000000000000 R09: 0000000000000000
[   56.191824][ T4557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   56.191859][ T4557] R13: 0000000000000000 R14: 00007fdfdbff5fa0 R15: 00007ffea7e09928
[   56.191885][ T4557]  </TASK>
[   56.252474][ T4552] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   56.292418][ T4554] syz.0.316: attempt to access beyond end of device
[   56.292418][ T4554] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   56.311338][ T4564] random: crng reseeded on system resumption
[   56.315031][ T4553] syz.0.316: attempt to access beyond end of device
[   56.315031][ T4553] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[   56.323924][ T4564] Restarting kernel threads ...
[   56.327345][ T4552] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   56.335411][ T4564] Done restarting kernel threads.
[   56.372950][ T4552] EXT4-fs (loop2): orphan cleanup on readonly fs
[   56.385143][ T4554] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[   56.393105][ T4556] syz.0.316: attempt to access beyond end of device
[   56.393105][ T4556] loop0: rw=0, sector=2065, nr_sectors = 1 limit=128
[   56.397510][ T4554] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[   56.405454][ T4556] buffer_io_error: 1342 callbacks suppressed
[   56.405468][ T4556] Buffer I/O error on dev loop0, logical block 2065, async page read
[   56.423978][ T4552] EXT4-fs error (device loop2): __ext4_get_inode_loc:4792: comm syz.2.314: Invalid inode table block 0 in block_group 0
[   56.425502][ T4556] syz.0.316: attempt to access beyond end of device
[   56.425502][ T4556] loop0: rw=0, sector=2066, nr_sectors = 1 limit=128
[   56.450603][ T4552] EXT4-fs (loop2): Remounting filesystem read-only
[   56.454410][ T4556] Buffer I/O error on dev loop0, logical block 2066, async page read
[   56.467535][ T4556] syz.0.316: attempt to access beyond end of device
[   56.467535][ T4556] loop0: rw=0, sector=2067, nr_sectors = 1 limit=128
[   56.467565][ T4556] Buffer I/O error on dev loop0, logical block 2067, async page read
[   56.467586][ T4556] syz.0.316: attempt to access beyond end of device
[   56.467586][ T4556] loop0: rw=0, sector=2068, nr_sectors = 1 limit=128
[   56.472470][ T4552] Quota error (device loop2): write_blk: dquota write failed
[   56.480377][ T4556] Buffer I/O error on dev loop0, logical block 2068, async page read
[   56.480406][ T4556] syz.0.316: attempt to access beyond end of device
[   56.480406][ T4556] loop0: rw=0, sector=2069, nr_sectors = 1 limit=128
[   56.485452][ T4552] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[   56.491790][ T4556] Buffer I/O error on dev loop0, logical block 2069, async page read
[   56.534065][ T4552] EXT4-fs (loop2): 1 truncate cleaned up
[   56.576016][ T4556] syz.0.316: attempt to access beyond end of device
[   56.576016][ T4556] loop0: rw=0, sector=2070, nr_sectors = 1 limit=128
[   56.676510][ T4556] Buffer I/O error on dev loop0, logical block 2070, async page read
[   56.685208][ T4556] Buffer I/O error on dev loop0, logical block 2071, async page read
[   56.685511][ T4552] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   56.693346][ T4556] Buffer I/O error on dev loop0, logical block 2072, async page read
[   56.693392][ T4556] Buffer I/O error on dev loop0, logical block 2065, async page read
[   56.743493][ T4556] Buffer I/O error on dev loop0, logical block 2066, async page read
[   56.816483][   T29] audit: type=1326 audit(1750842083.466:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4576 comm="syz.1.323" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8a7ce5e929 code=0x0
[   56.844509][   T29] audit: type=1400 audit(1750842083.496:1016): avc:  denied  { setopt } for  pid=4553 comm="syz.0.316" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   56.929464][ T4579] loop4: detected capacity change from 0 to 256
[   56.929647][ T4580] netlink: 'syz.1.323': attribute type 1 has an invalid length.
[   56.949690][ T4579] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   56.949716][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.960909][ T4579] FAULT_INJECTION: forcing a failure.
[   56.960909][ T4579] name failslab, interval 1, probability 0, space 0, times 0
[   56.981974][ T4579] CPU: 1 UID: 0 PID: 4579 Comm: syz.4.324 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(voluntary) 
[   56.982020][ T4579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   56.982058][ T4579] Call Trace:
[   56.982066][ T4579]  <TASK>
[   56.982074][ T4579]  __dump_stack+0x1d/0x30
[   56.982122][ T4579]  dump_stack_lvl+0xe8/0x140
[   56.982198][ T4579]  dump_stack+0x15/0x1b
[   56.982213][ T4579]  should_fail_ex+0x265/0x280
[   56.982267][ T4579]  should_failslab+0x8c/0xb0
[   56.982297][ T4579]  kmem_cache_alloc_noprof+0x50/0x310
[   56.982329][ T4579]  ? fat_parse_long+0x5d/0x430
[   56.982429][ T4579]  fat_parse_long+0x5d/0x430
[   56.982497][ T4579]  fat_search_long+0x1cc/0x9c0
[   56.982521][ T4579]  ? __rcu_read_unlock+0x4f/0x70
[   56.982549][ T4579]  ? avc_has_perm_noaudit+0x1b1/0x200
[   56.982598][ T4579]  vfat_lookup+0xd5/0x2d0
[   56.982705][ T4579]  ? __pfx_vfat_lookup+0x10/0x10
[   56.982783][ T4579]  path_openat+0xcf3/0x2170
[   56.982836][ T4579]  do_filp_open+0x109/0x230
[   56.982874][ T4579]  do_sys_openat2+0xa6/0x110
[   56.982952][ T4579]  __x64_sys_openat+0xf2/0x120
[   56.982987][ T4579]  x64_sys_call+0x1af/0x2fb0
[   56.983056][ T4579]  do_syscall_64+0xd2/0x200
[   56.983083][ T4579]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   56.983108][ T4579]  ? clear_bhb_loop+0x40/0x90
[   56.983134][ T4579]  ? clear_bhb_loop+0x40/0x90
[   56.983201][ T4579]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.983228][ T4579] RIP: 0033:0x7fdfdbdce929
[   56.983247][ T4579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.983335][ T4579] RSP: 002b:00007fdfda437038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   56.983353][ T4579] RAX: ffffffffffffffda RBX: 00007fdfdbff5fa0 RCX: 00007fdfdbdce929
[   56.983365][ T4579] RDX: 0000000000141042 RSI: 0000200000000040 RDI: ffffffffffffff9c
[   56.983378][ T4579] RBP: 00007fdfda437090 R08: 0000000000000000 R09: 0000000000000000
[   56.983394][ T4579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   56.983474][ T4579] R13: 0000000000000000 R14: 00007fdfdbff5fa0 R15: 00007ffea7e09928
[   56.983501][ T4579]  </TASK>
[   57.258686][ T4584] futex_wake_op: syz.4.326 tries to shift op by -1; fix this program
[   57.297736][ T4586] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.332135][ T4588] loop4: detected capacity change from 0 to 512
[   57.352259][ T4588] EXT4-fs (loop4): too many log groups per flexible block group
[   57.360080][ T4588] EXT4-fs (loop4): failed to initialize mballoc (-12)
[   57.374637][ T4586] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.393070][ T4588] EXT4-fs (loop4): mount failed
[   57.456123][ T4594] random: crng reseeded on system resumption
[   57.465962][ T4586] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.490056][ T4594] Restarting kernel threads ...
[   57.499444][ T4594] Done restarting kernel threads.
[   57.550899][ T4586] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.638826][ T4604] ALSA: seq fatal error: cannot create timer (-22)
[   57.674001][ T4586] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.692947][ T4586] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.729727][ T4586] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.771471][ T4586] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   57.792730][ T4607] loop4: detected capacity change from 0 to 1024
[   57.793075][ T4612] loop1: detected capacity change from 0 to 512
[   57.827299][ T4607] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   57.861838][ T4612] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   57.871712][ T4607] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   57.881825][ T4607] EXT4-fs (loop4): orphan cleanup on readonly fs
[   57.889230][ T4607] EXT4-fs error (device loop4): __ext4_get_inode_loc:4792: comm syz.4.335: Invalid inode table block 0 in block_group 0
[   57.889359][ T4617] loop2: detected capacity change from 0 to 128
[   57.908877][ T4612] ext4 filesystem being mounted at /65/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   57.919509][ T4607] EXT4-fs (loop4): Remounting filesystem read-only
[   57.929319][ T4607] EXT4-fs (loop4): 1 truncate cleaned up
[   57.990780][ T4620] loop2: detected capacity change from 0 to 512
[   58.012630][ T4620] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   58.036015][ T4620] EXT4-fs (loop2): orphan cleanup on readonly fs
[   58.076084][ T4620] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.338: corrupted inode contents
[   58.115972][ T4620] EXT4-fs (loop2): Remounting filesystem read-only
[   58.122744][ T4620] EXT4-fs (loop2): 1 truncate cleaned up
[   58.143865][ T3630] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   58.154641][ T3630] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   58.170715][ T3630] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   58.242303][ T4627] loop2: detected capacity change from 0 to 1024
[   58.250986][ T4627] EXT4-fs: Ignoring removed nobh option
[   58.256607][ T4627] EXT4-fs: Ignoring removed bh option
[   58.330563][ T4627] rdma_op ffff888121469d80 conn xmit_rdma 0000000000000000
[   58.399919][ T4639] loop1: detected capacity change from 0 to 512
[   58.448353][ T4639] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   58.458299][ T4639] EXT4-fs (loop1): orphan cleanup on readonly fs
[   58.466117][ T4639] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.344: corrupted inode contents
[   58.478307][ T4639] EXT4-fs (loop1): Remounting filesystem read-only
[   58.484930][ T4639] EXT4-fs (loop1): 1 truncate cleaned up
[   58.490779][   T31] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   58.501518][   T31] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   58.512120][   T31] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   58.748966][ T4655] netlink: 'syz.0.349': attribute type 10 has an invalid length.
[   58.756974][ T4655] FAULT_INJECTION: forcing a failure.
[   58.756974][ T4655] name failslab, interval 1, probability 0, space 0, times 0
[   58.769629][ T4655] CPU: 0 UID: 0 PID: 4655 Comm: syz.0.349 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(voluntary) 
[   58.769665][ T4655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   58.769680][ T4655] Call Trace:
[   58.769687][ T4655]  <TASK>
[   58.769695][ T4655]  __dump_stack+0x1d/0x30
[   58.769718][ T4655]  dump_stack_lvl+0xe8/0x140
[   58.769744][ T4655]  dump_stack+0x15/0x1b
[   58.769766][ T4655]  should_fail_ex+0x265/0x280
[   58.769847][ T4655]  should_failslab+0x8c/0xb0
[   58.769870][ T4655]  __kmalloc_noprof+0xa5/0x3e0
[   58.769935][ T4655]  ? switchdev_deferred_enqueue+0x2d/0x1c0
[   58.769965][ T4655]  ? __pfx_switchdev_port_attr_set_deferred+0x10/0x10
[   58.770001][ T4655]  switchdev_deferred_enqueue+0x2d/0x1c0
[   58.770119][ T4655]  switchdev_port_attr_set+0x6c/0xe0
[   58.770152][ T4655]  br_set_state+0x205/0x390
[   58.770197][ T4655]  br_stp_disable_port+0x5d/0x150
[   58.770244][ T4655]  br_stp_disable_bridge+0x5e/0xf0
[   58.770272][ T4655]  ? __pfx_br_dev_stop+0x10/0x10
[   58.770323][ T4655]  br_dev_stop+0x21/0xe0
[   58.770366][ T4655]  ? __pfx_br_dev_stop+0x10/0x10
[   58.770392][ T4655]  __dev_close_many+0x1e4/0x420
[   58.770434][ T4655]  __dev_change_flags+0x1e9/0x400
[   58.770466][ T4655]  netif_change_flags+0x5a/0xd0
[   58.770573][ T4655]  do_setlink+0x9d2/0x2810
[   58.770604][ T4655]  ? bpf_trace_run4+0x134/0x1d0
[   58.770671][ T4655]  ? _raw_spin_unlock+0x26/0x50
[   58.770700][ T4655]  ? finish_task_switch+0xad/0x2b0
[   58.770725][ T4655]  ? __schedule+0x6a8/0xb30
[   58.770751][ T4655]  rtnl_newlink+0xe75/0x12d0
[   58.770814][ T4655]  ? x86_call_depth_emit_accounting+0x128/0x2e0
[   58.770850][ T4655]  ? xas_load+0x413/0x430
[   58.770953][ T4655]  ? xas_load+0x413/0x430
[   58.771005][ T4655]  ? __memcg_slab_free_hook+0x135/0x230
[   58.771048][ T4655]  ? __kfree_skb+0x109/0x150
[   58.771077][ T4655]  ? __rcu_read_unlock+0x4f/0x70
[   58.771101][ T4655]  ? avc_has_perm_noaudit+0x1b1/0x200
[   58.771176][ T4655]  ? selinux_capable+0x1f9/0x270
[   58.771213][ T4655]  ? security_capable+0x83/0x90
[   58.771238][ T4655]  ? ns_capable+0x7d/0xb0
[   58.771306][ T4655]  ? __pfx_rtnl_newlink+0x10/0x10
[   58.771372][ T4655]  rtnetlink_rcv_msg+0x5fb/0x6d0
[   58.771400][ T4655]  netlink_rcv_skb+0x120/0x220
[   58.771432][ T4655]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   58.771474][ T4655]  rtnetlink_rcv+0x1c/0x30
[   58.771492][ T4655]  netlink_unicast+0x59e/0x670
[   58.771597][ T4655]  netlink_sendmsg+0x58b/0x6b0
[   58.771631][ T4655]  ? __pfx_netlink_sendmsg+0x10/0x10
[   58.771680][ T4655]  __sock_sendmsg+0x142/0x180
[   58.771711][ T4655]  ____sys_sendmsg+0x31e/0x4e0
[   58.771757][ T4655]  ___sys_sendmsg+0x17b/0x1d0
[   58.771815][ T4655]  __x64_sys_sendmsg+0xd4/0x160
[   58.771914][ T4655]  x64_sys_call+0x2999/0x2fb0
[   58.771977][ T4655]  do_syscall_64+0xd2/0x200
[   58.772000][ T4655]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   58.772025][ T4655]  ? clear_bhb_loop+0x40/0x90
[   58.772105][ T4655]  ? clear_bhb_loop+0x40/0x90
[   58.772133][ T4655]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.772154][ T4655] RIP: 0033:0x7f0b42a5e929
[   58.772169][ T4655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.772209][ T4655] RSP: 002b:00007f0b410c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   58.772244][ T4655] RAX: ffffffffffffffda RBX: 00007f0b42c85fa0 RCX: 00007f0b42a5e929
[   58.772256][ T4655] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000003
[   58.772266][ T4655] RBP: 00007f0b410c7090 R08: 0000000000000000 R09: 0000000000000000
[   58.772278][ T4655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.772288][ T4655] R13: 0000000000000000 R14: 00007f0b42c85fa0 R15: 00007ffd067f0ff8
[   58.772306][ T4655]  </TASK>
[   58.772314][ T4655] bridge0: error setting offload STP state on port 2(bridge_slave_1)
[   59.148384][ T4655] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.161723][ T4655] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.168851][ T4655] bridge0: port 2(bridge_slave_1) entered forwarding state
[   59.176319][ T4655] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.183408][ T4655] bridge0: port 1(bridge_slave_0) entered forwarding state
[   59.194020][ T4655] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   59.271292][ T4663] pim6reg1: entered promiscuous mode
[   59.276703][ T4663] pim6reg1: entered allmulticast mode
[   59.343030][ T4669] loop0: detected capacity change from 0 to 1024
[   59.354459][ T4669] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   59.462934][ T4669] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   59.485235][ T4669] EXT4-fs (loop0): orphan cleanup on readonly fs
[   59.530165][ T4669] EXT4-fs error (device loop0): __ext4_get_inode_loc:4792: comm syz.0.354: Invalid inode table block 0 in block_group 0
[   59.564495][ T4669] EXT4-fs (loop0): Remounting filesystem read-only
[   59.608607][ T4669] EXT4-fs (loop0): 1 truncate cleaned up
[   59.999701][   T29] kauditd_printk_skb: 22 callbacks suppressed
[   59.999716][   T29] audit: type=1400 audit(1750842086.656:1023): avc:  denied  { mount } for  pid=4683 comm="syz.0.360" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   60.095219][ T4689] loop4: detected capacity change from 0 to 512
[   60.121039][ T4689] EXT4-fs error (device loop4): __ext4_iget:5379: inode #4: block 193290: comm syz.4.362: invalid block
[   60.137633][ T4689] EXT4-fs error (device loop4): ext4_quota_enable:7127: comm syz.4.362: Bad quota inode: 4, type: 1
[   60.149482][ T4689] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   60.165114][ T4689] EXT4-fs (loop4): mount failed
[   60.205141][ T4689] netlink: '+}[@': attribute type 13 has an invalid length.
[   60.233083][ T4693] __nla_validate_parse: 16 callbacks suppressed
[   60.233098][ T4693] netlink: 16 bytes leftover after parsing attributes in process `syz.2.363'.
[   60.248518][ T4693] netlink: 16 bytes leftover after parsing attributes in process `syz.2.363'.
[   60.257564][ T4693] netlink: 16 bytes leftover after parsing attributes in process `syz.2.363'.
[   60.315864][ T4693] netlink: 16 bytes leftover after parsing attributes in process `syz.2.363'.
[   60.324911][ T4693] netlink: 16 bytes leftover after parsing attributes in process `syz.2.363'.
[   60.333910][ T4693] netlink: 16 bytes leftover after parsing attributes in process `syz.2.363'.
[   60.349073][ T4689] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.356482][ T4689] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.374421][ T4685] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   60.404360][ T4693] netlink: 16 bytes leftover after parsing attributes in process `syz.2.363'.
[   60.413486][ T4693] netlink: 16 bytes leftover after parsing attributes in process `syz.2.363'.
[   60.421683][ T4689] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   60.422411][ T4693] netlink: 16 bytes leftover after parsing attributes in process `syz.2.363'.
[   60.432857][ T4689] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   60.463590][   T29] audit: type=1400 audit(1750842087.116:1024): avc:  denied  { map } for  pid=4701 comm="syz.3.364" path="socket:[8580]" dev="sockfs" ino=8580 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   60.487154][   T29] audit: type=1400 audit(1750842087.116:1025): avc:  denied  { read write } for  pid=4701 comm="syz.3.364" path="socket:[8580]" dev="sockfs" ino=8580 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   60.512916][ T4685] netlink: 'syz.0.360': attribute type 4 has an invalid length.
[   60.574462][ T4689] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   60.582977][ T4689] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   60.591475][ T4689] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   60.599965][ T4689] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   60.617096][ T4707] netlink: 8 bytes leftover after parsing attributes in process `syz.3.366'.
[   60.678608][   T29] audit: type=1400 audit(1750842087.336:1026): avc:  denied  { unmount } for  pid=3309 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   60.766128][ T4718] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.820649][ T4718] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.871699][ T4718] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.940680][ T4732] loop4: detected capacity change from 0 to 512
[   60.948851][ T4729] tipc: Enabling of bearer <eth:team	> rejected, failed to enable media
[   60.948857][ T4732] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   60.957478][ T4734] loop3: detected capacity change from 0 to 1024
[   60.981271][   T29] audit: type=1400 audit(1750842087.636:1027): avc:  denied  { remount } for  pid=4733 comm="syz.3.377" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   61.001546][ T4732] EXT4-fs (loop4): 1 truncate cleaned up
[   61.019065][ T4718] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.083921][ T4741] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[   61.090524][ T4741] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   61.098129][ T4741] vhci_hcd vhci_hcd.0: Device attached
[   61.101325][   T29] audit: type=1326 audit(1750842087.756:1028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.3.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faef8d6e929 code=0x7ffc0000
[   61.128209][   T29] audit: type=1326 audit(1750842087.786:1029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.3.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7faef8d6e929 code=0x7ffc0000
[   61.151709][   T29] audit: type=1326 audit(1750842087.786:1030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.3.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faef8d6e929 code=0x7ffc0000
[   61.175148][   T29] audit: type=1326 audit(1750842087.786:1031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.3.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7faef8d6e929 code=0x7ffc0000
[   61.202087][ T4742] vhci_hcd: connection closed
[   61.203116][   T29] audit: type=1326 audit(1750842087.786:1032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.3.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faef8d6e929 code=0x7ffc0000
[   61.206056][ T4718] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.207891][   T31] vhci_hcd: stop threads
[   61.207901][   T31] vhci_hcd: release socket
[   61.207910][   T31] vhci_hcd: disconnect device
[   61.320310][ T4718] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.334111][ T4718] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.346821][ T4718] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.424730][ T4752] xt_hashlimit: max too large, truncated to 1048576
[   61.459466][ T3393] kernel read not supported for file /rfkill (pid: 3393 comm: kworker/1:3)
[   61.493114][ T4760] loop0: detected capacity change from 0 to 512
[   61.505279][ T4760] EXT4-fs (loop0): orphan cleanup on readonly fs
[   61.520165][ T4760] EXT4-fs error (device loop0): ext4_orphan_get:1419: comm syz.0.381: bad orphan inode 13
[   61.539656][ T4760] ext4_test_bit(bit=12, block=18) = 1
[   61.545098][ T4760] is_bad_inode(inode)=0
[   61.549387][ T4760] NEXT_ORPHAN(inode)=2130706432
[   61.554378][ T4760] max_ino=32
[   61.557600][ T4760] i_nlink=1
[   61.579761][ T4760] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[   61.593817][ T4766] random: crng reseeded on system resumption
[   61.604585][ T4766] Restarting kernel threads ...
[   61.611388][ T4766] Done restarting kernel threads.
[   61.617462][ T4760] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.381: bg 0: block 248: padding at end of block bitmap is not set
[   61.632748][ T4760] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.381: Failed to acquire dquot type 1
[   61.644718][ T4760] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   61.689332][ T4772] loop1: detected capacity change from 0 to 512
[   61.718885][ T4772] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   61.727011][ T4772] EXT4-fs (loop1): orphan cleanup on readonly fs
[   61.734996][ T4772] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.388: corrupted inode contents
[   61.747201][ T4772] EXT4-fs (loop1): Remounting filesystem read-only
[   61.755980][ T4772] EXT4-fs (loop1): 1 truncate cleaned up
[   61.763883][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   61.774554][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   61.786684][   T12] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   61.824244][ T4776] SELinux: failed to load policy
[   61.899264][ T4782] loop2: detected capacity change from 0 to 1024
[   61.915338][ T4782] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   62.037508][ T4782] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   62.045815][ T4782] EXT4-fs (loop2): orphan cleanup on readonly fs
[   62.054104][ T4782] EXT4-fs error (device loop2): __ext4_get_inode_loc:4792: comm syz.2.393: Invalid inode table block 0 in block_group 0
[   62.100582][ T4782] EXT4-fs (loop2): Remounting filesystem read-only
[   62.107424][ T4782] EXT4-fs (loop2): 1 truncate cleaned up
[   62.296562][ T4792] loop0: detected capacity change from 0 to 512
[   62.318984][ T4792] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   62.327139][ T4792] EXT4-fs (loop0): orphan cleanup on readonly fs
[   62.335525][ T4792] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.395: corrupted inode contents
[   62.347721][ T4792] EXT4-fs (loop0): Remounting filesystem read-only
[   62.354660][ T4792] EXT4-fs (loop0): 1 truncate cleaned up
[   62.361342][ T3630] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   62.372006][ T3630] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   62.384662][ T3630] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   62.455137][ T4802] netlink: 'syz.2.399': attribute type 13 has an invalid length.
[   62.531052][ T4805] netlink: 'syz.0.398': attribute type 1 has an invalid length.
[   62.672325][ T4807] SELinux: failed to load policy
[   62.730538][ T4809] SELinux: failed to load policy
[   62.737077][ T4811] netlink: 'syz.1.402': attribute type 13 has an invalid length.
[   62.917195][ T4822] loop4: detected capacity change from 0 to 1024
[   62.926230][ T4822] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   62.938376][ T4822] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   62.946552][ T4822] EXT4-fs (loop4): orphan cleanup on readonly fs
[   62.953839][ T4822] EXT4-fs error (device loop4): __ext4_get_inode_loc:4792: comm syz.4.405: Invalid inode table block 0 in block_group 0
[   62.966872][ T4822] EXT4-fs (loop4): Remounting filesystem read-only
[   62.973755][ T4822] EXT4-fs (loop4): 1 truncate cleaned up
[   63.145468][ T4833] SELinux: failed to load policy
[   63.172063][ T4835] loop4: detected capacity change from 0 to 764
[   63.560954][ T4863] loop2: detected capacity change from 0 to 764
[   63.595826][ T4867] netlink: 'syz.2.425': attribute type 13 has an invalid length.
[   63.613201][ T4865] loop3: detected capacity change from 0 to 1024
[   63.635632][ T4865] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   63.652324][ T4874] loop0: detected capacity change from 0 to 512
[   63.661207][ T4865] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   63.667275][ T4874] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   63.681688][ T4865] EXT4-fs (loop3): orphan cleanup on readonly fs
[   63.688570][ T4865] EXT4-fs error (device loop3): __ext4_get_inode_loc:4792: comm syz.3.423: Invalid inode table block 0 in block_group 0
[   63.701270][ T4873] loop1: detected capacity change from 0 to 1024
[   63.707596][ T4865] EXT4-fs (loop3): Remounting filesystem read-only
[   63.709844][ T4874] EXT4-fs (loop0): 1 truncate cleaned up
[   63.714651][ T4865] EXT4-fs (loop3): 1 truncate cleaned up
[   63.737487][ T4873] FAULT_INJECTION: forcing a failure.
[   63.737487][ T4873] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   63.751233][ T4873] CPU: 1 UID: 0 PID: 4873 Comm: +}[@ Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(voluntary) 
[   63.751263][ T4873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   63.751327][ T4873] Call Trace:
[   63.751334][ T4873]  <TASK>
[   63.751341][ T4873]  __dump_stack+0x1d/0x30
[   63.751413][ T4873]  dump_stack_lvl+0xe8/0x140
[   63.751434][ T4873]  dump_stack+0x15/0x1b
[   63.751451][ T4873]  should_fail_ex+0x265/0x280
[   63.751483][ T4873]  should_fail_alloc_page+0xf2/0x100
[   63.751511][ T4873]  alloc_pages_bulk_noprof+0xef/0x540
[   63.751561][ T4873]  copy_splice_read+0xf3/0x5f0
[   63.751609][ T4873]  ? __pfx_ext4_file_splice_read+0x10/0x10
[   63.751634][ T4873]  splice_direct_to_actor+0x290/0x680
[   63.751666][ T4873]  ? __pfx_direct_splice_actor+0x10/0x10
[   63.751773][ T4873]  do_splice_direct+0xda/0x150
[   63.751801][ T4873]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   63.751834][ T4873]  do_sendfile+0x380/0x650
[   63.751932][ T4873]  __x64_sys_sendfile64+0x105/0x150
[   63.751969][ T4873]  x64_sys_call+0xb39/0x2fb0
[   63.751989][ T4873]  do_syscall_64+0xd2/0x200
[   63.752013][ T4873]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   63.752059][ T4873]  ? clear_bhb_loop+0x40/0x90
[   63.752101][ T4873]  ? clear_bhb_loop+0x40/0x90
[   63.752123][ T4873]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.752155][ T4873] RIP: 0033:0x7f8a7ce5e929
[   63.752226][ T4873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.752262][ T4873] RSP: 002b:00007f8a7b4c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   63.752282][ T4873] RAX: ffffffffffffffda RBX: 00007f8a7d085fa0 RCX: 00007f8a7ce5e929
[   63.752294][ T4873] RDX: 0000000000000000 RSI: 000000000000000b RDI: 000000000000000b
[   63.752307][ T4873] RBP: 00007f8a7b4c7090 R08: 0000000000000000 R09: 0000000000000000
[   63.752320][ T4873] R10: 0000000800000009 R11: 0000000000000246 R12: 0000000000000001
[   63.752333][ T4873] R13: 0000000000000000 R14: 00007f8a7d085fa0 R15: 00007fffa2294168
[   63.752353][ T4873]  </TASK>
[   64.183857][ T4898] loop1: detected capacity change from 0 to 512
[   64.197690][ T4890] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2
[   64.215496][ T4898] loop1: detected capacity change from 0 to 512
[   64.246844][ T4898] EXT4-fs: Invalid want_extra_isize 512
[   64.317557][ T4913] random: crng reseeded on system resumption
[   64.335811][ T4913] Restarting kernel threads ...
[   64.352799][ T4913] Done restarting kernel threads.
[   64.356805][ T4918] loop0: detected capacity change from 0 to 1024
[   64.365507][ T4918] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   64.381232][ T4918] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   64.391033][ T4918] EXT4-fs (loop0): orphan cleanup on readonly fs
[   64.440011][ T4918] EXT4-fs error (device loop0): __ext4_get_inode_loc:4792: comm syz.0.442: Invalid inode table block 0 in block_group 0
[   64.464276][ T4918] EXT4-fs (loop0): Remounting filesystem read-only
[   64.480217][ T4918] EXT4-fs (loop0): 1 truncate cleaned up
[   64.666692][ T4937] xt_hashlimit: max too large, truncated to 1048576
[   64.675515][ T4937] FAULT_INJECTION: forcing a failure.
[   64.675515][ T4937] name failslab, interval 1, probability 0, space 0, times 0
[   64.688258][ T4937] CPU: 1 UID: 0 PID: 4937 Comm: syz.0.449 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(voluntary) 
[   64.688288][ T4937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   64.688302][ T4937] Call Trace:
[   64.688309][ T4937]  <TASK>
[   64.688429][ T4937]  __dump_stack+0x1d/0x30
[   64.688454][ T4937]  dump_stack_lvl+0xe8/0x140
[   64.688477][ T4937]  dump_stack+0x15/0x1b
[   64.688564][ T4937]  should_fail_ex+0x265/0x280
[   64.688649][ T4937]  should_failslab+0x8c/0xb0
[   64.688758][ T4937]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   64.688794][ T4937]  ? htable_create+0x222/0x450
[   64.688886][ T4937]  kstrdup+0x3e/0xd0
[   64.688946][ T4937]  htable_create+0x222/0x450
[   64.688983][ T4937]  ? __rcu_read_unlock+0x4f/0x70
[   64.689013][ T4937]  hashlimit_mt_check_common+0x5db/0x6c0
[   64.689058][ T4937]  hashlimit_mt_check_v1+0x12d/0x160
[   64.689168][ T4937]  xt_check_match+0x2aa/0x4f0
[   64.689244][ T4937]  ? strnlen+0x28/0x50
[   64.689263][ T4937]  ? strcmp+0x22/0x50
[   64.689280][ T4937]  ? xt_find_match+0x1d1/0x210
[   64.689324][ T4937]  translate_table+0xa9c/0xf90
[   64.689412][ T4937]  ? _copy_from_user+0x89/0xb0
[   64.689440][ T4937]  do_ipt_set_ctl+0x66f/0x820
[   64.689506][ T4937]  nf_setsockopt+0x196/0x1b0
[   64.689532][ T4937]  ip_setsockopt+0x102/0x110
[   64.689654][ T4937]  udp_setsockopt+0x99/0xb0
[   64.689678][ T4937]  sock_common_setsockopt+0x66/0x80
[   64.689710][ T4937]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   64.689739][ T4937]  __sys_setsockopt+0x181/0x200
[   64.689895][ T4937]  __x64_sys_setsockopt+0x64/0x80
[   64.689975][ T4937]  x64_sys_call+0x2bd5/0x2fb0
[   64.690002][ T4937]  do_syscall_64+0xd2/0x200
[   64.690062][ T4937]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   64.690095][ T4937]  ? clear_bhb_loop+0x40/0x90
[   64.690118][ T4937]  ? clear_bhb_loop+0x40/0x90
[   64.690142][ T4937]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.690255][ T4937] RIP: 0033:0x7f0b42a5e929
[   64.690272][ T4937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.690294][ T4937] RSP: 002b:00007f0b410c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   64.690318][ T4937] RAX: ffffffffffffffda RBX: 00007f0b42c85fa0 RCX: 00007f0b42a5e929
[   64.690334][ T4937] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000005
[   64.690410][ T4937] RBP: 00007f0b410c7090 R08: 0000000000000548 R09: 0000000000000000
[   64.690425][ T4937] R10: 0000200000002480 R11: 0000000000000246 R12: 0000000000000001
[   64.690441][ T4937] R13: 0000000000000000 R14: 00007f0b42c85fa0 R15: 00007ffd067f0ff8
[   64.690465][ T4937]  </TASK>
[   65.084029][ T4953] pim6reg1: entered promiscuous mode
[   65.089599][ T4953] pim6reg1: entered allmulticast mode
[   65.220795][ T4961] loop3: detected capacity change from 0 to 512
[   65.252988][ T4961] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   65.269490][ T4961] EXT4-fs (loop3): orphan cleanup on readonly fs
[   65.289115][ T4961] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.458: corrupted inode contents
[   65.328162][ T4961] EXT4-fs (loop3): Remounting filesystem read-only
[   65.336169][ T4969] __nla_validate_parse: 37 callbacks suppressed
[   65.336182][ T4969] netlink: 96 bytes leftover after parsing attributes in process `syz.4.461'.
[   65.368559][ T4961] EXT4-fs (loop3): 1 truncate cleaned up
[   65.375710][   T31] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   65.386315][   T31] __quota_error: 181 callbacks suppressed
[   65.386330][   T31] Quota error (device loop3): write_blk: dquota write failed
[   65.399677][   T31] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries
[   65.409689][   T31] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   65.420229][   T31] Quota error (device loop3): write_blk: dquota write failed
[   65.427637][   T31] Quota error (device loop3): free_dqentry: Can't move quota data block (5) to free list
[   65.442898][ T4972] loop1: detected capacity change from 0 to 512
[   65.452725][   T31] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   65.463001][   T31] Quota error (device loop3): v2_write_file_info: Can't write info structure
[   65.472328][   T31] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   65.499760][ T4972] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   65.553880][ T4972] EXT4-fs (loop1): 1 truncate cleaned up
[   65.572823][ T4981] netlink: 8 bytes leftover after parsing attributes in process `syz.3.465'.
[   65.596365][   T29] audit: type=1400 audit(1750842092.246:1192): avc:  denied  { setattr } for  pid=4966 comm="syz.1.460" name="file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   65.619855][ T4981] syz.3.465 (4981): attempted to duplicate a private mapping with mremap.  This is not supported.
[   65.671946][ T4984] xt_hashlimit: max too large, truncated to 1048576
[   65.704178][ T4981] netlink: 24 bytes leftover after parsing attributes in process `syz.3.465'.
[   65.740935][   T29] audit: type=1400 audit(1750842092.396:1193): avc:  denied  { bind } for  pid=4988 comm="syz.4.467" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   65.777855][   T29] audit: type=1400 audit(1750842092.396:1194): avc:  denied  { name_bind } for  pid=4988 comm="syz.4.467" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[   65.799612][   T29] audit: type=1400 audit(1750842092.396:1195): avc:  denied  { node_bind } for  pid=4988 comm="syz.4.467" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[   66.053611][ T5000] netlink: 12 bytes leftover after parsing attributes in process `syz.1.471'.
[   66.189280][ T5008] loop1: detected capacity change from 0 to 2048
[   66.210599][ T5008] ext4 filesystem being mounted at /98/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.598909][ T5018] netlink: 'syz.4.477': attribute type 13 has an invalid length.
[   66.728211][ T5022] loop3: detected capacity change from 0 to 764
[   67.089430][ T5040] loop3: detected capacity change from 0 to 512
[   67.320860][ T5040] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   67.335265][ T5040] EXT4-fs (loop3): orphan cleanup on readonly fs
[   67.355196][ T5040] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.482: corrupted inode contents
[   67.386013][ T5040] EXT4-fs (loop3): Remounting filesystem read-only
[   67.409344][ T5040] EXT4-fs (loop3): 1 truncate cleaned up
[   67.415415][   T12] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   67.426007][   T12] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   67.482802][ T5065] lo speed is unknown, defaulting to 1000
[   67.489185][   T12] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   67.500748][ T5065] lo speed is unknown, defaulting to 1000
[   67.545386][ T5069] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5069 comm=syz.2.485
[   67.557900][ T5069] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5069 comm=syz.2.485
[   67.576649][ T5072] netlink: 96 bytes leftover after parsing attributes in process `syz.4.486'.
[   67.658506][ T5080] loop1: detected capacity change from 0 to 512
[   67.665263][ T5080] EXT4-fs: Ignoring removed mblk_io_submit option
[   67.671880][ T5080] EXT4-fs: Ignoring removed bh option
[   67.677809][ T5080] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   67.690104][ T5080] EXT4-fs (loop1): 1 truncate cleaned up
[   68.251991][ T5101] loop1: detected capacity change from 0 to 764
[   68.362336][ T5104] netlink: 4 bytes leftover after parsing attributes in process `syz.1.496'.
[   68.397610][ T5108] FAULT_INJECTION: forcing a failure.
[   68.397610][ T5108] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   68.410983][ T5108] CPU: 1 UID: 0 PID: 5108 Comm: syz.0.499 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(voluntary) 
[   68.411010][ T5108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   68.411021][ T5108] Call Trace:
[   68.411027][ T5108]  <TASK>
[   68.411058][ T5108]  __dump_stack+0x1d/0x30
[   68.411084][ T5108]  dump_stack_lvl+0xe8/0x140
[   68.411109][ T5108]  dump_stack+0x15/0x1b
[   68.411131][ T5108]  should_fail_ex+0x265/0x280
[   68.411208][ T5108]  should_fail+0xb/0x20
[   68.411234][ T5108]  should_fail_usercopy+0x1a/0x20
[   68.411275][ T5108]  _copy_from_user+0x1c/0xb0
[   68.411370][ T5108]  ucma_write+0xd9/0x250
[   68.411395][ T5108]  ? __pfx_ucma_write+0x10/0x10
[   68.411421][ T5108]  vfs_write+0x266/0x8e0
[   68.411576][ T5108]  ? __rcu_read_unlock+0x4f/0x70
[   68.411597][ T5108]  ? __fget_files+0x184/0x1c0
[   68.411625][ T5108]  ksys_write+0xda/0x1a0
[   68.411664][ T5108]  __x64_sys_write+0x40/0x50
[   68.411681][ T5108]  x64_sys_call+0x2cdd/0x2fb0
[   68.411702][ T5108]  do_syscall_64+0xd2/0x200
[   68.411720][ T5108]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   68.411748][ T5108]  ? clear_bhb_loop+0x40/0x90
[   68.411834][ T5108]  ? clear_bhb_loop+0x40/0x90
[   68.411861][ T5108]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.411888][ T5108] RIP: 0033:0x7f0b42a5e929
[   68.411905][ T5108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.411922][ T5108] RSP: 002b:00007f0b410c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   68.411944][ T5108] RAX: ffffffffffffffda RBX: 00007f0b42c85fa0 RCX: 00007f0b42a5e929
[   68.411960][ T5108] RDX: 00000000000000a0 RSI: 0000200000000980 RDI: 0000000000000003
[   68.411975][ T5108] RBP: 00007f0b410c7090 R08: 0000000000000000 R09: 0000000000000000
[   68.411989][ T5108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.412000][ T5108] R13: 0000000000000000 R14: 00007f0b42c85fa0 R15: 00007ffd067f0ff8
[   68.412059][ T5108]  </TASK>
[   68.627321][ T5110] xt_hashlimit: max too large, truncated to 1048576
[   68.691515][ T5119] loop1: detected capacity change from 0 to 512
[   68.695607][ T5121] random: crng reseeded on system resumption
[   68.707441][ T5119] EXT4-fs (loop1): orphan cleanup on readonly fs
[   68.712545][ T5121] Restarting kernel threads ...
[   68.725550][ T5121] Done restarting kernel threads.
[   68.730163][ T5119] EXT4-fs error (device loop1): ext4_orphan_get:1419: comm syz.1.498: bad orphan inode 13
[   68.742683][ T5119] ext4_test_bit(bit=12, block=18) = 1
[   68.748153][ T5119] is_bad_inode(inode)=0
[   68.752408][ T5119] NEXT_ORPHAN(inode)=2130706432
[   68.757300][ T5119] max_ino=32
[   68.760561][ T5119] i_nlink=1
[   68.789685][ T5119] EXT4-fs mount: 42 callbacks suppressed
[   68.789703][ T5119] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   68.824119][ T5132] loop0: detected capacity change from 0 to 764
[   68.834437][ T5119] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[   68.851709][ T5128] loop2: detected capacity change from 0 to 2048
[   68.871238][ T5119] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.498: bg 0: block 248: padding at end of block bitmap is not set
[   68.900350][ T5119] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.498: Failed to acquire dquot type 1
[   68.913544][ T5119] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   68.950090][ T5128] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.963440][ T5137] FAULT_INJECTION: forcing a failure.
[   68.963440][ T5137] name failslab, interval 1, probability 0, space 0, times 0
[   68.976265][ T5137] CPU: 0 UID: 0 PID: 5137 Comm: syz.0.508 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(voluntary) 
[   68.976304][ T5137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   68.976320][ T5137] Call Trace:
[   68.976328][ T5137]  <TASK>
[   68.976337][ T5137]  __dump_stack+0x1d/0x30
[   68.976394][ T5137]  dump_stack_lvl+0xe8/0x140
[   68.976421][ T5137]  dump_stack+0x15/0x1b
[   68.976443][ T5137]  should_fail_ex+0x265/0x280
[   68.976496][ T5137]  should_failslab+0x8c/0xb0
[   68.976533][ T5137]  __kmalloc_noprof+0xa5/0x3e0
[   68.976568][ T5137]  ? genl_family_rcv_msg_attrs_parse+0x75/0x190
[   68.976664][ T5137]  genl_family_rcv_msg_attrs_parse+0x75/0x190
[   68.976702][ T5137]  genl_family_rcv_msg_doit+0x48/0x1b0
[   68.976736][ T5137]  ? security_capable+0x83/0x90
[   68.976840][ T5137]  ? ns_capable+0x7d/0xb0
[   68.976865][ T5137]  genl_rcv_msg+0x422/0x460
[   68.976896][ T5137]  ? __pfx_ethnl_act_cable_test_tdr+0x10/0x10
[   68.976989][ T5137]  netlink_rcv_skb+0x120/0x220
[   68.977126][ T5137]  ? __pfx_genl_rcv_msg+0x10/0x10
[   68.977242][ T5137]  genl_rcv+0x28/0x40
[   68.977268][ T5137]  netlink_unicast+0x59e/0x670
[   68.977307][ T5137]  netlink_sendmsg+0x58b/0x6b0
[   68.977333][ T5137]  ? __pfx_netlink_sendmsg+0x10/0x10
[   68.977356][ T5137]  __sock_sendmsg+0x142/0x180
[   68.977400][ T5137]  ____sys_sendmsg+0x31e/0x4e0
[   68.977443][ T5137]  ___sys_sendmsg+0x17b/0x1d0
[   68.977500][ T5137]  __x64_sys_sendmsg+0xd4/0x160
[   68.977562][ T5137]  x64_sys_call+0x2999/0x2fb0
[   68.977588][ T5137]  do_syscall_64+0xd2/0x200
[   68.977681][ T5137]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   68.977785][ T5137]  ? clear_bhb_loop+0x40/0x90
[   68.977811][ T5137]  ? clear_bhb_loop+0x40/0x90
[   68.977838][ T5137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.977882][ T5137] RIP: 0033:0x7f0b42a5e929
[   68.977901][ T5137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.977944][ T5137] RSP: 002b:00007f0b410c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   68.977968][ T5137] RAX: ffffffffffffffda RBX: 00007f0b42c85fa0 RCX: 00007f0b42a5e929
[   68.977984][ T5137] RDX: 0000000000000000 RSI: 0000200000001540 RDI: 0000000000000003
[   68.978000][ T5137] RBP: 00007f0b410c7090 R08: 0000000000000000 R09: 0000000000000000
[   68.978014][ T5137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.978027][ T5137] R13: 0000000000000000 R14: 00007f0b42c85fa0 R15: 00007ffd067f0ff8
[   68.978113][ T5137]  </TASK>
[   68.982001][ T5143] netlink: 96 bytes leftover after parsing attributes in process `syz.3.510'.
[   69.057532][ T5145] FAULT_INJECTION: forcing a failure.
[   69.057532][ T5145] name failslab, interval 1, probability 0, space 0, times 0
[   69.057574][ T5145] CPU: 0 UID: 0 PID: 5145 Comm: syz.0.511 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(voluntary) 
[   69.057600][ T5145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   69.057612][ T5145] Call Trace:
[   69.057619][ T5145]  <TASK>
[   69.057627][ T5145]  __dump_stack+0x1d/0x30
[   69.057714][ T5145]  dump_stack_lvl+0xe8/0x140
[   69.057742][ T5145]  dump_stack+0x15/0x1b
[   69.057768][ T5145]  should_fail_ex+0x265/0x280
[   69.057946][ T5145]  should_failslab+0x8c/0xb0
[   69.057980][ T5145]  __kmalloc_noprof+0xa5/0x3e0
[   69.058016][ T5145]  ? copy_splice_read+0xc2/0x5f0
[   69.058119][ T5145]  copy_splice_read+0xc2/0x5f0
[   69.058165][ T5145]  ? __pfx_copy_splice_read+0x10/0x10
[   69.058203][ T5145]  splice_direct_to_actor+0x26f/0x680
[   69.058325][ T5145]  ? __pfx_direct_splice_actor+0x10/0x10
[   69.058371][ T5145]  do_splice_direct+0xda/0x150
[   69.058411][ T5145]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   69.058474][ T5145]  do_sendfile+0x380/0x650
[   69.058521][ T5145]  __x64_sys_sendfile64+0x105/0x150
[   69.058554][ T5145]  x64_sys_call+0xb39/0x2fb0
[   69.058636][ T5145]  do_syscall_64+0xd2/0x200
[   69.058661][ T5145]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   69.058695][ T5145]  ? clear_bhb_loop+0x40/0x90
[   69.058724][ T5145]  ? clear_bhb_loop+0x40/0x90
[   69.058753][ T5145]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.058809][ T5145] RIP: 0033:0x7f0b42a5e929
[   69.058842][ T5145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.058864][ T5145] RSP: 002b:00007f0b410c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   69.058889][ T5145] RAX: ffffffffffffffda RBX: 00007f0b42c85fa0 RCX: 00007f0b42a5e929
[   69.058906][ T5145] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[   69.058920][ T5145] RBP: 00007f0b410c7090 R08: 0000000000000000 R09: 0000000000000000
[   69.058985][ T5145] R10: 000000040000f63c R11: 0000000000000246 R12: 0000000000000001
[   69.059001][ T5145] R13: 0000000000000000 R14: 00007f0b42c85fa0 R15: 00007ffd067f0ff8
[   69.059026][ T5145]  </TASK>
[   69.464458][ T5128] random: crng reseeded on system resumption
[   69.491612][ T5150] netlink: 'syz.3.513': attribute type 13 has an invalid length.
[   69.494099][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.509857][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.524326][ T5154] netlink: 'syz.1.514': attribute type 13 has an invalid length.
[   69.545668][ T5157] random: crng reseeded on system resumption
[   69.556748][ T5157] Restarting kernel threads ...
[   69.561993][ T5157] Done restarting kernel threads.
[   69.646299][ T5167] SELinux:  Context Ü is not valid (left unmapped).
[   69.726485][ T5175] netlink: 'syz.4.517': attribute type 1 has an invalid length.
[   69.734323][ T5175] netlink: 224 bytes leftover after parsing attributes in process `syz.4.517'.
[   70.121395][ T5235] vhci_hcd: invalid port number 23
[   70.245080][ T5235] SELinux: failed to load policy
[   70.385329][ T5267] netlink: 96 bytes leftover after parsing attributes in process `syz.0.525'.
[   70.404586][   T29] kauditd_printk_skb: 46 callbacks suppressed
[   70.404604][   T29] audit: type=1400 audit(1750842097.056:1234): avc:  denied  { read } for  pid=5270 comm="syz.1.526" name="ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   70.433793][   T29] audit: type=1400 audit(1750842097.056:1235): avc:  denied  { open } for  pid=5270 comm="syz.1.526" path="/dev/ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   70.457340][   T29] audit: type=1400 audit(1750842097.056:1236): avc:  denied  { ioctl } for  pid=5270 comm="syz.1.526" path="/dev/ptp0" dev="devtmpfs" ino=246 ioctlcmd=0x3d05 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   70.506062][ T5278] loop4: detected capacity change from 0 to 512
[   70.534420][ T5278] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   70.547918][ T5273] random: crng reseeded on system resumption
[   70.568556][ T5278] EXT4-fs (loop4): orphan cleanup on readonly fs
[   70.582911][ T5278] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.529: corrupted inode contents
[   70.613208][ T5278] EXT4-fs (loop4): Remounting filesystem read-only
[   70.623736][   T29] audit: type=1400 audit(1750842097.276:1237): avc:  denied  { ioctl } for  pid=5288 comm="syz.3.532" path="socket:[10543]" dev="sockfs" ino=10543 ioctlcmd=0x8904 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   70.635742][ T5278] EXT4-fs (loop4): 1 truncate cleaned up
[   70.649370][   T29] audit: type=1400 audit(1750842097.276:1238): avc:  denied  { accept } for  pid=5288 comm="syz.3.532" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   70.675086][   T29] audit: type=1400 audit(1750842097.276:1239): avc:  denied  { getopt } for  pid=5288 comm="syz.3.532" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   70.681521][ T5295] netlink: 'syz.3.534': attribute type 13 has an invalid length.
[   70.697956][   T29] audit: type=1400 audit(1750842097.306:1240): avc:  granted  { setsecparam } for  pid=5285 comm="syz.0.530" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[   70.703455][   T37] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   70.732772][   T37] Quota error (device loop4): write_blk: dquota write failed
[   70.740248][   T37] Quota error (device loop4): remove_free_dqentry: Can't write block (5) with free entries
[   70.750287][   T37] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   70.760842][   T37] Quota error (device loop4): write_blk: dquota write failed
[   70.770568][   T37] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   70.781427][ T5278] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   70.797500][ T5300] netlink: 8 bytes leftover after parsing attributes in process `syz.0.535'.
[   70.824857][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.835020][ T5300] netlink: 12 bytes leftover after parsing attributes in process `syz.0.535'.
[   70.873117][ T5305] netlink: 148 bytes leftover after parsing attributes in process `syz.4.537'.
[   70.946908][ T5312] random: crng reseeded on system resumption
[   70.963268][ T5312] Restarting kernel threads ...
[   70.968592][ T5312] Done restarting kernel threads.
[   71.066781][ T5329] netlink: 'syz.1.540': attribute type 1 has an invalid length.
[   71.074624][ T5329] netlink: 224 bytes leftover after parsing attributes in process `syz.1.540'.
[   71.281058][    C1] hrtimer: interrupt took 28175 ns
[   71.348891][ T5339] loop0: detected capacity change from 0 to 764
[   71.364748][ T5339] netlink: 8 bytes leftover after parsing attributes in process `syz.0.551'.
[   71.389828][ T5339] FAULT_INJECTION: forcing a failure.
[   71.389828][ T5339] name failslab, interval 1, probability 0, space 0, times 0
[   71.402515][ T5339] CPU: 0 UID: 0 PID: 5339 Comm: syz.0.551 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(voluntary) 
[   71.402635][ T5339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   71.402647][ T5339] Call Trace:
[   71.402653][ T5339]  <TASK>
[   71.402661][ T5339]  __dump_stack+0x1d/0x30
[   71.402741][ T5339]  dump_stack_lvl+0xe8/0x140
[   71.402820][ T5339]  dump_stack+0x15/0x1b
[   71.402835][ T5339]  should_fail_ex+0x265/0x280
[   71.402872][ T5339]  should_failslab+0x8c/0xb0
[   71.402899][ T5339]  kmem_cache_alloc_noprof+0x50/0x310
[   71.402931][ T5339]  ? copy_fs_struct+0x31/0x110
[   71.402960][ T5339]  copy_fs_struct+0x31/0x110
[   71.402993][ T5339]  copy_fs+0x58/0xf0
[   71.403023][ T5339]  copy_process+0xc6e/0x1fe0
[   71.403058][ T5339]  kernel_clone+0x16c/0x5b0
[   71.403172][ T5339]  __se_sys_clone3+0x1c2/0x200
[   71.403219][ T5339]  __x64_sys_clone3+0x31/0x40
[   71.403309][ T5339]  x64_sys_call+0x10c9/0x2fb0
[   71.403334][ T5339]  do_syscall_64+0xd2/0x200
[   71.403380][ T5339]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   71.403415][ T5339]  ? clear_bhb_loop+0x40/0x90
[   71.403440][ T5339]  ? clear_bhb_loop+0x40/0x90
[   71.403538][ T5339]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.403628][ T5339] RIP: 0033:0x7f0b42a5e929
[   71.403645][ T5339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.403666][ T5339] RSP: 002b:00007f0b410c6f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[   71.403687][ T5339] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f0b42a5e929
[   71.403702][ T5339] RDX: 00007f0b410c6f20 RSI: 0000000000000058 RDI: 00007f0b410c6f20
[   71.403715][ T5339] RBP: 00007f0b410c7090 R08: 0000000000000000 R09: 0000000000000058
[   71.403730][ T5339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   71.403741][ T5339] R13: 0000000000000000 R14: 00007f0b42c85fa0 R15: 00007ffd067f0ff8
[   71.403767][ T5339]  </TASK>
[   71.651337][ T5342] random: crng reseeded on system resumption
[   71.671813][ T5342] Restarting kernel threads ...
[   71.676823][ T5342] Done restarting kernel threads.
[   71.754344][ T5349] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   71.779291][ T5349] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   72.042727][ T5375] random: crng reseeded on system resumption
[   72.053659][ T5375] Restarting kernel threads ...
[   72.059285][ T5375] Done restarting kernel threads.
[   72.197096][ T5387] netlink: 148 bytes leftover after parsing attributes in process `syz.2.570'.
[   72.228309][ T5389] netlink: 'syz.2.571': attribute type 2 has an invalid length.
[   72.244340][ T5389] 9pnet_fd: Insufficient options for proto=fd
[   72.386670][ T5402] loop2: detected capacity change from 0 to 1024
[   72.395736][ T5402] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   72.407020][ T5402] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   72.415301][ T5402] EXT4-fs (loop2): orphan cleanup on readonly fs
[   72.422255][ T5402] EXT4-fs error (device loop2): __ext4_get_inode_loc:4792: comm syz.2.576: Invalid inode table block 0 in block_group 0
[   72.435034][ T5402] EXT4-fs (loop2): Remounting filesystem read-only
[   72.441681][ T5402] EXT4-fs (loop2): 1 truncate cleaned up
[   72.447782][ T5402] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   72.481988][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.521147][ T5408] random: crng reseeded on system resumption
[   72.531986][ T5408] Restarting kernel threads ...
[   72.536978][ T5408] Done restarting kernel threads.
[   72.632574][ T5416] netlink: 148 bytes leftover after parsing attributes in process `syz.3.582'.
[   72.647041][ T5415] loop2: detected capacity change from 0 to 128
[   72.674648][ T5418] FAULT_INJECTION: forcing a failure.
[   72.674648][ T5418] name failslab, interval 1, probability 0, space 0, times 0
[   72.687394][ T5418] CPU: 0 UID: 0 PID: 5418 Comm: syz.3.583 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(voluntary) 
[   72.687437][ T5418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   72.687453][ T5418] Call Trace:
[   72.687462][ T5418]  <TASK>
[   72.687471][ T5418]  __dump_stack+0x1d/0x30
[   72.687544][ T5418]  dump_stack_lvl+0xe8/0x140
[   72.687570][ T5418]  dump_stack+0x15/0x1b
[   72.687590][ T5418]  should_fail_ex+0x265/0x280
[   72.687620][ T5418]  ? wakeup_source_register+0x39/0x240
[   72.687748][ T5418]  should_failslab+0x8c/0xb0
[   72.687823][ T5418]  __kmalloc_cache_noprof+0x4c/0x320
[   72.687851][ T5418]  ? mntput_no_expire+0x6f/0x3c0
[   72.687996][ T5418]  wakeup_source_register+0x39/0x240
[   72.688021][ T5418]  device_wakeup_enable+0x86/0x170
[   72.688048][ T5418]  device_set_wakeup_enable+0x25/0xa0
[   72.688071][ T5418]  usb_hcd_submit_urb+0xb10/0x1200
[   72.688104][ T5418]  usb_submit_urb+0xb14/0xc10
[   72.688164][ T5418]  usbfs_start_wait_urb+0x95/0x1c0
[   72.688186][ T5418]  do_proc_control+0x628/0x8b0
[   72.688215][ T5418]  proc_control_compat+0xae/0xe0
[   72.688257][ T5418]  usbdev_ioctl+0xee1/0x1710
[   72.688340][ T5418]  ? __pfx_usbdev_ioctl+0x10/0x10
[   72.688367][ T5418]  __se_sys_ioctl+0xcb/0x140
[   72.688412][ T5418]  __x64_sys_ioctl+0x43/0x50
[   72.688445][ T5418]  x64_sys_call+0x19a8/0x2fb0
[   72.688598][ T5418]  do_syscall_64+0xd2/0x200
[   72.688622][ T5418]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   72.688774][ T5418]  ? clear_bhb_loop+0x40/0x90
[   72.688862][ T5418]  ? clear_bhb_loop+0x40/0x90
[   72.688890][ T5418]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.688916][ T5418] RIP: 0033:0x7faef8d6e929
[   72.688936][ T5418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.689017][ T5418] RSP: 002b:00007faef73d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   72.689072][ T5418] RAX: ffffffffffffffda RBX: 00007faef8f95fa0 RCX: 00007faef8d6e929
[   72.689088][ T5418] RDX: 0000200000000040 RSI: 00000000c0105500 RDI: 0000000000000005
[   72.689147][ T5418] RBP: 00007faef73d7090 R08: 0000000000000000 R09: 0000000000000000
[   72.689162][ T5418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   72.689178][ T5418] R13: 0000000000000000 R14: 00007faef8f95fa0 R15: 00007ffd6016e0b8
[   72.689259][ T5418]  </TASK>
[   72.935171][ T5415] bio_check_eod: 7338 callbacks suppressed
[   72.935190][ T5415] +}[@: attempt to access beyond end of device
[   72.935190][ T5415] loop2: rw=2049, sector=153, nr_sectors = 8 limit=128
[   72.954288][ T5415] +}[@: attempt to access beyond end of device
[   72.954288][ T5415] loop2: rw=2049, sector=169, nr_sectors = 8 limit=128
[   72.969478][ T5415] +}[@: attempt to access beyond end of device
[   72.969478][ T5415] loop2: rw=2049, sector=185, nr_sectors = 8 limit=128
[   72.982739][ T5415] +}[@: attempt to access beyond end of device
[   72.982739][ T5415] loop2: rw=2049, sector=201, nr_sectors = 8 limit=128
[   73.002844][ T5415] +}[@: attempt to access beyond end of device
[   73.002844][ T5415] loop2: rw=2049, sector=217, nr_sectors = 8 limit=128
[   73.016043][ T5415] +}[@: attempt to access beyond end of device
[   73.016043][ T5415] loop2: rw=2049, sector=233, nr_sectors = 8 limit=128
[   73.037457][ T5415] +}[@: attempt to access beyond end of device
[   73.037457][ T5415] loop2: rw=2049, sector=249, nr_sectors = 8 limit=128
[   73.059935][ T5415] +}[@: attempt to access beyond end of device
[   73.059935][ T5415] loop2: rw=2049, sector=265, nr_sectors = 8 limit=128
[   73.073319][ T5415] +}[@: attempt to access beyond end of device
[   73.073319][ T5415] loop2: rw=2049, sector=281, nr_sectors = 8 limit=128
[   73.094686][ T5415] +}[@: attempt to access beyond end of device
[   73.094686][ T5415] loop2: rw=2049, sector=297, nr_sectors = 8 limit=128
[   73.196316][ T5437] loop2: detected capacity change from 0 to 512
[   73.229325][ T5437] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   73.237372][ T5437] EXT4-fs (loop2): orphan cleanup on readonly fs
[   73.252001][ T5437] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.589: corrupted inode contents
[   73.301373][ T5447] netlink: 148 bytes leftover after parsing attributes in process `syz.3.593'.
[   73.304386][ T5437] EXT4-fs (loop2): Remounting filesystem read-only
[   73.317706][ T5437] EXT4-fs (loop2): 1 truncate cleaned up
[   73.324178][   T56] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   73.334835][   T56] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   73.348381][   T56] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   73.361680][ T5437] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   73.371187][ T5451] random: crng reseeded on system resumption
[   73.382907][ T5450] xt_hashlimit: max too large, truncated to 1048576
[   73.394827][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.395529][ T5451] Restarting kernel threads ...
[   73.414779][ T5451] Done restarting kernel threads.
[   73.438390][ T5453] FAULT_INJECTION: forcing a failure.
[   73.438390][ T5453] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   73.451679][ T5453] CPU: 1 UID: 0 PID: 5453 Comm: syz.2.596 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(voluntary) 
[   73.451746][ T5453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   73.451757][ T5453] Call Trace:
[   73.451818][ T5453]  <TASK>
[   73.451827][ T5453]  __dump_stack+0x1d/0x30
[   73.451852][ T5453]  dump_stack_lvl+0xe8/0x140
[   73.451870][ T5453]  dump_stack+0x15/0x1b
[   73.451884][ T5453]  should_fail_ex+0x265/0x280
[   73.451926][ T5453]  should_fail+0xb/0x20
[   73.451960][ T5453]  should_fail_usercopy+0x1a/0x20
[   73.452001][ T5453]  _copy_from_user+0x1c/0xb0
[   73.452027][ T5453]  io_submit_one+0x52/0x11d0
[   73.452058][ T5453]  __se_sys_io_submit+0xfb/0x280
[   73.452147][ T5453]  __x64_sys_io_submit+0x43/0x50
[   73.452176][ T5453]  x64_sys_call+0xfc4/0x2fb0
[   73.452223][ T5453]  do_syscall_64+0xd2/0x200
[   73.452244][ T5453]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   73.452276][ T5453]  ? clear_bhb_loop+0x40/0x90
[   73.452301][ T5453]  ? clear_bhb_loop+0x40/0x90
[   73.452334][ T5453]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.452380][ T5453] RIP: 0033:0x7eff0291e929
[   73.452396][ T5453] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.452417][ T5453] RSP: 002b:00007eff00f87038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[   73.452439][ T5453] RAX: ffffffffffffffda RBX: 00007eff02b45fa0 RCX: 00007eff0291e929
[   73.452453][ T5453] RDX: 0000200000000080 RSI: 0000000000000001 RDI: 00007eff03683000
[   73.452468][ T5453] RBP: 00007eff00f87090 R08: 0000000000000000 R09: 0000000000000000
[   73.452482][ T5453] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.452496][ T5453] R13: 0000000000000000 R14: 00007eff02b45fa0 R15: 00007fff1fd40f08
[   73.452539][ T5453]  </TASK>
[   73.670507][ T5454] loop0: detected capacity change from 0 to 512
[   73.690527][ T5454] EXT4-fs (loop0): orphan cleanup on readonly fs
[   73.697535][ T5454] EXT4-fs error (device loop0): ext4_orphan_get:1419: comm syz.0.594: bad orphan inode 13
[   73.710588][ T5458] xt_hashlimit: max too large, truncated to 1048576
[   73.719690][ T5454] ext4_test_bit(bit=12, block=18) = 1
[   73.725120][ T5454] is_bad_inode(inode)=0
[   73.729418][ T5454] NEXT_ORPHAN(inode)=2130706432
[   73.734309][ T5454] max_ino=32
[   73.737525][ T5454] i_nlink=1
[   73.746218][ T5454] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   73.789577][ T5454] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[   73.813620][ T5463] loop3: detected capacity change from 0 to 512
[   73.823838][ T5454] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.594: bg 0: block 248: padding at end of block bitmap is not set
[   73.843858][ T5463] EXT4-fs (loop3): orphan cleanup on readonly fs
[   73.859617][ T5463] EXT4-fs error (device loop3): ext4_orphan_get:1419: comm syz.3.598: bad orphan inode 13
[   73.875449][ T5454] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.594: Failed to acquire dquot type 1
[   73.889282][ T5463] ext4_test_bit(bit=12, block=18) = 1
[   73.894726][ T5463] is_bad_inode(inode)=0
[   73.894738][ T5463] NEXT_ORPHAN(inode)=2130706432
[   73.894749][ T5463] max_ino=32
[   73.900259][ T5473] cgroup: none used incorrectly
[   73.903888][ T5463] i_nlink=1
[   73.907852][ T5454] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   73.933564][ T5463] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   73.958955][ T5463] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[   73.997135][ T5463] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.598: bg 0: block 248: padding at end of block bitmap is not set
[   74.019330][ T5463] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.598: Failed to acquire dquot type 1
[   74.036170][ T5463] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   74.056564][ T5480] netlink: 148 bytes leftover after parsing attributes in process `syz.2.606'.
[   74.084480][ T5482] random: crng reseeded on system resumption
[   74.094638][ T5482] Restarting kernel threads ...
[   74.099916][ T5482] Done restarting kernel threads.
[   74.179690][ T5485] FAULT_INJECTION: forcing a failure.
[   74.179690][ T5485] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   74.192869][ T5485] CPU: 1 UID: 0 PID: 5485 Comm: syz.2.608 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(voluntary) 
[   74.192962][ T5485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   74.192974][ T5485] Call Trace:
[   74.192980][ T5485]  <TASK>
[   74.192987][ T5485]  __dump_stack+0x1d/0x30
[   74.193007][ T5485]  dump_stack_lvl+0xe8/0x140
[   74.193129][ T5485]  dump_stack+0x15/0x1b
[   74.193144][ T5485]  should_fail_ex+0x265/0x280
[   74.193182][ T5485]  should_fail+0xb/0x20
[   74.193277][ T5485]  should_fail_usercopy+0x1a/0x20
[   74.193312][ T5485]  _copy_to_iter+0xcf/0xe30
[   74.193341][ T5485]  ? bpf_trace_run4+0x134/0x1d0
[   74.193368][ T5485]  copy_page_to_iter+0x18f/0x2d0
[   74.193420][ T5485]  sk_msg_recvmsg+0x1e7/0x8c0
[   74.193456][ T5485]  ? __list_del_entry_valid_or_report+0x65/0x130
[   74.193488][ T5485]  unix_bpf_recvmsg+0x272/0x730
[   74.193521][ T5485]  ? __pfx_woken_wake_function+0x10/0x10
[   74.193542][ T5485]  unix_dgram_recvmsg+0x6a/0x90
[   74.193582][ T5485]  ? __pfx_unix_dgram_recvmsg+0x10/0x10
[   74.193608][ T5485]  sock_recvmsg+0x139/0x170
[   74.193636][ T5485]  ____sys_recvmsg+0xf5/0x280
[   74.193661][ T5485]  ___sys_recvmsg+0x11f/0x370
[   74.193688][ T5485]  __x64_sys_recvmsg+0xd1/0x160
[   74.193710][ T5485]  x64_sys_call+0xf19/0x2fb0
[   74.193773][ T5485]  do_syscall_64+0xd2/0x200
[   74.193789][ T5485]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   74.193813][ T5485]  ? clear_bhb_loop+0x40/0x90
[   74.193885][ T5485]  ? clear_bhb_loop+0x40/0x90
[   74.193914][ T5485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.193943][ T5485] RIP: 0033:0x7eff0291e929
[   74.194013][ T5485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.194035][ T5485] RSP: 002b:00007eff00f87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[   74.194052][ T5485] RAX: ffffffffffffffda RBX: 00007eff02b45fa0 RCX: 00007eff0291e929
[   74.194108][ T5485] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000000000000003
[   74.194119][ T5485] RBP: 00007eff00f87090 R08: 0000000000000000 R09: 0000000000000000
[   74.194129][ T5485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   74.194140][ T5485] R13: 0000000000000000 R14: 00007eff02b45fa0 R15: 00007fff1fd40f08
[   74.194158][ T5485]  </TASK>
[   74.438738][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.484616][ T3298] ==================================================================
[   74.492842][ T3298] BUG: KCSAN: data-race in fill_mg_cmtime / shmem_mknod
[   74.499824][ T3298] 
[   74.502191][ T3298] write to 0xffff888103c269a4 of 4 bytes by task 3511 on cpu 0:
[   74.509836][ T3298]  shmem_mknod+0x137/0x180
[   74.514279][ T3298]  shmem_create+0x34/0x50
[   74.518625][ T3298]  path_openat+0x1102/0x2170
[   74.523233][ T3298]  do_filp_open+0x109/0x230
[   74.527761][ T3298]  do_sys_openat2+0xa6/0x110
[   74.532514][ T3298]  __x64_sys_openat+0xf2/0x120
[   74.537390][ T3298]  x64_sys_call+0x1af/0x2fb0
[   74.541999][ T3298]  do_syscall_64+0xd2/0x200
[   74.546522][ T3298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.552438][ T3298] 
[   74.554773][ T3298] read to 0xffff888103c269a4 of 4 bytes by task 3298 on cpu 1:
[   74.562325][ T3298]  fill_mg_cmtime+0x5b/0x260
[   74.566932][ T3298]  generic_fillattr+0x24a/0x340
[   74.572240][ T3298]  shmem_getattr+0x181/0x200
[   74.576843][ T3298]  vfs_getattr_nosec+0x143/0x1e0
[   74.581801][ T3298]  vfs_statx+0x113/0x390
[   74.586058][ T3298]  vfs_fstatat+0x115/0x170
[   74.590490][ T3298]  __se_sys_newfstatat+0x55/0x260
[   74.595533][ T3298]  __x64_sys_newfstatat+0x55/0x70
[   74.600578][ T3298]  x64_sys_call+0x2c22/0x2fb0
[   74.605269][ T3298]  do_syscall_64+0xd2/0x200
[   74.609872][ T3298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.615778][ T3298] 
[   74.618110][ T3298] value changed: 0x08b3034d -> 0x08cc8fa6
[   74.623835][ T3298] 
[   74.626436][ T3298] Reported by Kernel Concurrency Sanitizer on:
[   74.632611][ T3298] CPU: 1 UID: 0 PID: 3298 Comm: udevd Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(voluntary) 
[   74.644611][ T3298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   74.654681][ T3298] ==================================================================
[   74.700115][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.