last executing test programs:

3.191922078s ago: executing program 4 (id=1758):
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce8102033300"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x6f}, 0x94)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0600000004000000008000005c"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, @perf_bp={0x0, 0x8}, 0x10000, 0xc8, 0xfff, 0x0, 0x0, 0x0, 0x400}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x0, 0x0, 0x81, 0x81}, 0x48)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0x15)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000280)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@block_validity}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x9}}, {@data_err_ignore}, {@grpquota}, {@abort}, {@user_xattr}, {@bh}, {@errors_remount}]}, 0x1, 0x553, &(0x7f0000000800)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r5 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
truncate(&(0x7f0000000040)='./bus\x00', 0xa00d)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r5, 0x3000)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffd}, 0x8, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xfffffffffffffffb, r1, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r7}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r8}, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r9, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e)
bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', r11}, 0x10)

2.976203346s ago: executing program 4 (id=1759):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000300)=""/180}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
lsm_get_self_attr(0x69, &(0x7f0000001740)={0x0, 0x0, 0x1020, 0x1000, ""/4096}, &(0x7f00000004c0)=0x1020, 0x0)

2.849688156s ago: executing program 4 (id=1760):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f00000007c0), 0x1, 0x73a, &(0x7f0000000800)="$eJzs3M9rHGUfAPDvTJO2b5v33bzgQTwJFSvUTtJU7UmIeC4U+gfUsJmEkEk2ZDe1iQFbDx4EQUXwRy/6H3hRBC+l/4MieFPwIGhN40HwsLKT3a1ud9PYJl2onw/Mzvd5Zme+zzc7PGRgnw3gX+vJ1ksSMRYRFyKi0u5PI+JwGR2NuLrzvttbm9Xtrc1qEs3mxVtJ67Syr3OtpL0/HuUp8XhE3ByNOPXG3Xnr6xuLM0WRr7bbE42llYn6+sbphaWZ+Xw+X56anDx79oWp55+b3Lda337ts1/e+vLlrz8+t/THi7eenU1iuqw7eurYTzt/k9GY7ulfPohkQ9RsNpvDHgMAAPeWlv+dRoyU+0ocKiMAAADgUdI80gQAAAAeeUkMewQAAADAwep8D+D21ma1sz3M7x/8/FJEjN9ZW7zdzT9SriGOOFquTzi2nfxtZUKycxo8kKvXIuLGdJ/7P2nff/evd+V68oDXY//daM0/0/3mv7Q7/0Sf+Wek89sJD6gz/23fNf/dyX9owPx3YY85jqye/GZg/msRT4z0y5908ycD8r+yx/yfj333/aBjzU8jTkb//H/NtcvvQ0zMLRR5+7VvjhNfvH5qt/qPDcqf7F7/yh7r/+H61PyguaSV/5kTu3/+/fK37ol32uNII+Ld9r7Vfq8nx9M3Jz/arf7ZAfXf6/P/ZI/1f/Xmxo97fCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU0ogYiyTNunGaZlnE8Yh4LI6lRa3eODVXW1uebR2LGI/RdG6hyCcjorLTTlrtM2V8pz3V0z4bEf+PiPcr/ynbWbVWzA67eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALqOR8RYJGkWEWlE/FZJ0ywb9qgAAACAfTc+7AEAAAAAB87zPwAAADz6PP8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8GF8+dbW3N7a7Paas9eXl9brF0+PZvXF7OltWpWra2uZPO12nyRZ9Xa0r2uV9RqK+diee3KRCOvNybq6xuXlmpry41LC0sz8/mlfPShVAUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMA/NVZuSZpFRFrGaZplEf+NiPEYTeYWinwyIv4XEd9WRo+02meGPWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2XX19Y3GmKPJVgUAg6AbDnpkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABiG+vrG4kxR5Kv1YY8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA4Up/SiKitZ2sPDXWe/Rw8nul3EfEq9cvfnBlptFYPdPq/7Xb3/iw3T81jPEDAAAAvTrP6Z3neAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgL2qr28szhRFvnqAwbBrBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7s+fAQAA//8gLc9Y")
open_tree(0xffffffffffffff9c, &(0x7f0000000e00)='./file0\x00', 0x9001)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000010000000800000008"], 0x48)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000740)='./file1\x00', 0x183042, 0x15)
pwrite64(r2, &(0x7f0000000140)='2', 0xfdef, 0xe7c)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0), 0xfc, 0x574, &(0x7f0000001980)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUk4gWC3qvS7INJZtuyW5KEwu2B3vxIkUQsSB69+6x+A/4VxS0UKQEPXiJzGY2XZPZNNlumm3384Fp35uZzZvvvvm+fbOzywbQt8bSfwoRL0fEN0nESMu2wcg2jq3tt/Lw+nS6JLG6+ulfSSTZuub+Sfb/oazyUkT89lXEycLmdmtLy3OlSqW8kNXH6/NXxmtLy6cuzZdmy7Ply5NTU2fempp89523uxbr6+f/+f6Tux+e+fr4yne/3D9yO4mzcTjb1hrHE7jRWhmLsew5GYqzG3ac6EJjvSTZ6wOgIwNZng9FOgaMxECW9blWR57moQG77Ms0rYE+lch/6FPNeUDz2r5L18HPjAfvr10AbY5/cO29kRhuXBsdXEn+d2WUXu+OdqH9tI1f/7xzO12i3fsQ+7vQEMAGN25GxOnBwc3jX5KNf507vY19NrbRb68/sJfupvOfN/LmP4X1+U/kzH8O5eRuJx6f/4X7XWimrXT+917u/Hf9ptXoQFZ7oTHnG0ouXqqU07HtxYg4EUP70/pERHyQfxPk88LKvdV27bfO/9Ilbb85F8yO4/7ghvnfTKleevLI1zy4GfFK7vw3We//JKf/0+fj/DbbOFa+82q7bY+Pf3et/hTxWm7/P+rMZOv7k+ON82G8eVZs9vetY7+3a3+v40/7/+DW8Y8mrfdraztv48fhf8vttnV6/u9LPmuU92XrrpXq9YWJiH3Jx5vXTz56bLPe3D+N/8Txrce/vPP/QJrY24z/1tFbrbsO7yz+3ZXGP7Oj/t954d5HX/zQrv3t9f+bjdKJbM12xr/tHuCTPHcAAAAAAADQawoRcTiSQnG9XCgUi2uf7zgaBwuVaq1+8mJ18fJMNL4rOxpDhead7pGWz0NMZJ+HbdYnN9SnIuJIRHw7cKBRL05XKzN7HTwAAAAAAAAAAAAAAAAAAAD0iEMRw3nf/0/9MZD/mDargWfRFj/5DTzn2ud/tqUbv/QE9CSv/9C/5D/0L/kP/Uv+Q/+S/9C/5D/0L/kP/Wsn+f/zuV08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg+nD93Ll1WVx5en07rM1eXFueqV0/NlGtzxfnF6eJ0deFKcbZana2Ui9PV+cf9vUq1emViMhavjdfLtfp4bWn5wnx18XL9wqX50mz5QnnoqUQFAAAAAAAAAAAAAAAAAAAAz5ba0vJcqVIpLygodFQY7I3D6MFCoTcOo8PCXo9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDIfwEAAP//wGE62g==")
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r3 = socket$unix(0x1, 0x1, 0x0)
socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x48050}, 0x40004)
recvmmsg(r5, &(0x7f0000005140)=[{{0x0, 0x0, &(0x7f0000001a80)=[{0x0}, {&(0x7f0000003080)=""/4096, 0x1000}], 0x2}, 0x3}], 0x1, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r7 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r7, &(0x7f0000000380)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r7, 0x1)

2.5556121s ago: executing program 3 (id=1767):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
r1 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000080)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}], 0x1)
read(r1, &(0x7f0000000240)=""/28, 0xffd2)

2.527919032s ago: executing program 3 (id=1768):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x42, &(0x7f00000002c0)={0x0, 0x2710}, 0x10)
socket$inet6_sctp(0xa, 0x1ffe2b5cb9339f3, 0x84)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x40004}, 0x48010)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x5, 0x0, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r3}, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'veth0_virt_wifi\x00', <r4=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x4}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
r6 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x88002, 0x0)
pwritev(r6, &(0x7f0000000100)=[{0x0, 0x72}, {&(0x7f0000000140)="de", 0x1}], 0x2, 0x0, 0x0)
futex(&(0x7f0000000400)=0x2, 0xb, 0x1, 0x0, &(0x7f0000000580)=0x2, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newqdisc={0x44, 0x24, 0xd0f, 0x70bd2b, 0x25dfdbff, {0x60, 0x0, 0x0, r4, {0x0, 0x8}, {0xffff, 0xffff}, {0x0, 0xc}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xfff, 0x40, 0x172}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x3000c81c)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="400000002000010027bd7000000000000a002044000000070000000014000200fe8800000000000000000000000001010500160087"], 0x40}, 0x1, 0x0, 0x0, 0x24048844}, 0x8810)
pwritev2(r2, &(0x7f0000000400)=[{&(0x7f0000000380)="42412804ed58b1824be1e98fdb978954eb6d065b8f90bc093a4be923d808ec90f28065fcb8087576fa9311e4c01de8141cb31c6cf0fab65dd5b6b1e2c83108f4bda96367", 0x44}, {&(0x7f00000006c0)="1a3a39c8618188dfba0c7ee2060000000000000010d03f08bfef64c8422d415306006e71348bb9830e6c0000000000000000000000000000000000000000b6b16ef2d5a727500d2225", 0x49}, {&(0x7f0000000500)="9db243c1c097b981fa7e05d948c8b8bb5904d2404858e78f9755a478b80b59bfada3f934068acb87f1126c4b5e421d6f3799e9dcbe01094ca8a63797ebd5d135a7b2fc8f8d45e4aaa7dd2e3ac61e963c417185257ba3e36617d2847c1a7786f43399965f44d221acc994c01d5a31e71c428cb339746b07d1a96613c79cf0d31634f244e7b64a467be80c0073fc86fe30b894694376635ca633", 0x99}, {&(0x7f00000005c0)="90dc0c4116d2bf5780ee67018b608ee5890da4cc96152b4f2d8f54cfb55a66d70d4bd7dd7546257df03e6f9892904581834a0fd52e5e44454e1dadb953f925e07e8c6e8e5e675c643db31d48cf979495c99e83e34aea8ed3954fd4a7da92f8dd5e8a3c95ab6a9c5228686e8c1dee1c14bc4b9d34328aba7eaa5361e0183e293e7725b1ebf1c5ef21396716090e052d98b2d1b40cc3080e0c51c2bd3c02e72e183e3675af3bc902d82f748133e366f459ed2c1eb0e25be05ec9498eaa3896ee47dd4a43b8a619afcf9039315279a79c23b0889199c70a874b5b22e8edfc80c19fe5b00ea9cf", 0xe5}], 0x4, 0x3, 0x3, 0x12)
sendmsg$nl_route(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00!'], 0x5c}}, 0x0)

2.407730652s ago: executing program 3 (id=1771):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000300)=""/180}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
lsm_get_self_attr(0x69, &(0x7f0000001740)={0x0, 0x0, 0x1020, 0x1000, ""/4096}, &(0x7f00000004c0)=0x1020, 0x0)

2.400250813s ago: executing program 3 (id=1772):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000100), 0x1, 0x55a, &(0x7f0000000b80)="$eJzs3d9rW+UbAPDnpO1+f7/rYAwVkcIunMyla+uPCV7MS9HhQO9naM/KaLKMJh1rHbhduBtvZAgiDsR7vfdy+A/4Vwx0MGQUvfAmctKTLluTNuuypprPB05533NO8p435zxvn5M3IQEMrYnsTyHixYj4Kok4HBFJvm008o0Ta/utPrw+my1JNBof/5E098vqredqPe5gXnkhIn75IuJkYWO7teWVhVK5nC7m9cl65cpkbXnl1KVKaT6dTy9Pz8yceXNm+p233+pbX187/9e3H919/8yXx1e/+en+kdtJnI1D+bb2fjyDG+2ViZjIX5OxOPvEjlN9aGw3SQZ9AGzLSB7nY5GNAYdjJI964L/v84hoAEMqEf8wpFp5QOvefvP74P/vUFaycx68t3YDtLH/o2vvjcS+5r3RgdXksTuj7H53vA/tZ238/Pud29kS/XsfAmBLN25GxOnR0Y3jX5KPf9t3uvPqfe2VJ9sw/sHOuZvlP693yn8K6/lPdMh/DnaI3e3YOv4L9/vQTFdZ/vdux/x3fdJqfCSv/a+Z840lFy+V09N5NnwixvZm9c3mc86s3mt029ae/2VL1n4rF8yP4/7o3scfM1eql56lz+0e3Ix4qWP+m6yf/6TD+c9ej/M9tnEsvfNKt21b9//5avwQ8WrH8/9oRivZfH5ysnk9TLauio3+vHXs127tD7r/2fk/sHn/x5P2+dra07fx/b6/027bHut/9H7970k+aZb35Ouuler1xamIPcmHG9dPP3psq97aP+v/ieObj3+drv/9EfFpj/2/dfTHl3vq/4DO/9xTnf+nL9z74LPvurXf2/j3RrN0Il/Ty/jX6wE+y2sHAAAAAAAAu00hIg5FUiiulwuFYnHt8x1H40ChXK3VT16sLl2ei+Z3ZcdjrNCa6T7c9nmIqfzzsK369BP1mYg4EhFfj+xv1ouz1fLcoDsPAAAAAAAAAAAAAAAAAAAAu8TBLt//z/w2MuijA547P/kNw2vL+O/HLz0Bu5L//zC8xD8ML/EPw0v8w/AS/zC8xD8ML/EPw0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQF+dP3cuWxqrD6/PZvW5q8tLC9Wrp+bS2kKxsjRbnK0uXinOV6vz5bQ4W61s9XzlavXK1HQsXZusp7X6ZG155UKlunS5fuFSpTSfXkjHdqRXAAAAAAAAAAAAAAAAAAAA8O9SW15ZKJXL6aKCwrYKo7vjMBT6XBj0yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAj/wTAAD//wQrN8c=")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x3, &(0x7f0000000380)={{0x0, 0x3938700}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_clone3(&(0x7f0000000740)={0x8180080, &(0x7f0000000000), &(0x7f0000000200), &(0x7f00000002c0)=<r1=>0x0, {0x39}, &(0x7f0000000300)=""/37, 0x25, &(0x7f00000004c0)=""/237, &(0x7f00000005c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0], 0x3}, 0x58)
timer_create(0x7, &(0x7f0000000600)={0x0, 0x2f, 0x4, @tid=r1}, &(0x7f00000007c0))
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_TIMESTAMP(r3, 0x1, 0x40, &(0x7f00000000c0)=0x2, 0x4)
sendmmsg$unix(r4, &(0x7f0000001c00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}}], 0x1, 0x0)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0), 0x2010042, &(0x7f0000000280)={[{@subsystem='hugetlb'}, {@subsystem='memory'}, {@noprefix}]})
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r5}, 0x10)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x2086421, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
rseq(&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2)
r6 = timerfd_create(0x6, 0x80000)
timerfd_gettime(r6, &(0x7f0000000840))
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
r7 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r7, &(0x7f0000000080), 0x10)
sendmsg$can_bcm(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=ANY=[@ANYBLOB="e6e326940b11c5dc9a3bdc3ffd1ca264b2100a6033b884ca03c704d4d8f925e5ddd33d16320bb0cbb12aa9ee7801c193b1735daa678713c0eb99262f12662377c6b01c6611fe0731974565449b5db3a950ddaeb5ebe46793c761a0550bce865234f72f5e859f7f7d668d390b815c05d3b0d4bce2932c8bc55b27a4d4eea9843e17e2560ee8929578970c43ffc4ebedc7117a28b983a45d2f66b5f8095f764a6a85b7ae59e7475dff52058e344e1102e916a9"], 0x48}}, 0x0)

1.995229146s ago: executing program 3 (id=1780):
r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x6, 0x10}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x109}, 0x94)
mount(0x0, &(0x7f0000000180)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x2080, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r2}, 0x18)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

1.875529446s ago: executing program 3 (id=1785):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{r0}, &(0x7f0000000540), &(0x7f0000000600)}, 0x20)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x82)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000040)="273eebfecb7c0e923301b61c42cb1d11f41d00bdab2a3d983b065a56", 0x1c}, {&(0x7f0000000140)="10eb", 0x2}], 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = accept$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @private0}, &(0x7f0000000080)=0x1c)
setsockopt$inet6_MCAST_JOIN_GROUP(r3, 0x29, 0x2a, &(0x7f0000000180)={0x2, {{0xa, 0x4e24, 0xfffff001, @private0, 0xb3}}}, 0x88)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)

1.875204646s ago: executing program 32 (id=1785):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{r0}, &(0x7f0000000540), &(0x7f0000000600)}, 0x20)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x82)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000040)="273eebfecb7c0e923301b61c42cb1d11f41d00bdab2a3d983b065a56", 0x1c}, {&(0x7f0000000140)="10eb", 0x2}], 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = accept$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @private0}, &(0x7f0000000080)=0x1c)
setsockopt$inet6_MCAST_JOIN_GROUP(r3, 0x29, 0x2a, &(0x7f0000000180)={0x2, {{0xa, 0x4e24, 0xfffff001, @private0, 0xb3}}}, 0x88)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)

1.795692622s ago: executing program 2 (id=1788):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000005000000850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='sys_enter\x00', r0}, 0x10)
ioprio_get$pid(0x2, 0x0)

1.754994786s ago: executing program 2 (id=1789):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1, 0x0, 0x200000000000006}, 0x18)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r2}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001180)=@newtaction={0x898, 0x30, 0x12f, 0x0, 0x0, {}, [{0x884, 0x1, [@m_police={0x880, 0x1, 0x0, 0x0, {{0xb}, {0x854, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x0, 0x2, 0x0, 0x0, 0x7}}}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x247ecded, 0x0, 0x80000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x803, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffc, 0xd2e, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xb, 0x37, 0x4, 0x0, 0x0, 0xfffffff5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0xffffff35, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x80000000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0xb, 0x0, 0x0, 0x9, 0xfffffffd, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xf566, 0x100000, 0x0, 0xfffffff1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x5, 0x0, 0x0, 0xffffffff, 0x9, 0x5, 0x0, 0x0, 0x3, 0x0, 0x1]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x10000004a56}, @TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x0, 0x5, 0x0, 0x2, 0xb, 0xfffffffb, 0x0, 0x7, 0xfea7, 0x1, 0xffff8000, 0x90, 0x9fd, 0x2, 0xb8, 0xca2, 0x6, 0x3c, 0x7, 0x1, 0xa89c, 0x400, 0xc, 0x492217a0, 0xff, 0x5, 0x3, 0x1ff, 0xe5, 0x2d, 0xd, 0x3, 0xa, 0x3, 0x1, 0x9, 0x11, 0x188, 0x6, 0x3ff, 0x7, 0xd, 0x3, 0xc0001, 0x8, 0x8, 0xffffff40, 0x100, 0x3, 0x5, 0x7, 0xe0b2, 0x1, 0x8fc, 0xbf0, 0x9, 0x3, 0x9, 0x7ffffffd, 0x6, 0x0, 0x8, 0x800, 0x9, 0x4, 0x100, 0x401, 0x8, 0x3, 0xb5, 0x10001, 0x401, 0x1, 0x7f, 0x0, 0x8, 0x2, 0x7f, 0x0, 0x2, 0x4, 0x0, 0x1000004, 0x8000, 0x0, 0x9, 0x80, 0x7, 0x5, 0x1, 0x0, 0x2000007, 0xeb22, 0xd, 0x8000, 0xfffffff7, 0x0, 0x4, 0x3ff, 0x400000, 0x10, 0x5, 0x3, 0x10000, 0x3, 0x1, 0x0, 0x2, 0x6, 0x5, 0x6, 0xe5a, 0x4, 0x2, 0x81, 0xd44, 0x9, 0x6, 0x7fff, 0x800, 0xfffffff4, 0x10000, 0x5, 0x8, 0xba, 0x2, 0x89, 0x2, 0x6, 0x6, 0x9, 0xffffa3e0, 0x86b9, 0xff, 0x1, 0x2, 0xf, 0x24b9, 0x3a, 0xe01, 0x1, 0x6430, 0xd, 0x8, 0x0, 0x3, 0x7eb6, 0x3, 0x0, 0x200, 0xfffffeff, 0x9, 0xff, 0xa, 0x6, 0x7, 0x100, 0x1, 0x8001, 0x100, 0xffff9c71, 0x8, 0x101, 0x6, 0x2, 0xfffffc00, 0x81, 0x81, 0x200, 0x80000001, 0x1, 0xfffffffd, 0x9, 0x7, 0x4, 0xb, 0x80, 0x0, 0xfffffffe, 0x0, 0x5, 0x2, 0x65, 0x40, 0xfffffa0c, 0x3, 0x0, 0x2, 0x4, 0x35bc0, 0x9, 0xfffffffa, 0x7, 0x5, 0x3, 0x0, 0x6, 0x8, 0x28, 0x2, 0x5, 0x10001, 0x2, 0xf, 0xffffffff, 0x1, 0x723, 0x0, 0x9, 0x9, 0x4, 0x6, 0x7, 0x200, 0xfffffbff, 0x7, 0x3, 0x8, 0x5, 0xfffffffb, 0x2, 0x7f, 0x2, 0x80000002, 0x0, 0x9, 0x1ff, 0xfffffffe, 0x928, 0x4, 0xffffffff, 0x5, 0x6042, 0xb85, 0x6, 0x8d8d, 0x55, 0x101, 0x3, 0x64e8, 0x8, 0x82f, 0x772, 0x80a, 0xffe, 0x6, 0x3f7, 0x4, 0x8, 0x8, 0x1, 0x5d, 0x9, 0xd, 0x80]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x3}}}}]}]}, 0x898}, 0x1, 0x0, 0x0, 0x50}, 0x0)

1.720153578s ago: executing program 2 (id=1792):
bpf$PROG_LOAD(0x5, &(0x7f0000003380)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000006cfa000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)

1.661514253s ago: executing program 2 (id=1794):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003380)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000006cfa000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18)
socket$nl_rdma(0x10, 0x3, 0x14)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000400000000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x12, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf9100"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r4}, &(0x7f00000002c0), 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
lsm_set_self_attr(0x0, 0x0, 0xd4, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = socket(0x10, 0x803, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=@newtfilter={0x7c, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r7, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x50, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0x5, 0xd, 0x3, 0x4, 0x13, 0x2, 0x6, 0x7ffffffa, [{0x200, 0x500, 0x3, 0x6}, {0x2, 0x2, 0x8001, 0x10}, {0x0, 0x53, 0xa9, 0x1}]}}, @TCA_U32_LINK={0xfffffefa, 0x3, 0x80000000}]}}]}, 0x7c}}, 0x24040084)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r8}, 0x10)
time(0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

1.112170929s ago: executing program 2 (id=1801):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x3}, 0x18)
r3 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$bt_hci(r3, &(0x7f0000000240)={0x27, 0x3}, 0x6)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r5, &(0x7f0000007940)={&(0x7f00000003c0)={0x2, 0x4e24, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYRES32=r0], 0x20}, 0x0)
io_setup(0x10000, &(0x7f0000000040)=<r6=>0x0)
r7 = socket$kcm(0x29, 0x0, 0x0)
io_cancel(r6, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x16, 0x9, r7, &(0x7f0000000400)="10c1501a635bae9cffe7ba1d88cfd483d7dbea254094309ac5531ebdd81c0285972c397bde2772901a19163857c67af535d44250a306b41012a7279da01bd841f012eb9a4cd35f702b6c24033b6fd5791aa82cb2a23b6c89d576580cad2d1e26bfda9fcdbbcfbd10a90ff20186e0ef70772889eb7dff75cf78c6ace153632522929665e83fefa4ac264bd7b18ce5e2a57ce3b9a80b13ee477e874c73e3adaeabb2cc551eedcce7e03c4c5403478b6807645e3c62a8", 0xb5, 0x1, 0x0, 0x2, r5}, &(0x7f0000000200))

1.108089139s ago: executing program 1 (id=1802):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
getxattr(0x0, &(0x7f0000000000)=@known='user.incfs.metadata\x00', 0x0, 0x0)

1.073433192s ago: executing program 1 (id=1803):
bpf$PROG_LOAD(0x5, &(0x7f0000003380)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000006cfa000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)

1.020184736s ago: executing program 1 (id=1805):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
socket$caif_seqpacket(0x25, 0x5, 0x5)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
statx(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x100, 0x400, &(0x7f0000000280))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r3}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0600000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000010000009e85d0af24a3403fd0133577ed31f84fa2ac0f6cadaf20706941e01e9f570bb207e3120f6903ac0ff3449ce00110d609d5b89833728fe032f074efc5befd902cb0661c7da43fbf9dfc9b7bd2e8044eff63276cd371ff447218a7b3905ac22d2b64f9cc74af7a8aa21661b9b143430b61db658934eb380c9e61e7a93b9344aa388f15e5373709dafd5f29fbb3d8bc0cb41096811e1bbefe8102969ecbf8b977ab7d178c537edac16b72578b4ffd4a2edac515e86ee5a6491e1cbf76707b6cdb9688a533dd44a79d36087ce7e9368860323dbf56f90f3233ed234535438fc23a5380d5d727b15fd7d451d997d2b145ec37a45fdd179fbff7224a1621f1bfef954f625d571a907f67da402d0636e79d307d731252a235ecfd54512a3f2e8fa775a370d457d226cdb2c6abaa34629841db01511be79228f134bef5a41b72dacfc7ce54661391e0b11b8dc11ce83e576c7a8d2e241666312ebcfed8634f46e73f95d8eda0130a2ef8cfb80b0746589bdf957e1943acd3df2acce81ea41f3b4fee72f23ff1612e4bd4686885cee631e5b60eb08153269d94d63e9d7fe1ad4ca1f126203b426fd26fdb4eb6971e830367c73861cb9e57e3d6d58d49352d5b98036c71d5a8fb86da61be91e3d6e19bd35af93444d7c58d96095fc4bd6253b2ab742d7340ffad083456875d4ffaead12d8407aa6bd2a5cb656fe8a217d83f066bb9dd3c848cc350ce231c274b7447539f389e0ff693accd93329edbb98d58e68e432b00e"], 0x48)

938.226093ms ago: executing program 1 (id=1806):
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x16, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6968d12418a4d2a0d086d8438d415d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e23f992a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a9214a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a6683e941fdbdff03cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c99b6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109becb1b9bafcb2b47e940000000000e540d8b0db3774effb7469a21f96e2594b2973ebf7a1bd9ace2ed4d6eb1735f85885be5be74dc2ea5d7d499bd28271b98f187f5879b16b409a04d78175cc8d0f707c822805d7011ed4b22419186dd2b22aadf15828db2ca19d79e1bf2f7989237ee5cb2e1eb7b2bfc92d3aa95a26f060935c4fee8b2d7d0bf3c6d82d04329164bd4ee0b8060183f36762b0440d9082d7c8b06e4c2024f77e1018758d28e7ee290f32a48bfc2aa10b3dba9bff00d2410f3477a8e0df689c880dc9a677cfaa16603527c06625a3363744cea5f2d350224cc0fea76c72ca08507235c67346722f20690fde0790f040f5fd3eff75f9b291cc5e9c686ebaadbe756c6fa039ff441e427ed12578d5cb041ebf729cfaa575cc852fbdb54e60435e6d62b9d270433b220ed9ff"], &(0x7f0000001e00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000001dc0), 0x8, 0x10, &(0x7f0000001e40)={0x0, 0xfffffffc}, 0x5b, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x14)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000200040010000800014004000000", 0x58}], 0x1)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8, 0x8}, 0x48)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa, 0x0, 0x2}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000040)={r7, r6}, 0xc)
r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001cc0), 0xffffffffffffffff)
sendmsg$IEEE802154_SET_MACPARAMS(r2, &(0x7f0000001d80)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001d40)={&(0x7f0000001d00)={0x1c, r8, 0x200, 0x70bd2c, 0x25dfdbfd, {}, [@IEEE802154_ATTR_TXPOWER={0x5, 0x21, 0xa}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008880}, 0x910)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001600)=@newtaction={0x488, 0x30, 0x12f, 0x0, 0x0, {}, [{0x474, 0x1, [@m_police={0x470, 0x1, 0x0, 0x0, {{0xb}, {0x444, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x7, 0x6, 0xffffffff, 0x7f, 0x401, 0x2, 0x0, 0x2, 0x80000000, 0x4, 0x5, 0x8, 0x0, 0x7fff, 0x75ba, 0x7fffffff, 0x5, 0xffffffff, 0x7ff, 0x2, 0x9, 0x2, 0x0, 0x1000, 0x1, 0x3, 0xfffffff8, 0x0, 0xfa, 0x4, 0x0, 0xf, 0x80000001, 0x7, 0xfffffffb, 0x1, 0x20, 0x4, 0x8, 0x1, 0x2f2, 0x7fff, 0x0, 0x81, 0x206, 0x1ff, 0x7, 0x3, 0x5, 0x3, 0x9, 0x1000, 0x401, 0x713, 0x6, 0x7, 0x2, 0x4, 0x7f, 0x5, 0xfffffffb, 0x1, 0x4, 0x5, 0x8, 0x2000009, 0x9, 0x10, 0x9, 0x8, 0xffffff00, 0x97, 0x0, 0x4, 0x8, 0x8, 0x1, 0x958, 0x1fe, 0x4, 0x6, 0x7, 0x80, 0x9f79, 0xe53, 0x0, 0xfffffffe, 0x4, 0x8, 0x9, 0x7fff, 0x30, 0x8, 0xfffffff7, 0x4, 0x9, 0x1, 0x4, 0x7, 0x9, 0x5, 0x7, 0x6, 0x0, 0x5, 0x7, 0x7, 0x3, 0xcdd, 0x2, 0xd67, 0x7, 0x4, 0x25, 0x9dc5, 0x7, 0xfffffff7, 0x2, 0x400, 0x8, 0x0, 0x7, 0x5, 0x9, 0xa, 0xa, 0x9, 0x5, 0xdb5, 0x101, 0x4, 0x74e4, 0x7fff, 0x7, 0x7ff, 0x1, 0xd70, 0x4, 0x8, 0xa, 0x7, 0x1, 0x82, 0x52e, 0x7, 0x7, 0x5, 0x26, 0x1, 0x1b2a, 0x81, 0x9, 0x1c, 0x767, 0x7, 0x9, 0x10, 0xc2a, 0xff, 0x7, 0x6, 0x7, 0x3, 0xfffffff4, 0x8, 0x3, 0xfff, 0x8, 0x2, 0x2, 0x90, 0x3, 0xd7c3, 0x2, 0x10000, 0x7fff, 0x5, 0x5, 0x0, 0xfffffff7, 0x4, 0x2, 0x0, 0x6ee1847d, 0x10000, 0x7ff, 0x1, 0xf0, 0x40007, 0x2, 0x7, 0x4, 0x200, 0x4, 0x7, 0x2, 0x0, 0x1, 0x3, 0x3, 0xfff, 0x80000001, 0x7, 0x676, 0x3, 0x9, 0x2, 0x4, 0x7fff, 0x4a5, 0x23, 0x4, 0x9, 0x8, 0x0, 0x8000, 0xa, 0x9, 0xca000000, 0x2, 0xfffffffa, 0x3, 0x7, 0x9, 0x7, 0x65fe, 0x9, 0x6, 0x4, 0x80000000, 0x5, 0x801, 0xb848, 0x6, 0x6, 0x800, 0x7, 0x1, 0xb, 0x80, 0x2, 0x3, 0x6, 0x9, 0x4, 0x4, 0xc, 0x80000001, 0x5, 0x5, 0x10000002, 0xb, 0x7, 0x5, 0x2, 0x4]}], [@TCA_POLICE_TBF={0x3c, 0x1, {0x3, 0x1, 0x7, 0x4, 0x1, {0x6, 0x0, 0x3, 0x7, 0x7, 0x80000001}, {0x4, 0x2, 0x2, 0xa, 0x1ff, 0x1c0000}, 0x9, 0xbc, 0xdf72c67}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x488}}, 0x0)

935.346933ms ago: executing program 2 (id=1807):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
open(&(0x7f0000000000)='./bus\x00', 0x1050c1, 0x170)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', r3, 0x0, 0x7fffffffffffffff}, 0x18)
r4 = syz_io_uring_setup(0x49a, &(0x7f0000000140)={0x0, 0xa065, 0x3180, 0x2, 0x240024e}, &(0x7f0000000080)=<r5=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f00000000c0)=0xffb, 0x0, 0x4)
io_uring_enter(r4, 0x628, 0xc88d, 0x43, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x7}, [@func={0x85, 0x0, 0x1, 0x0, 0x3}]}, &(0x7f0000000000)='GPL\x00'}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000680)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@bsdgroups}, {@lazytime}, {@noload}]}, 0x3, 0x45c, &(0x7f0000002400)="$eJzs3MtvG8UfAPDv+pG+m/yq/oA+gCBAlAJJk5bSAxcQSBxAQoJDOYYkrUrdBjVBIlUFBaFyRJU4cUEckfgLOMEFASckLhzgjipVqJcWTkYb76a2a+dVP0j9+UjrzuyuO/P1ztizM7EDGFij6UMSsTMifo+I4Vq28YTR2j+3blya/vvGpekkqtU3/kpK6eGbNy5N56fmz9uRZ0oRhU+SONCi3PnFi2enKpXZC1l+fOHcu+PzixefOXNu6vTs6dnzkydOHDs68dzxyWc7Emca1839H8wd3PfKW1dfmz559e2fvkny+Jvi6JDRlQ4+Xq12uLj+2lWXrrUMNoNirZtGean/D0cxbl+84Xj5475WDuiqarVava/94ctV4B6WRL9rAPRH/kGf3v/mW4+GHv8J11+o3QClcd/KttqRUhSyc8pN97edNBoRJy//82W6RXfmIQAAGnyXjn+ebjX+K0T9vNDubA1lJCL+FxF7IuJ4ROyNiP9HLJ17f0Q8sM7ymxdJ7hz/FK5tKLA1Ssd/z2drW43jv3z0FyPFLLdrKf5ycupMZfZI9pocivKWND+xQhnfv/TrZ+2O1Y//0i0tPx8LZvW4VtrS+JyZqYWpu4m53vWPIvaXWsWfLK8EJBGxLyL2b7CMM4e/Ptju2Orxr6AD60zVryKeqF3/y9EUfy5ZeX1yfGtUZo+M563iTj//cuX1duXfVfwdkF7/7S3b/3L8I0n9eu38ev73L55MH6/88Wnbe5qNtv+h5M2Gfe9PLSxcmIgYSl6tVbp+/2TTeZO3z0/jP/Ro6/6/J26/EgciIm3ED0bEQxHxcFb3R37bveqr8OOLj72z8fi7K41/Zu3XvzockTeExaHIEst7WieKZ3/4tqHQkdbx7257/Y8tpQ5le9by/reWeq23NQMAAMBmVYiInZEUxpbThcLYWO1v+PfG9kJlbn7hqVNz752fqX1HYCTKhXyma7huPnQiu63P85NN+aPZvPHnxW1L+bHpucpMv4OHAbejTf9P/Vnsd+2ArvN9LRhc+j8MLv0fBted/X9rX+oB9F6Lz/9t/agH0Hutxv8fruWJOztfF6C3mvq/ZT8YIOb/YHBtpP97z4B7Q2mln2we6mlVgN6Z3xarf0leYjMl8l+u6UYR5bS1HI6IxYtR6HukEl1M9PudCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+DQAA//+CSeFs")
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x20b2484, &(0x7f0000000340), 0x1, 0x786, &(0x7f0000001900)="$eJzs3c1rXFUbAPDnTpImTfu+iSBoXQUEDZROTI2tgouKCxEsFHRtO0ymoWaSKZlJaUJAiwhuBBUXgm669qPu3Pqx1f/ChVirpsWKC4ncyZ122sykkzbJtM7vBzc55947c85zv86ZuYc7AfSssfRPLuJARLyfRIxk85OIGKin+iOOra93fXWlmE5JrK29+ntSX+fa6koxml6T2pdlHo2I796JOJjbWG51aXm2UC6XFrL8RG3u7ER1afnQmbnCTGmmNH9kcmrq8NFnjh7Zvlj//HF5/+UPXnryy2N/v/3Ipfe+T+JY7M+WNcexXcZiLNsmA+kmvMWL211YlyXdrgB3JT01+9bP8jgQI9FXTwEA/2VvRsQaANBjEu0/APSYxvcA11ZXio2pu99I7K4rL0TE0Hr8jfub60v6s3t2Q/X7oMPXklvujCQRMboN5Y9FxKdfv/55OsUO3YcEaOWtCxFxanRs4/U/2TBmYaue2mTZnuz/2G3zXf9g93yT9n+ebdX/y93o/0SL/s9gi3P3btzx/N+7DYVsIu3/Pd80tu16U/yZ0b4s9796n28gOX2mXEqvbf+PiPEYGEzzk5uUMX71n6vtljX3//748I3P0vLT/zfXyP3SP3jra6YLtcK9xNzsyoWIx/pbxZ/c2P9Jm/7viQ7LePm5dz9ptyyNP423MW2MP7LRSTtj7WLEEy33/80Rbcmm4xMn6ofDROOgaOGrnz4ebld+8/5Pp7T8xmeB3ZDu/+HN4x9NmsdrVrdexg8XR75tt+zO8bc+/vckr9XTjX7E+UKttjAZsSd5ZeP8wzdf28g31k/jH3+89fm/2fGffiY81WH8/Zd/++Lu499ZafzTW9r/W09cuj7b1678zvb/VD01ns3p5PrXaQXvZdsBAAAAAAAAAAAAAAAAAAAAAAAAQKdyEbE/klz+RjqXy+fXf8P74RjOlSvV2sHTlcX56aj/VvZoDOQaj7ocaXoe6mT2PPxG/vBt+acj4qGI+Ghwb9J4juJ0l2MHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIZ9bX7/P/XzYLdrBwDsmKFuVwAA2HXafwDoPdp/AOg92n8A6D3afwDoPdp/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdtiJ48fTae2v1ZVimp8+t7Q4Wzl3aLpUnc3PLRbzxcrC2fxMpTJTLuWLlbk7vV+5Ujk7FfOL5ydqpWptorq0fHKusjhfO3lmrjBTOlka2JWoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBrqkvLs4VyubTwICYGul2NtftgI9wXib7scLpf6tNp4vKvbeq8Nwtoobo0lCXbvk/S7Sh2JNGlCxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAA+bfAAAA///UARvw")
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r6 = open(&(0x7f00000005c0)='./bus\x00', 0x167842, 0x19)
pwritev2(r6, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x1400, 0x0, 0x0)

646.473867ms ago: executing program 1 (id=1809):
syz_emit_ethernet(0x4e, &(0x7f0000000200)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x28}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x2, 0x40, 0x0, 0x0, 0x3, 0x6, 0x0, @private=0xa010100, @dev}, {{0x4e22, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0xb, 0x10, 0x0, 0x0, 0x3, {[@exp_fastopen={0x1d, 0x5, 0xf989, "04"}, @md5sig={0x13, 0x12, "0cd80e00"}]}}}}}}}, 0x0)

645.620517ms ago: executing program 1 (id=1810):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000001c0), 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x3c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000040), 0xfe, 0x4f2, &(0x7f0000000b00)="$eJzs3d9rHFsdAPDvTHbvbdpcN1d9uF6wLbaSFO0maWwbfKgKok8Ftb7XmGxDyCZbkk3bhKIp/gGCiAq+6JMvgn+AIP0TRCjou6gooq0++FAd2d3ZmKa7+UE3u97s5wMnc8782O85GebsnJlhJ4ChdTEiJiMiy7LsSkSU8vlpnmKnlRrrvXj+eKGRksiyO39LIsnntT/r7Xx6Lt/sTER87csR30xej7uxtb0yX61W1vPyVH01eZll21eXV+eXKkuVtdnZmRtzN+euz033pJ3jEXHri3/6wXd/9qVbv/r0w9/f/cvkt1oNbNnbjl5qNb3Y/F+0FSJi/SSCDUih2cKW6wOuCwAAB2uc7384Ij4REVeiFCPNszkAAADgNMk+NxYvk9b9PwAAAOB0SiNiLJK0nD/vOxZpWi63nuH9aJxNq7WN+qey0u71gvEopveWq5Xp/NmB8SgmjfJM/oxtu3xtX3k2It6NiO+XRpvl8kKtujjQKx8AAAAwPM7tG///s9Qa/wMAAACnzPigKwAAAACcOON/AAAAOP2M/wEAAOBU+8rt242Utd9/vfhga3Ol9uDqYmVjpby6uVBeqK3fLy/VakvN3+xbPezzqrXa/c/E2uajqXploz61sbV9d7W2uVa/u/zKK7ABAACAPnr3wtPfJRGx89nRNCKyZM+yYkQ2snflQv/rB5yc9Dgr//Hk6gH038igKwAMjFN6GF7FQVcAGLjD+oGuD+/8uvd1AQAATsbEx3bv/zdTw1v5smSgNQNOWn7/P3Gsw/Bx/x+Gl/t/MLyKB50BGBTAqZce4VB/8/v/WXasSgEAAD031kxJWs7HAWORpuVyxDvN1wIUk3vL1cp0RHwoIn5bKr7dKM80t0xcHgAAAAAAAAAAAAAAAAAAAAAAAACAI8qyJLIuRnfXAQAAAD7IItI/J/n7vyZKl8f2Xx94K/lXqTmNiIc/vvPDR/P1+vpMY/7fd+fXf5TPv9bvqxcAAABAJ+1xenscDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99OL544V26mfcv34hIsY7xS/Emeb0TBQj4uw/kijs2S6JiJEexN95EhHvdYqfNKoV43kt9sdPI2J0wPHP9SA+DLOnjf7n852OvzQuNqedj79Cnt5U9/4v3e3/Rrr0f+90+sD09VnvP/vFVNf4TyLeL3Tuf9rxky7xLx2xjd/4+vZ2t2XZTyMmOn7/JK/EmkoK96c2travLq/OL1WWKmuzszM35m7OXZ+bnrq3XK3kfzvG+N7Hf/mfg9p/tkv88UPaf/mI7f/3s0fPP9LKFvctKsZPsmzyUuf9/16X+O3vvk/mu7tRnmjnd1r5vc7//DfnLxzQ/sUu7T9s/08esf1XvvqdPxxxVQCgDza2tlfmq9XK+vEyScTOG2wuM1yZ0ehj0Pk4aJ32SWwf6vPtPNT/xS44dmZwfRIAAHAy/nfSP+iaAAAAAAAAAAAAAAAAAAAAwPA67GfAogc/J7Y/5s5gmgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcKD/BgAA//+6ychX")
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2200020, 0x0)
r3 = syz_clone(0x48021400, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$PTRACE_SETSIGMASK(0x420b, r3, 0x8, &(0x7f0000000000)={[0x4]})

625.735188ms ago: executing program 0 (id=1811):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003380)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000006cfa000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18)
socket$nl_rdma(0x10, 0x3, 0x14)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000400000000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x12, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf9100"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r4}, &(0x7f00000002c0), 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
lsm_set_self_attr(0x0, 0x0, 0xd4, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = socket(0x10, 0x803, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=@newtfilter={0x7c, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r7, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x50, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0x5, 0xd, 0x3, 0x4, 0x13, 0x2, 0x6, 0x7ffffffa, [{0x200, 0x500, 0x3, 0x6}, {0x2, 0x2, 0x8001, 0x10}, {0x0, 0x53, 0xa9, 0x1}]}}, @TCA_U32_LINK={0xfffffefa, 0x3, 0x80000000}]}}]}, 0x7c}}, 0x24040084)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r8}, 0x10)
time(0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

451.625182ms ago: executing program 0 (id=1812):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
getxattr(0x0, &(0x7f0000000000)=@known='user.incfs.metadata\x00', 0x0, 0x0)

450.655492ms ago: executing program 0 (id=1813):
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x10000000013, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet_tcp_int(r1, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r1, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10)
sendto$inet(r1, &(0x7f0000000200)="e1", 0xfea8, 0x0, 0x0, 0x0)
splice(r1, 0x0, r0, 0x0, 0xfea8, 0xa)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x6}, 0x18)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x1e, &(0x7f00000001c0)=0x400000001, 0x4)
setsockopt$inet6_tcp_int(r3, 0x6, 0x2000000000000022, &(0x7f0000000040)=0x1, 0x4)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000006c0)="ed", 0x1}], 0x1}}], 0x1, 0x4048841)

387.221348ms ago: executing program 0 (id=1814):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = socket$key(0xf, 0x3, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)={0x2, 0x13, 0x0, 0x0, 0x2, 0x0, 0x100, 0x25dfdbfd}, 0x10}}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={0x0}}, 0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0), 0x141840, 0x0)
splice(r2, 0x0, r3, &(0x7f0000000240)=0x4b7f, 0xfffffffffffffffa, 0x4)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000100)=0xffffffffffffffff, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='kfree\x00', r5, 0x0, 0x1000000000000}, 0x18)
r6 = add_key$keyring(&(0x7f0000000340), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000180)='sys_enter\x00', r7}, 0x10)
symlink(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
readlink(&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000001200)=""/4096, 0x1000)
keyctl$restrict_keyring(0xa, r6, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000400)='ex\x0f\xac\xd1\xeb\xf4\xd8&w\xef\x9f`T3%\xfa\xbf\xef\xeb\x8e1w\xfd')
getxattr(0x0, &(0x7f0000000300)=@known='user.incfs.size\x00', 0x0, 0x0)

356.123791ms ago: executing program 4 (id=1815):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18030000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0x101000, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x7)

286.165676ms ago: executing program 0 (id=1816):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10) (fail_nth: 1)

127.643029ms ago: executing program 4 (id=1817):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003380)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000006cfa000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)

18.304608ms ago: executing program 0 (id=1818):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
r2 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000080)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}], 0x1)
read(r2, &(0x7f0000000240)=""/28, 0xffd2)

0s ago: executing program 4 (id=1819):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f00000002c0)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff, {0xe6e3}}, './file0\x00'})
r3 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f00000003c0))
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
ptrace$setregs(0x1a, r4, 0x800000be, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000400)={{0x1, 0x1, 0x18, <r5=>0xffffffffffffffff, {<r6=>0x0, <r7=>0xee00}}, './file0\x00'})
r8 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @thr={&(0x7f0000000740)="f32386b40da0fa3c1a31112c80810ee5d240bcf5d681f5c7be071a43f63591831c9bd3c02216807124074e45c7a64424aa8a9d6d02774bc7f1ead3cba7d2f30fda26412eacf34776df8aa981c3a49bbb4bc00753af597c23f4962c5726561f", &(0x7f0000000380)="4c71ce86d14a02b63cd6f62b86c2cd29327ff485586f"}}, &(0x7f0000bbdffc))
statx(0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00', 0x800, 0x7ff, &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x0, <r9=>0x0})
getresgid(&(0x7f0000000800), &(0x7f0000000840)=<r10=>0x0, &(0x7f00000009c0))
sendmmsg$unix(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="633e32d0a5134968a675ed43f206e95bdb17d05b38ffecd987cea974055725a45256de7fe865f1daed0f2f32c986c62039a11588bc79267c00cbb62dc3c6157cb3a582f8902d06907e39001bf051ddf94596f06a66a192fc126d21cfbf02984a41fcf4aa1610b6d9ac275427fc93ab18378e3a9798441751b310d510ff6fa5e766e4ac33ec80abe70b", 0x89}, {&(0x7f0000001500)="12ed78b1921062062b035ca31c9172487b93ab347f03a66cba88c5a7fc4f99cd80479ec3ae95ff7391bbcb600c3bc6157e4548b1307b09a0dd930d07071141f1679262f0aa99a6a01b21d1b7f07abe4ddbfac5afbd9d97dd99166f11aadbcb0db4355793e81d941fe32cd5ad9a77e9d0c73e3999ae9951ef940d6321d402176263162748d37dacdcb61f1e91e185ec748fd723aa7d1930959e16057a7347a07969101ecf7e703d0d3fba9bd63b357e7c75326f59c0ec72b28b677e0e85d1bcc1159fa3ec06e3f0ecca1ec955ac86bbe897ee7158738e8c44fd776db9e23280265e111fe2b815ed1e7adf6b5a93699025c2e42f9dcf934deadd2b01aaf02e104dd0f4b586b7ff3e64a055a3094a7fc73fc479234fc1995c30918456f5ec77c3be5e6411f6e963ac1573ee6acec74c63852689dd0258af9a664f42dcab914affba0b9f0cb44f1a492dbb7768c387fe1dae4921526a8619932d6a48487b9bef97b6ccbd362711b17728cccf3464d6f1d32f3e5ec4741642bb912db3d06940c4b6cca707306487f11d90c5d4d269fa42c1c3c8c614dfcc5335a9b0d5839ec3f834e49277a2fb47215146eac7b1e1329bdbf018632e2c84a9f1bf6f7a13ad8d838bce7e24dc9ee889fbc2ba082452de07f044479328062b38b495ff13866fcb9acaaeee804a4c7043eac443e950f4878ca7857e83b672389695d6846cba5869c29c5aab8904683fe41c0a6304a80175a65cd313e570692c39f7ce92a7e521424a9bb891a17268e5b103c3d1238068620d4782c0f6af53f2de0dc2262ac816f51c745f19d1a11490934733ab679490bb675bfe29b1877399fb4e36ae665f7433b619309bc1d3e57be920bf30c7eb650c0d38134a78f1b62bb71d32b1927730b36fbe5476dc21720915b54d4cf813dda407da3411f0b861e09191fa23d3dbda7b3c3429552ab7be7972f450cb818d731882460fde58276099dfffea5c5ad85cbcfda98f266ff6174a19c9d4ec4428ad247653530db8be8a37397890d01e2af854f66a545a6edcfb84d8146bb51ea467f5b70e5985112bc766a1d888da4864c33c280510959c5334e276a4d5901f43f58ee83f128d1be2c555b296a771e2122dd332677172b7d2774d1c26c1ed5bfd92a8fe3232a702fae6f671f5013b3fdc639ae233a593e0d96768e0fc88a191845b8086413643486f71a8de7d245eac1184bfccb52bf3df383e72d75fef8b516fa9f4fbf6dda9be10947ed719b14486bcd8ddd0cc96775b6edb19d7cd91201b613e7d16f5e4dd54de7a21a47c059029a3a527a4c1e5d41ea5077b2abe4c728c9663d899ea7e4ba8943dd80c9f5f9913fc2863b03813cc157f38111008ccb991beaf4d8f2de7edebe40d5906aaf687bcae6872da43fb5a3e1c457c54c93d64a388243b16b9321b6f4ea84fb981c44038bd6860299ca1d1280d73e9b8e7c3508b29965f17191e73c4c9d7ded336134fa4ccd0781ab6bd3669b9ca4e507551b09634f135c476af049abefeb001b226d573cac82c72ac21b3f14f6b29e03538ea8b3464ef4267b228495212fefeb681f55beaee1e1de0edbf47b0af56c5e8e12906ae872b1b9fc911634964786aa6f2967173b2f48fb4877e1c27f646829bebd5c4ee1fe624528c8d27af60b92799f4bbe832575af1760eb67f696f0d69d8276c24ba5f0d82a2eb975b913e03c9606db3d201ca1af1c9853f1f8d0f26f8ccd027857909369bc3828bbeccaaf02f43ba5f30c2711f0be3a3c40f5dee230f53f7ef9b9a526f4c0f55eb139ffcd70d4fed10407d03606f400e5cd22dc71a440a4c46ceacd6eaa7387bf9f889a752e8a2441d29e8e69309a7408d6adb13f0a7a822587752f047cc6dc476f4f3f004c7e0456fda8e89e79f19d11de09642d6c46c674479dbbf7f3acc3133deb9b50c02690f814f4f708cf552fd4e7b7e3588a3d347a0385179d65d2f6d08a20d0561ec6d5ac33b3382b9938c1280e3db96819e2b934d94031bb027c25b8979021e673c83d62ab22889011acae66d668e1741b6b03b863f44b2dd9c28b95725f0124d8b8d36d47da9792cc2ad95cbcf99041663b8ecbe237bf5c610ce734450b40ce740aa1057e35e56d902313bdefa99e682bdc063d6c06f3f8815f0c1f8a3897f939f14e3209241c1f63131e473911b1a26955ac17aa7a3559c4bed8bb6f10f06d3baa3a46042f6108622bb059079309ab85bb55cd5dcd83576c0f0952b727735199b9e30df06e0c4cb8ac7c802923a7045cd0544e8f7fecaa0a1d134406b89e6fc5889ada001e23ce91cdc9d5a4051a36df3c6b99babe5af88a513c6c117535c09beb623eb6c08ca938d1b65d7c26d5b56d63e1df0f82c69462f4291ad3ee28b9733c40107185c2f8e5c48754dd8e42cff9d746e625e1717cb69ccf22fc0788d16f737a597702e63cfbe89e70107d446d7356cb63d8205d595cb8bbff91434116ebc554f5e31d56f857a974d8f6b46fa8e832b7fd54603447b2b8fbe628d5b530e1bb17c4c0817ca30fe23a640611297e86bc68008dbf24e44991dc93f05cf1ee487030e937b72bd4766d02dab440136ff9f8aca29d94b2cab4aa547c35d2320cafb15148d974df8415a64b5a489609a446c928dcc79584f10dbe0b3dca18f117d94bb168566fb5f3ae0b02e066e32a32a07a5cf7b4dd7cce42197d695e3e8a48b1038e4e3849179b82fe5a1309d2a4404b1e10e9b3d5d50960152915acbb37122361caef87f8214085f005f724381b850049b087ae3d8dc6a5a8e7b54068ef02e68adf6bdb1cfa30d1e671a6eadf60130e93fd8dde9e904c0fe2c918a0e0d3633458f30f27104be6821de0ba3d4aab5b09a50a3e3614d869647d520c7928aae3612595532fdcf055e4511fc25f1a59c0abe5738bc91baf56658b87acb30735f2276a29afeb1551e10f22fe898d909e5829d73c1320f7138cd16d9157d5f50e876a9afe2ae872f242edd8583415d43a5de8b5febd4fcd7d60d311b5d582e08f439594fb3200d3b4f8142bf5444f7bcb6a7d85635bd28bb98ab286c661f1674055eceab0612725d5def9f26284fc67ea000416c0ec0bcb9083aa9c41113a7d244e0a2e1c1147b0228db5ec95424943bf83f287b05a5f74923b5d99341cafb297d11dab13c0a5d20c1f847f7e9bca6a9fce4f52249a1a360584920e42932c20affbfe60c2a45e6b37d92dc640354f76a630d726380291fda4beeaab38b49856041e9749b58bb4091dbe2dfbd22f9abbe894cab80bcb449159b6e2a3741bd9d7ebb934264efa9eaf48ab4ef40ba82a0774b958e2de01d0386eaea9bb129fdccea78a2d7edd1f3077ff6b265646980c45adf6ca1298428b1ccaa50bd9ce7119cb051c19007abf4ecc607d531d75bbe6ac5f16000da578f135c7fe99e0bfe591416a13daae7eab130e603fe7b5518ab204c74a5e898d5df5d9e08a894e6ea8673e7489b1655f9a50eb4fb629f5e699a744117b07330ad3a6dcb1204bb11a6f6b3a6b98dfa3e006ba156830365089ab0fd9f5485b6a92d89e12904e3901d8dcca44b350c1dda06cd331c18872fc215c65c070eb1a1f5a768a337497ee46ebfce07688d9a29205bffab34e2abee0a25cfcb3eb046847d163b931cfc35715a1129879cedf2f9a13e6d84ec22bad645a6eeb39eafa4d31a42d893eeb589e080cac990d7aa9125bf205122c2ef0cc8a754fea7829a12f37ad133408e163e88852bfc0a7391f1c6f75b82f8b62bef61bac1d9b638bb1019c8c33cafe22c608daca38b31cae768029bd909e4316c711987a3d763fa983eb06c19f92268b419d890d378fb09c21d55cb475d0f82cde62d172847c919c5d4fa012af67ce5c22d7dfcb797a3687b70002651bb76bd4c54c30f569db36a4d92e330fc29273902ab70cc27b02403fd2230bcbc9fe63f18a40ab96d544b454b76792b9ac2873b56c24c40d5bc99a0e8b192620a236acb12a7483992530900a7b5152ec55249cee9bc3f30d421f9484f8af8c187735b5515432d5a17b8d28381e3154243e1cedc36439f007769f8b35e96b1fe60288b108191eee4d5c133f4e41cf5a5e8402b6db099bf54f1d95ee96b0fad4b3611c41c70f5fbaa7fd6ba94bf3d7282aca49794255627a2785e5871ccfd740872ad3139961ba1482f44037d607695e3b8dd90cf1c0822438470c2db9c702c815f2179191b197d421198d3da756446daf3f92abad28b821529c4f71bdb56dca6f616bc84baf305d8ba215c94c87b4a58b56417f5a7eb60c1696ab454a7f879cde12c0f2a377e01887747fc99a8e6bb069c193eefe7ad8bf43fe03b94e061cb73d1a976829df620b5da49feb0515be1409d77ee7dd0cdb9ee2f46fac38da1f3169a67a9cdd24fc4d9e0d2c04ecd0634254a689d6038a561bb27bc0308909ebd1b1076fee6646505b4c7d4710764ff8b59660360d48e65ffadb3dc2ac08e0e3d50a493740e199fa3e524bc170f2ff08cc486c92dc151e2500dd30673a886b9dfb0ef3191ba4efc9bce912bfd07169f18b6e1059ce6c3779c6b11bf1bae0e8535b634da9f7fdbe5b077422cf35dee8febfdb5a0af8f57a39fa93e1c0c64cc3b5ca15cecb055aa334543eedffcb32cf41f9fe3a5f9e8e5489fa864ecec43fdcb1623619a968467c0730499cc654d93576493c70494c443100ed5017351bfb6feb10264ac9c0cd514c5b33b09f90168db63f5694d8e39af1bf2d74c7db27a20518133fc13343bd193dd0f8ce3b0485571d2ef40c1a0ac79431bec8a05d5be70fec3f0c531a8b504425fce0f72014e7f0ac957dd97b155a9b0a5db70607559b8f762957cd1cf727cd69f9201bdddd176a43d03a3ee625dcb58cf78061e05679927b11337e21e42047f3c68c5a68af48b9cfc2292bd0ec7fdedfc13388ade5b9dc89d79df6c151d77b15c712d44b400cb032a1df6604850199b3aa150a0155f6c9cdb210e79bc2085524d1e7ff9b1cca23ebd0946f380d5abd2d6bda24651c9b0a0fd914d14de90048690ceed67694dba93afcf00f16ab38d8a04f8745ca801bdbfd9c3b5401dafddc152206dd44ec724fdd8a5fc8e666e97582aee773325d5574481590c26d2482cb4f4adf9a8127bf66ba937981308db273255467a40375840ce3eb31c50ebd82a7acc9334879e7da42b055f0a04208f638f369eae4b06e1b04b7d9a01541a4f4bca667f256f10c6b49a38ff0d6a4e9f4035c4cfd9fb806a736abbd76a4dbb35ad8f32b04ac76cd36dcd4dfc7cd44257e8663b6424c9af1a9248b70d9890a4722c03a2c3e7aa91425b2921047c4041a483775e0f4e5805420e0854cfb16a6e61efbc805e5e68b0454ff86061ea3b3b0d02d5602125f3a1378581efad3ad7adcfd246a168e99f4d6768c957df96eafaa107a0f2a18e081677d2ef49e3a9a07145983d01462468b99691a9bc8e6364d074537c6a913d79391a02819e3491ace310a2dc9b18cd74e651ca77e464fe060fb790cb5d5899e6ec0f470d8f0bd22f986f9c9a36ee13df8ecbafa46106b8b0142fe8394fcd078546547c562e690ba610f6a4284371a7a84d6fbc1341e7e88f8dca6a3da2b2fdd7e9311836cd341242a620321d4550b28a43d5dc455afb980af93478c97cbcb51f85dcd131be132d248a479947344ad625182e245ca095a44ae64e23d1de12245d03493abdbf9dd64bb2be7b220a5fcc2b297be74b0bf8bd14c839babf35877d63d0496d010b9744097e408d3f3e26c8afe72dd482a3816b489eabbdce5ad9f2c8fbeb2f0642374cac087253641220e5", 0x1000}, {&(0x7f00000008c0)="7bfd0d3f44f2f08ae1d3df52e73ac725336ccacb08208555c7a19bea8bee45db59c08ae42812828ee3789a3e5e1e3d97f1c7083278dd96133d209a4bc00233a6a2f6dc90fd3ce225faa092ab4abbe14c8a89681647d560f1f03b59bda1554c6b5154fc2bf77214a74fce16bba4cd7da5b43e6c4d0dbad8ba7f5eea9b5b0f53e09dc26e65481a1dcd538764bf91e9e283a31bf9764b83e324af445db043549d2a08d791c8174eb4edd7d0e6e396dd07c879a2f6a1eabf993118895103823424b8e372bccc0825ebf3f440f1e35b4d969de6a2227546794975c9ec70804fe9363d17", 0xe1}, {&(0x7f00000004c0)="6c876167a6c8a462ef77ca79758b8f3c1210bbcaae5f924283830b5715510bbf778e508be9b1736078eb8517e9cfcdbeaab253e04762323dbb977f171e93ceb506442d882b28c2c0dd2d26cb5d486ec5bcd6e154d584e084ddac86a66049a79e1c737f9eb42fc22853d67a0696ebda86306e827b62fbe6b713045272f54718cc7b184ab36e5bcd", 0x87}, {&(0x7f0000000d40)="704fecf0898dd7db83b784ebe7e42f8a1e471c98a26b541c726986ddb78482481e9bed2cce4094e08aba678976779f1fb491280521b1275fb3cb5dff1264368aa9198037409c6f274559161a418e8ce34dc4dbba89df307889046fba3b4edb6c663defb0a6cf0eae461e113991a46d9e2272e3409ebb803fadc13e46a825a0d4c5086fd6cd2cacf6cefaaeda137a8807a6efd516213486f85ede9c8d72b69f87cd4514d4efe10b2a4ccbaef311408ca2676c62f4c78bd272ec0da07deaafa08be0ec18292a12be8584bbc8694e8a70c45afa4e01cada0e5a819f23", 0xdb}], 0x5, &(0x7f0000000a00)=ANY=[@ANYRES8=r5, @ANYRESOCT, @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYRES32=r3, @ANYBLOB="0000000006000000000000000100cf0002020000", @ANYRES32=r2, @ANYRES32, @ANYRES32=r7, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r8, @ANYRES32=r9, @ANYRES32=r10, @ANYBLOB='\x00\x00\x00\x00'], 0x68, 0x41}}], 0x1, 0x404c010)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYRES32=r6, @ANYRES8, @ANYRES64=r0, @ANYBLOB="3cf5f8250164fcfb00a3708bf159f8c1e34ca03d1c9819bb377d1940dfd8bcfdab237f127bf299f58f07824f41b972ddfdc3d8ff84a42367b9ec985ffa2c228065f339292de269b026d7d0cf36e6f8a8820d8e7aa236f16733e13cd4b3c422e1a615b4f097bc9c3fc2ccf8a4a716885a5555632a94a95c09c6bc241291aae9b800fca2cb9d1888f530509c7856939b7a7addde82a1d4bb3500a107"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r11}, 0x4)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r11, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x8, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r12}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0xfd, 0x0, 0x7ffc0002}]})
rt_sigaction(0x19, 0x0, 0x0, 0x8, &(0x7f0000000440))
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r13}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)

kernel console output (not intermixed with test programs):

6446]  dump_stack+0x15/0x1b
[   88.372131][ T6446]  should_fail_ex+0x265/0x280
[   88.372178][ T6446]  should_failslab+0x8c/0xb0
[   88.372208][ T6446]  kmem_cache_alloc_lru_noprof+0x55/0x310
[   88.372244][ T6446]  ? shmem_alloc_inode+0x34/0x50
[   88.372274][ T6446]  ? __pfx_shmem_alloc_inode+0x10/0x10
[   88.372369][ T6446]  shmem_alloc_inode+0x34/0x50
[   88.372390][ T6446]  alloc_inode+0x3d/0x170
[   88.372418][ T6446]  new_inode+0x1d/0xe0
[   88.372447][ T6446]  shmem_get_inode+0x244/0x750
[   88.372481][ T6446]  __shmem_file_setup+0x113/0x210
[   88.372520][ T6446]  shmem_file_setup+0x3b/0x50
[   88.372561][ T6446]  __se_sys_memfd_create+0x2c3/0x590
[   88.372587][ T6446]  __x64_sys_memfd_create+0x31/0x40
[   88.372649][ T6446]  x64_sys_call+0x2abe/0x2ff0
[   88.372718][ T6446]  do_syscall_64+0xd2/0x200
[   88.372753][ T6446]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   88.372850][ T6446]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   88.372977][ T6446]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.373007][ T6446] RIP: 0033:0x7f5f553feb69
[   88.373030][ T6446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.373055][ T6446] RSP: 002b:00007f5f53a5ee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   88.373082][ T6446] RAX: ffffffffffffffda RBX: 000000000000050a RCX: 00007f5f553feb69
[   88.373099][ T6446] RDX: 00007f5f53a5eef0 RSI: 0000000000000000 RDI: 00007f5f55482784
[   88.373139][ T6446] RBP: 0000200000000200 R08: 00007f5f53a5ebb7 R09: 00007f5f53a5ee40
[   88.373228][ T6446] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000001c0
[   88.373245][ T6446] R13: 00007f5f53a5eef0 R14: 00007f5f53a5eeb0 R15: 0000200000000080
[   88.373274][ T6446]  </TASK>
[   88.599607][ T6438] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   88.614123][ T6432] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.693756][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.796845][ T6467] lo speed is unknown, defaulting to 1000
[   88.847004][ T6470] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(6)
[   88.853646][ T6470] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   88.861286][ T6470] vhci_hcd vhci_hcd.0: Device attached
[   88.973329][ T6483] loop3: detected capacity change from 0 to 1024
[   89.017454][ T6483] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.031843][   T29] kauditd_printk_skb: 362 callbacks suppressed
[   89.031861][   T29] audit: type=1400 audit(1754127861.624:4426): avc:  denied  { create } for  pid=6488 comm="syz.2.1081" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   89.063485][   T29] audit: type=1400 audit(1754127861.654:4427): avc:  denied  { mounton } for  pid=6488 comm="syz.2.1081" path="/252/file0" dev="tmpfs" ino=1366 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   89.091281][   T29] audit: type=1400 audit(1754127861.684:4428): avc:  denied  { mount } for  pid=6488 comm="syz.2.1081" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   89.123724][   T29] audit: type=1400 audit(1754127861.704:4429): avc:  denied  { write } for  pid=6488 comm="syz.2.1081" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   89.144665][   T29] audit: type=1400 audit(1754127861.704:4430): avc:  denied  { open } for  pid=6488 comm="syz.2.1081" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   89.166203][   T29] audit: type=1400 audit(1754127861.724:4431): avc:  denied  { unmount } for  pid=3301 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   89.167069][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.193623][ T6495] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   89.212849][ T6495] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   89.222089][ T6500] loop3: detected capacity change from 0 to 128
[   89.251654][   T29] audit: type=1400 audit(1754127861.844:4432): avc:  denied  { unlink } for  pid=3301 comm="syz-executor" name="file0" dev="tmpfs" ino=1366 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   89.295502][   T29] audit: type=1400 audit(1754127861.884:4433): avc:  denied  { create } for  pid=6503 comm="syz.2.1087" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[   89.546047][ T6523] syzkaller0: entered promiscuous mode
[   89.552444][ T6523] syzkaller0: entered allmulticast mode
[   89.627156][ T6471] vhci_hcd: connection closed
[   89.627376][  T110] vhci_hcd: stop threads
[   89.636346][  T110] vhci_hcd: release socket
[   89.641523][  T110] vhci_hcd: disconnect device
[   89.704139][   T29] audit: type=1400 audit(1754127862.294:4434): avc:  denied  { listen } for  pid=6528 comm="+}[@" lport=38911 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   89.726798][   T29] audit: type=1400 audit(1754127862.294:4435): avc:  denied  { accept } for  pid=6528 comm="+}[@" lport=38911 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   89.815441][ T6540] FAULT_INJECTION: forcing a failure.
[   89.815441][ T6540] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   89.828644][ T6540] CPU: 1 UID: 0 PID: 6540 Comm: syz.0.1100 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   89.828682][ T6540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   89.828696][ T6540] Call Trace:
[   89.828703][ T6540]  <TASK>
[   89.828715][ T6540]  __dump_stack+0x1d/0x30
[   89.828793][ T6540]  dump_stack_lvl+0xe8/0x140
[   89.828870][ T6540]  dump_stack+0x15/0x1b
[   89.828891][ T6540]  should_fail_ex+0x265/0x280
[   89.828933][ T6540]  should_fail+0xb/0x20
[   89.829037][ T6540]  should_fail_usercopy+0x1a/0x20
[   89.829061][ T6540]  _copy_to_user+0x20/0xa0
[   89.829126][ T6540]  pagemap_read+0x379/0x5e0
[   89.829153][ T6540]  ? __pfx_pagemap_read+0x10/0x10
[   89.829258][ T6540]  vfs_read+0x1a0/0x6f0
[   89.829277][ T6540]  ? __rcu_read_unlock+0x4f/0x70
[   89.829300][ T6540]  ? __fget_files+0x184/0x1c0
[   89.829335][ T6540]  __x64_sys_pread64+0xfd/0x150
[   89.829427][ T6540]  x64_sys_call+0x29e2/0x2ff0
[   89.829449][ T6540]  do_syscall_64+0xd2/0x200
[   89.829472][ T6540]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   89.829494][ T6540]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   89.829579][ T6540]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.829602][ T6540] RIP: 0033:0x7f46707ceb69
[   89.829617][ T6540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.829640][ T6540] RSP: 002b:00007f466ee37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[   89.829663][ T6540] RAX: ffffffffffffffda RBX: 00007f46709f5fa0 RCX: 00007f46707ceb69
[   89.829677][ T6540] RDX: 0000000000200000 RSI: 0000200000001240 RDI: 0000000000000003
[   89.829693][ T6540] RBP: 00007f466ee37090 R08: 0000000000000000 R09: 0000000000000000
[   89.829730][ T6540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   89.829797][ T6540] R13: 0000000000000000 R14: 00007f46709f5fa0 R15: 00007ffcf8edb378
[   89.829817][ T6540]  </TASK>
[   89.841394][ T6538] vhci_hcd: invalid port number 96
[   90.039067][ T6538] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   90.228143][ T6572] loop4: detected capacity change from 0 to 512
[   90.248105][ T6572] EXT4-fs: Ignoring removed mblk_io_submit option
[   90.264924][ T6572] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   90.289526][ T6572] EXT4-fs (loop4): 1 truncate cleaned up
[   90.295668][ T6572] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.310383][ T6575] syzkaller0: entered promiscuous mode
[   90.315955][ T6575] syzkaller0: entered allmulticast mode
[   90.392229][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.518216][ T6619] loop3: detected capacity change from 0 to 128
[   90.593139][ T6623] netlink: 340 bytes leftover after parsing attributes in process `syz.1.1126'.
[   90.607608][ T6619] loop3: detected capacity change from 0 to 128
[   90.637489][ T6619] vfat: Unknown parameter '
'
[   90.646283][ T6623] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1126'.
[   90.746909][ T6619] vhci_hcd: invalid port number 96
[   90.752104][ T6619] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   91.065374][ T6676] netlink: 340 bytes leftover after parsing attributes in process `syz.0.1139'.
[   91.099144][ T6676] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1139'.
[   91.136824][ T6664] syzkaller0: entered promiscuous mode
[   91.142416][ T6664] syzkaller0: entered allmulticast mode
[   91.173846][ T6680] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1140'.
[   91.302012][ T6694] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1145'.
[   91.359565][ T6695] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6695 comm=syz.2.1144
[   91.414273][ T6695] hub 6-0:1.0: USB hub found
[   91.433233][ T6695] hub 6-0:1.0: 8 ports detected
[   91.513407][ T6711] FAULT_INJECTION: forcing a failure.
[   91.513407][ T6711] name failslab, interval 1, probability 0, space 0, times 0
[   91.526212][ T6711] CPU: 1 UID: 0 PID: 6711 Comm: syz.4.1150 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   91.526240][ T6711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   91.526252][ T6711] Call Trace:
[   91.526260][ T6711]  <TASK>
[   91.526268][ T6711]  __dump_stack+0x1d/0x30
[   91.526293][ T6711]  dump_stack_lvl+0xe8/0x140
[   91.526364][ T6711]  dump_stack+0x15/0x1b
[   91.526386][ T6711]  should_fail_ex+0x265/0x280
[   91.526428][ T6711]  should_failslab+0x8c/0xb0
[   91.526463][ T6711]  kmem_cache_alloc_noprof+0x50/0x310
[   91.526524][ T6711]  ? getname_flags+0x80/0x3b0
[   91.526559][ T6711]  getname_flags+0x80/0x3b0
[   91.526592][ T6711]  __se_sys_mq_unlink+0x6b/0x260
[   91.526672][ T6711]  __x64_sys_mq_unlink+0x1f/0x30
[   91.526770][ T6711]  x64_sys_call+0x28ae/0x2ff0
[   91.526796][ T6711]  do_syscall_64+0xd2/0x200
[   91.526827][ T6711]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   91.526858][ T6711]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   91.526892][ T6711]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.526920][ T6711] RIP: 0033:0x7fd29ec9eb69
[   91.526935][ T6711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.526954][ T6711] RSP: 002b:00007fd29d2ff038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f1
[   91.526973][ T6711] RAX: ffffffffffffffda RBX: 00007fd29eec5fa0 RCX: 00007fd29ec9eb69
[   91.526994][ T6711] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[   91.527010][ T6711] RBP: 00007fd29d2ff090 R08: 0000000000000000 R09: 0000000000000000
[   91.527025][ T6711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.527041][ T6711] R13: 0000000000000000 R14: 00007fd29eec5fa0 R15: 00007fff1f80c638
[   91.527066][ T6711]  </TASK>
[   92.010991][ T6730] FAULT_INJECTION: forcing a failure.
[   92.010991][ T6730] name failslab, interval 1, probability 0, space 0, times 0
[   92.023693][ T6730] CPU: 1 UID: 0 PID: 6730 Comm: syz.3.1158 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   92.023780][ T6730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   92.023796][ T6730] Call Trace:
[   92.023804][ T6730]  <TASK>
[   92.023815][ T6730]  __dump_stack+0x1d/0x30
[   92.023868][ T6730]  dump_stack_lvl+0xe8/0x140
[   92.023893][ T6730]  dump_stack+0x15/0x1b
[   92.023914][ T6730]  should_fail_ex+0x265/0x280
[   92.023957][ T6730]  should_failslab+0x8c/0xb0
[   92.024019][ T6730]  kmem_cache_alloc_noprof+0x50/0x310
[   92.024045][ T6730]  ? security_inode_alloc+0x37/0x100
[   92.024078][ T6730]  security_inode_alloc+0x37/0x100
[   92.024103][ T6730]  inode_init_always_gfp+0x4b7/0x500
[   92.024199][ T6730]  ? __pfx_shmem_alloc_inode+0x10/0x10
[   92.024227][ T6730]  alloc_inode+0x58/0x170
[   92.024331][ T6730]  new_inode+0x1d/0xe0
[   92.024411][ T6730]  shmem_get_inode+0x244/0x750
[   92.024448][ T6730]  __shmem_file_setup+0x113/0x210
[   92.024548][ T6730]  shmem_file_setup+0x3b/0x50
[   92.024579][ T6730]  __se_sys_memfd_create+0x2c3/0x590
[   92.024602][ T6730]  __x64_sys_memfd_create+0x31/0x40
[   92.024689][ T6730]  x64_sys_call+0x2abe/0x2ff0
[   92.024717][ T6730]  do_syscall_64+0xd2/0x200
[   92.024747][ T6730]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   92.024796][ T6730]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   92.024816][ T6730]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.024843][ T6730] RIP: 0033:0x7f5f553feb69
[   92.024938][ T6730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.024961][ T6730] RSP: 002b:00007f5f53a5ee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   92.024985][ T6730] RAX: ffffffffffffffda RBX: 0000000000000531 RCX: 00007f5f553feb69
[   92.025002][ T6730] RDX: 00007f5f53a5eef0 RSI: 0000000000000000 RDI: 00007f5f55482784
[   92.025017][ T6730] RBP: 0000200000000640 R08: 00007f5f53a5ebb7 R09: 00007f5f53a5ee40
[   92.025099][ T6730] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000500
[   92.025115][ T6730] R13: 00007f5f53a5eef0 R14: 00007f5f53a5eeb0 R15: 00002000000001c0
[   92.025140][ T6730]  </TASK>
[   92.347406][ T6735] FAULT_INJECTION: forcing a failure.
[   92.347406][ T6735] name failslab, interval 1, probability 0, space 0, times 0
[   92.360148][ T6735] CPU: 0 UID: 0 PID: 6735 Comm: syz.3.1161 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   92.360243][ T6735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   92.360259][ T6735] Call Trace:
[   92.360268][ T6735]  <TASK>
[   92.360278][ T6735]  __dump_stack+0x1d/0x30
[   92.360303][ T6735]  dump_stack_lvl+0xe8/0x140
[   92.360328][ T6735]  dump_stack+0x15/0x1b
[   92.360429][ T6735]  should_fail_ex+0x265/0x280
[   92.360472][ T6735]  should_failslab+0x8c/0xb0
[   92.360503][ T6735]  kmem_cache_alloc_noprof+0x50/0x310
[   92.360538][ T6735]  ? security_inode_alloc+0x37/0x100
[   92.360645][ T6735]  security_inode_alloc+0x37/0x100
[   92.360730][ T6735]  inode_init_always_gfp+0x4b7/0x500
[   92.360760][ T6735]  ? __pfx_shmem_alloc_inode+0x10/0x10
[   92.360819][ T6735]  alloc_inode+0x58/0x170
[   92.360840][ T6735]  new_inode+0x1d/0xe0
[   92.360870][ T6735]  shmem_get_inode+0x244/0x750
[   92.360900][ T6735]  __shmem_file_setup+0x113/0x210
[   92.360977][ T6735]  shmem_file_setup+0x3b/0x50
[   92.361024][ T6735]  __se_sys_memfd_create+0x2c3/0x590
[   92.361051][ T6735]  __x64_sys_memfd_create+0x31/0x40
[   92.361077][ T6735]  x64_sys_call+0x2abe/0x2ff0
[   92.361103][ T6735]  do_syscall_64+0xd2/0x200
[   92.361208][ T6735]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   92.361239][ T6735]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   92.361267][ T6735]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.361295][ T6735] RIP: 0033:0x7f5f553feb69
[   92.361314][ T6735] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.361381][ T6735] RSP: 002b:00007f5f53a5ed68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   92.361405][ T6735] RAX: ffffffffffffffda RBX: 00000000000005df RCX: 00007f5f553feb69
[   92.361417][ T6735] RDX: 00007f5f53a5edec RSI: 0000000000000000 RDI: 00007f5f55482784
[   92.361429][ T6735] RBP: 0000200000000000 R08: 00007f5f53a5eb07 R09: 0000000000000000
[   92.361441][ T6735] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001
[   92.361454][ T6735] R13: 00007f5f53a5edec R14: 00007f5f53a5edf0 R15: 00007ffd79c59588
[   92.361478][ T6735]  </TASK>
[   92.734089][ T6726] syzkaller0: entered promiscuous mode
[   92.739730][ T6726] syzkaller0: entered allmulticast mode
[   92.756748][ T6748] loop3: detected capacity change from 0 to 512
[   92.776665][ T6748] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   92.817413][ T6748] EXT4-fs (loop3): 1 truncate cleaned up
[   92.823669][ T6748] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.901436][ T6751] lo speed is unknown, defaulting to 1000
[   92.915595][ T6748] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.022386][ T6743] loop3: detected capacity change from 0 to 2048
[   93.258404][ T6777] FAULT_INJECTION: forcing a failure.
[   93.258404][ T6777] name failslab, interval 1, probability 0, space 0, times 0
[   93.271244][ T6777] CPU: 1 UID: 0 PID: 6777 Comm: syz.3.1170 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   93.271296][ T6777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   93.271392][ T6777] Call Trace:
[   93.271399][ T6777]  <TASK>
[   93.271407][ T6777]  __dump_stack+0x1d/0x30
[   93.271427][ T6777]  dump_stack_lvl+0xe8/0x140
[   93.271449][ T6777]  dump_stack+0x15/0x1b
[   93.271470][ T6777]  should_fail_ex+0x265/0x280
[   93.271552][ T6777]  ? __se_sys_memfd_create+0x1cc/0x590
[   93.271580][ T6777]  should_failslab+0x8c/0xb0
[   93.271612][ T6777]  __kmalloc_cache_noprof+0x4c/0x320
[   93.271649][ T6777]  ? fput+0x8f/0xc0
[   93.271745][ T6777]  __se_sys_memfd_create+0x1cc/0x590
[   93.271803][ T6777]  __x64_sys_memfd_create+0x31/0x40
[   93.271829][ T6777]  x64_sys_call+0x2abe/0x2ff0
[   93.271849][ T6777]  do_syscall_64+0xd2/0x200
[   93.271872][ T6777]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   93.271968][ T6777]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   93.272025][ T6777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.272054][ T6777] RIP: 0033:0x7f5f553feb69
[   93.272074][ T6777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.272147][ T6777] RSP: 002b:00007f5f53a3dd68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   93.272171][ T6777] RAX: ffffffffffffffda RBX: 00000000000005d6 RCX: 00007f5f553feb69
[   93.272188][ T6777] RDX: 00007f5f53a3ddec RSI: 0000000000000000 RDI: 00007f5f55482784
[   93.272205][ T6777] RBP: 0000200000000880 R08: 00007f5f53a3db07 R09: 0000000000000000
[   93.272219][ T6777] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001
[   93.272231][ T6777] R13: 00007f5f53a3ddec R14: 00007f5f53a3ddf0 R15: 00007ffd79c59588
[   93.272251][ T6777]  </TASK>
[   93.279077][ T6773] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1169'.
[   93.522563][ T6785] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1175'.
[   93.533435][ T6787] FAULT_INJECTION: forcing a failure.
[   93.533435][ T6787] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   93.547370][ T6787] CPU: 0 UID: 0 PID: 6787 Comm: syz.4.1176 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   93.547419][ T6787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   93.547435][ T6787] Call Trace:
[   93.547444][ T6787]  <TASK>
[   93.547453][ T6787]  __dump_stack+0x1d/0x30
[   93.547481][ T6787]  dump_stack_lvl+0xe8/0x140
[   93.547506][ T6787]  dump_stack+0x15/0x1b
[   93.547603][ T6787]  should_fail_ex+0x265/0x280
[   93.547646][ T6787]  should_fail+0xb/0x20
[   93.547684][ T6787]  should_fail_usercopy+0x1a/0x20
[   93.547782][ T6787]  _copy_to_user+0x20/0xa0
[   93.547815][ T6787]  __x64_sys_getrlimit+0x104/0x150
[   93.547845][ T6787]  x64_sys_call+0x2927/0x2ff0
[   93.547866][ T6787]  do_syscall_64+0xd2/0x200
[   93.547962][ T6787]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   93.547993][ T6787]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   93.548041][ T6787]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.548063][ T6787] RIP: 0033:0x7fd29ec9eb69
[   93.548079][ T6787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.548098][ T6787] RSP: 002b:00007fd29d2ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000061
[   93.548122][ T6787] RAX: ffffffffffffffda RBX: 00007fd29eec5fa0 RCX: 00007fd29ec9eb69
[   93.548157][ T6787] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 000000000000000a
[   93.548173][ T6787] RBP: 00007fd29d2ff090 R08: 0000000000000000 R09: 0000000000000000
[   93.548189][ T6787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.548205][ T6787] R13: 0000000000000000 R14: 00007fd29eec5fa0 R15: 00007fff1f80c638
[   93.548231][ T6787]  </TASK>
[   94.113472][ T6810] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.179349][ T6810] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.229388][ T6810] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.258748][ T6829] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1189'.
[   94.286236][   T29] kauditd_printk_skb: 273 callbacks suppressed
[   94.286255][   T29] audit: type=1400 audit(1754127866.874:4709): avc:  denied  { append } for  pid=6828 comm="syz.2.1190" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   94.342308][ T6810] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.363317][   T29] audit: type=1400 audit(1754127866.934:4710): avc:  denied  { append } for  pid=6831 comm="syz.0.1191" name="001" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   94.459364][  T110] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.478527][  T110] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.491820][  T110] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.516542][  T110] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.558018][ T6845] siw: device registration error -23
[   94.577249][ T6769] syz.3.1170 (6769) used greatest stack depth: 7856 bytes left
[   94.603677][ T6851] netlink: 340 bytes leftover after parsing attributes in process `syz.3.1199'.
[   94.897656][   T29] audit: type=1326 audit(1754127867.494:4711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6881 comm="syz.4.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd29ec9eb69 code=0x7ffc0000
[   94.903521][ T6864] syzkaller0: entered promiscuous mode
[   94.922201][   T29] audit: type=1326 audit(1754127867.494:4712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6881 comm="syz.4.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd29ec9eb69 code=0x7ffc0000
[   94.926981][ T6864] syzkaller0: entered allmulticast mode
[   95.058570][   T29] audit: type=1326 audit(1754127867.554:4713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6881 comm="syz.4.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7fd29ec9eb69 code=0x7ffc0000
[   95.082635][   T29] audit: type=1326 audit(1754127867.554:4714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6881 comm="syz.4.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd29ec9eb69 code=0x7ffc0000
[   95.106142][   T29] audit: type=1326 audit(1754127867.554:4715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6881 comm="syz.4.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd29ec9eb69 code=0x7ffc0000
[   95.130219][   T29] audit: type=1326 audit(1754127867.564:4716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6881 comm="syz.4.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd29ec9eb69 code=0x7ffc0000
[   95.153850][   T29] audit: type=1326 audit(1754127867.564:4717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6881 comm="syz.4.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd29ec9eb69 code=0x7ffc0000
[   95.178259][   T29] audit: type=1326 audit(1754127867.564:4718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6881 comm="syz.4.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd29ec9eb69 code=0x7ffc0000
[   95.213618][ T6889] syzkaller0: entered promiscuous mode
[   95.219432][ T6889] syzkaller0: entered allmulticast mode
[   95.552958][ T6932] capability: warning: `syz.3.1226' uses deprecated v2 capabilities in a way that may be insecure
[   95.601617][ T6932] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   95.772891][ T6929] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   95.810906][ T6929] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   96.097766][ T6953] loop3: detected capacity change from 0 to 128
[   96.132758][ T6951] lo speed is unknown, defaulting to 1000
[   96.138609][ T6953] loop3: detected capacity change from 0 to 128
[   96.138831][ T6953] vfat: Unknown parameter '
'
[   96.209609][ T6953] vhci_hcd: invalid port number 96
[   96.214791][ T6953] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   96.590366][ T6973] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=6973 comm=syz.0.1242
[   96.728021][ T6975] syzkaller0: entered promiscuous mode
[   96.733579][ T6975] syzkaller0: entered allmulticast mode
[   96.808824][ T6981] __nla_validate_parse: 3 callbacks suppressed
[   96.808839][ T6981] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1245'.
[   96.828789][ T6977] syzkaller0: entered promiscuous mode
[   96.834335][ T6977] syzkaller0: entered allmulticast mode
[   96.918589][ T6987] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1247'.
[   97.112986][ T7002] vhci_hcd: invalid port number 96
[   97.118231][ T7002] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   97.214843][ T7015] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1261'.
[   97.352833][ T7025] loop3: detected capacity change from 0 to 8192
[   97.428914][ T3605]  loop3: p1 p2 p3 p4
[   97.434613][ T3605] loop3: p1 size 3523149824 extends beyond EOD, truncated
[   97.449577][ T7039] loop4: detected capacity change from 0 to 512
[   97.450959][ T3605] loop3: p2 start 4293394688 is beyond EOD, truncated
[   97.462807][ T3605] loop3: p3 start 150994944 is beyond EOD, truncated
[   97.466983][ T7039] EXT4-fs: Ignoring removed mblk_io_submit option
[   97.469553][ T3605] loop3: p4 size 50331648 extends beyond EOD, truncated
[   97.490754][ T7039] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   97.492097][ T7025]  loop3: p1 p2 p3 p4
[   97.507672][ T7025] loop3: p1 size 3523149824 extends beyond EOD, truncated
[   97.515608][ T7025] loop3: p2 start 4293394688 is beyond EOD, truncated
[   97.522542][ T7025] loop3: p3 start 150994944 is beyond EOD, truncated
[   97.529301][ T7025] loop3: p4 size 50331648 extends beyond EOD, truncated
[   97.531532][ T7039] EXT4-fs (loop4): 1 truncate cleaned up
[   97.562208][ T7039] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.617079][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.655769][ T3487] udevd[3487]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   97.670415][ T3605] udevd[3605]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   97.760523][ T3605] udevd[3605]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   97.778680][ T7069] vhci_hcd: invalid port number 96
[   97.783896][ T7069] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   97.799239][ T3487] udevd[3487]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   97.814176][ T7073] loop3: detected capacity change from 0 to 512
[   97.826366][ T7067] FAULT_INJECTION: forcing a failure.
[   97.826366][ T7067] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   97.839539][ T7067] CPU: 1 UID: 0 PID: 7067 Comm: syz.0.1281 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   97.839574][ T7067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   97.839655][ T7067] Call Trace:
[   97.839664][ T7067]  <TASK>
[   97.839675][ T7067]  __dump_stack+0x1d/0x30
[   97.839703][ T7067]  dump_stack_lvl+0xe8/0x140
[   97.839846][ T7067]  dump_stack+0x15/0x1b
[   97.839875][ T7067]  should_fail_ex+0x265/0x280
[   97.839998][ T7067]  should_fail+0xb/0x20
[   97.840037][ T7067]  should_fail_usercopy+0x1a/0x20
[   97.840061][ T7067]  _copy_from_user+0x1c/0xb0
[   97.840085][ T7067]  bpf_test_init+0xdf/0x160
[   97.840155][ T7067]  bpf_prog_test_run_skb+0x144/0xbd0
[   97.840184][ T7067]  ? __rcu_read_unlock+0x4f/0x70
[   97.840264][ T7067]  ? __fget_files+0x184/0x1c0
[   97.840301][ T7067]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[   97.840340][ T7067]  bpf_prog_test_run+0x227/0x390
[   97.840462][ T7067]  __sys_bpf+0x4b9/0x7b0
[   97.840508][ T7067]  __x64_sys_bpf+0x41/0x50
[   97.840540][ T7067]  x64_sys_call+0x2aea/0x2ff0
[   97.840595][ T7067]  do_syscall_64+0xd2/0x200
[   97.840626][ T7067]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   97.840654][ T7067]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   97.840683][ T7067]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.840724][ T7067] RIP: 0033:0x7f46707ceb69
[   97.840744][ T7067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.840768][ T7067] RSP: 002b:00007f466ee37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   97.840790][ T7067] RAX: ffffffffffffffda RBX: 00007f46709f5fa0 RCX: 00007f46707ceb69
[   97.840816][ T7067] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[   97.840874][ T7067] RBP: 00007f466ee37090 R08: 0000000000000000 R09: 0000000000000000
[   97.840891][ T7067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.840906][ T7067] R13: 0000000000000000 R14: 00007f46709f5fa0 R15: 00007ffcf8edb378
[   97.840930][ T7067]  </TASK>
[   97.849739][ T7073] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   98.066920][ T7073] EXT4-fs (loop3): 1 truncate cleaned up
[   98.102385][ T7073] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.119344][ T7073] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.139476][ T7084] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1287'.
[   98.185678][ T7065] loop3: detected capacity change from 0 to 2048
[   98.208694][ T7082] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7082 comm=syz.0.1286
[   98.277082][ T7092] bridge0: entered allmulticast mode
[   98.294651][ T7092] bridge_slave_1: left allmulticast mode
[   98.322433][ T7092] bridge_slave_1: left promiscuous mode
[   98.336043][ T7092] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.413994][ T7092] bridge_slave_0: left allmulticast mode
[   98.430344][ T7092] bridge_slave_0: left promiscuous mode
[   98.451085][ T7092] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.538658][ T7112] netlink: 'syz.3.1297': attribute type 1 has an invalid length.
[   98.548665][ T7113] netlink: 'syz.3.1297': attribute type 1 has an invalid length.
[   98.603521][ T7119] loop4: detected capacity change from 0 to 128
[   98.632149][ T7119] syz.4.1299: attempt to access beyond end of device
[   98.632149][ T7119] loop4: rw=0, sector=121, nr_sectors = 120 limit=128
[   98.633390][ T7113] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[   98.650937][ T7112] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[   98.700160][  T110] kworker/u8:4: attempt to access beyond end of device
[   98.700160][  T110] loop4: rw=1, sector=241, nr_sectors = 800 limit=128
[   98.738760][ T7125] loop3: detected capacity change from 0 to 2048
[   98.751935][ T7123] vhci_hcd: invalid port number 96
[   98.757142][ T7123] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   98.788076][ T7125] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.868295][ T7125] ext4 filesystem being mounted at /234/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   99.025697][ T7125] syzkaller0: entered promiscuous mode
[   99.031297][ T7125] syzkaller0: entered allmulticast mode
[   99.076144][ T7125] EXT4-fs error (device loop3): __ext4_new_inode:1073: comm syz.3.1301: reserved inode found cleared - inode=1
[   99.179667][ T7159] loop4: detected capacity change from 0 to 512
[   99.188772][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.223566][ T7160] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   99.224050][ T7159] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.241724][ T7160] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   99.268866][ T7166] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1313'.
[   99.278268][ T7159] ext4 filesystem being mounted at /232/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   99.291485][   T29] kauditd_printk_skb: 102 callbacks suppressed
[   99.291575][   T29] audit: type=1326 audit(1754127871.884:4821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7157 comm="syz.1.1312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc49f5eb69 code=0x7ffc0000
[   99.323176][ T7166] FAULT_INJECTION: forcing a failure.
[   99.323176][ T7166] name failslab, interval 1, probability 0, space 0, times 0
[   99.335909][ T7166] CPU: 1 UID: 0 PID: 7166 Comm: syz.3.1313 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[   99.335980][ T7166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   99.335993][ T7166] Call Trace:
[   99.336000][ T7166]  <TASK>
[   99.336007][ T7166]  __dump_stack+0x1d/0x30
[   99.336028][ T7166]  dump_stack_lvl+0xe8/0x140
[   99.336046][ T7166]  dump_stack+0x15/0x1b
[   99.336065][ T7166]  should_fail_ex+0x265/0x280
[   99.336156][ T7166]  ? netdevice_event+0x2ae/0x610
[   99.336257][ T7166]  should_failslab+0x8c/0xb0
[   99.336290][ T7166]  __kmalloc_cache_noprof+0x4c/0x320
[   99.336330][ T7166]  ? __pfx_netdevice_event+0x10/0x10
[   99.336364][ T7166]  netdevice_event+0x2ae/0x610
[   99.336446][ T7166]  ? __pfx_del_netdev_ips+0x10/0x10
[   99.336480][ T7166]  ? __pfx_pass_all_filter+0x10/0x10
[   99.336512][ T7166]  ? __pfx_netdevice_event+0x10/0x10
[   99.336576][ T7166]  raw_notifier_call_chain+0x6f/0x1b0
[   99.336598][ T7166]  ? call_netdevice_notifiers_info+0x9c/0x100
[   99.336706][ T7166]  call_netdevice_notifiers_info+0xae/0x100
[   99.336739][ T7166]  unregister_netdevice_many_notify+0xda9/0x15d0
[   99.336829][ T7166]  ? __pfx_veth_dellink+0x10/0x10
[   99.336857][ T7166]  rtnl_dellink+0x3cb/0x550
[   99.336915][ T7166]  ? selinux_capable+0x31/0x40
[   99.336954][ T7166]  ? security_capable+0x83/0x90
[   99.336982][ T7166]  ? ns_capable+0x7d/0xb0
[   99.337007][ T7166]  ? __pfx_rtnl_dellink+0x10/0x10
[   99.337085][ T7166]  rtnetlink_rcv_msg+0x5fb/0x6d0
[   99.337111][ T7166]  ? avc_has_perm_noaudit+0x1b1/0x200
[   99.337142][ T7166]  netlink_rcv_skb+0x123/0x220
[   99.337263][ T7166]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   99.337367][ T7166]  rtnetlink_rcv+0x1c/0x30
[   99.337393][ T7166]  netlink_unicast+0x5bd/0x690
[   99.337435][ T7166]  netlink_sendmsg+0x58b/0x6b0
[   99.337557][ T7166]  ? __pfx_netlink_sendmsg+0x10/0x10
[   99.337600][ T7166]  __sock_sendmsg+0x142/0x180
[   99.337629][ T7166]  ____sys_sendmsg+0x31e/0x4e0
[   99.337672][ T7166]  ___sys_sendmsg+0x17b/0x1d0
[   99.337775][ T7166]  __x64_sys_sendmsg+0xd4/0x160
[   99.337950][ T7166]  x64_sys_call+0x191e/0x2ff0
[   99.337982][ T7166]  do_syscall_64+0xd2/0x200
[   99.338013][ T7166]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   99.338044][ T7166]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.338070][ T7166] RIP: 0033:0x7f5f553feb69
[   99.338106][ T7166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.338128][ T7166] RSP: 002b:00007f5f53a5f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   99.338151][ T7166] RAX: ffffffffffffffda RBX: 00007f5f55625fa0 RCX: 00007f5f553feb69
[   99.338167][ T7166] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000003
[   99.338183][ T7166] RBP: 00007f5f53a5f090 R08: 0000000000000000 R09: 0000000000000000
[   99.338198][ T7166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.338213][ T7166] R13: 0000000000000000 R14: 00007f5f55625fa0 R15: 00007ffd79c59588
[   99.338315][ T7166]  </TASK>
[   99.635708][   T29] audit: type=1326 audit(1754127871.914:4822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7157 comm="syz.1.1312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fdc49f5eb69 code=0x7ffc0000
[   99.658986][   T29] audit: type=1326 audit(1754127871.914:4823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7157 comm="syz.1.1312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc49f5eb69 code=0x7ffc0000
[   99.682476][   T29] audit: type=1326 audit(1754127871.914:4824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7157 comm="syz.1.1312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc49f5eb69 code=0x7ffc0000
[   99.705888][   T29] audit: type=1326 audit(1754127871.924:4825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7157 comm="syz.1.1312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fdc49f5eb69 code=0x7ffc0000
[   99.729244][   T29] audit: type=1326 audit(1754127871.954:4826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7157 comm="syz.1.1312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc49f5eb69 code=0x7ffc0000
[   99.752727][   T29] audit: type=1326 audit(1754127871.954:4827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7157 comm="syz.1.1312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc49f5eb69 code=0x7ffc0000
[   99.776185][   T29] audit: type=1326 audit(1754127872.224:4828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7170 comm="syz.1.1312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fdc49f91425 code=0x7ffc0000
[   99.807299][ T7174] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=7174 comm=syz.4.1311
[   99.822722][   T29] audit: type=1326 audit(1754127872.394:4829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7170 comm="syz.1.1312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fdc49f5eb69 code=0x7ffc0000
[   99.879614][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.911186][ T7182] loop3: detected capacity change from 0 to 128
[   99.925097][ T7182] loop3: detected capacity change from 0 to 128
[   99.931958][ T7182] vfat: Unknown parameter '
'
[   99.979666][ T7182] vhci_hcd: invalid port number 96
[   99.984901][ T7182] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  100.212079][ T7196] syzkaller0: entered promiscuous mode
[  100.217803][ T7196] syzkaller0: entered allmulticast mode
[  100.306550][ T7214] bridge0: port 3(gretap0) entered blocking state
[  100.313075][ T7214] bridge0: port 3(gretap0) entered disabled state
[  100.349402][ T7214] gretap0: entered allmulticast mode
[  100.359786][ T7214] gretap0: entered promiscuous mode
[  100.372763][ T7214] bridge0: port 3(gretap0) entered blocking state
[  100.379320][ T7214] bridge0: port 3(gretap0) entered forwarding state
[  100.423527][ T7220] loop3: detected capacity change from 0 to 512
[  100.460555][ T7220] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.484553][ T7220] ext4 filesystem being mounted at /237/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.537644][ T7237] FAULT_INJECTION: forcing a failure.
[  100.537644][ T7237] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.550855][ T7237] CPU: 0 UID: 0 PID: 7237 Comm: syz.2.1337 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  100.550883][ T7237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  100.550896][ T7237] Call Trace:
[  100.550904][ T7237]  <TASK>
[  100.550913][ T7237]  __dump_stack+0x1d/0x30
[  100.550938][ T7237]  dump_stack_lvl+0xe8/0x140
[  100.550994][ T7237]  dump_stack+0x15/0x1b
[  100.551015][ T7237]  should_fail_ex+0x265/0x280
[  100.551057][ T7237]  should_fail+0xb/0x20
[  100.551091][ T7237]  should_fail_usercopy+0x1a/0x20
[  100.551185][ T7237]  _copy_from_user+0x1c/0xb0
[  100.551215][ T7237]  kstrtouint_from_user+0x69/0xf0
[  100.551234][ T7237]  ? 0xffffffff81000000
[  100.551247][ T7237]  ? selinux_file_permission+0x1e4/0x320
[  100.551333][ T7237]  proc_fail_nth_write+0x50/0x160
[  100.551367][ T7237]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  100.551474][ T7237]  vfs_write+0x266/0x8e0
[  100.551501][ T7237]  ? vfs_read+0x47f/0x6f0
[  100.551523][ T7237]  ? __rcu_read_unlock+0x4f/0x70
[  100.551602][ T7237]  ? __fget_files+0x184/0x1c0
[  100.551628][ T7237]  ksys_write+0xda/0x1a0
[  100.551660][ T7237]  __x64_sys_write+0x40/0x50
[  100.551681][ T7237]  x64_sys_call+0x27fe/0x2ff0
[  100.551703][ T7237]  do_syscall_64+0xd2/0x200
[  100.551811][ T7237]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  100.551841][ T7237]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  100.551868][ T7237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.551914][ T7237] RIP: 0033:0x7f2938a7d61f
[  100.551928][ T7237] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  100.551948][ T7237] RSP: 002b:00007f29370df030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  100.551971][ T7237] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f2938a7d61f
[  100.551988][ T7237] RDX: 0000000000000001 RSI: 00007f29370df0a0 RDI: 0000000000000004
[  100.552003][ T7237] RBP: 00007f29370df090 R08: 0000000000000000 R09: 0000000000000000
[  100.552017][ T7237] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  100.552028][ T7237] R13: 0000000000000000 R14: 00007f2938ca5fa0 R15: 00007fff4f43f9e8
[  100.552108][ T7237]  </TASK>
[  100.776684][   T29] audit: type=1400 audit(1754127873.154:4830): avc:  denied  { map } for  pid=7219 comm="syz.3.1333" path="/237/file1/cpuset.effective_cpus" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  100.837349][ T7242] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1338'.
[  100.902576][ T7251] 9pnet_fd: Insufficient options for proto=fd
[  100.928010][ T7248] loop4: detected capacity change from 0 to 512
[  100.943255][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.956026][ T7248] EXT4-fs: Ignoring removed mblk_io_submit option
[  100.999694][ T7248] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  101.009277][ T7257] FAULT_INJECTION: forcing a failure.
[  101.009277][ T7257] name failslab, interval 1, probability 0, space 0, times 0
[  101.022285][ T7257] CPU: 0 UID: 0 PID: 7257 Comm: syz.1.1345 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  101.022343][ T7257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  101.022359][ T7257] Call Trace:
[  101.022367][ T7257]  <TASK>
[  101.022377][ T7257]  __dump_stack+0x1d/0x30
[  101.022406][ T7257]  dump_stack_lvl+0xe8/0x140
[  101.022430][ T7257]  dump_stack+0x15/0x1b
[  101.022484][ T7257]  should_fail_ex+0x265/0x280
[  101.022517][ T7257]  should_failslab+0x8c/0xb0
[  101.022608][ T7257]  kmem_cache_alloc_noprof+0x50/0x310
[  101.022643][ T7257]  ? skb_clone+0x151/0x1f0
[  101.022664][ T7257]  skb_clone+0x151/0x1f0
[  101.022681][ T7257]  __netlink_deliver_tap+0x2c9/0x500
[  101.022757][ T7257]  netlink_dump+0x836/0x8a0
[  101.022807][ T7257]  netlink_recvmsg+0x420/0x550
[  101.022863][ T7257]  ? __pfx_netlink_recvmsg+0x10/0x10
[  101.022905][ T7257]  sock_recvmsg+0x136/0x170
[  101.022937][ T7257]  ____sys_recvmsg+0xf5/0x280
[  101.022982][ T7257]  ___sys_recvmsg+0x11f/0x370
[  101.023080][ T7257]  do_recvmmsg+0x1ef/0x540
[  101.023106][ T7257]  ? get_timespec64+0xc9/0x100
[  101.023126][ T7257]  __x64_sys_recvmmsg+0xfb/0x170
[  101.023238][ T7257]  x64_sys_call+0x27a6/0x2ff0
[  101.023294][ T7257]  do_syscall_64+0xd2/0x200
[  101.023366][ T7257]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.023398][ T7257]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  101.023420][ T7257]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.023441][ T7257] RIP: 0033:0x7fdc49f5eb69
[  101.023456][ T7257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.023475][ T7257] RSP: 002b:00007fdc485c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  101.023572][ T7257] RAX: ffffffffffffffda RBX: 00007fdc4a185fa0 RCX: 00007fdc49f5eb69
[  101.023585][ T7257] RDX: 04000000000003b4 RSI: 00002000000037c0 RDI: 0000000000000003
[  101.023597][ T7257] RBP: 00007fdc485c7090 R08: 0000200000003700 R09: 0000000000000000
[  101.023609][ T7257] R10: 0000000002040000 R11: 0000000000000246 R12: 0000000000000002
[  101.023621][ T7257] R13: 0000000000000000 R14: 00007fdc4a185fa0 R15: 00007ffdcb63d048
[  101.023770][ T7257]  </TASK>
[  101.243060][ T7253] vhci_hcd: invalid port number 96
[  101.248267][ T7253] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  101.299763][ T7248] EXT4-fs (loop4): 1 truncate cleaned up
[  101.336203][ T7248] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.455662][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.499955][ T7271] netlink: 11 bytes leftover after parsing attributes in process `syz.1.1349'.
[  101.506787][ T7279] 9pnet_fd: Insufficient options for proto=fd
[  101.563439][ T7289] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1355'.
[  101.613727][ T7298] FAULT_INJECTION: forcing a failure.
[  101.613727][ T7298] name failslab, interval 1, probability 0, space 0, times 0
[  101.627306][ T7298] CPU: 0 UID: 0 PID: 7298 Comm: syz.4.1361 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  101.627351][ T7298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  101.627364][ T7298] Call Trace:
[  101.627372][ T7298]  <TASK>
[  101.627380][ T7298]  __dump_stack+0x1d/0x30
[  101.627457][ T7298]  dump_stack_lvl+0xe8/0x140
[  101.627564][ T7298]  dump_stack+0x15/0x1b
[  101.627581][ T7298]  should_fail_ex+0x265/0x280
[  101.627622][ T7298]  ? create_io_worker+0x5e/0x370
[  101.627706][ T7298]  should_failslab+0x8c/0xb0
[  101.627737][ T7298]  __kmalloc_cache_noprof+0x4c/0x320
[  101.627776][ T7298]  create_io_worker+0x5e/0x370
[  101.627876][ T7298]  io_wq_enqueue+0x2c1/0x3a0
[  101.627910][ T7298]  ? __pfx_io_wq_work_match_item+0x10/0x10
[  101.627959][ T7298]  io_queue_iowq+0x201/0x2e0
[  101.628020][ T7298]  io_queue_sqe_fallback+0xe6/0x140
[  101.628051][ T7298]  io_submit_sqes+0xc1d/0x1050
[  101.628102][ T7298]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  101.628165][ T7298]  ? 0xffffffff81000000
[  101.628180][ T7298]  ? __rcu_read_unlock+0x4f/0x70
[  101.628200][ T7298]  ? get_pid_task+0x96/0xd0
[  101.628223][ T7298]  ? proc_fail_nth_write+0x13b/0x160
[  101.628309][ T7298]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  101.628343][ T7298]  ? vfs_write+0x75e/0x8e0
[  101.628367][ T7298]  ? __rcu_read_unlock+0x4f/0x70
[  101.628392][ T7298]  ? __fget_files+0x184/0x1c0
[  101.628453][ T7298]  ? fput+0x8f/0xc0
[  101.628618][ T7298]  __x64_sys_io_uring_enter+0x78/0x90
[  101.628657][ T7298]  x64_sys_call+0x2de1/0x2ff0
[  101.628682][ T7298]  do_syscall_64+0xd2/0x200
[  101.628771][ T7298]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.628811][ T7298]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  101.628831][ T7298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.628852][ T7298] RIP: 0033:0x7fd29ec9eb69
[  101.628870][ T7298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.628891][ T7298] RSP: 002b:00007fd29d2ff038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  101.628936][ T7298] RAX: ffffffffffffffda RBX: 00007fd29eec5fa0 RCX: 00007fd29ec9eb69
[  101.628949][ T7298] RDX: 0000000000000000 RSI: 00000000000047f8 RDI: 0000000000000003
[  101.628964][ T7298] RBP: 00007fd29d2ff090 R08: 0000000000000000 R09: 0000000000000000
[  101.628978][ T7298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.629031][ T7298] R13: 0000000000000000 R14: 00007fd29eec5fa0 R15: 00007fff1f80c638
[  101.629056][ T7298]  </TASK>
[  101.924260][ T7313] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1364'.
[  101.961930][ T7315] smc: net device bond0 applied user defined pnetid SYZ0
[  101.980383][ T7315] smc: net device bond0 erased user defined pnetid SYZ0
[  102.000279][ T7306] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1363'.
[  102.023812][ T7325] loop4: detected capacity change from 0 to 256
[  102.032275][ T7317] vhci_hcd: invalid port number 96
[  102.037493][ T7317] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  102.046782][ T7325] FAT-fs (loop4): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  102.057686][ T7324] loop3: detected capacity change from 0 to 512
[  102.071358][ T7324] EXT4-fs: quotafile must be on filesystem root
[  102.093401][ T7327] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1369'.
[  102.426339][ T7347] wireguard0: entered promiscuous mode
[  102.431981][ T7347] wireguard0: entered allmulticast mode
[  102.636541][ T7370] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1385'.
[  102.831826][ T7374] syzkaller0: entered promiscuous mode
[  102.837403][ T7374] syzkaller0: entered allmulticast mode
[  103.039431][   T23] Process accounting resumed
[  103.108680][ T7398] Process accounting resumed
[  103.231493][ T7417] loop3: detected capacity change from 0 to 2048
[  103.298546][ T7417] FAT-fs (loop3): error, fat_get_cluster: detected the cluster chain loop (i_pos 1)
[  103.308070][ T7417] FAT-fs (loop3): Filesystem has been set read-only
[  103.311969][ T7419] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1404'.
[  103.592384][ T7426] syzkaller0: entered promiscuous mode
[  103.598129][ T7426] syzkaller0: entered allmulticast mode
[  103.632584][ T7433] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.741167][ T7433] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.826620][ T7450] loop3: detected capacity change from 0 to 512
[  103.842017][ T7450] EXT4-fs: Ignoring removed mblk_io_submit option
[  103.852129][ T7433] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.880107][ T7450] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  103.921916][ T7450] EXT4-fs (loop3): 1 truncate cleaned up
[  103.940186][ T7433] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.957238][ T7450] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.056259][ T2155] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  104.084756][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.109136][ T7460] netlink: 7 bytes leftover after parsing attributes in process `syz.0.1417'.
[  104.127487][ T7462] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  104.134070][ T7462] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  104.136623][ T2155] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  104.141654][ T7462] vhci_hcd vhci_hcd.0: Device attached
[  104.166522][ T2155] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  104.166866][ T7460] netlink: 7 bytes leftover after parsing attributes in process `syz.0.1417'.
[  104.184093][ T2155] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  104.260407][ T7463] vhci_hcd: connection closed
[  104.261559][ T2492] vhci_hcd: stop threads
[  104.270781][ T2492] vhci_hcd: release socket
[  104.275228][ T2492] vhci_hcd: disconnect device
[  104.493661][   T29] kauditd_printk_skb: 426 callbacks suppressed
[  104.493676][   T29] audit: type=1400 audit(1754127877.084:5255): avc:  denied  { read } for  pid=7490 comm="syz.3.1428" name="event1" dev="devtmpfs" ino=243 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  104.523253][   T29] audit: type=1400 audit(1754127877.084:5256): avc:  denied  { open } for  pid=7490 comm="syz.3.1428" path="/dev/input/event1" dev="devtmpfs" ino=243 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  104.638118][ T7493] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.753919][ T7499] FAULT_INJECTION: forcing a failure.
[  104.753919][ T7499] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  104.767763][ T7499] CPU: 0 UID: 0 PID: 7499 Comm: GPL Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  104.767799][ T7499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  104.767815][ T7499] Call Trace:
[  104.767821][ T7499]  <TASK>
[  104.767829][ T7499]  __dump_stack+0x1d/0x30
[  104.767849][ T7499]  dump_stack_lvl+0xe8/0x140
[  104.767868][ T7499]  dump_stack+0x15/0x1b
[  104.767962][ T7499]  should_fail_ex+0x265/0x280
[  104.768005][ T7499]  should_fail+0xb/0x20
[  104.768040][ T7499]  should_fail_usercopy+0x1a/0x20
[  104.768058][ T7499]  _copy_from_iter+0xcf/0xe40
[  104.768149][ T7499]  ? __build_skb_around+0x1a0/0x200
[  104.768182][ T7499]  ? __alloc_skb+0x223/0x320
[  104.768211][ T7499]  netlink_sendmsg+0x471/0x6b0
[  104.768299][ T7499]  ? __pfx_netlink_sendmsg+0x10/0x10
[  104.768333][ T7499]  __sock_sendmsg+0x142/0x180
[  104.768381][ T7499]  ____sys_sendmsg+0x31e/0x4e0
[  104.768451][ T7499]  ___sys_sendmsg+0x17b/0x1d0
[  104.768501][ T7499]  __x64_sys_sendmsg+0xd4/0x160
[  104.768540][ T7499]  x64_sys_call+0x191e/0x2ff0
[  104.768598][ T7499]  do_syscall_64+0xd2/0x200
[  104.768627][ T7499]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  104.768735][ T7499]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  104.768790][ T7499]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.768856][ T7499] RIP: 0033:0x7f5f553feb69
[  104.768871][ T7499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.768930][ T7499] RSP: 002b:00007f5f53a1d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  104.768948][ T7499] RAX: ffffffffffffffda RBX: 00007f5f55626160 RCX: 00007f5f553feb69
[  104.768959][ T7499] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000009
[  104.768971][ T7499] RBP: 00007f5f53a1d090 R08: 0000000000000000 R09: 0000000000000000
[  104.769040][ T7499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.769055][ T7499] R13: 0000000000000000 R14: 00007f5f55626160 R15: 00007ffd79c59588
[  104.769096][ T7499]  </TASK>
[  105.088302][ T7493] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.128354][ T7493] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.138389][   T29] audit: type=1400 audit(1754127877.724:5257): avc:  denied  { mount } for  pid=7501 comm="syz.0.1430" name="/" dev="configfs" ino=2139 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  105.161910][   T29] audit: type=1400 audit(1754127877.724:5258): avc:  denied  { search } for  pid=7501 comm="syz.0.1430" name="/" dev="configfs" ino=2139 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  105.184442][   T29] audit: type=1400 audit(1754127877.724:5259): avc:  denied  { search } for  pid=7501 comm="syz.0.1430" name="/" dev="configfs" ino=2139 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  105.207510][   T29] audit: type=1400 audit(1754127877.724:5260): avc:  denied  { read open } for  pid=7501 comm="syz.0.1430" path="/" dev="configfs" ino=2139 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  105.261236][ T7506] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1433'.
[  105.265727][   T29] audit: type=1400 audit(1754127877.854:5261): avc:  denied  { create } for  pid=7505 comm="syz.0.1433" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  105.290643][   T29] audit: type=1400 audit(1754127877.854:5262): avc:  denied  { ioctl } for  pid=7505 comm="syz.0.1433" path="socket:[20881]" dev="sockfs" ino=20881 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  105.379319][ T7493] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.485149][ T7508] syzkaller0: entered promiscuous mode
[  105.490982][ T7508] syzkaller0: entered allmulticast mode
[  105.603298][ T2155] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.626793][   T29] audit: type=1326 audit(1754127878.194:5263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7528 comm="syz.3.1441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f553feb69 code=0x7ffc0000
[  105.651101][   T29] audit: type=1326 audit(1754127878.194:5264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7528 comm="syz.3.1441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f553feb69 code=0x7ffc0000
[  105.660834][ T2155] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.746485][ T2155] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.782562][   T37] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  106.652567][ T7545] loop3: detected capacity change from 0 to 128
[  106.779289][ T7545] loop3: detected capacity change from 0 to 128
[  106.809473][ T7545] vfat: Unknown parameter '
'
[  106.939478][ T7549] vhci_hcd: invalid port number 96
[  106.944756][ T7549] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  107.057529][ T7551] vhci_hcd: invalid port number 96
[  107.062708][ T7551] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  107.560255][ T7563] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1452'.
[  107.766627][ T7579] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1459'.
[  107.800597][ T7579] bridge0: entered promiscuous mode
[  107.830023][ T7579] bond0: entered promiscuous mode
[  107.835188][ T7579] bond_slave_0: entered promiscuous mode
[  107.841662][ T7579] bond_slave_1: entered promiscuous mode
[  107.882878][ T7579] dummy0: entered promiscuous mode
[  107.895663][ T7579] hsr1: Slave A (bridge0) is not up; please bring it up to get a fully working HSR network
[  107.906411][ T7579] hsr1: Slave B (bond0) is not up; please bring it up to get a fully working HSR network
[  107.929620][ T7579] hsr1: entered allmulticast mode
[  107.934713][ T7579] bridge0: entered allmulticast mode
[  107.940674][ T7579] bond0: entered allmulticast mode
[  107.945807][ T7579] bond_slave_0: entered allmulticast mode
[  107.951716][ T7579] bond_slave_1: entered allmulticast mode
[  108.011282][ T7579] dummy0: entered allmulticast mode
[  108.159915][ T7601] atomic_op ffff888104c4d528 conn xmit_atomic 0000000000000000
[  108.256925][ T7617] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1473'.
[  108.389908][ T7632] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1477'.
[  108.419843][ T7627] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(16)
[  108.426554][ T7627] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  108.434302][ T7627] vhci_hcd vhci_hcd.0: Device attached
[  108.475160][ T7641] IPVS: Error connecting to the multicast addr
[  108.494458][ T7637] vhci_hcd: connection closed
[  108.494891][ T2492] vhci_hcd: stop threads
[  108.504671][ T2492] vhci_hcd: release socket
[  108.509147][ T2492] vhci_hcd: disconnect device
[  108.546793][ T7643] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1 sclass=netlink_route_socket pid=7643 comm=syz.1.1481
[  108.735882][ T7665] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1488'.
[  108.802169][ T7662] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1486'.
[  108.817178][ T7665] FAULT_INJECTION: forcing a failure.
[  108.817178][ T7665] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  108.830308][ T7665] CPU: 1 UID: 0 PID: 7665 Comm: syz.3.1488 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  108.830341][ T7665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  108.830354][ T7665] Call Trace:
[  108.830362][ T7665]  <TASK>
[  108.830370][ T7665]  __dump_stack+0x1d/0x30
[  108.830509][ T7665]  dump_stack_lvl+0xe8/0x140
[  108.830530][ T7665]  dump_stack+0x15/0x1b
[  108.830548][ T7665]  should_fail_ex+0x265/0x280
[  108.830584][ T7665]  should_fail+0xb/0x20
[  108.830669][ T7665]  should_fail_usercopy+0x1a/0x20
[  108.830689][ T7665]  _copy_from_iter+0xcf/0xe40
[  108.830765][ T7665]  ? __build_skb_around+0x1a0/0x200
[  108.830796][ T7665]  ? __alloc_skb+0x223/0x320
[  108.830829][ T7665]  netlink_sendmsg+0x471/0x6b0
[  108.830902][ T7665]  ? __pfx_netlink_sendmsg+0x10/0x10
[  108.830937][ T7665]  __sock_sendmsg+0x142/0x180
[  108.831011][ T7665]  ____sys_sendmsg+0x31e/0x4e0
[  108.831049][ T7665]  ___sys_sendmsg+0x17b/0x1d0
[  108.831100][ T7665]  __x64_sys_sendmsg+0xd4/0x160
[  108.831139][ T7665]  x64_sys_call+0x191e/0x2ff0
[  108.831176][ T7665]  do_syscall_64+0xd2/0x200
[  108.831200][ T7665]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  108.831225][ T7665]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  108.831248][ T7665]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.831298][ T7665] RIP: 0033:0x7f5f553feb69
[  108.831374][ T7665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.831394][ T7665] RSP: 002b:00007f5f53a5f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  108.831416][ T7665] RAX: ffffffffffffffda RBX: 00007f5f55625fa0 RCX: 00007f5f553feb69
[  108.831429][ T7665] RDX: 0000000000000000 RSI: 0000200000000680 RDI: 0000000000000003
[  108.831442][ T7665] RBP: 00007f5f53a5f090 R08: 0000000000000000 R09: 0000000000000000
[  108.831511][ T7665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  108.831594][ T7665] R13: 0000000000000000 R14: 00007f5f55625fa0 R15: 00007ffd79c59588
[  108.831615][ T7665]  </TASK>
[  109.116825][ T7672] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1489'.
[  109.182069][ T7672] batadv0: entered promiscuous mode
[  109.209890][ T7672] macvtap1: entered promiscuous mode
[  109.215328][ T7672] macvtap1: entered allmulticast mode
[  109.221650][ T7672] batadv0: entered allmulticast mode
[  109.260295][ T7672] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  109.301955][ T7678] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1491'.
[  109.350498][ T7686] vhci_hcd: invalid port number 96
[  109.355688][ T7686] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  109.562407][   T29] kauditd_printk_skb: 84 callbacks suppressed
[  109.562425][   T29] audit: type=1400 audit(1754127882.154:5349): avc:  denied  { create } for  pid=7703 comm="syz.1.1503" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  109.562870][ T7704] FAULT_INJECTION: forcing a failure.
[  109.562870][ T7704] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  109.602187][ T7704] CPU: 0 UID: 0 PID: 7704 Comm: syz.1.1503 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  109.602222][ T7704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  109.602286][ T7704] Call Trace:
[  109.602293][ T7704]  <TASK>
[  109.602301][ T7704]  __dump_stack+0x1d/0x30
[  109.602324][ T7704]  dump_stack_lvl+0xe8/0x140
[  109.602349][ T7704]  dump_stack+0x15/0x1b
[  109.602435][ T7704]  should_fail_ex+0x265/0x280
[  109.602478][ T7704]  should_fail+0xb/0x20
[  109.602573][ T7704]  should_fail_usercopy+0x1a/0x20
[  109.602665][ T7704]  _copy_from_user+0x1c/0xb0
[  109.602696][ T7704]  ____sys_sendmsg+0x1c5/0x4e0
[  109.602792][ T7704]  ___sys_sendmsg+0x17b/0x1d0
[  109.602845][ T7704]  __x64_sys_sendmsg+0xd4/0x160
[  109.602909][ T7704]  x64_sys_call+0x191e/0x2ff0
[  109.602930][ T7704]  do_syscall_64+0xd2/0x200
[  109.602953][ T7704]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  109.602982][ T7704]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  109.603044][ T7704]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.603073][ T7704] RIP: 0033:0x7fdc49f5eb69
[  109.603092][ T7704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.603148][ T7704] RSP: 002b:00007fdc485c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  109.603172][ T7704] RAX: ffffffffffffffda RBX: 00007fdc4a185fa0 RCX: 00007fdc49f5eb69
[  109.603188][ T7704] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000006
[  109.603204][ T7704] RBP: 00007fdc485c7090 R08: 0000000000000000 R09: 0000000000000000
[  109.603217][ T7704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.603291][ T7704] R13: 0000000000000000 R14: 00007fdc4a185fa0 R15: 00007ffdcb63d048
[  109.603313][ T7704]  </TASK>
[  110.001809][   T29] audit: type=1400 audit(1754127882.594:5350): avc:  denied  { create } for  pid=7714 comm="syz.1.1509" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  110.014351][ T7722] FAULT_INJECTION: forcing a failure.
[  110.014351][ T7722] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  110.035766][ T7722] CPU: 0 UID: 0 PID: 7722 Comm: syz.2.1511 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  110.035825][ T7722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  110.035842][ T7722] Call Trace:
[  110.035849][ T7722]  <TASK>
[  110.035856][ T7722]  __dump_stack+0x1d/0x30
[  110.035877][ T7722]  dump_stack_lvl+0xe8/0x140
[  110.035895][ T7722]  dump_stack+0x15/0x1b
[  110.035994][ T7722]  should_fail_ex+0x265/0x280
[  110.036029][ T7722]  should_fail+0xb/0x20
[  110.036058][ T7722]  should_fail_usercopy+0x1a/0x20
[  110.036149][ T7722]  _copy_to_user+0x20/0xa0
[  110.036179][ T7722]  simple_read_from_buffer+0xb5/0x130
[  110.036208][ T7722]  proc_fail_nth_read+0x10e/0x150
[  110.036250][ T7722]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  110.036281][ T7722]  vfs_read+0x1a0/0x6f0
[  110.036321][ T7722]  ? __rcu_read_unlock+0x4f/0x70
[  110.036396][ T7722]  ? __fget_files+0x184/0x1c0
[  110.036435][ T7722]  ksys_read+0xda/0x1a0
[  110.036462][ T7722]  __x64_sys_read+0x40/0x50
[  110.036505][ T7722]  x64_sys_call+0x27bc/0x2ff0
[  110.036529][ T7722]  do_syscall_64+0xd2/0x200
[  110.036554][ T7722]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  110.036584][ T7722]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  110.036621][ T7722]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.036644][ T7722] RIP: 0033:0x7f2938a7d57c
[  110.036662][ T7722] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  110.036758][ T7722] RSP: 002b:00007f29370df030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  110.036783][ T7722] RAX: ffffffffffffffda RBX: 00007f2938ca5fa0 RCX: 00007f2938a7d57c
[  110.036800][ T7722] RDX: 000000000000000f RSI: 00007f29370df0a0 RDI: 0000000000000003
[  110.036823][ T7722] RBP: 00007f29370df090 R08: 0000000000000000 R09: 0000000000000000
[  110.036839][ T7722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.036904][ T7722] R13: 0000000000000000 R14: 00007f2938ca5fa0 R15: 00007fff4f43f9e8
[  110.036929][ T7722]  </TASK>
[  110.047351][ T7719] FAULT_INJECTION: forcing a failure.
[  110.047351][ T7719] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  110.227731][   T29] audit: type=1400 audit(1754127882.614:5351): avc:  denied  { ioctl } for  pid=7714 comm="syz.1.1509" path="/dev/raw-gadget" dev="devtmpfs" ino=142 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  110.235381][ T7719] CPU: 1 UID: 0 PID: 7719 Comm: syz.1.1509 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  110.235462][ T7719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  110.235479][ T7719] Call Trace:
[  110.235490][ T7719]  <TASK>
[  110.235502][ T7719]  __dump_stack+0x1d/0x30
[  110.235557][ T7719]  dump_stack_lvl+0xe8/0x140
[  110.235585][ T7719]  dump_stack+0x15/0x1b
[  110.235617][ T7719]  should_fail_ex+0x265/0x280
[  110.235701][ T7719]  should_fail+0xb/0x20
[  110.235740][ T7719]  should_fail_usercopy+0x1a/0x20
[  110.235766][ T7719]  _copy_from_iter+0xcf/0xe40
[  110.235796][ T7719]  ? __build_skb_around+0x1a0/0x200
[  110.235906][ T7719]  ? __alloc_skb+0x223/0x320
[  110.235948][ T7719]  netlink_sendmsg+0x471/0x6b0
[  110.235997][ T7719]  ? __pfx_netlink_sendmsg+0x10/0x10
[  110.236059][ T7719]  __sock_sendmsg+0x142/0x180
[  110.236094][ T7719]  ____sys_sendmsg+0x31e/0x4e0
[  110.236141][ T7719]  ___sys_sendmsg+0x17b/0x1d0
[  110.236220][ T7719]  __x64_sys_sendmsg+0xd4/0x160
[  110.236272][ T7719]  x64_sys_call+0x191e/0x2ff0
[  110.236301][ T7719]  do_syscall_64+0xd2/0x200
[  110.236414][ T7719]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  110.236476][ T7719]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  110.236505][ T7719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.236616][ T7719] RIP: 0033:0x7fdc49f5eb69
[  110.236640][ T7719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.236737][ T7719] RSP: 002b:00007fdc485a6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  110.236763][ T7719] RAX: ffffffffffffffda RBX: 00007fdc4a186080 RCX: 00007fdc49f5eb69
[  110.236780][ T7719] RDX: 0000000004000000 RSI: 0000200000000280 RDI: 0000000000000009
[  110.236798][ T7719] RBP: 00007fdc485a6090 R08: 0000000000000000 R09: 0000000000000000
[  110.236815][ T7719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.236832][ T7719] R13: 0000000000000000 R14: 00007fdc4a186080 R15: 00007ffdcb63d048
[  110.236859][ T7719]  </TASK>
[  110.554661][ T7726] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1513'.
[  110.576222][ T7729] netlink: 'syz.4.1508': attribute type 4 has an invalid length.
[  110.720024][ T7715] 9pnet: Could not find request transport: 0xffffffffffffffff
[  111.079479][   T29] audit: type=1400 audit(1754127883.144:5352): avc:  denied  { write } for  pid=7731 comm="syz.2.1515" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  111.099186][   T29] audit: type=1400 audit(1754127883.154:5353): avc:  denied  { mount } for  pid=7725 comm="syz.4.1508" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  111.121377][   T29] audit: type=1326 audit(1754127883.604:5354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7743 comm="syz.2.1517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2938a7eb69 code=0x7ffc0000
[  111.144899][   T29] audit: type=1326 audit(1754127883.604:5355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7743 comm="syz.2.1517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2938a7eb69 code=0x7ffc0000
[  111.168370][   T29] audit: type=1326 audit(1754127883.614:5356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7743 comm="syz.2.1517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f2938a7eb69 code=0x7ffc0000
[  111.191920][   T29] audit: type=1326 audit(1754127883.614:5357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7743 comm="syz.2.1517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2938a7eb69 code=0x7ffc0000
[  111.215399][   T29] audit: type=1326 audit(1754127883.614:5358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7743 comm="syz.2.1517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2938a7eb69 code=0x7ffc0000
[  111.337276][ T7750] loop4: detected capacity change from 0 to 512
[  111.393571][ T7750] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.448068][ T7750] ext4 filesystem being mounted at /269/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  111.486133][ T7765] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1525'.
[  111.605757][ T7771] vhci_hcd: invalid port number 96
[  111.611009][ T7771] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  111.653208][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.971659][ T7794] geneve1 speed is unknown, defaulting to 1000
[  111.978811][ T7794] geneve1 speed is unknown, defaulting to 1000
[  111.985498][ T7794] geneve1 speed is unknown, defaulting to 1000
[  112.047172][ T7794] infiniband syz1: set active
[  112.051902][ T7794] infiniband syz1: added geneve1
[  112.060194][ T3404] geneve1 speed is unknown, defaulting to 1000
[  112.079606][ T7794] RDS/IB: syz1: added
[  112.083765][ T7794] smc: adding ib device syz1 with port count 1
[  112.090036][ T7794] smc:    ib device syz1 port 1 has pnetid 
[  112.097073][ T7794] geneve1 speed is unknown, defaulting to 1000
[  112.157926][ T7794] geneve1 speed is unknown, defaulting to 1000
[  112.219840][ T7794] geneve1 speed is unknown, defaulting to 1000
[  112.267407][ T7794] geneve1 speed is unknown, defaulting to 1000
[  112.302383][ T3404] geneve1 speed is unknown, defaulting to 1000
[  112.358689][ T7794] geneve1 speed is unknown, defaulting to 1000
[  112.593962][ T7811] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1540'.
[  112.640387][ T7813] loop4: detected capacity change from 0 to 512
[  112.661303][ T7813] EXT4-fs: Ignoring removed mblk_io_submit option
[  112.680445][ T7812] loop3: detected capacity change from 0 to 512
[  112.692570][ T7803] syzkaller0: entered promiscuous mode
[  112.698280][ T7803] syzkaller0: entered allmulticast mode
[  112.724438][ T7813] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  112.786637][ T7813] EXT4-fs (loop4): 1 truncate cleaned up
[  112.821198][ T7813] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.941974][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.043745][ T7845] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1551'.
[  113.053877][ T7845] bridge_slave_1: left allmulticast mode
[  113.059787][ T7845] bridge_slave_1: left promiscuous mode
[  113.065560][ T7845] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.077814][ T7845] bridge_slave_0: left allmulticast mode
[  113.083590][ T7845] bridge_slave_0: left promiscuous mode
[  113.089337][ T7845] bridge0: port 1(bridge_slave_0) entered disabled state
[  113.120332][ T7846] vhci_hcd: invalid port number 96
[  113.125526][ T7846] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  113.133015][ T7845] bridge0 (unregistering): left promiscuous mode
[  113.154625][ T7853] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1553'.
[  113.163705][ T7853] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1553'.
[  113.330829][ T7865] loop4: detected capacity change from 0 to 2048
[  113.352589][ T7865] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.401143][ T7865] ext4 filesystem being mounted at /276/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.514058][ T7877] loop3: detected capacity change from 0 to 2048
[  113.584172][ T7865] syzkaller0: entered promiscuous mode
[  113.589798][ T7865] syzkaller0: entered allmulticast mode
[  113.647654][ T7865] EXT4-fs error (device loop4): __ext4_new_inode:1073: comm syz.4.1557: reserved inode found cleared - inode=1
[  113.706181][ T7894] netlink: 71 bytes leftover after parsing attributes in process `syz.0.1567'.
[  113.791021][ T7906] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1571'.
[  113.822231][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.933507][ T7912] vhci_hcd: invalid port number 96
[  113.938716][ T7912] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  114.182359][ T7930] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1574'.
[  114.216173][ T7928] loop3: detected capacity change from 0 to 2048
[  114.307979][ T7929] FAULT_INJECTION: forcing a failure.
[  114.307979][ T7929] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  114.321190][ T7929] CPU: 0 UID: 0 PID: 7929 Comm: syz.0.1578 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  114.321218][ T7929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  114.321230][ T7929] Call Trace:
[  114.321238][ T7929]  <TASK>
[  114.321248][ T7929]  __dump_stack+0x1d/0x30
[  114.321303][ T7929]  dump_stack_lvl+0xe8/0x140
[  114.321328][ T7929]  dump_stack+0x15/0x1b
[  114.321348][ T7929]  should_fail_ex+0x265/0x280
[  114.321380][ T7929]  should_fail+0xb/0x20
[  114.321450][ T7929]  should_fail_usercopy+0x1a/0x20
[  114.321495][ T7929]  _copy_from_iter+0xcf/0xe40
[  114.321516][ T7929]  ? __build_skb_around+0x1a0/0x200
[  114.321599][ T7929]  ? __alloc_skb+0x223/0x320
[  114.321634][ T7929]  netlink_sendmsg+0x471/0x6b0
[  114.321675][ T7929]  ? __pfx_netlink_sendmsg+0x10/0x10
[  114.321746][ T7929]  __sock_sendmsg+0x142/0x180
[  114.321774][ T7929]  ____sys_sendmsg+0x31e/0x4e0
[  114.321808][ T7929]  ___sys_sendmsg+0x17b/0x1d0
[  114.321862][ T7929]  __x64_sys_sendmsg+0xd4/0x160
[  114.321959][ T7929]  x64_sys_call+0x191e/0x2ff0
[  114.321986][ T7929]  do_syscall_64+0xd2/0x200
[  114.322009][ T7929]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  114.322038][ T7929]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  114.322121][ T7929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.322205][ T7929] RIP: 0033:0x7f46707ceb69
[  114.322224][ T7929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.322245][ T7929] RSP: 002b:00007f466ee37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  114.322263][ T7929] RAX: ffffffffffffffda RBX: 00007f46709f5fa0 RCX: 00007f46707ceb69
[  114.322336][ T7929] RDX: 0000000000000000 RSI: 000020000000c2c0 RDI: 0000000000000003
[  114.322352][ T7929] RBP: 00007f466ee37090 R08: 0000000000000000 R09: 0000000000000000
[  114.322368][ T7929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  114.322384][ T7929] R13: 0000000000000000 R14: 00007f46709f5fa0 R15: 00007ffcf8edb378
[  114.322437][ T7929]  </TASK>
[  114.726347][   T29] kauditd_printk_skb: 80 callbacks suppressed
[  114.732612][   T29] audit: type=1326 audit(1754127887.304:5437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7931 comm="syz.0.1579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46707ceb69 code=0x7ffc0000
[  114.756960][   T29] audit: type=1326 audit(1754127887.304:5438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7931 comm="syz.0.1579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46707ceb69 code=0x7ffc0000
[  114.780536][   T29] audit: type=1326 audit(1754127887.314:5439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7931 comm="syz.0.1579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46707ceb69 code=0x7ffc0000
[  114.804689][   T29] audit: type=1326 audit(1754127887.314:5440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7931 comm="syz.0.1579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46707ceb69 code=0x7ffc0000
[  114.829001][   T29] audit: type=1326 audit(1754127887.314:5441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7931 comm="syz.0.1579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46707ceb69 code=0x7ffc0000
[  114.852422][   T29] audit: type=1326 audit(1754127887.314:5442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7931 comm="syz.0.1579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46707ceb69 code=0x7ffc0000
[  114.876566][   T29] audit: type=1326 audit(1754127887.314:5443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7931 comm="syz.0.1579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46707ceb69 code=0x7ffc0000
[  114.899977][   T29] audit: type=1326 audit(1754127887.314:5444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7931 comm="syz.0.1579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46707ceb69 code=0x7ffc0000
[  114.924190][   T29] audit: type=1326 audit(1754127887.314:5445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7931 comm="syz.0.1579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f46707ceb69 code=0x7ffc0000
[  114.948305][   T29] audit: type=1326 audit(1754127887.314:5446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7931 comm="syz.0.1579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46707ceb69 code=0x7ffc0000
[  115.612874][ T7952] syzkaller0: entered promiscuous mode
[  115.618528][ T7952] syzkaller0: entered allmulticast mode
[  115.755755][ T7967] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1591'.
[  115.765460][ T7967] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1591'.
[  115.774533][ T7967] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1591'.
[  115.807934][ T7968] netlink: 'syz.1.1591': attribute type 10 has an invalid length.
[  115.837344][ T7967] netlink: 'syz.1.1591': attribute type 6 has an invalid length.
[  115.858426][ T7968] bond0: (slave dummy0): Releasing backup interface
[  115.865828][ T7970] netlink: 'syz.1.1591': attribute type 10 has an invalid length.
[  115.894840][ T7968] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  115.920786][ T7968] team0: Failed to send options change via netlink (err -105)
[  115.928371][ T7968] team0: Port device dummy0 added
[  115.988277][ T7970] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  116.020727][ T7970] team0: Failed to send options change via netlink (err -105)
[  116.037250][ T7970] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  116.046493][ T7970] team0: Port device dummy0 removed
[  116.054245][ T7970] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  116.066150][ T7965] lo speed is unknown, defaulting to 1000
[  116.073958][ T7965] geneve1 speed is unknown, defaulting to 1000
[  116.145192][ T7993] geneve0: entered promiscuous mode
[  116.151425][ T7993] geneve0: entered allmulticast mode
[  116.169921][ T7983] tipc: Started in network mode
[  116.174914][ T7983] tipc: Node identity ac141413, cluster identity 4711
[  116.181982][ T7983] tipc: New replicast peer: 10.1.1.2
[  116.187422][ T7983] tipc: Enabled bearer <udp:syz2>, priority 10
[  116.485308][ T8018] syzkaller0: entered promiscuous mode
[  116.490958][ T8018] syzkaller0: entered allmulticast mode
[  116.610691][ T8020] syzkaller0: entered promiscuous mode
[  116.616238][ T8020] syzkaller0: entered allmulticast mode
[  116.697715][ T8033] cgroup: Invalid name
[  116.783856][ T8040] loop3: detected capacity change from 0 to 512
[  116.814732][ T8046] SELinux:  Context system_u:object_r:fonts_t:s0 is not valid (left unmapped).
[  116.855877][ T8040] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.896855][ T8040] ext4 filesystem being mounted at /297/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  117.051746][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.072786][ T8067] FAULT_INJECTION: forcing a failure.
[  117.072786][ T8067] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  117.086856][ T8067] CPU: 0 UID: 0 PID: 8067 Comm: syz.0.1627 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  117.086895][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  117.086907][ T8067] Call Trace:
[  117.086914][ T8067]  <TASK>
[  117.086924][ T8067]  __dump_stack+0x1d/0x30
[  117.086950][ T8067]  dump_stack_lvl+0xe8/0x140
[  117.087086][ T8067]  dump_stack+0x15/0x1b
[  117.087102][ T8067]  should_fail_ex+0x265/0x280
[  117.087135][ T8067]  should_fail_alloc_page+0xf2/0x100
[  117.087169][ T8067]  __alloc_frozen_pages_noprof+0xff/0x360
[  117.087283][ T8067]  alloc_pages_mpol+0xb3/0x250
[  117.087409][ T8067]  alloc_pages_noprof+0x90/0x130
[  117.087449][ T8067]  pte_alloc_one+0x2d/0x120
[  117.087475][ T8067]  __pte_alloc+0x32/0x2b0
[  117.087530][ T8067]  handle_mm_fault+0x1c55/0x2c20
[  117.087573][ T8067]  do_user_addr_fault+0x636/0x1090
[  117.087614][ T8067]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  117.087694][ T8067]  exc_page_fault+0x62/0xa0
[  117.087714][ T8067]  asm_exc_page_fault+0x26/0x30
[  117.087740][ T8067] RIP: 0033:0x7f4670690d86
[  117.087759][ T8067] Code: f0 72 6e 48 63 cd 48 01 c1 49 39 4f 08 72 4c 8d 4d ff 85 ed 74 33 66 0f 1f 44 00 00 48 39 f0 72 1b 4d 8b 07 49 89 c1 49 29 f1 <47> 0f b6 0c 08 45 84 c9 74 08 45 88 0c 00 49 8b 47 10 48 83 c0 01
[  117.087777][ T8067] RSP: 002b:00007f466ee364a0 EFLAGS: 00010246
[  117.087866][ T8067] RAX: 0000000000000001 RBX: 00007f466ee36540 RCX: 0000000000000101
[  117.087878][ T8067] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00007f466ee365e0
[  117.087890][ T8067] RBP: 0000000000000102 R08: 00007f4666a17000 R09: 0000000000000000
[  117.087904][ T8067] R10: 0000000000000000 R11: 00007f466ee36550 R12: 0000000000000001
[  117.087916][ T8067] R13: 00007f467086d940 R14: 0000000000000000 R15: 00007f466ee365e0
[  117.087935][ T8067]  </TASK>
[  117.087947][ T8067] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  117.096796][ T8063] netlink: '+}[@': attribute type 1 has an invalid length.
[  117.310164][ T3404] tipc: Node number set to 2886997011
[  117.434927][ T8090] loop4: detected capacity change from 0 to 512
[  117.472036][ T8092] FAULT_INJECTION: forcing a failure.
[  117.472036][ T8092] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  117.486082][ T8092] CPU: 0 UID: 0 PID: 8092 Comm: syz.3.1637 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  117.486152][ T8092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  117.486215][ T8092] Call Trace:
[  117.486229][ T8092]  <TASK>
[  117.486239][ T8092]  __dump_stack+0x1d/0x30
[  117.486266][ T8092]  dump_stack_lvl+0xe8/0x140
[  117.486292][ T8092]  dump_stack+0x15/0x1b
[  117.486428][ T8092]  should_fail_ex+0x265/0x280
[  117.486525][ T8092]  should_fail_alloc_page+0xf2/0x100
[  117.486559][ T8092]  __alloc_frozen_pages_noprof+0xff/0x360
[  117.486606][ T8092]  alloc_pages_mpol+0xb3/0x250
[  117.486661][ T8092]  alloc_migration_target_by_mpol+0x11b/0x280
[  117.486695][ T8092]  migrate_pages_batch+0x300/0x1a30
[  117.486736][ T8092]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[  117.486769][ T8092]  ? __folio_put+0x5e/0x150
[  117.486802][ T8092]  ? hugetlb_cgroup_migrate+0x190/0x1b0
[  117.486917][ T8092]  migrate_pages+0xf5f/0x1770
[  117.486955][ T8092]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[  117.487012][ T8092]  __se_sys_mbind+0x975/0xac0
[  117.487101][ T8092]  __x64_sys_mbind+0x78/0x90
[  117.487130][ T8092]  x64_sys_call+0x2932/0x2ff0
[  117.487197][ T8092]  do_syscall_64+0xd2/0x200
[  117.487235][ T8092]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  117.487267][ T8092]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  117.487292][ T8092]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.487382][ T8092] RIP: 0033:0x7f5f553feb69
[  117.487401][ T8092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.487424][ T8092] RSP: 002b:00007f5f53a5f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  117.487449][ T8092] RAX: ffffffffffffffda RBX: 00007f5f55625fa0 RCX: 00007f5f553feb69
[  117.487465][ T8092] RDX: 0000000000000000 RSI: 0100000000004000 RDI: 00002000005b4000
[  117.487481][ T8092] RBP: 00007f5f53a5f090 R08: 0000000000000000 R09: 0000000000000002
[  117.487521][ T8092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  117.487535][ T8092] R13: 0000000000000000 R14: 00007f5f55625fa0 R15: 00007ffd79c59588
[  117.487619][ T8092]  </TASK>
[  117.874595][ T8109] FAULT_INJECTION: forcing a failure.
[  117.874595][ T8109] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  117.877495][ T8108] __nla_validate_parse: 3 callbacks suppressed
[  117.877519][ T8108] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1642'.
[  117.888586][ T8109] CPU: 0 UID: 0 PID: 8109 Comm: syz.4.1644 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  117.888626][ T8109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  117.888644][ T8109] Call Trace:
[  117.888653][ T8109]  <TASK>
[  117.888663][ T8109]  __dump_stack+0x1d/0x30
[  117.888692][ T8109]  dump_stack_lvl+0xe8/0x140
[  117.888719][ T8109]  dump_stack+0x15/0x1b
[  117.888798][ T8109]  should_fail_ex+0x265/0x280
[  117.888843][ T8109]  should_fail+0xb/0x20
[  117.888889][ T8109]  should_fail_usercopy+0x1a/0x20
[  117.888915][ T8109]  _copy_from_user+0x1c/0xb0
[  117.888949][ T8109]  ___sys_sendmsg+0xc1/0x1d0
[  117.889025][ T8109]  __x64_sys_sendmsg+0xd4/0x160
[  117.889077][ T8109]  x64_sys_call+0x191e/0x2ff0
[  117.889183][ T8109]  do_syscall_64+0xd2/0x200
[  117.889217][ T8109]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  117.889253][ T8109]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  117.889365][ T8109]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.889394][ T8109] RIP: 0033:0x7fd29ec9eb69
[  117.889432][ T8109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.889456][ T8109] RSP: 002b:00007fd29d2ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  117.889482][ T8109] RAX: ffffffffffffffda RBX: 00007fd29eec5fa0 RCX: 00007fd29ec9eb69
[  117.889500][ T8109] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000005
[  117.889618][ T8109] RBP: 00007fd29d2ff090 R08: 0000000000000000 R09: 0000000000000000
[  117.889635][ T8109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  117.889708][ T8109] R13: 0000000000000000 R14: 00007fd29eec5fa0 R15: 00007fff1f80c638
[  117.889736][ T8109]  </TASK>
[  118.081289][ T8115] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1646'.
[  118.245464][ T8140] FAULT_INJECTION: forcing a failure.
[  118.245464][ T8140] name failslab, interval 1, probability 0, space 0, times 0
[  118.258337][ T8140] CPU: 1 UID: 0 PID: 8140 Comm: syz.4.1658 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  118.258374][ T8140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  118.258390][ T8140] Call Trace:
[  118.258397][ T8140]  <TASK>
[  118.258404][ T8140]  __dump_stack+0x1d/0x30
[  118.258481][ T8140]  dump_stack_lvl+0xe8/0x140
[  118.258506][ T8140]  dump_stack+0x15/0x1b
[  118.258527][ T8140]  should_fail_ex+0x265/0x280
[  118.258576][ T8140]  should_failslab+0x8c/0xb0
[  118.258670][ T8140]  __kmalloc_noprof+0xa5/0x3e0
[  118.258705][ T8140]  ? bpf_test_init+0xa9/0x160
[  118.258749][ T8140]  bpf_test_init+0xa9/0x160
[  118.258779][ T8140]  bpf_prog_test_run_xdp+0x274/0x910
[  118.258849][ T8140]  ? __rcu_read_unlock+0x4f/0x70
[  118.258952][ T8140]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  118.258983][ T8140]  bpf_prog_test_run+0x227/0x390
[  118.259022][ T8140]  __sys_bpf+0x4b9/0x7b0
[  118.259142][ T8140]  __x64_sys_bpf+0x41/0x50
[  118.259172][ T8140]  x64_sys_call+0x2aea/0x2ff0
[  118.259199][ T8140]  do_syscall_64+0xd2/0x200
[  118.259230][ T8140]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  118.259259][ T8140]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  118.259286][ T8140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.259314][ T8140] RIP: 0033:0x7fd29ec9eb69
[  118.259339][ T8140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.259356][ T8140] RSP: 002b:00007fd29d2ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  118.259374][ T8140] RAX: ffffffffffffffda RBX: 00007fd29eec5fa0 RCX: 00007fd29ec9eb69
[  118.259389][ T8140] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  118.259405][ T8140] RBP: 00007fd29d2ff090 R08: 0000000000000000 R09: 0000000000000000
[  118.259467][ T8140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.259482][ T8140] R13: 0000000000000000 R14: 00007fd29eec5fa0 R15: 00007fff1f80c638
[  118.259509][ T8140]  </TASK>
[  118.463964][ T8138] loop3: detected capacity change from 0 to 512
[  118.485566][ T8145] loop4: detected capacity change from 0 to 512
[  118.488218][ T8145] EXT4-fs: quotafile must be on filesystem root
[  118.501124][ T8145] SELinux:  Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped).
[  118.506929][ T8138] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.547897][ T8138] ext4 filesystem being mounted at /303/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.759357][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.858500][ T8182] netlink: 'syz.3.1673': attribute type 21 has an invalid length.
[  118.869494][ T8183] netlink: 'syz.3.1673': attribute type 21 has an invalid length.
[  118.875719][ T8179] loop4: detected capacity change from 0 to 2048
[  118.893971][ T8183] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1673'.
[  118.913900][ T8182] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1673'.
[  118.938740][ T8179] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  118.993826][ T8195] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1677'.
[  119.019445][ T8196] loop3: detected capacity change from 0 to 512
[  119.058669][ T8198] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1678'.
[  119.093926][ T8200] netem: incorrect ge model size
[  119.098981][ T8200] netem: change failed
[  119.261168][ T8216] FAULT_INJECTION: forcing a failure.
[  119.261168][ T8216] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  119.274306][ T8216] CPU: 1 UID: 0 PID: 8216 Comm: syz.1.1685 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  119.274431][ T8216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  119.274444][ T8216] Call Trace:
[  119.274471][ T8216]  <TASK>
[  119.274482][ T8216]  __dump_stack+0x1d/0x30
[  119.274559][ T8216]  dump_stack_lvl+0xe8/0x140
[  119.274578][ T8216]  dump_stack+0x15/0x1b
[  119.274594][ T8216]  should_fail_ex+0x265/0x280
[  119.274665][ T8216]  should_fail+0xb/0x20
[  119.274703][ T8216]  should_fail_usercopy+0x1a/0x20
[  119.274739][ T8216]  _copy_from_user+0x1c/0xb0
[  119.274764][ T8216]  __sys_sendto+0x19e/0x330
[  119.274821][ T8216]  __x64_sys_sendto+0x76/0x90
[  119.274902][ T8216]  x64_sys_call+0x2d05/0x2ff0
[  119.274925][ T8216]  do_syscall_64+0xd2/0x200
[  119.274948][ T8216]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  119.274980][ T8216]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  119.275048][ T8216]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.275076][ T8216] RIP: 0033:0x7fdc49f5eb69
[  119.275095][ T8216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.275119][ T8216] RSP: 002b:00007fdc485c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  119.275200][ T8216] RAX: ffffffffffffffda RBX: 00007fdc4a185fa0 RCX: 00007fdc49f5eb69
[  119.275217][ T8216] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000004
[  119.275234][ T8216] RBP: 00007fdc485c7090 R08: 00002000000000c0 R09: 000000000000001c
[  119.275250][ T8216] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[  119.275266][ T8216] R13: 0000000000000000 R14: 00007fdc4a185fa0 R15: 00007ffdcb63d048
[  119.275293][ T8216]  </TASK>
[  119.462596][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.542715][ T8228] block device autoloading is deprecated and will be removed.
[  119.583913][ T8229] FAULT_INJECTION: forcing a failure.
[  119.583913][ T8229] name failslab, interval 1, probability 0, space 0, times 0
[  119.596637][ T8229] CPU: 1 UID: 0 PID: 8229 Comm: syz.1.1690 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  119.596734][ T8229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  119.596751][ T8229] Call Trace:
[  119.596759][ T8229]  <TASK>
[  119.596769][ T8229]  __dump_stack+0x1d/0x30
[  119.596832][ T8229]  dump_stack_lvl+0xe8/0x140
[  119.596857][ T8229]  dump_stack+0x15/0x1b
[  119.596878][ T8229]  should_fail_ex+0x265/0x280
[  119.596977][ T8229]  should_failslab+0x8c/0xb0
[  119.597002][ T8229]  kmem_cache_alloc_noprof+0x50/0x310
[  119.597031][ T8229]  ? alloc_empty_file+0x76/0x200
[  119.597073][ T8229]  alloc_empty_file+0x76/0x200
[  119.597107][ T8229]  alloc_file_pseudo+0xc6/0x160
[  119.597266][ T8229]  __shmem_file_setup+0x1de/0x210
[  119.597333][ T8229]  shmem_file_setup+0x3b/0x50
[  119.597374][ T8229]  __se_sys_memfd_create+0x2c3/0x590
[  119.597404][ T8229]  __x64_sys_memfd_create+0x31/0x40
[  119.597430][ T8229]  x64_sys_call+0x2abe/0x2ff0
[  119.597516][ T8229]  do_syscall_64+0xd2/0x200
[  119.597615][ T8229]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  119.597639][ T8229]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  119.597660][ T8229]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.597745][ T8229] RIP: 0033:0x7fdc49f5eb69
[  119.597764][ T8229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.597831][ T8229] RSP: 002b:00007fdc485c6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  119.597850][ T8229] RAX: ffffffffffffffda RBX: 00000000000005aa RCX: 00007fdc49f5eb69
[  119.597905][ T8229] RDX: 00007fdc485c6ef0 RSI: 0000000000000000 RDI: 00007fdc49fe2784
[  119.597921][ T8229] RBP: 0000200000001940 R08: 00007fdc485c6bb7 R09: 00007fdc485c6e40
[  119.597937][ T8229] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000040
[  119.597959][ T8229] R13: 00007fdc485c6ef0 R14: 00007fdc485c6eb0 R15: 0000200000000100
[  119.598015][ T8229]  </TASK>
[  119.814267][ T8237] FAULT_INJECTION: forcing a failure.
[  119.814267][ T8237] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  119.827592][ T8237] CPU: 0 UID: 0 PID: 8237 Comm: syz.0.1694 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  119.827625][ T8237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  119.827642][ T8237] Call Trace:
[  119.827651][ T8237]  <TASK>
[  119.827661][ T8237]  __dump_stack+0x1d/0x30
[  119.827699][ T8237]  dump_stack_lvl+0xe8/0x140
[  119.827719][ T8237]  dump_stack+0x15/0x1b
[  119.827735][ T8237]  should_fail_ex+0x265/0x280
[  119.827769][ T8237]  should_fail_alloc_page+0xf2/0x100
[  119.827801][ T8237]  __alloc_frozen_pages_noprof+0xff/0x360
[  119.827886][ T8237]  alloc_pages_mpol+0xb3/0x250
[  119.827922][ T8237]  vma_alloc_folio_noprof+0x1aa/0x300
[  119.828085][ T8237]  handle_mm_fault+0xec2/0x2c20
[  119.828124][ T8237]  do_user_addr_fault+0x636/0x1090
[  119.828201][ T8237]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  119.828284][ T8237]  exc_page_fault+0x62/0xa0
[  119.828303][ T8237]  asm_exc_page_fault+0x26/0x30
[  119.828324][ T8237] RIP: 0033:0x7f467077c19b
[  119.828373][ T8237] Code: c0 8b 87 c0 00 00 00 66 0f 6c c0 85 c0 0f 85 44 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 21 00 00 48 8d 7c 24 20 <0f> 29 44 24 40 49 89 e4 48 89 44 24 50 8b 43 74 48 89 9c 24 00 01
[  119.828394][ T8237] RSP: 002b:00007f466ee34e10 EFLAGS: 00010246
[  119.828426][ T8237] RAX: 00007f466ee36f30 RBX: 00007f46709c7640 RCX: 0000000000000000
[  119.828442][ T8237] RDX: 00007f466ee36f78 RSI: 00007f467082ec80 RDI: 00007f466ee34e30
[  119.828458][ T8237] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[  119.828473][ T8237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  119.828488][ T8237] R13: 0000000000000000 R14: 00007f46709f5fa0 R15: 00007ffcf8edb378
[  119.828508][ T8237]  </TASK>
[  119.828517][ T8237] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  119.936481][   T29] kauditd_printk_skb: 198 callbacks suppressed
[  119.936501][   T29] audit: type=1400 audit(1754127892.524:5643): avc:  denied  { connect } for  pid=8238 comm="syz.4.1695" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  119.999275][ T8245] loop0: detected capacity change from 0 to 128
[  120.006175][   T29] audit: type=1400 audit(1754127892.524:5644): avc:  denied  { setopt } for  pid=8238 comm="syz.4.1695" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  120.094405][ T8245] loop0: detected capacity change from 0 to 128
[  120.113158][ T8245] vfat: Unknown parameter '
'
[  120.149341][   T29] audit: type=1326 audit(1754127892.744:5645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8252 comm="syz.4.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd29ec9eb69 code=0x7ffc0000
[  120.172932][   T29] audit: type=1326 audit(1754127892.744:5646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8252 comm="syz.4.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd29ec9eb69 code=0x7ffc0000
[  120.217993][ T8245] vhci_hcd: invalid port number 96
[  120.223182][ T8245] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  120.230475][ T8251] vhci_hcd: invalid port number 96
[  120.235650][ T8251] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  120.276967][ T8262] loop4: detected capacity change from 0 to 2048
[  120.287155][   T29] audit: type=1400 audit(1754127892.804:5647): avc:  denied  { getopt } for  pid=8253 comm="syz.2.1702" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  120.307663][   T29] audit: type=1326 audit(1754127892.804:5648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8252 comm="syz.4.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7fd29ec9eb69 code=0x7ffc0000
[  120.331180][   T29] audit: type=1326 audit(1754127892.804:5649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8252 comm="syz.4.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd29ec9eb69 code=0x7ffc0000
[  120.354615][   T29] audit: type=1326 audit(1754127892.804:5650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8252 comm="syz.4.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd29ec9eb69 code=0x7ffc0000
[  120.378058][   T29] audit: type=1400 audit(1754127892.864:5651): avc:  denied  { read } for  pid=8263 comm="syz.2.1706" name="usbmon7" dev="devtmpfs" ino=163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  120.401463][   T29] audit: type=1400 audit(1754127892.864:5652): avc:  denied  { open } for  pid=8263 comm="syz.2.1706" path="/dev/usbmon7" dev="devtmpfs" ino=163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  120.458909][ T8262] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  120.471374][ T8262] ext4 filesystem being mounted at /300/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  120.538041][ T8262] syzkaller0: entered promiscuous mode
[  120.543656][ T8262] syzkaller0: entered allmulticast mode
[  120.562963][ T8262] EXT4-fs error (device loop4): __ext4_new_inode:1073: comm syz.4.1704: reserved inode found cleared - inode=1
[  120.617520][ T8273] FAULT_INJECTION: forcing a failure.
[  120.617520][ T8273] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  120.630665][ T8273] CPU: 1 UID: 0 PID: 8273 Comm: syz.3.1708 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  120.630753][ T8273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  120.630773][ T8273] Call Trace:
[  120.630780][ T8273]  <TASK>
[  120.630833][ T8273]  __dump_stack+0x1d/0x30
[  120.630867][ T8273]  dump_stack_lvl+0xe8/0x140
[  120.630885][ T8273]  dump_stack+0x15/0x1b
[  120.630937][ T8273]  should_fail_ex+0x265/0x280
[  120.630982][ T8273]  should_fail+0xb/0x20
[  120.631132][ T8273]  should_fail_usercopy+0x1a/0x20
[  120.631154][ T8273]  _copy_from_user+0x1c/0xb0
[  120.631185][ T8273]  ___sys_sendmsg+0xc1/0x1d0
[  120.631380][ T8273]  __x64_sys_sendmsg+0xd4/0x160
[  120.631421][ T8273]  x64_sys_call+0x191e/0x2ff0
[  120.631486][ T8273]  do_syscall_64+0xd2/0x200
[  120.631517][ T8273]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  120.631646][ T8273]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  120.631669][ T8273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.631696][ T8273] RIP: 0033:0x7f5f553feb69
[  120.631761][ T8273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.631786][ T8273] RSP: 002b:00007f5f53a5f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  120.631815][ T8273] RAX: ffffffffffffffda RBX: 00007f5f55625fa0 RCX: 00007f5f553feb69
[  120.631831][ T8273] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[  120.631846][ T8273] RBP: 00007f5f53a5f090 R08: 0000000000000000 R09: 0000000000000000
[  120.631936][ T8273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  120.632013][ T8273] R13: 0000000000000000 R14: 00007f5f55625fa0 R15: 00007ffd79c59588
[  120.632039][ T8273]  </TASK>
[  120.822477][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.921729][ T8283] SELinux: ebitmap: truncated map
[  120.928430][ T8283] SELinux: failed to load policy
[  120.945929][ T8289] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.999990][ T8296] -1: renamed from syzkaller0
[  121.021589][ T8289] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.037448][ T8302] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1719'.
[  121.061546][ T8303] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1718'.
[  121.079218][ T8289] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.109530][ T8307] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1720'.
[  121.158332][ T8289] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.187739][ T8314] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1722'.
[  121.269989][ T8323] loop0: detected capacity change from 0 to 128
[  121.279342][ T2492] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  121.305891][ T8320] netlink: 'syz.3.1727': attribute type 10 has an invalid length.
[  121.316749][ T2492] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  121.337935][ T8320] team0: entered promiscuous mode
[  121.343054][ T8320] team_slave_0: entered promiscuous mode
[  121.348931][ T8320] team_slave_1: entered promiscuous mode
[  121.356356][ T8320] 8021q: adding VLAN 0 to HW filter on device team0
[  121.356350][ T8326] FAULT_INJECTION: forcing a failure.
[  121.356350][ T8326] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  121.356387][ T8326] CPU: 0 UID: 0 PID: 8326 Comm: syz.2.1728 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  121.356438][ T8326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  121.356455][ T8326] Call Trace:
[  121.356523][ T8326]  <TASK>
[  121.356534][ T8326]  __dump_stack+0x1d/0x30
[  121.356563][ T8326]  dump_stack_lvl+0xe8/0x140
[  121.356591][ T8326]  dump_stack+0x15/0x1b
[  121.356614][ T8326]  should_fail_ex+0x265/0x280
[  121.356706][ T8326]  should_fail_alloc_page+0xf2/0x100
[  121.356743][ T8326]  __alloc_frozen_pages_noprof+0xff/0x360
[  121.356867][ T8326]  alloc_pages_mpol+0xb3/0x250
[  121.356991][ T8326]  alloc_pages_noprof+0x90/0x130
[  121.357071][ T8326]  pte_alloc_one+0x2d/0x120
[  121.357102][ T8326]  __pte_alloc+0x32/0x2b0
[  121.357147][ T8326]  handle_mm_fault+0x1c55/0x2c20
[  121.357196][ T8326]  do_user_addr_fault+0x636/0x1090
[  121.357284][ T8326]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  121.357322][ T8326]  exc_page_fault+0x62/0xa0
[  121.357349][ T8326]  asm_exc_page_fault+0x26/0x30
[  121.357376][ T8326] RIP: 0033:0x7f2938940d86
[  121.357396][ T8326] Code: f0 72 6e 48 63 cd 48 01 c1 49 39 4f 08 72 4c 8d 4d ff 85 ed 74 33 66 0f 1f 44 00 00 48 39 f0 72 1b 4d 8b 07 49 89 c1 49 29 f1 <47> 0f b6 0c 08 45 84 c9 74 08 45 88 0c 00 49 8b 47 10 48 83 c0 01
[  121.357450][ T8326] RSP: 002b:00007f29370de4a0 EFLAGS: 00010246
[  121.357472][ T8326] RAX: 0000000000000001 RBX: 00007f29370de540 RCX: 0000000000000101
[  121.357489][ T8326] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00007f29370de5e0
[  121.357506][ T8326] RBP: 0000000000000102 R08: 00007f292ecbf000 R09: 0000000000000000
[  121.357522][ T8326] R10: 0000000000000000 R11: 00007f29370de550 R12: 0000000000000001
[  121.357538][ T8326] R13: 00007f2938b1d940 R14: 0000000000000000 R15: 00007f29370de5e0
[  121.357568][ T8326]  </TASK>
[  121.357699][ T8326] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  121.363731][ T8320] bridge0: port 3(team0) entered blocking state
[  121.386582][ T8323] vhci_hcd: invalid port number 96
[  121.388436][ T8320] bridge0: port 3(team0) entered disabled state
[  121.398526][ T8323] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  121.405196][ T8320] team0: entered allmulticast mode
[  121.588886][ T8320] team_slave_0: entered allmulticast mode
[  121.594632][ T8320] team_slave_1: entered allmulticast mode
[  121.604212][ T2492] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  121.613855][ T2492] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  121.767306][ T8337] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  121.773944][ T8337] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  121.781466][ T8337] vhci_hcd vhci_hcd.0: Device attached
[  121.811286][ T8337] loop4: detected capacity change from 0 to 512
[  121.848022][ T8337] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e018, mo2=0002]
[  121.871748][ T8337] System zones: 1-12
[  121.876147][ T8337] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1733: invalid indirect mapped block 8 (level 2)
[  121.918833][ T8337] EXT4-fs (loop4): 1 truncate cleaned up
[  121.993949][ T8337] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  122.034652][ T8341] vhci_hcd: connection closed
[  122.034974][  T110] vhci_hcd: stop threads
[  122.039935][ T8350] loop3: detected capacity change from 0 to 8192
[  122.044055][  T110] vhci_hcd: release socket
[  122.044075][  T110] vhci_hcd: disconnect device
[  122.374354][ T8386] loop3: detected capacity change from 0 to 128
[  122.396445][ T8386] loop3: detected capacity change from 0 to 128
[  122.489306][ T8386] vhci_hcd: invalid port number 96
[  122.494482][ T8386] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  122.506243][ T8391] vhci_hcd: invalid port number 96
[  122.511505][ T8391] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  122.567359][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.730913][ T8399] loop4: detected capacity change from 0 to 1024
[  122.753078][ T8399] EXT4-fs: Ignoring removed bh option
[  122.801907][ T8399] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.922479][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.077909][ T8409] loop0: detected capacity change from 0 to 2048
[  123.089271][ T8411] loop4: detected capacity change from 0 to 2048
[  123.121407][ T8409] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.159517][ T8409] ext4 filesystem being mounted at /382/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.203539][ T8411] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.246394][ T8409] syzkaller0: entered promiscuous mode
[  123.251986][ T8409] syzkaller0: entered allmulticast mode
[  123.259056][ T8411] ext4 filesystem being mounted at /307/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.288188][ T8409] EXT4-fs error (device loop0): __ext4_new_inode:1073: comm syz.0.1761: reserved inode found cleared - inode=1
[  123.375214][ T8433] __nla_validate_parse: 6 callbacks suppressed
[  123.375231][ T8433] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1768'.
[  123.392603][ T8433] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1768'.
[  123.410396][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.426984][ T8411] syzkaller0: entered promiscuous mode
[  123.432584][ T8411] syzkaller0: entered allmulticast mode
[  123.450349][ T8411] EXT4-fs error (device loop4): __ext4_new_inode:1073: comm syz.4.1760: reserved inode found cleared - inode=1
[  123.507721][ T8444] FAULT_INJECTION: forcing a failure.
[  123.507721][ T8444] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.520930][ T8444] CPU: 1 UID: 0 PID: 8444 Comm: syz.0.1773 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  123.520963][ T8444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  123.520977][ T8444] Call Trace:
[  123.520982][ T8444]  <TASK>
[  123.520990][ T8444]  __dump_stack+0x1d/0x30
[  123.521090][ T8444]  dump_stack_lvl+0xe8/0x140
[  123.521109][ T8444]  dump_stack+0x15/0x1b
[  123.521193][ T8444]  should_fail_ex+0x265/0x280
[  123.521228][ T8444]  should_fail+0xb/0x20
[  123.521315][ T8444]  should_fail_usercopy+0x1a/0x20
[  123.521334][ T8444]  _copy_from_user+0x1c/0xb0
[  123.521360][ T8444]  ___sys_sendmsg+0xc1/0x1d0
[  123.521412][ T8444]  __x64_sys_sendmsg+0xd4/0x160
[  123.521628][ T8444]  x64_sys_call+0x191e/0x2ff0
[  123.521650][ T8444]  do_syscall_64+0xd2/0x200
[  123.521690][ T8444]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  123.521716][ T8444]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  123.521809][ T8444]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.521830][ T8444] RIP: 0033:0x7f46707ceb69
[  123.521890][ T8444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.521912][ T8444] RSP: 002b:00007f466ee37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  123.521931][ T8444] RAX: ffffffffffffffda RBX: 00007f46709f5fa0 RCX: 00007f46707ceb69
[  123.522017][ T8444] RDX: 0000000000000000 RSI: 0000200000000b80 RDI: 0000000000000004
[  123.522029][ T8444] RBP: 00007f466ee37090 R08: 0000000000000000 R09: 0000000000000000
[  123.522041][ T8444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.522053][ T8444] R13: 0000000000000000 R14: 00007f46709f5fa0 R15: 00007ffcf8edb378
[  123.522073][ T8444]  </TASK>
[  123.523783][ T8442] loop3: detected capacity change from 0 to 1024
[  123.666477][ T8449] loop0: detected capacity change from 0 to 512
[  123.698284][ T8442] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.725265][ T8449] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  123.745882][ T8449] EXT4-fs (loop0): 1 truncate cleaned up
[  123.759969][ T8449] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.784584][ T8442] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.1772: Allocating blocks 497-513 which overlap fs metadata
[  123.799601][ T8442] EXT4-fs (loop3): pa ffff88810555b4d0: logic 256, phys. 385, len 8
[  123.800385][ T8449] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.807737][ T8442] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  123.846812][ T8449] loop0: detected capacity change from 0 to 2048
[  123.898114][ T8463] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1781'.
[  123.950175][ T8452] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.096374][ T8482] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1787'.
[  124.134669][ T8473] lo speed is unknown, defaulting to 1000
[  124.146304][ T8473] geneve1 speed is unknown, defaulting to 1000
[  124.249238][  T110] team0: left allmulticast mode
[  124.254173][  T110] team_slave_0: left allmulticast mode
[  124.259814][  T110] team_slave_1: left allmulticast mode
[  124.265455][  T110] bridge0: port 3(team0) entered disabled state
[  124.274700][  T110] bridge_slave_1: left allmulticast mode
[  124.281275][  T110] bridge_slave_1: left promiscuous mode
[  124.287134][  T110] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.295381][  T110] bridge_slave_0: left allmulticast mode
[  124.301158][  T110] bridge_slave_0: left promiscuous mode
[  124.308108][  T110] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.444310][ T8525] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1800'.
[  124.718431][  T110] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  124.728012][  T110] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  124.737231][  T110] bond0 (unregistering): Released all slaves
[  124.768553][  T110] tipc: Left network mode
[  124.938279][  T110] hsr_slave_0: left promiscuous mode
[  124.958147][  T110] hsr_slave_1: left promiscuous mode
[  124.968291][  T110] batman_adv: batadv0: Removing interface: batadv_slave_0
[  124.989434][  T110] batman_adv: batadv0: Removing interface: batadv_slave_1
[  125.053287][  T110] team_slave_1 (unregistering): left promiscuous mode
[  125.065210][  T110] team0 (unregistering): Port device team_slave_1 removed
[  125.080487][  T110] team_slave_0 (unregistering): left promiscuous mode
[  125.088117][  T110] team0 (unregistering): Port device team_slave_0 removed
[  125.133273][ T8537] netlink: 14593 bytes leftover after parsing attributes in process `syz.0.1804'.
[  125.156131][ T8473] chnl_net:caif_netlink_parms(): no params data found
[  125.289995][   T29] kauditd_printk_skb: 204 callbacks suppressed
[  125.290047][   T29] audit: type=1400 audit(1754127897.884:5857): avc:  denied  { remount } for  pid=8566 comm="syz.1.1810" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  125.317357][ T8571] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1811'.
[  125.336079][ T8473] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.343248][ T8473] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.403371][ T8473] bridge_slave_0: entered allmulticast mode
[  125.419468][ T8473] bridge_slave_0: entered promiscuous mode
[  125.440432][ T8569] lo speed is unknown, defaulting to 1000
[  125.446407][ T8473] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.453890][ T8473] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.468973][ T8473] bridge_slave_1: entered allmulticast mode
[  125.488852][ T8473] bridge_slave_1: entered promiscuous mode
[  125.508699][   T29] audit: type=1400 audit(1754127898.104:5858): avc:  denied  { create } for  pid=8586 comm="syz.0.1814" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  125.534023][ T8569] geneve1 speed is unknown, defaulting to 1000
[  125.541141][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.549274][   T29] audit: type=1400 audit(1754127898.124:5859): avc:  denied  { write } for  pid=8586 comm="syz.0.1814" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  125.585158][ T8473] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  125.617177][ T8473] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  125.637634][   T29] audit: type=1400 audit(1754127898.234:5860): avc:  denied  { create } for  pid=8592 comm="syz.0.1816" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  125.659347][ T8594] FAULT_INJECTION: forcing a failure.
[  125.659347][ T8594] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  125.672502][ T8594] CPU: 1 UID: 0 PID: 8594 Comm: syz.0.1816 Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  125.672592][ T8594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  125.672567][   T29] audit: type=1400 audit(1754127898.254:5861): avc:  denied  { bind } for  pid=8592 comm="syz.0.1816" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  125.672647][ T8594] Call Trace:
[  125.672653][ T8594]  <TASK>
[  125.672675][ T8594]  __dump_stack+0x1d/0x30
[  125.672698][ T8594]  dump_stack_lvl+0xe8/0x140
[  125.672723][ T8594]  dump_stack+0x15/0x1b
[  125.672754][   T29] ==================================================================
[  125.672743][ T8594]  should_fail_ex+0x265/0x280
[  125.672837][ T8594]  should_fail+0xb/0x20
[  125.672879][ T8594]  should_fail_usercopy+0x1a/0x20
[  125.672907][ T8594]  _copy_from_user+0x1c/0xb0
[  125.673019][ T8594]  tipc_setsockopt+0x388/0x620
[  125.673057][ T8594]  ? __pfx_tipc_setsockopt+0x10/0x10
[  125.673093][ T8594]  __sys_setsockopt+0x181/0x200
[  125.673139][ T8594]  __x64_sys_setsockopt+0x64/0x80
[  125.673245][ T8594]  x64_sys_call+0x20ec/0x2ff0
[  125.673273][ T8594]  do_syscall_64+0xd2/0x200
[  125.673304][ T8594]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  125.673336][ T8594]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  125.673367][ T8594]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.673478][ T8594] RIP: 0033:0x7f46707ceb69
[  125.673499][ T8594] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.673531][ T8594] RSP: 002b:00007f466ee37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  125.673557][ T8594] RAX: ffffffffffffffda RBX: 00007f46709f5fa0 RCX: 00007f46707ceb69
[  125.673575][ T8594] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000007
[  125.673592][ T8594] RBP: 00007f466ee37090 R08: 0000000000000010 R09: 0000000000000000
[  125.673615][ T8594] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000001
[  125.673632][ T8594] R13: 0000000000000000 R14: 00007f46709f5fa0 R15: 00007ffcf8edb378
[  125.673660][ T8594]  </TASK>
[  125.694911][   T29] BUG: KCSAN: data-race in data_alloc / data_push_tail
[  125.694961][   T29] 
[  125.694968][   T29] write to 0xffffffff88e3cb40 of 8 bytes by task 8594 on cpu 1:
[  125.694985][   T29]  data_alloc+0x203/0x2b0
[  125.695015][   T29]  prb_reserve+0x808/0xaf0
[  125.695044][   T29]  vprintk_store+0x56d/0x860
[  125.695078][   T29]  vprintk_emit+0x178/0x650
[  125.695095][   T29]  vprintk_default+0x26/0x30
[  125.695114][   T29]  vprintk+0x1d/0x30
[  125.695138][   T29]  _printk+0x79/0xa0
[  125.695166][   T29]  show_trace_log_lvl+0x52d/0x560
[  125.695190][   T29]  __dump_stack+0x1d/0x30
[  125.695207][   T29]  dump_stack_lvl+0xe8/0x140
[  125.695225][   T29]  dump_stack+0x15/0x1b
[  125.695242][   T29]  should_fail_ex+0x265/0x280
[  125.695280][   T29]  should_fail+0xb/0x20
[  125.695310][   T29]  should_fail_usercopy+0x1a/0x20
[  125.695330][   T29]  _copy_from_user+0x1c/0xb0
[  125.695355][   T29]  tipc_setsockopt+0x388/0x620
[  125.695381][   T29]  __sys_setsockopt+0x181/0x200
[  125.695413][   T29]  __x64_sys_setsockopt+0x64/0x80
[  125.695444][   T29]  x64_sys_call+0x20ec/0x2ff0
[  125.695466][   T29]  do_syscall_64+0xd2/0x200
[  125.695490][   T29]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.695512][   T29] 
[  125.695519][   T29] read to 0xffffffff88e3cb40 of 8 bytes by task 29 on cpu 0:
[  125.695536][   T29]  data_push_tail+0xfd/0x420
[  125.695568][   T29]  data_alloc+0xbf/0x2b0
[  125.695597][   T29]  prb_reserve+0x808/0xaf0
[  125.695626][   T29]  vprintk_store+0x56d/0x860
[  125.695658][   T29]  vprintk_emit+0x178/0x650
[  125.695676][   T29]  vprintk_default+0x26/0x30
[  125.695694][   T29]  vprintk+0x1d/0x30
[  125.695718][   T29]  _printk+0x79/0xa0
[  125.695745][   T29]  kauditd_hold_skb+0x1b1/0x1c0
[  125.695764][   T29]  kauditd_send_queue+0x273/0x2c0
[  125.695782][   T29]  kauditd_thread+0x421/0x630
[  125.695814][   T29]  kthread+0x489/0x510
[  125.695834][   T29]  ret_from_fork+0xdd/0x150
[  125.695855][   T29]  ret_from_fork_asm+0x1a/0x30
[  125.695877][   T29] 
[  125.695882][   T29] value changed: 0x00000000ffffe8a7 -> 0x00000000fffff6b0
[  125.695894][   T29] 
[  125.695899][   T29] Reported by Kernel Concurrency Sanitizer on:
[  125.695912][   T29] CPU: 0 UID: 0 PID: 29 Comm: kauditd Not tainted 6.16.0-syzkaller-10910-g0905809b38bd #0 PREEMPT(voluntary) 
[  125.695940][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  125.695954][   T29] ==================================================================
[  126.121389][   T29] audit: type=1400 audit(1754127898.254:5862): avc:  denied  { setopt } for  pid=8592 comm="syz.0.1816" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  126.141204][   T29] audit: type=1400 audit(1754127898.464:5863): avc:  denied  { create } for  pid=8599 comm="syz.4.1819" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  126.160833][   T29] audit: type=1326 audit(1754127898.624:5864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8599 comm="syz.4.1819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd29ec9eb69 code=0x7ffc0000
[  126.184433][   T29] audit: type=1326 audit(1754127898.624:5865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8599 comm="syz.4.1819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd29ec9eb69 code=0x7ffc0000
[  126.207979][   T29] audit: type=1326 audit(1754127898.624:5866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8599 comm="syz.4.1819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fd29ec9eb69 code=0x7ffc0000
[  126.241034][ T8473] team0: Port device team_slave_0 added
[  126.247902][ T8473] team0: Port device team_slave_1 added
[  126.270572][ T8473] batman_adv: batadv0: Adding interface: batadv_slave_0
[  126.277598][ T8473] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  126.303592][ T8473] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  126.320655][ T8473] batman_adv: batadv0: Adding interface: batadv_slave_1
[  126.327728][ T8473] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  126.353806][ T8473] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  126.389180][ T8473] hsr_slave_0: entered promiscuous mode
[  126.395433][ T8473] hsr_slave_1: entered promiscuous mode
[  126.401959][ T8473] debugfs: 'hsr0' already exists in 'hsr'
[  126.407748][ T8473] Cannot create hsr debugfs directory
[  126.508669][ T8473] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  126.517707][ T8473] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  126.528259][ T8473] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  126.548830][ T8473] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  126.606563][ T8473] 8021q: adding VLAN 0 to HW filter on device bond0
[  126.618640][ T8473] 8021q: adding VLAN 0 to HW filter on device team0
[  126.632304][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.639444][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[  126.651975][  T110] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.659130][  T110] bridge0: port 2(bridge_slave_1) entered forwarding state
[  126.741122][ T8473] 8021q: adding VLAN 0 to HW filter on device batadv0
[  126.874998][ T8473] veth0_vlan: entered promiscuous mode
[  126.884842][ T8473] veth1_vlan: entered promiscuous mode
[  126.904053][ T8473] veth0_macvtap: entered promiscuous mode
[  126.912509][ T8473] veth1_macvtap: entered promiscuous mode
[  126.926341][ T8473] batman_adv: batadv0: Interface activated: batadv_slave_0
[  126.939014][ T8473] batman_adv: batadv0: Interface activated: batadv_slave_1
[  126.950024][   T12] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  126.969003][   T12] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  126.988818][   T12] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  127.000784][   T12] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0