last executing test programs:

2.51087792s ago: executing program 3 (id=1690):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000040)=0x6b93, 0x4)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)

2.47873456s ago: executing program 3 (id=1693):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @call={0x85, 0x0, 0x0, 0x50}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$inet6(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe5b, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
syz_clone3(&(0x7f0000000780)={0x1c3002480, 0x0, 0x0, 0x0, {0x2b}, 0x0, 0x0, 0x0, 0x0}, 0x58)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x8, 0x4, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000003c0)={0x9, <r6=>0x0}, 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000400)={r5, 0x0, 0x25, 0x9, @val=@target_btf_id=r6}, 0x14)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
r10 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r10, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
sendmsg$netlink(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)={0x114, 0x28, 0x1, 0x4, 0x25dfdbf8, "", [@nested={0x104, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2d}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82", @typed={0x4, 0xe9}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_setup(0x9, &(0x7f00000001c0)=<r11=>0x0)
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x88, &(0x7f0000000080)={[{@noblock_validity}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@grpjquota}, {@nomblk_io_submit}, {@nodiscard}, {@quota}]}, 0x3, 0x438, &(0x7f0000000580)="$eJzs289rHFUcAPDv7GZT01+Jpf5oWjVaxeCPpElr7cGLouBBQdBDPcYkLbHbRpoItgSNIvUoBe/iUfAv8KQXUU8Fr3oXoUgurZ5WZncm2d1sfnaTrd3PByb5vpm3vPfNzNt9My8bQNcaSn8kEfsj4veI6K8VGysM1X7dXlqY/GdpYTKJSuXtv5NqvVtLC5N51fx1+/JCT0Th8ySOtmh37srVCxPl8vTlrDw6f/GD0bkrV5+fuThxfvr89KXxM2dOnRx78fT4C23JM83r1uDHs8eOvP7u9Tcnz15/75fvkjz/pjzaZGi9g09VKm1urrMO1MVJTwc7wpYUa8M0StXx3x/FWDl5/fHaZx3tHLCjKpVK5cG1Dy9WgHtYEp3uAdAZ+Qd9ev+bb7s09bgr3Hy5dgOU5n0722pHeqKQ1Sk13d+201BEnF389+t0i515DgEA0OCHdP7zXKv5XyHqnwsdzNZQBiLi/og4FBGnI+JwRDwQUa37UEQ8vMX2mxdJVs9/Dm4rr81K538vZWtbjfO/fPYXA8WsdKCafyk5N1OePpH1bDhKe9Ly2Dpt/Pjqb1+2PJA1kc//0i1tP58LZpX+6tnT+LKpifmJO8m53s1PIwZ7WuWfLK8EJBFxJCIGt9nGzDPfHlvr2NCG+a+jDetMlW8inq6d/8Voyj+XrL8+OXpflKdPjOZXxWq/3rj21lrt31H+bZCe/70tr//l/AeS+vXaua23ce2PL9a8p9k4/9bXf2/yTsO+jybm5y+PRfQmb9Q6Xb9/vKne+Er9NP/h463H/6FY+UscjYj0In4kIh6NiMeyvj8eEU9ExPHVqd3ozYKfX3ny/WpQ2k7+OyvNf2pL538l6I3mPa2D4oWfvm9odGAr+afn/1Q1Gs72bOb9bzP92t7VDAAAAP8/hYjYH0lhZDkuFEZGav/Dfzj2Fsqzc/PPnpv98NJU7TsCA1Eq5E+6+uueh45lt/V5ebypfDJ7bvxVsa9aHpmcLU91OnnocvvWGP+pP4ud7h2w43xfC7qX8Q/dy/iH7mX8Q/dqMf77OtEPYPe1+vz/pAP9AHZf0/i37AddxP0/dC/jH7qX8Q9daa4vNv6SvECwKojCXdENwQ4FnX5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaI//AgAA//9Lr+a0")
r12 = open(&(0x7f0000000000)='./file1\x00', 0x147042, 0x60)
io_submit(r11, 0x1, &(0x7f0000000100)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x18, 0x8, 0x0, r12, 0x0, 0x0, 0x800000000004007}])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00'}, 0x10)
sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

1.922381679s ago: executing program 0 (id=1712):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400f400b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
pipe(&(0x7f0000000400)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
splice(r2, 0x0, r4, 0x0, 0x88000cc, 0x0) (fail_nth: 14)
write$eventfd(r3, &(0x7f0000000240), 0xffffff14)

1.843256361s ago: executing program 3 (id=1716):
openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
perf_event_open(&(0x7f0000000540)={0x2, 0x80, 0x2, 0x1, 0x1, 0x0, 0x0, 0x3, 0xd21, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0xffff, 0x1, 0x1, 0x9, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r0}, 0x9)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000680), &(0x7f0000000640)="fdff27", 0x5, r1}, 0x38)
pipe(&(0x7f0000000080))
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000040)={0x0, 0x2000, 0x0, {0x0, 0xa}, {0x1}, @rumble={0xfff9, 0x8}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4808000010001fff3a4ee9bfd5c3a3696c40af0b", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e"], 0x3}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x12, 0xd, &(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES8=r1, @ANYRES16=r0], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000002, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x69, 0x7ffc0005}]})
io_setup(0x1, &(0x7f0000001300)=<r3=>0x0)
io_destroy(r3)

1.746213952s ago: executing program 4 (id=1719):
socket$inet6(0xa, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000380)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x3e, 0xb0, 0x1000, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e21, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x4, "44cb6d37c6818e519c60ca92b05c8ad4ae74ea79fdb58e2b7f29fa51c12f5cbb", "529ce0c19fb809804c2ff3c5412218a7d847fbc93cfef70c00506d947ea54e7f53d1fdc46c7f32f5461c69dbb12ae334", "93789889a9e2835b672961b74d925e86afc527fa482ea332ce27b8a5", {"2e5da89a0ace8edabc766b388285d39f", "375c5bef000000000d4600"}}}}}}}, 0x0)

1.706007483s ago: executing program 4 (id=1721):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f0000000080)}, 0x4800}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x3, 0x1000000, 0x0, 0x30046, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

1.665706224s ago: executing program 3 (id=1723):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pipe2(&(0x7f0000000c40), 0x4800)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
socket$inet6_udplite(0xa, 0x2, 0x88)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f0000000280)={[{@nouid32}]}, 0x1, 0x71c, &(0x7f0000000f40)="$eJzs3U1rXNUbAPDn3mb+yb+NJoKKLyAVxYqlkya2lK6sC9FNMVBwm4bkJsTc9MbMTG1CF+nKrYii4Ea/gxtXims/gF9BQbTURV1F7mQmfZtJpppkIPP7wZ15zr03ec6ZCeeBnGFOAAPrZPmQRjwfEdNJxFjrfBIRlWY0FHFp+747t2/OlUcSW1tX/kia95TtuO9nSiciYjMinouInyoRp9NH89bWN5Zn8zxba7Un6iurE7X1jTNLK7OL2WJ27eK5c1PnLpy/eHH/xvrG+x88Wz3/zuj30wszpyZ//S6JSzHaunb/OPbT9mtSKV/CB7x7EMn6KOl3B/hXhiLiWOv5mRiLY80IADjKtoYjtgCAAZOo/wAwYNr/B2iv7R3UOlg3v78dESOd8g+11sxGmuuQx+8kD6xMJBExfpgd5UjavBURV8dPPvr3lzyyZvu4zu5HBzlQP5bzz6VO80+6M/9Eh/lnpP3Zif+o+/x3L/+xLvPfdI853nuxUXTNfyvihaFO+ZOd/EmX/Fd7zP/D3fm/u13b+jbitY71J3kgV/fPh0wsLOXZ2e3HzjlONm5+uNv4j3fJv7nH+Fd7HP/oZy//vLlL/tdf2f3975S/rImf9pj/k8pbX3S7Vuaf7zL+vd7/b3rMf+GljzZ6vBUAAAAAAAAAAAAAAAAAAAAAAAAAAACOhDQiRiNJqztxmlar23t4Px3H07yo1U8vFI1r89HcK3s8Kmn7q5bHtttJ2Z5sfR9/uz31UPvNiHgqIj4f/n+zXZ0r8vl+Dx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWk48tP//X8Pb+/8DAEfcSL87AAAcOvUfAAaP+g8Ag0f9B4DBo/4DwOBR/wFg8Kj/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAByy6cuXy2Przu2bc2V7/vp6Y7m4fmY+qy1XVxpz1blibbW6WBSLeVadK1b2+n15UaxOTUXjxkQ9q9UnausbMytF41p9ZmlldjGbySqHMioAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeDyjzSNJqxGRNuM0rVYjnoiI8agkC0t5djYinoyIX4Yrw2V7st+dBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB9VlvfWJ7N82xNIBAIdoJ+z0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw+O5t+t3vngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAP6W/JRFRHqfGXh19+Or/krvDzeeI+PjrK1/emK3X1ybL83/unK9/1To/1Y/+AwB7adfpdh0HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE5q6xvLs3merR1g0O8xAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwf/4JAAD//68fzsc=")
mq_open(&(0x7f0000000580)='.&(]&#!@(-\xb2-\x00', 0x1, 0x4, &(0x7f00000005c0)={0x4, 0x8, 0x0, 0x6})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000fdffffff03000000400001802c0004001400010002000000ac14140f000000000000000014000200020000000000ffff00000000000000000d0001007564703a73"], 0x54}}, 0x0)

1.325342499s ago: executing program 4 (id=1727):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = dup2(r0, r0)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, 0x0)
timer_create(0x0, 0x0, &(0x7f00009b1ffc))
timer_delete(0x0)
mkdirat(r1, &(0x7f0000000000)='./file0\x00', 0x21)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000180)=ANY=[@ANYRES8=0x0, @ANYRES16, @ANYRES64, @ANYRES16=0x0], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
r2 = open(&(0x7f0000000300)='./file0\x00', 0x145142, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x2000000, 0x14, 0x0, &(0x7f0000000080)="f6f4e9a10000502468da5eb1c6b2feff8833c000", 0x0, 0x86, 0x0, 0x31, 0x0, &(0x7f00000001c0)="daf9e846ab156efc71b59652333536dbfd26a6d0546366e36eb77dd0aaa2dbe567d168904cf0d5bce1771889c98ffc0abf", 0x0}, 0x50)
ftruncate(r2, 0x2007ffb)
sendfile(r2, r2, 0x0, 0x800000009)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x28, 0x3, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x9}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4040805}, 0x84)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="05000000040000000800000008"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r8 = socket(0x400000000010, 0x3, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x8, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x7, 0xa, 0xfffffff3}}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)=@newtfilter={0x234, 0x2c, 0xd2b, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r10, {0x9}, {}, {0x7, 0xf}}, [@TCA_RATE={0x6, 0x5, {0xae, 0x9}}, @filter_kind_options=@f_flow={{0x9}, {0x1fc, 0x2, [@TCA_FLOW_PERTURB={0x8, 0xc, 0xd}, @TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_DIVISOR={0x8, 0x8, 0x5}, @TCA_FLOW_ADDEND={0x8, 0x5, 0xd}, @TCA_FLOW_PERTURB={0x8, 0xc, 0xffff}, @TCA_FLOW_ACT={0x1c8, 0x9, 0x0, 0x1, [@m_mpls={0x68, 0xd, 0x0, 0x0, {{0x9}, {0xc, 0x2, 0x0, 0x1, [@TCA_MPLS_TC={0x5, 0x6, 0x1}]}, {0x33, 0x6, "f8045590eb5987de79436918cc538eb5841b5f2c89098ffeeb4900db46ab16b298989684fb049da0ff83c38712b549"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_mpls={0x84, 0x12, 0x0, 0x0, {{0x9}, {0x14, 0x2, 0x0, 0x1, [@TCA_MPLS_PROTO={0x6, 0x4, 0xd7bc0869171f1b42}, @TCA_MPLS_LABEL={0x8, 0x5, 0x55db3}]}, {0x45, 0x6, "bac85042acfa4254c7c8b380bc643d5bfab897feaaad80946c466e4a8607a87fbca373a48d5127aca40c5c8bc355f304d8aa9a8bc2b811165e702b84a3d09d3dcd"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_skbedit={0xd8, 0x1b, 0x0, 0x0, {{0xc}, {0x34, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0x200, 0x80000000, 0x20000000, 0x2, 0x2}}, @TCA_SKBEDIT_MARK={0x8}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x5}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0x8, 0xffe0}}]}, {0x7a, 0x6, "6651a22282f8c9dc41cf681a68e8885e4feba9a0a3ec64b85f64cb630eddd7736bad2dfa4761777d8326c0b965a52ea658b255bfb2f34db0d02766bbefc55b4d33cbe16fcccf4e67252695c9397754b9bcf24318800dadb56ab5fcd3f7f4899ce7fdd3c26d2dd2820f0eead8fdd80416091dfcac0bf4"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}, @TCA_FLOW_BASECLASS={0x8, 0x3, {0xffe0, 0x1}}]}}]}, 0x234}, 0x1, 0x0, 0x0, 0x2404c044}, 0x24044094)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r7}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r6}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
fstatfs(0xffffffffffffffff, 0x0)

935.033455ms ago: executing program 4 (id=1732):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x98590, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_config_ext={0x5, 0xa5d4}, 0x4c58, 0x5, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
getsockopt$WPAN_SECURITY(r1, 0x0, 0x1, &(0x7f0000000500), &(0x7f0000000680)=0x4)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0xf)
fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
ioctl$BLKTRACESTART(r1, 0x1274, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELTABLE={0x20, 0x2, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x48}, 0x1, 0x0, 0x0, 0x4048000}, 0x880)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
perf_event_open(0x0, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000000)=@encrypted_update={'update ', 'default', 0x20, 'trusted:', 'l\xf0F\xfeo\xb3\x04\x19\xb7\xbd\x8a\xfcP\r\xb6\x1d\xc7v\x06]\xe9\xdd\xa2W\x8b\fFsj\xc9\xd8\x1f\"\xd8\x1e]\xcc\xff]\x12\x85\xc8\xa8\x84K\xb3\x1e\x19\f.@\xc7\x19Iqv;C\xcf=tN\xb3\xf9\xbb@\x8f\x9d\xfc\x9e\x19\xdeq\xa90\x03&'}, 0xffffff67, 0x0)
sync_file_range(r0, 0x80, 0x1, 0x4)
syz_emit_ethernet(0x4e, &(0x7f00000003c0)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010102, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0xb, 0x0, 0x0, 0x0, 0x0, {[@window={0x3, 0x3, 0xea}, @md5sig={0x1d, 0x12}]}}}}}}}, 0x0)
sendmsg$NFT_MSG_GETRULE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="44000000190a010200000000000009000000000000007a2000c9afed864e327a"], 0x44}}, 0x0)
sendmsg$IPSET_CMD_SWAP(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f0000000280)={0x48, 0x6, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x48}}, 0x4008011)
recvmmsg(r4, &(0x7f000000c2c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

934.225585ms ago: executing program 3 (id=1733):
r0 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
perf_event_open(&(0x7f0000000540)={0x2, 0x80, 0x2, 0x1, 0x1, 0x0, 0x0, 0x3, 0xd21, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0xffff, 0x1, 0x1, 0x9, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
fgetxattr(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="75736523e70c4ce3d6e95fcbfe6cff0d1b760bf22e00"], 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r2}, 0x9)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000680), &(0x7f0000000640)="fdff27", 0x5, r4}, 0x38)
pipe(&(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = socket$inet_udp(0x2, 0x2, 0x0)
close(r7)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000040)={0x0, 0x2000, 0x0, {0x0, 0xa}, {0x1}, @rumble={0xfff9, 0x8}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4808000010001fff3a4ee9bfd5c3a3696c40af0b", @ANYRES32=0x0], 0x3}}, 0x0)
setsockopt$inet6_udp_encap(r3, 0x11, 0x64, &(0x7f00000002c0)=0x3, 0x4)
write$binfmt_misc(r6, 0x0, 0x0)
splice(r5, 0x0, r7, 0x0, 0x4ffe6, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x12, 0xd, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES8=r4, @ANYRES16=r2], &(0x7f0000000000)='GPL\x00', 0x0, 0x2a, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000002, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8, 0x0, 0x2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x69, 0x7ffc0005}]})
io_setup(0x1, &(0x7f0000001300)=<r9=>0x0)
io_destroy(r9)
write$selinux_access(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a7570647077645f657865635f742073797374656d5f753a73797374656d5f723afaffffffffffffff3a73302030"], 0x56)
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
openat$procfs(0xffffffffffffff9c, &(0x7f0000001080)='/proc/sysvipc/shm\x00', 0x0, 0x0)
ioctl$SIOCX25SFACILITIES(r5, 0x89e3, &(0x7f0000000300)={0x1e, 0xffff, 0x8, 0x6, 0x4})
close_range(r10, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40500000000040079103000000000001e500000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

886.004756ms ago: executing program 0 (id=1735):
socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000000)={<r0=>0x0, <r1=>0x0})
close(r0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x18)
recvmsg$unix(r1, &(0x7f0000001700)={0x0, 0x0, &(0x7f0000001600)=[{&(0x7f0000001740)=""/4108, 0x100c}], 0x1}, 0x0)

844.393636ms ago: executing program 2 (id=1738):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x2, 0x4, 0x4, 0x1, 0x500, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x6, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000000000001820", @ANYRES32=r1, @ANYBLOB="0000000000000000710305000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='mm_page_alloc\x00', r2}, 0x18)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x2}}, './file0\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r4 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000040)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_MSG_RING={0x28, 0x40, 0x0, r4, 0x0, 0x0, 0x34, 0x2})
io_uring_enter(r4, 0x627, 0x4c1, 0x9, 0x0, 0x18)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000340)='percpu_alloc_percpu\x00', r8}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x7, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="620ac4ff000000007110b300000000001801000000006c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000003000000850000000600000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x4d0, 0x0, 0x25, 0x148, 0x340, 0x60, 0x438, 0x2a8, 0x2a8, 0x438, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x20, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0x9, 0x8001}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x530)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080)={r2, r0}, 0xc)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/time_for_children\x00')

820.793337ms ago: executing program 4 (id=1739):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000188500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0xb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000004c0)='kmem_cache_free\x00', r1}, 0x10)
mount_setattr(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000200)={0x5}, 0x20)

790.078388ms ago: executing program 0 (id=1740):
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r1, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_256={{0x304}, "7817765dc5914c3d", "c0a9b92b592a8e91a6934cb6b7b18f7a7a6eaa9cbd8ef3b0fbc326100136e976", "58a190f0", "2a1e833e7af32011"}, 0x38)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000280)=@gcm_256={{0x314}, "54164ace389ff5c0", "faad50724acb18aba4e3bc654d684ad9c694f3e96ca4b72643dd3689727968e9", "5cb6d054", "29a78ab9b0a4e8ae"}, 0x38)

789.365158ms ago: executing program 4 (id=1741):
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', 0x8, &(0x7f0000000d40)=ANY=[@ANYBLOB="71756965742c646f74732c646f733178666c6f7070792c6e6f646f74732c646f74732c747a3d6354432c646f74732c757365667265652c6e2f646f74732c646f74732c6e6f646f74732c6e66733d7374616c655f72772c6e6f646f74732c756d61736b3d30303030303030303030303030303030303030303031312c7379735f696d6d75746162000000006f74732c747a3d5554432c646f74732c646f74732c6e6f646f74732c6e66733d6e8182ffffffffffff6f2c646f74732c00"], 0xfd, 0x1c1, &(0x7f0000000a80)="$eJzs3TGL02AYB/Cn9WxzTrcJohBwcTrUT3AiJ4gBQemgk8LpchXBW6LL9WP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN9+dn72/ePvl+udIkl70T+IkZr04in4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvosTZOI6SQf5aPyscwfPc5O76Y/HNWrpnk+urLM76XN3w7z/Gpcq/L75fp0NR/EndtlPs8ePs0a+TDOtrt1AAAAAAAAAAAAAAAAAAAAAADozK1IF3473+f4uJkfVnl59NN8oMb8noO4cVAd1uOBiss2NgUAAAAAAAAAAAAAAAAAAAD/mIuPn85fj8dvPtTFMCJWn/mTole98IbL2y76sRNtKP5qke5GG+MNPwWDiNhWY7OiKNY6ub5GDLu6OAEAAAAAAAAAAAAAAAAAwH+m/tPvr1kSMeiiJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoW33//w2Ky4hY4+Tlmx12ulUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD22PcAAAD//4MxNeA=")
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_io_uring_setup(0x232b, &(0x7f0000000280)={0x0, 0x76d1, 0x4000, 0x1, 0x29a}, &(0x7f0000000200), &(0x7f0000000300))
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r2, 0x10, &(0x7f00000009c0)={0xfff, 0x0, &(0x7f0000000700)=[{&(0x7f0000000380)=""/43, 0x2b}, {&(0x7f00000005c0)=""/172, 0xac}, {&(0x7f0000000680)=""/119, 0x77}, {&(0x7f0000000400)=""/27, 0x1b}, {&(0x7f0000000800)=""/149, 0x95}, {&(0x7f0000000540)=""/15, 0xf}, {&(0x7f00000008c0)=""/171, 0xab}], &(0x7f0000000980)=[0x0, 0x2, 0x8], 0x7}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffc5d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000fc0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="3000000000800000000000000000000018110000", @ANYRES32], 0x0, 0xfffffffd, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYRES8=r2, @ANYRES32=0x0, @ANYBLOB="800000000000000024001280090001007866726d000000001400028008000200020000100800010003000000140003007866726d3000"/64], 0x58}}, 0x4c0c4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r5}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f0800034000000004640000000e0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000380003803400008028000180230001"], 0xf0}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$peeksig(0x4209, r7, &(0x7f0000000100)={0x8000000000000000, 0x1, 0xfffffee8}, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000001200)={0x0, 0xffffff5e, 0x1ff, 0x0, 0x56, "001bf100eeff0000a2c2000100000000002000"})
syz_open_pts(0xffffffffffffffff, 0x101)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_virt_wifi\x00'})
socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x3, 0x300)
r9 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r9, &(0x7f00000002c0)={&(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000100)=[{&(0x7f00000001c0)='i', 0x1}], 0x1}, 0x40)
recvmsg(r9, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x102)
sendmsg$inet(r9, &(0x7f0000000f80)={&(0x7f0000000800)={0x2, 0x3, @local}, 0x10, &(0x7f0000000e40)=[{&(0x7f0000000000)="0f", 0x1}], 0x1}, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000340)={'veth0_macvtap\x00', <r10=>0x0})
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r11, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000e00)=@delqdisc={0x24, 0x25, 0x100, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, r10, {0xf, 0xf}, {0x1, 0xffe6}, {0xa, 0xc}}}, 0x24}}, 0x40000)

788.923668ms ago: executing program 0 (id=1750):
r0 = perf_event_open(&(0x7f00000007c0)={0x2, 0x80, 0x67, 0x1, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x1, 0x7, 0x0, 0x0, 0x1}, 0x0, 0xffffffbfffffffff, 0xffffffffffffffff, 0x0)
r1 = getpgrp(0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
pipe2(&(0x7f0000000500)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80000)
r4 = perf_event_open(&(0x7f0000000100)={0x1, 0xfffffffffffffe10, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x95, 0x3}, 0x100002, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000440)='device_pm_callback_start\x00', r6, 0x0, 0x3}, 0x18)
sendmsg$NFT_BATCH(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a90000000030a0300000000000000000002e000000c00020000000000000000010900010073797a30"], 0xb8}}, 0x0)
fcntl$lock(r0, 0x5, &(0x7f0000000300)={0x2, 0x2, 0x40, 0xff, r1})
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x23)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000006000000000084e27fa40000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r7}, 0x10)
r8 = io_uring_setup(0x7bda, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r8, 0x18, 0x20000000, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r9, 0x10e, 0xc, &(0x7f0000000140)={0x6}, 0x10)
write(r9, &(0x7f0000000000), 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="28000000100001000200"/20, @ANYRES32=0x0, @ANYBLOB="200040d7c0ab35e95ab78d7ed2fc023d89d09f6014fda0beb92275099e5c24"], 0x28}}, 0x41)
bpf$MAP_CREATE(0x0, &(0x7f0000002700)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001cc0)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x100, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sys_exit\x00', r7, 0x0, 0xfffffffffffffffc}, 0x18)
io_uring_setup(0x332, &(0x7f0000000080)={0x0, 0xfffffffe, 0x10})

773.882988ms ago: executing program 3 (id=1742):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="68377863ac6ea61666eaa696435a75f1626fe3a3acedcaf71527ff51d446daac757559d2d6fc2b90952355ec6c61d718c91784312b1b4771888a0811895b02ffb658934b0bbd6466c9cc04cc7252f1f1deea5a8b9c6797c8f1263db526cf88899f7ecab544662eb34743cefb660a78cb9468d2900b3cda4cca9d89ab6d341d145acf249276dda272407bc98d9e5431316d468b9e4750f2316589dc4de3157592d27fd723a512c85b08035842b75ec422346f9696f4bb3226b0ca75d135ebd8cae46fb83b71c103e1fdcb1934fd1d28b4916abe2c44e26ea72be426c27052e816212096000155788943b846746ccb492175fc9e01", 0xf4}, {&(0x7f00000003c0)="5453b4b759f9d4f4f33bda880b70e0dadde06223919f4585429ef69078a4956f646ea03bfd4c090a003c01f32b1a175baf38c1eb4572c8b372a4cf9128062e58ff575546876a2804144c3aea98c4a3533396f87e860de8c66bceb0e6b387ec853b7e91c57587d38436637e702ae18eeccefdcd7a3cdd7bfc327b5d619b57d56afe1628b65e2948af5ee0e3f52746a5aff58bb7c6d253a58bf745584d1bc19fe5e42b5534eab9e9d2587b413e81f68b60f56130f82b327f5fe900e3e107bc6b783d1d23a056426d6502133386b51e657046c1c43a2a2c4a7611ee6592a5ee08700d24d832163b3def1f", 0xe9}, {&(0x7f0000000640)="d48c8225ddfdf2c06c27763617468581389d34126760ba3dd0fe077a7c2ce378dd62cafeeb4ba1493766d09fd561d69a5bf8109ffcd3e43d8c16b9c3fa92d4439c5af1fa4775d01dcf0748a24ab51b52fbe75287a4b9aaa18fd479bdd154b4efe531a242d90a1ca2799c242bfd4ddd8271448d3415bd3a907ad340dc2fa2471393212d02eb25242808cffdc4e7a646211c18ac8602f5fc1e4f82b72871a8d42f37988365ff226c1523bf01617976641421438e16378094c94f2e55a44150d9a358d92606afb12f21a63daadbb143d6ccdae88d53521b9fe51ffa", 0xda}, {&(0x7f0000000040)="f96be6c391f1f8b23ae44a70a75f4a5ed0e013f80882907ab089ee65d16a6c6f5c666dad31257fb48b66d940a3819d0809971ea8274a65901b", 0x39}, {&(0x7f0000000740)="f52ec22aafecc37a6d9995f1afb5c1727f223f9b84451a110b1dfbf19cc7ed183ba93f6d55645001887fc999262b9c938e22ef5ec46b4b1b535060dcca5cff1f0e5a1d9b32cef2b6e0a61af7968dc1759c4d901867d7d6e9f2521f6a1578e1cc2fbf58837a2633c0b8299192718c61227412dafd01e899723b33735bbec3e1429117362acc4139fc3565f183bd5568f47f4bc416adb360fdd9c497c2ad2ffe1ad738f4c073f1378d2b455e61844076a4a97ac1e13e2fb300ae69d55c501f96dcc39bf7ed835cc866f0fbd8e936e8374a484f111919dc610e0a36a0ee3df2ab1dc34cea42a4292e2fbaa86875a506bdd81fbb3dc5", 0xf4}, {&(0x7f0000000200)="057322e18609ed78266492c2a2ae3f0c0f3f6394c53de2727898d209dcb274efec9fc9995189ead7bf00148d091675fa045479985e4f644d258d0aa4a69618eb08ba045907a549ed83b88863c73d859acf1d16d599c71547d018aba5064338", 0x5f}], 0x6}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="acc870bde54caaeacb0000108cef4fa7bf44702b284b2e80cb32d33a86853c8c28797cd14c72c87f849f6ccbf3198d11a0b1ef000000000200000088e0e022b04dbd50d36f3c028c27ba000000", 0x4d}, {&(0x7f0000000840)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc48755381c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e461725b5e437323385b88c368f8bb5b933aa9169f5f7b51dd5319b8016623d1863d70581691a79a6678db1e5e7fa1c98c5b9e4a87272e9c4a1bd98dbb2ab76919ba5c1020e80bd0659e82d861dc6fe4c62639134c504aa438689d28748c22ebfe2772d64b64e706d94864d785dcc6b24fff785", 0xde}, {&(0x7f0000000e80)="5be3b011e12323e4ab88c0472f0700000000000000e71ba6231f303d2db97401439932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19545f7a1dcf1449fd59eecae5f52fba1e89d6d34b39297bbbc2580600000000000000d6e36e737691a1c6bd2a64b2a85cbaaf646e72f8fe08c33a33b275787892f61fbb621794716f96031931b55af30fa01d72aa5a53ee4c07ab7c96a4a9ed93f4d20269982ab6feb22d8e77afb7b861622ab963b07f0026fd6424082bcd0864a854e542aacc3201fff776fe1c000000000000000000000000000000002da46e8a95bcead77a244256266fe952d151a841aaa0c9c727bf08c37869c70d6aed073d6bb9fb037a079b697f3ba963ba49b6aecdc3e839ae25d497b0e60408b8e0a9931aeb1be35eea2a22fa50d66a634804121bde6a4a2d7a23c08d8237aac90c577c24f4ec2949d9202659fe626262e0764eed651fe91d276cd8918ba1a079c716281613b127eca886d75e994a1b41314ff21f5a4fd8a7e55c65b2eebabf0db0268c53503bb30995", 0x185}], 0x3}}], 0x2, 0xc0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000040000000030a01080000000000000000010040000900030073797a320000000014000480080002400000000008000140000000000900010073797a300000000088000000060a010400000000000000000100000008000b40000000000900010073797a3000000000600004805c0001800b0001007470726f787900004c00028008000340000000160800"], 0x110}}, 0x4008004)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0xfffffffe}]}}}]}]}], {0x14}}, 0xd4}}, 0x0)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000a00), 0x8000, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000a40)={{{@in=@local, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@private0}, 0x0, @in6=@dev}}, &(0x7f0000000b40)=0xe8)
statx(0xffffffffffffff9c, &(0x7f0000000b80)='./file0\x00', 0x800, 0x800, &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000d40)={{0x1, 0x1, 0x18, r1, {r4, r5}}, './file0/file0\x00'})
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

768.640068ms ago: executing program 2 (id=1743):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x5, &(0x7f00000027c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000f000000970000005000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x13, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r0}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x480, &(0x7f0000000000), 0x1, 0x786, &(0x7f0000000f80)="$eJzs3c9rHGUfAPDvbLNJ37Tv27zwwms9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQkCLCF4EFQ+CXnq2Wm9e/XHVP8C7B2mpmhYjHiQym9102+ymmzSbbdnPByZ5npnZfOc7z8w8T3aG3QD61mj6IxNxOCI+SCIO1ecnEZGtlQYiTq6vt7qyXEinJNbWXvstqa1ze2W5EE2vSR2oVx6LiO/ejTiS2Ry3srg0ky+VivP1+nh19sJ4ZXHp6PnZ/HRxujh3fGJy8tiJZ08c371c//hx6eCND19+6suTf73z/2vvf5/EyThYX9acx24ZjdH6Psmmu/AuL8Vbux2up5JebwA7kp6a+9bP8jicpOWBXm8SANBl6Sh0DQDoM4n+HwD6TON9gNsry4XG1Nt3JPbWzRcjYv96/o37m+tLBur37PbX7oMO307uujOSRMTILsQfjYjPvn7jajpFl+5DArTy9uWIODsyuvn6n2x6ZmG7nu5gndF76hvxf8o+YHTgfr5Jxz/PtRr/ZTbGP9Fi/DPU4tzdibbn/4bM9V0I01Y6/nuh6dm21ab860b21Wv/ro35ssm586Viem37T0SMRXYorU9sEWPs1t+32i1rHv/9/tGbn6fx09931shcHxi6+zVT+Wr+QXJudvNyxOMDrfJPNto/aTP+Pd1hjFeef+/TdsvS/NN8G9Pm/Ltr7UrEky3b/84TbcmWzyeO1w6H8cZB0cJXP38y3C5+c/un0+rK8loScXX3M20tbf/hrfMfSZqf16xsP8YPVw59225Zi/wLjf+F1rU+/geT12vlwfq8S/lqdX4iYjB5dfP8Y3de26g31k/zH3ui9fm/1fGfjk7Odpj/wI1fv9h5/t2V5j+1rfbffuHa6sy+dvE7a//JWmmsPqeT61+nG/gg+w4AAAAAAAAAAAAAAAAAAAAAAAAAOpWJiIORZHIb5Uwml1v/Du//xXCmVK5Uj5wrL8xNRe27skcim2l81OWhps9Dnah/Hn6jfuye+jMR8d+I+HjoX7V6rlAuTfU6eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoO9Dm+/9Tvwz1eusAgK7Z3+sNAAD2nP4fAPqP/h8A+o/+HwD6j/4fAPqP/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAuO33qVDqt/bmyXEjrUxcXF2bKF49OFSszudmFQq5Qnr+Qmy6Xp0vFXKE8e7+/VyqXL0zG3MKl8WqxUh2vLC6dmS0vzFXPnJ/NTxfPFLN7khUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbE9lcWkmXyoV5xUegcJAvdUelu3ZUSHTSGKvgg52K4uHYGd2r9DDixIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI+SfAAAA///WoyFe")
mount(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
socket$packet(0x11, 0x3, 0x300)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000c80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7f8fbc9cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b2cdf41dc10d1e8bf076d83923dd29c0301000000010000003d5d78c07fa1f7e4d5b318e2ec0e0700897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6e70af07da5ceb01b7551ef3bb622003b538dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0476619f28d99cde7a6b73340cc2160a1fe3c184b751c51160fbce841dfebd31a08b32808b80200000000009dd27080e71113610e10d8fb9c2aec61ce63a3462fd50117b89a9ab759b4eeb8cb000067d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0180aabc18cae2ed4b4390af9a9ceafd07ed0030000002cab154ad029a119ca3c972780870014605c83d7d11c3c975d5aec84222fff0d7216fdb0d3a0ec4bfae563858dc06e7c337642d3e5a815212f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a46939868d75211bbae0e7313bff5d4c391ddece00fc772dd6b4d4d0a917b239fe12280fc92c88c5b8dcdcc22ee1747790a8992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5cc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffff7f23877a6b24db0e067345560942fa629fbef2461c96a08707671215c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e42e50adab988dd8e12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859adfe38f77b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2499d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc874b2f663ddeef0005b3d96c7aae73835d5a3cda9e90d76c1993e0799d4894ee7f8249dc1e3428d2129369ee1b85afa1a5b6154eb2eea0d0df414b315f65112412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7ade8a5b859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10d82eafb03062e95196d5e3ffea0000000000000be959096ea948cfa8e7194123e918914a71ad5a8521fb9553bc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c63ebb4380b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989177a1bcd1e30280bc586e79a5dd80701018e7d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fc03000000000000001547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f0000000011d415b6b085fb73a2c7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aac029d15af607ad83532ff181c985f54b39370c06e63055b4d6a36fa98a44e379d28307c9912fb097601f3f88a2ca6fd1f9320cfe7fc8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589c95d8ad67a65e9a44c576dc24452eaa9d819e2b04bdd1c000000070000000000000000000000005333c6199c12dcd926891927a7267c47cf897853d160100b39b613faefe16bed1fc105dddd77ab929b837d4442d13d5a29179a00837918dd7854aa17eb9fbdc2bdc0e98ae2c3f23a6131e2879f04ff01000030b92dd493be66c2242f8184733b80ba28e8ffffff7f00000000bb2f89049c5f6d63d56995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99040b5d91398e17df85c25ccae973eecc7d187168d5c9cd848d566cc17587641ed01889c927da38d83314480b15e23138c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5d371c61f550e9d86aabda45706bda78ab60200000000000000000000000000000000000000706f78f0a2ea9667fb5b951808545a46830970c2dfae01adbda7d29bf1f7abdaf52e0de6f9d7150808ed086642e64ebf98762b34338b80e41b704c3eefaf0bb5ff070000000000000ea15ccc0d7a830b6eb33b6b61675511d693ef5e3c44bbf71cabc5f45c879e7499f8baae2a1a09cf38da73297764fbc0e723e1cc3abb12e3076982ed32c94a2ce3e6f37c47e983da4ca5c96187db5a2a2e1742bc93a65d7187126126b3a80f17dd2f7dbbe82d104ede9ba6925afc2ee6cb94f56f1363cad635abf8f983292c49c0ebf5005154c7b58a3a2a2ea86d2fd92b8661264f781e3fb02d05a28f3f17b64d0258853d45cb5ebde10cd3d82eeed2f1ed925b7cf400304932c5ed0a362b235ce37e1f17700f7d1fecf8be8a2c5d25a9c60657560d05441387ff158a018d19a286c58684a1d2f624c3eb59d509ee89cc2df52881d005b2e5c27563ba54e4153c132d0366aa660000000000000009c1aaec93ec0f925921fb2e9eb202a29bef28224dbabe723de5c584bc398a8792e493048c87f60a51a391e95921218149403558fd13c649f90b0911d57eeb298b590581eba1ce383b539ab80fd15445987b1bb4eb512545e1ab65fef3103ce10b1ee362b51c72f82edf2f502ddf52567775e34a56d1be892f1e62b08950d517fa6fb1b0ef2edf1b67f8644786116b037d4a36fdd30b000063e58c856ec44cbbc2d370553f832af9480215e09aaa3843fe360b1c293a14627f2cfbe278f31d0abc0f5aaa10926dbbfe8a4b131c13a73d4e6d065c2c0fed3ab8442520ce0e0ad7d2d177377ab197ace3ef8b1c24ceb0bdee84bd6e6317633938dd19dc42de7f8f860eca6d9c74525fcd3497526df4c13e3ba5f0d75365a4542ae9440d2fede416d618cdaaf7e038879c5d177b3876fda4121e00000100000000003edd3d43cc64e0d26b46907b42e08d000000000000903350932d3eef7fdada20c19807066e2c72d0d816eb9fa50be213bf6bbb7ccb9f2e8a153e6ced68f192ebed6e86af0f2cec7335fa8039fd6eb025440bc2a34d071f0a0e6774308a74748b8cd994ed368695aa2c5986aa9200a1306ffa5a71ca69e89a6980612b35fc858f37c2c398515a910a35e22ab0573c10b85df4c2972a2fb8b9c080fbb41a753791df727fdeaded2930376eda31312256191c620cce34d1e3bf40a4a207ab1575b399eb8155781bfc7cb5920b49c039935a888d77041894f60fbbcafa487ee96b368e8769da90b44190e569fe8b923c32c288baaca5c5558b5a78bb43e5d9e47a1d5809bb178184b5672d08e29aecf1f572ac1e6cab7e820751e95999b7532603494d37a2bff35a9eec46dfc8a52433f605ebf151c837b4966b5f3628a406175a87e32c5e4268d3000933b580415b162e2946446b8f02554c8a1225217d69d049685dd06aa8528673a9673a723ac414af77f523ad730d00e8700c213f95c87a94f39f506b9e000000000000000000000000000000000000000000000000000090668ac41a1c2a4f7831e6c6a3e9c68ca2c449482bb70a994e71a7f24873848fbb128c820c1de19cc003dfa65a2b296caeb1253802080e08eeb724c4c7b7e052afa19b0f2cd7a13bda4b5a8f3b8fa3ca70bb756a3d529718d5c79d9bdb89e5d33793533211d76d00a45079eff797476106bf76f1fed952a7c9162b88911b5b00c3d26fd2fb4d7b29d1ce025e102d458efd5cca3f3835ce760359eaa01cb13cb28d60e8942fdc02b6824c00dac62f8a2d4c680ae284a82f09d6641921536814b444e4188d9b2e97eb3b108e7876f0f3f3863147ab694218c7cecc075d52d590dddbb57fc6fedf5ec69d7894a7b5c8109f303dab998815c80534b0bd34c49eea63997e56728a8185a8bb6988a7197b87f5548f5edfdfb3efc907fe561b33a6f7c707f7828c6adaf3b2a39929b4b65253e787d65c08aff5e4a9b2267bd8f803ea38f10a6e9c4a49bf23525e08c12d229211fe4d88cf1440f29accfa50f327ac1fb20d7f164100111bd21fca713b2475f1c997f3000000000080c426bcec79c6bc83ce4e6cbb17c01be69db342192d0a716cc24710d23321441f475ec485d642b61c6bd907071dbbe37c0b78f60fd2ad0d13ca62d9d9aafb01c3920b64cb5e023810e2de4327f90c389ce36d90ff9f3cb9d8cd2260d05a8126943a3df17157470595c68ac8df7fea6d42ecb2cdb65b4f2aef0db2b2de949a6d4ec37f2fd693ae44944041a64fe6336aba1c66b1b95d2edbc40364a049616ae962d75eae619548aa86bd5f0bad56e7ad7de2ee5e6f3b42e3a27094b6b5face99456d9af1926b21d37faf7612d9752cf58e6424decd530b5419e117ec08647566b1bdd75d6a9a1e600aaf0f42ce94b4725d4c2da80150dc34e5975d6904f061ed9a7608959f2d24ee6ec4f2395d16e02f53c746f74b12013f738d76456c3407188eff97f31ca36e5d79e1f1c7c3b688ee21d37ba5ebf4afc2a61f16"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x55, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
socket$packet(0x11, 0xa, 0x300)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe06, 0x1000000, &(0x7f0000000100)="b9ff030f6044238cb89e14f088ca1bff430500001100630377fbac141414e000000162079f4b4d2f87e56dca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)
r4 = inotify_init1(0x80000)
inotify_add_watch(r4, &(0x7f00000002c0)='./file0\x00', 0x500082c)
lsetxattr$security_selinux(&(0x7f0000000400)='./file0\x00', &(0x7f0000000000), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x109)
sendfile(r5, r5, 0x0, 0xb)

590.572981ms ago: executing program 0 (id=1745):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)

478.835353ms ago: executing program 2 (id=1749):
r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x8401)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000001500000000000800000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x7ff, 0x5, 0xc, 0xfffffffffffffffd, 0x59c, 0xffffffffffffffff})
ioctl$SG_BLKTRACETEARDOWN(r0, 0x1276, 0x0)

466.991903ms ago: executing program 0 (id=1751):
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x4)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SCSI_IOCTL_GET_PCI(r1, 0x5393, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
keyctl$instantiate_iov(0x14, 0x0, &(0x7f0000003580)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0xffffffffffffffff}], 0x9, 0x0)
mkdir(0x0, 0x111)
mount$bind(0x0, 0x0, 0x0, 0x2901090, 0x0)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x10000)
r3 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f0000000000)=0x1bc, 0x4)
sendmmsg$inet6(r3, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
unshare(0x20000600)
recvmsg(r4, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r5, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000005, 0x8031, 0xffffffffffffffff, 0x0)
read(r3, &(0x7f00000001c0)=""/205, 0xcd)
socket$inet6_udplite(0xa, 0x2, 0x88)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
r7 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r7, &(0x7f0000002240)=[{&(0x7f0000001000)=@in={0x2, 0x4e23, @local}, 0x10, &(0x7f0000001040)=[{&(0x7f00000010c0)="13", 0x1}], 0x1, &(0x7f0000002180)=[@sndinfo={0x20, 0x84, 0x2, {0x3, 0x2, 0x5, 0xfd9}}, @init={0x18, 0x84, 0x0, {0x4, 0x6a3}}], 0x38, 0x40010}], 0x1, 0x240000c0)
sendmsg$nl_xfrm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="7c01000019000100000000000000000000000000000000000000a1ca20e20018c31414bb00000000000000000000000000000000000000000a00000000000000", @ANYRES32=r1, @ANYRES32, @ANYBLOB="fcffffffffffffff00000000000000000000000000000000000000000000000000fd57ba0e7f51726d0000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0000000000000000000000000000000000000e0ffffff00c4000000ac1414aa000000000000000000000000000000eb3b00000000000000ffffffff00000000000000000000000000000000000000000000000000000000000000007f0000010000000000000000000001ac1414aa00000000000000000000000000000000000000eeffffff000000000000000000fe880000000000000000000000000001000000006c00000000000000e000000100000000000000000000000000000000000000000000000000000000000000002497c1ef33d784111c2686ee49279c413436f172c987edd0b226ee0138aa45999ab9c10307c60b68c75637042a277556517015776ff59378a88f155ed45f33dd9e6dafb6364836f195559d3b27ed740b27b371261c640b08a690da21b617ef326dc21d04d31cd11f8712c41f93706c4dd13e1e55"], 0x17c}, 0x1, 0x0, 0x0, 0x1}, 0x0)

414.708534ms ago: executing program 1 (id=1752):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000188500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0xb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000004c0)='kmem_cache_free\x00', r1}, 0x10)
mount_setattr(0xffffffffffffffff, &(0x7f0000000000)='.\x00', 0x0, 0x0, 0x0)

414.185544ms ago: executing program 1 (id=1753):
r0 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
perf_event_open(&(0x7f0000000540)={0x2, 0x80, 0x2, 0x1, 0x1, 0x0, 0x0, 0x3, 0xd21, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0xffff, 0x1, 0x1, 0x9, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
fgetxattr(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="75736523e70c4ce3d6e95fcbfe6cff0d1b760bf22e00"], 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r2}, 0x9)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000680), &(0x7f0000000640)="fdff27", 0x5, r4}, 0x38)
pipe(&(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = socket$inet_udp(0x2, 0x2, 0x0)
close(r7)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000040)={0x0, 0x2000, 0x0, {0x0, 0xa}, {0x1}, @rumble={0xfff9, 0x8}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4808000010001fff3a4ee9bfd5c3a3696c40af0b", @ANYRES32=0x0], 0x3}}, 0x0)
setsockopt$inet6_udp_encap(r3, 0x11, 0x64, &(0x7f00000002c0)=0x3, 0x4)
write$binfmt_misc(r6, 0x0, 0x0)
splice(r5, 0x0, r7, 0x0, 0x4ffe6, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x12, 0xd, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES8=r4, @ANYRES16=r2], &(0x7f0000000000)='GPL\x00', 0x0, 0x2a, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000002, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8, 0x0, 0x2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x69, 0x7ffc0005}]})
io_setup(0x1, &(0x7f0000001300)=<r9=>0x0)
io_destroy(r9)
write$selinux_access(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a7570647077645f657865635f742073797374656d5f753a73797374656d5f723afaffffffffffffff3a73302030"], 0x56)
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
openat$procfs(0xffffffffffffff9c, &(0x7f0000001080)='/proc/sysvipc/shm\x00', 0x0, 0x0)
ioctl$SIOCX25SFACILITIES(r5, 0x89e3, &(0x7f0000000300)={0x1e, 0xffff, 0x8, 0x6, 0x4})
close_range(r10, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40500000000040079103000000000001e500000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

413.629944ms ago: executing program 2 (id=1754):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x2, 0x4, 0x4, 0x1, 0x500, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x6, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000000000001820", @ANYRES32=r1, @ANYBLOB="0000000000000000710305000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='mm_page_alloc\x00', r2}, 0x18)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x2}}, './file0\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r4 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000040)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_MSG_RING={0x28, 0x40, 0x0, r4, 0x0, 0x0, 0x34, 0x2})
io_uring_enter(r4, 0x627, 0x4c1, 0x9, 0x0, 0x18)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000340)='percpu_alloc_percpu\x00', r8}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x7, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="620ac4ff000000007110b300000000001801000000006c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000003000000850000000600000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x4d0, 0x0, 0x25, 0x148, 0x340, 0x60, 0x438, 0x2a8, 0x2a8, 0x438, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x20, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0x9, 0x8001}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x530)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080)={r2, r0}, 0xc)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/time_for_children\x00')

374.054324ms ago: executing program 2 (id=1755):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_config_ext, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x11, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f288476d2610054c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

243.678296ms ago: executing program 1 (id=1756):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd4, @void, @value}, 0x94)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@bridge_newvlan={0x28, 0x69, 0x1, 0x0, 0x0, {}, [@BRIDGE_VLANDB_ENTRY={0x10, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_TUNNEL_INFO={0xc, 0x4, 0x0, 0x1, @BRIDGE_VLANDB_TINFO_ID={0x8}}}]}, 0x28}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'lo\x00', <r8=>0x0})
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
io_uring_setup(0xf08, &(0x7f0000000780)={0x0, 0x826e, 0x40, 0x3, 0xf0})
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x2, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x40000000, 0x1000, 0x2, 0x0, 0x0, 0x8000002, 0x0, 0x7e150a0b, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x100000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x10000, 0x5d2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x1007, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x3, 0x0, 0x1, 0x8, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x2, 0x9, 0x0, 0x0, 0x7, 0xfbfffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x4fd, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x7e98263b, 0x9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd2d1, 0x0, 0x0, 0xb2e, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0xff, 0x1000, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, 0xc3f3, 0x1, 0x0, 0x800, 0x9, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0xfffffffe, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xfffffffd, 0x0, 0x0, 0xd819ac9, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffff, 0x0, 0x0, 0x80000001, 0x0, 0x10, 0x20, 0x4, 0x400000b2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1000, 0x100, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x1, 0x4, 0xfffffffe, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x0, 0x0, 0x20000040, 0xffffffff, 0x400, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0xaaf0]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x3, 0x0, 0x0, 0x0, 0xc0000001}, {0x3, 0x0, 0xb, 0x0, 0x0, 0xffffffff}, 0x7, 0x10, 0x2000000}}]}}]}, 0x45c}}, 0x0)

51.919159ms ago: executing program 2 (id=1757):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
sendmsg$ETHTOOL_MSG_WOL_GET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010425bd7000ffdbdf2509"], 0x20}, 0x1, 0x0, 0x0, 0x4001}, 0x20000080)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r5)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x1c}}, 0x4000054)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYRESDEC=r4, @ANYBLOB="7c650002", @ANYRESDEC, @ANYBLOB="0c009900060000004e0000000800c300010000002c00c500f010950b32233c2019650acc11d81e009662993657cf98f5df775b2db657245a4d1846247d40f7c50800c40006000000", @ANYBLOB="00032dbd7000fedbdf2567000000080001004500000008000300", @ANYRESOCT=0x0, @ANYRESDEC=r3], 0x6c}, 0x1, 0x0, 0x0, 0x20000000}, 0x1)

45.497439ms ago: executing program 1 (id=1758):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x5f}, 0x18)
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x2, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x40000000, 0x1000, 0x2, 0x0, 0x0, 0x8000002, 0x0, 0x7e150a0b, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x100000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x10000, 0x5d2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x1007, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x3, 0x0, 0x1, 0x8, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x2, 0x9, 0x0, 0x0, 0x7, 0xfbfffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x4fd, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x7e98263b, 0x9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd2d1, 0x0, 0x0, 0xb2e, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0xff, 0x1000, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, 0xc3f3, 0x1, 0x0, 0x800, 0x9, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0xfffffffe, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xfffffffd, 0x0, 0x0, 0xd819ac9, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffff, 0x0, 0x0, 0x80000001, 0x0, 0x10, 0x20, 0x4, 0x400000b2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1000, 0x100, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x1, 0x4, 0xfffffffe, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x0, 0x0, 0x20000040, 0xffffffff, 0x400, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0xaaf0]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x3, 0x0, 0x0, 0x0, 0xc0000001}, {0x3, 0x0, 0xb, 0x0, 0x0, 0xffffffff}, 0x7, 0x10, 0x2000000}}]}}]}, 0x45c}}, 0x0)

17.4859ms ago: executing program 1 (id=1759):
socket$inet6(0xa, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000380)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x3e, 0xb0, 0x1000, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e21, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x4, "44cb6d37c6818e519c60ca92b05c8ad4ae74ea79fdb58e2b7f29fa51c12f5cbb", "529ce0c19fb809804c2ff3c5412218a7d847fbc93cfef70c00506d947ea54e7f53d1fdc46c7f32f5461c69dbb12ae334", "93789889a9e2835b672961b74d925e86afc527fa482ea332ce27b8a5", {"2e5da89a0ace8edabc766b388285d39f", "375c5bef000000000d4600"}}}}}}}, 0x0)

0s ago: executing program 1 (id=1760):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0}, 0x1, 0x0, 0x0, 0x20000881}, 0x4000)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00000010001fef020000000125000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800a000100767863616e0000000400028008000a00", @ANYRES32=r2, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x44, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x500}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000804}, 0x8000)
socket$netlink(0x10, 0x3, 0x0) (async)
socket(0x10, 0x803, 0x0) (async)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0}, 0x1, 0x0, 0x0, 0x20000881}, 0x4000) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00000010001fef020000000125000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800a000100767863616e0000000400028008000a00", @ANYRES32=r2, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket(0x1, 0x803, 0x0) (async)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) (async)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x44, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x500}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000804}, 0x8000) (async)

kernel console output (not intermixed with test programs):

=206 compat=0 ip=0x7fafa205e929 code=0x7ffc0000
[   92.433756][   T29] audit: type=1326 audit(1749801185.953:4336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6223 comm="syz.4.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafa205e929 code=0x7ffc0000
[   92.459221][   T29] audit: type=1326 audit(1749801186.053:4337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6223 comm="syz.4.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7fafa205e929 code=0x7ffc0000
[   92.516600][   T29] audit: type=1326 audit(1749801186.113:4338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6223 comm="syz.4.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafa205e929 code=0x7ffc0000
[   92.540138][   T29] audit: type=1326 audit(1749801186.113:4339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6223 comm="syz.4.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafa205e929 code=0x7ffc0000
[   92.566936][ T6232] FAULT_INJECTION: forcing a failure.
[   92.566936][ T6232] name failslab, interval 1, probability 0, space 0, times 0
[   92.579810][ T6232] CPU: 1 UID: 0 PID: 6232 Comm: syz.1.919 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[   92.579892][ T6232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   92.579905][ T6232] Call Trace:
[   92.579911][ T6232]  <TASK>
[   92.579918][ T6232]  __dump_stack+0x1d/0x30
[   92.579952][ T6232]  dump_stack_lvl+0xe8/0x140
[   92.579972][ T6232]  dump_stack+0x15/0x1b
[   92.579988][ T6232]  should_fail_ex+0x265/0x280
[   92.580097][ T6232]  should_failslab+0x8c/0xb0
[   92.580126][ T6232]  __kvmalloc_node_noprof+0x123/0x4e0
[   92.580155][ T6232]  ? xt_alloc_table_info+0x3b/0x80
[   92.580175][ T6232]  ? should_fail_ex+0xdb/0x280
[   92.580274][ T6232]  xt_alloc_table_info+0x3b/0x80
[   92.580317][ T6232]  do_ipt_set_ctl+0x59c/0x820
[   92.580412][ T6232]  ? _raw_spin_unlock_bh+0x36/0x40
[   92.580443][ T6232]  ? tcp_release_cb+0xf1/0x370
[   92.580482][ T6232]  nf_setsockopt+0x199/0x1b0
[   92.580592][ T6232]  ip_setsockopt+0x102/0x110
[   92.580699][ T6232]  tcp_setsockopt+0x95/0xb0
[   92.580768][ T6232]  sock_common_setsockopt+0x66/0x80
[   92.580802][ T6232]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   92.580888][ T6232]  __sys_setsockopt+0x181/0x200
[   92.580916][ T6232]  __x64_sys_setsockopt+0x64/0x80
[   92.580948][ T6232]  x64_sys_call+0x2bd5/0x2fb0
[   92.581008][ T6232]  do_syscall_64+0xd2/0x200
[   92.581030][ T6232]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   92.581125][ T6232]  ? clear_bhb_loop+0x40/0x90
[   92.581189][ T6232]  ? clear_bhb_loop+0x40/0x90
[   92.581218][ T6232]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.581247][ T6232] RIP: 0033:0x7fa1b6eae929
[   92.581266][ T6232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.581290][ T6232] RSP: 002b:00007fa1b5517038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   92.581328][ T6232] RAX: ffffffffffffffda RBX: 00007fa1b70d5fa0 RCX: 00007fa1b6eae929
[   92.581342][ T6232] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000006
[   92.581354][ T6232] RBP: 00007fa1b5517090 R08: 0000000000000410 R09: 0000000000000000
[   92.581366][ T6232] R10: 0000200000000580 R11: 0000000000000246 R12: 0000000000000001
[   92.581381][ T6232] R13: 0000000000000000 R14: 00007fa1b70d5fa0 R15: 00007ffcfea63f78
[   92.581406][ T6232]  </TASK>
[   92.823240][ T6234] netlink: 8 bytes leftover after parsing attributes in process `syz.3.921'.
[   92.832171][ T6234] netlink: 2 bytes leftover after parsing attributes in process `syz.3.921'.
[   92.972179][ T6234] infiniband syz!: set down
[   92.976827][ T6234] infiniband syz!: added team_slave_0
[   93.011228][ T6234] RDS/IB: syz!: added
[   93.038863][ T6234] smc: adding ib device syz! with port count 1
[   93.063472][ T6234] smc:    ib device syz! port 1 has pnetid 
[   93.063680][ T6255] loop2: detected capacity change from 0 to 2048
[   93.144057][   T29] audit: type=1400 audit(1749801186.723:4340): avc:  denied  { attach_queue } for  pid=6251 comm="syz.4.930" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   93.172472][ T6255] EXT4-fs (loop2): failed to initialize system zone (-117)
[   93.180523][ T6255] EXT4-fs (loop2): mount failed
[   93.229321][   T29] audit: type=1400 audit(1749801186.763:4341): avc:  denied  { setopt } for  pid=6251 comm="syz.4.930" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   93.318569][ T6262] tipc: New replicast peer: 0.0.255.255
[   93.324285][ T6262] tipc: Enabled bearer <udp:s >, priority 10
[   93.349131][ T6264] loop0: detected capacity change from 0 to 128
[   93.434591][ T6264] syz.0.933: attempt to access beyond end of device
[   93.434591][ T6264] loop0: rw=0, sector=121, nr_sectors = 120 limit=128
[   93.512917][   T37] kworker/u8:2: attempt to access beyond end of device
[   93.512917][   T37] loop0: rw=1, sector=241, nr_sectors = 800 limit=128
[   93.529926][ T6284] loop3: detected capacity change from 0 to 512
[   93.546602][ T6284] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   93.575443][ T6288] FAULT_INJECTION: forcing a failure.
[   93.575443][ T6288] name failslab, interval 1, probability 0, space 0, times 0
[   93.588538][ T6288] CPU: 0 UID: 0 PID: 6288 Comm: syz.4.939 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[   93.588636][ T6288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   93.588654][ T6288] Call Trace:
[   93.588662][ T6288]  <TASK>
[   93.588672][ T6288]  __dump_stack+0x1d/0x30
[   93.588703][ T6288]  dump_stack_lvl+0xe8/0x140
[   93.588726][ T6288]  dump_stack+0x15/0x1b
[   93.588787][ T6288]  should_fail_ex+0x265/0x280
[   93.588865][ T6288]  should_failslab+0x8c/0xb0
[   93.588897][ T6288]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   93.588938][ T6288]  ? set_secret+0x96/0x250
[   93.589039][ T6288]  kmemdup_noprof+0x2b/0x70
[   93.589071][ T6288]  set_secret+0x96/0x250
[   93.589189][ T6288]  ? should_failslab+0x8c/0xb0
[   93.589254][ T6288]  ceph_crypto_key_decode+0x104/0x170
[   93.589300][ T6288]  ceph_key_preparse+0xbb/0x140
[   93.589343][ T6288]  __key_create_or_update+0x288/0x750
[   93.589388][ T6288]  ? key_validate+0xad/0xd0
[   93.589430][ T6288]  key_create_or_update+0x42/0x60
[   93.589458][ T6288]  __se_sys_add_key+0x296/0x350
[   93.589495][ T6288]  __x64_sys_add_key+0x67/0x80
[   93.589542][ T6288]  x64_sys_call+0x1d0d/0x2fb0
[   93.589570][ T6288]  do_syscall_64+0xd2/0x200
[   93.589592][ T6288]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   93.589637][ T6288]  ? clear_bhb_loop+0x40/0x90
[   93.589661][ T6288]  ? clear_bhb_loop+0x40/0x90
[   93.589710][ T6288]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.589732][ T6288] RIP: 0033:0x7fafa205e929
[   93.589748][ T6288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.589905][ T6288] RSP: 002b:00007fafa06c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[   93.589926][ T6288] RAX: ffffffffffffffda RBX: 00007fafa2285fa0 RCX: 00007fafa205e929
[   93.589941][ T6288] RDX: 00002000000009c0 RSI: 0000000000000000 RDI: 0000200000000040
[   93.589954][ T6288] RBP: 00007fafa06c7090 R08: 0000000035bb040f R09: 0000000000000000
[   93.589966][ T6288] R10: 0000000000000024 R11: 0000000000000246 R12: 0000000000000001
[   93.589979][ T6288] R13: 0000000000000000 R14: 00007fafa2285fa0 R15: 00007ffeece801b8
[   93.590002][ T6288]  </TASK>
[   93.819433][ T6284] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.937: invalid block
[   93.870360][ T6290] netlink: 'syz.2.940': attribute type 21 has an invalid length.
[   93.878466][ T6290] netlink: 'syz.2.940': attribute type 4 has an invalid length.
[   93.886322][ T6284] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.937: invalid indirect mapped block 4294967295 (level 1)
[   93.902728][ T6290] ref_ctr_offset mismatch. inode: 0x42c offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[   93.936828][ T6284] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.937: invalid indirect mapped block 4294967295 (level 1)
[   93.957580][ T6284] EXT4-fs (loop3): 2 truncates cleaned up
[   93.984221][ T6284] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   94.006376][ T6284] netlink: 'syz.3.937': attribute type 13 has an invalid length.
[   94.017587][   T29] audit: type=1400 audit(1749801187.603:4342): avc:  denied  { ioctl } for  pid=6303 comm="syz.4.945" path="<no_memory>" dev="sockfs" ino=13062 ioctlcmd=0x89ed scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   94.059340][ T6308] loop1: detected capacity change from 0 to 128
[   94.078402][ T6284] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.086548][ T6308] loop1: detected capacity change from 0 to 1024
[   94.098039][ T6284] 8021q: adding VLAN 0 to HW filter on device team0
[   94.105395][ T6284] batman_adv: batadv0: Interface activated: team0
[   94.120328][ T6284] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   94.139702][ T6313] loop2: detected capacity change from 0 to 128
[   94.147778][ T6315] __nla_validate_parse: 1 callbacks suppressed
[   94.147795][ T6315] netlink: 48 bytes leftover after parsing attributes in process `syz.1.950'.
[   94.172311][ T6313] syz.2.949: attempt to access beyond end of device
[   94.172311][ T6313] loop2: rw=0, sector=121, nr_sectors = 120 limit=128
[   94.216318][   T31] kworker/u8:1: attempt to access beyond end of device
[   94.216318][   T31] loop2: rw=1, sector=241, nr_sectors = 800 limit=128
[   94.241960][ T6320] netlink: 'syz.1.952': attribute type 1 has an invalid length.
[   94.251326][ T6320] pim6reg1: entered promiscuous mode
[   94.256816][ T6320] pim6reg1: entered allmulticast mode
[   94.273337][ T6322] netlink: 48 bytes leftover after parsing attributes in process `syz.2.951'.
[   94.426316][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.480451][ T6326] netlink: 56 bytes leftover after parsing attributes in process `syz.1.954'.
[   94.722400][ T6344] netlink: 48 bytes leftover after parsing attributes in process `syz.2.962'.
[   94.828185][ T6348] netlink: 'syz.2.964': attribute type 1 has an invalid length.
[   94.837052][ T6348] pim6reg1: entered promiscuous mode
[   94.842397][ T6348] pim6reg1: entered allmulticast mode
[   95.157628][ T6364] netlink: 24 bytes leftover after parsing attributes in process `syz.0.968'.
[   95.283589][ T6369] loop1: detected capacity change from 0 to 2048
[   95.305859][ T6358] netlink: 24 bytes leftover after parsing attributes in process `syz.4.969'.
[   95.317163][ T6369] EXT4-fs (loop1): failed to initialize system zone (-117)
[   95.324651][ T6369] EXT4-fs (loop1): mount failed
[   95.336394][ T6374] netlink: 48 bytes leftover after parsing attributes in process `syz.3.974'.
[   95.343887][ T6376] loop0: detected capacity change from 0 to 512
[   95.352835][ T6376] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   95.364728][ T6376] EXT4-fs (loop0): failed to initialize system zone (-117)
[   95.372232][ T6376] EXT4-fs (loop0): mount failed
[   95.443759][ T6380] tipc: New replicast peer: 0.0.255.255
[   95.449568][ T6380] tipc: Enabled bearer <udp:s >, priority 10
[   95.518155][ T6389] netlink: 2048 bytes leftover after parsing attributes in process `syz.4.978'.
[   95.527344][ T6389] netlink: 24 bytes leftover after parsing attributes in process `syz.4.978'.
[   95.613563][ T6393] netlink: 'syz.0.982': attribute type 1 has an invalid length.
[   95.622499][ T6393] pim6reg1: entered promiscuous mode
[   95.627984][ T6393] pim6reg1: entered allmulticast mode
[   95.653597][ T6396] FAULT_INJECTION: forcing a failure.
[   95.653597][ T6396] name failslab, interval 1, probability 0, space 0, times 0
[   95.666440][ T6396] CPU: 0 UID: 0 PID: 6396 Comm: syz.4.983 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[   95.666477][ T6396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   95.666493][ T6396] Call Trace:
[   95.666500][ T6396]  <TASK>
[   95.666507][ T6396]  __dump_stack+0x1d/0x30
[   95.666532][ T6396]  dump_stack_lvl+0xe8/0x140
[   95.666601][ T6396]  dump_stack+0x15/0x1b
[   95.666624][ T6396]  should_fail_ex+0x265/0x280
[   95.666716][ T6396]  should_failslab+0x8c/0xb0
[   95.666740][ T6396]  kmem_cache_alloc_noprof+0x50/0x310
[   95.666768][ T6396]  ? can_rx_register+0x104/0x4d0
[   95.666856][ T6396]  can_rx_register+0x104/0x4d0
[   95.666891][ T6396]  ? selinux_socket_bind+0x291/0x6b0
[   95.666926][ T6396]  ? __pfx_raw_rcv+0x10/0x10
[   95.667026][ T6396]  raw_enable_allfilters+0xa4/0x270
[   95.667052][ T6396]  raw_bind+0x1cf/0x410
[   95.667093][ T6396]  __sys_bind+0x1d1/0x2a0
[   95.667157][ T6396]  __x64_sys_bind+0x3f/0x50
[   95.667189][ T6396]  x64_sys_call+0x2086/0x2fb0
[   95.667212][ T6396]  do_syscall_64+0xd2/0x200
[   95.667265][ T6396]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   95.667293][ T6396]  ? clear_bhb_loop+0x40/0x90
[   95.667317][ T6396]  ? clear_bhb_loop+0x40/0x90
[   95.667345][ T6396]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.667368][ T6396] RIP: 0033:0x7fafa205e929
[   95.667384][ T6396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.667404][ T6396] RSP: 002b:00007fafa06c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[   95.667500][ T6396] RAX: ffffffffffffffda RBX: 00007fafa2285fa0 RCX: 00007fafa205e929
[   95.667514][ T6396] RDX: 0000000000000010 RSI: 0000200000000080 RDI: 0000000000000003
[   95.667527][ T6396] RBP: 00007fafa06c7090 R08: 0000000000000000 R09: 0000000000000000
[   95.667589][ T6396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.667602][ T6396] R13: 0000000000000000 R14: 00007fafa2285fa0 R15: 00007ffeece801b8
[   95.667662][ T6396]  </TASK>
[   95.924669][ T6404] loop4: detected capacity change from 0 to 512
[   95.932388][ T6404] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   95.953769][ T6404] EXT4-fs (loop4): failed to initialize system zone (-117)
[   95.962593][ T6404] EXT4-fs (loop4): mount failed
[   95.974439][ T6412] netlink: 12 bytes leftover after parsing attributes in process `syz.3.987'.
[   96.020946][ T6412] bond1: entered promiscuous mode
[   96.036194][ T6412] 8021q: adding VLAN 0 to HW filter on device bond1
[   96.065290][ T6412] 8021q: adding VLAN 0 to HW filter on device bond1
[   96.073986][ T6412] bond1: (slave ipip0): The slave device specified does not support setting the MAC address
[   96.085520][ T6412] bond1: (slave ipip0): Error -95 calling set_mac_address
[   96.420810][ T6471] netlink: 'syz.4.997': attribute type 1 has an invalid length.
[   96.437453][ T6471] pim6reg1: entered promiscuous mode
[   96.442853][ T6471] pim6reg1: entered allmulticast mode
[   96.538860][ T6491] ref_ctr_offset mismatch. inode: 0x3e6 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[   96.611827][ T6497] SELinux: failed to load policy
[   96.696764][ T6517] loop2: detected capacity change from 0 to 512
[   96.717241][ T6517] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   96.741831][ T6517] EXT4-fs (loop2): failed to initialize system zone (-117)
[   96.752515][ T6517] EXT4-fs (loop2): mount failed
[   97.099424][ T6571] netlink: 'syz.3.1013': attribute type 1 has an invalid length.
[   97.109918][ T6571] pim6reg1: entered promiscuous mode
[   97.115292][ T6571] pim6reg1: entered allmulticast mode
[   97.172926][ T6580] ref_ctr_offset mismatch. inode: 0x484 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[   97.623363][   T29] kauditd_printk_skb: 311 callbacks suppressed
[   97.623384][   T29] audit: type=1326 audit(1749801191.213:4654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.0.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb281e929 code=0x7ffc0000
[   97.660989][ T6602] x_tables: duplicate underflow at hook 1
[   97.677368][   T29] audit: type=1326 audit(1749801191.213:4655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.0.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb281e929 code=0x7ffc0000
[   97.701072][   T29] audit: type=1326 audit(1749801191.253:4656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.0.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f1eb281e929 code=0x7ffc0000
[   97.724858][   T29] audit: type=1326 audit(1749801191.253:4657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.0.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb281e929 code=0x7ffc0000
[   97.748390][   T29] audit: type=1326 audit(1749801191.253:4658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.0.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb281e929 code=0x7ffc0000
[   97.772435][   T29] audit: type=1326 audit(1749801191.253:4659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.0.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1eb281e929 code=0x7ffc0000
[   97.773332][ T6605] SELinux:  policydb magic number 0x69662f2e does not match expected magic number 0xf97cff8c
[   97.796732][   T29] audit: type=1326 audit(1749801191.253:4660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.0.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb281e929 code=0x7ffc0000
[   97.830010][   T29] audit: type=1326 audit(1749801191.253:4661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.0.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb281e929 code=0x7ffc0000
[   97.853647][   T29] audit: type=1326 audit(1749801191.253:4662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.0.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1eb281e929 code=0x7ffc0000
[   97.877159][   T29] audit: type=1326 audit(1749801191.253:4663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.0.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb281e929 code=0x7ffc0000
[   97.906213][ T6605] SELinux: failed to load policy
[   97.960062][ T6607] netlink: 'syz.0.1029': attribute type 1 has an invalid length.
[   97.979692][ T6607] pim6reg1: entered promiscuous mode
[   97.985092][ T6607] pim6reg1: entered allmulticast mode
[   98.008680][ T6620] loop2: detected capacity change from 0 to 128
[   98.144653][ T6620] syz.2.1034: attempt to access beyond end of device
[   98.144653][ T6620] loop2: rw=0, sector=121, nr_sectors = 120 limit=128
[   98.182470][ T6629] FAULT_INJECTION: forcing a failure.
[   98.182470][ T6629] name failslab, interval 1, probability 0, space 0, times 0
[   98.195447][ T6629] CPU: 0 UID: 0 PID: 6629 Comm: syz.3.1037 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[   98.195485][ T6629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   98.195503][ T6629] Call Trace:
[   98.195511][ T6629]  <TASK>
[   98.195522][ T6629]  __dump_stack+0x1d/0x30
[   98.195550][ T6629]  dump_stack_lvl+0xe8/0x140
[   98.195597][ T6629]  dump_stack+0x15/0x1b
[   98.195620][ T6629]  should_fail_ex+0x265/0x280
[   98.195666][ T6629]  ? __se_sys_memfd_create+0x1cc/0x590
[   98.195725][ T6629]  should_failslab+0x8c/0xb0
[   98.195753][ T6629]  __kmalloc_cache_noprof+0x4c/0x320
[   98.195791][ T6629]  ? fput+0x8f/0xc0
[   98.195897][ T6629]  __se_sys_memfd_create+0x1cc/0x590
[   98.195954][ T6629]  __x64_sys_memfd_create+0x31/0x40
[   98.196074][ T6629]  x64_sys_call+0x122f/0x2fb0
[   98.196105][ T6629]  do_syscall_64+0xd2/0x200
[   98.196133][ T6629]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   98.196162][ T6629]  ? clear_bhb_loop+0x40/0x90
[   98.196184][ T6629]  ? clear_bhb_loop+0x40/0x90
[   98.196212][ T6629]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.196241][ T6629] RIP: 0033:0x7f30159fe929
[   98.196258][ T6629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.196360][ T6629] RSP: 002b:00007f3014066e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   98.196381][ T6629] RAX: ffffffffffffffda RBX: 0000000000000503 RCX: 00007f30159fe929
[   98.196394][ T6629] RDX: 00007f3014066ef0 RSI: 0000000000000000 RDI: 00007f3015a814cc
[   98.196413][ T6629] RBP: 0000200000000fc0 R08: 00007f3014066bb7 R09: 00007f3014066e40
[   98.196426][ T6629] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000
[   98.196490][ T6629] R13: 00007f3014066ef0 R14: 00007f3014066eb0 R15: 0000200000000340
[   98.196514][ T6629]  </TASK>
[   98.427652][ T3327] kworker/u8:6: attempt to access beyond end of device
[   98.427652][ T3327] loop2: rw=1, sector=241, nr_sectors = 800 limit=128
[   98.474985][ T6633] loop3: detected capacity change from 0 to 512
[   98.496416][ T6633] SELinux: security_context_str_to_sid (root) failed with errno=-22
[   98.539342][ T6646] xt_connbytes: Forcing CT accounting to be enabled
[   98.542727][ T6633] x_tables: duplicate underflow at hook 2
[   98.611250][ T6646] set match dimension is over the limit!
[   98.628402][ T6651] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[   98.635105][ T6651] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   98.643005][ T6651] vhci_hcd vhci_hcd.0: Device attached
[   98.661907][ T6651] netlink: 'syz.4.1044': attribute type 4 has an invalid length.
[   98.698824][ T6652] vhci_hcd: connection closed
[   98.699205][   T12] vhci_hcd: stop threads
[   98.708327][   T12] vhci_hcd: release socket
[   98.712778][   T12] vhci_hcd: disconnect device
[   98.718560][ T6657] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[   98.725169][ T6657] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   98.732914][ T6657] vhci_hcd vhci_hcd.0: Device attached
[   98.760141][ T6662] FAULT_INJECTION: forcing a failure.
[   98.760141][ T6662] name failslab, interval 1, probability 0, space 0, times 0
[   98.772986][ T6662] CPU: 1 UID: 0 PID: 6662 Comm: syz.3.1046 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[   98.773077][ T6662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   98.773094][ T6662] Call Trace:
[   98.773101][ T6662]  <TASK>
[   98.773111][ T6662]  __dump_stack+0x1d/0x30
[   98.773137][ T6662]  dump_stack_lvl+0xe8/0x140
[   98.773160][ T6662]  dump_stack+0x15/0x1b
[   98.773177][ T6662]  should_fail_ex+0x265/0x280
[   98.773324][ T6662]  should_failslab+0x8c/0xb0
[   98.773350][ T6662]  kmem_cache_alloc_node_noprof+0x57/0x320
[   98.773379][ T6662]  ? __alloc_skb+0x101/0x320
[   98.773480][ T6662]  __alloc_skb+0x101/0x320
[   98.773524][ T6662]  netlink_alloc_large_skb+0xba/0xf0
[   98.773625][ T6662]  netlink_sendmsg+0x3cf/0x6b0
[   98.773649][ T6662]  ? __pfx_netlink_sendmsg+0x10/0x10
[   98.773676][ T6662]  __sock_sendmsg+0x145/0x180
[   98.773758][ T6662]  sock_write_iter+0x165/0x1b0
[   98.773790][ T6662]  do_iter_readv_writev+0x41e/0x4c0
[   98.773816][ T6662]  vfs_writev+0x2df/0x8b0
[   98.773860][ T6662]  do_writev+0xe7/0x210
[   98.773900][ T6662]  __x64_sys_writev+0x45/0x50
[   98.773936][ T6662]  x64_sys_call+0x2006/0x2fb0
[   98.773964][ T6662]  do_syscall_64+0xd2/0x200
[   98.774000][ T6662]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   98.774034][ T6662]  ? clear_bhb_loop+0x40/0x90
[   98.774058][ T6662]  ? clear_bhb_loop+0x40/0x90
[   98.774120][ T6662]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.774149][ T6662] RIP: 0033:0x7f30159fe929
[   98.774169][ T6662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.774192][ T6662] RSP: 002b:00007f3014046038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   98.774263][ T6662] RAX: ffffffffffffffda RBX: 00007f3015c26080 RCX: 00007f30159fe929
[   98.774277][ T6662] RDX: 0000000000000001 RSI: 00002000000003c0 RDI: 000000000000000d
[   98.774327][ T6662] RBP: 00007f3014046090 R08: 0000000000000000 R09: 0000000000000000
[   98.774343][ T6662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   98.774359][ T6662] R13: 0000000000000000 R14: 00007f3015c26080 R15: 00007fff0f481498
[   98.774384][ T6662]  </TASK>
[   98.997068][ T6658] vhci_hcd: connection closed
[   99.040789][ T3327] vhci_hcd: stop threads
[   99.050069][ T3327] vhci_hcd: release socket
[   99.054583][ T3327] vhci_hcd: disconnect device
[   99.105907][ T2960] vhci_hcd: vhci_device speed not set
[   99.130519][ T6664] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[   99.137296][ T6664] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   99.144988][ T6664] vhci_hcd vhci_hcd.0: Device attached
[   99.219424][ T6664] loop1: detected capacity change from 0 to 764
[   99.271385][ T6664] rock: directory entry would overflow storage
[   99.273362][ T6643] Set syz1 is full, maxelem 65536 reached
[   99.277735][ T6664] rock: sig=0x4654, size=5, remaining=4
[   99.290516][ T6664] rock: directory entry would overflow storage
[   99.296834][ T6664] rock: sig=0x4f50, size=4, remaining=3
[   99.302739][ T6664] iso9660: Corrupted directory entry in block 4 of inode 1792
[   99.321928][ T6674] netlink: 'syz.4.1051': attribute type 1 has an invalid length.
[   99.339884][ T6664] netlink: 'syz.1.1048': attribute type 4 has an invalid length.
[   99.385972][ T3401] usb 3-1: new low-speed USB device number 2 using vhci_hcd
[   99.396745][ T6666] vhci_hcd: connection closed
[   99.397027][ T3327] vhci_hcd: stop threads
[   99.406531][ T3327] vhci_hcd: release socket
[   99.411069][ T3327] vhci_hcd: disconnect device
[   99.417448][ T3401] usb 3-1: enqueue for inactive port 0
[   99.423086][ T3401] usb 3-1: enqueue for inactive port 0
[   99.427497][ T6678] loop2: detected capacity change from 0 to 128
[   99.428917][ T3401] usb 3-1: enqueue for inactive port 0
[   99.523039][ T6678] syz.2.1053: attempt to access beyond end of device
[   99.523039][ T6678] loop2: rw=0, sector=121, nr_sectors = 120 limit=128
[   99.525855][ T3401] vhci_hcd: vhci_device speed not set
[   99.571836][ T6682] loop3: detected capacity change from 0 to 512
[   99.584015][ T6682] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   99.608691][ T6682] EXT4-fs (loop3): failed to initialize system zone (-117)
[   99.616453][ T6682] EXT4-fs (loop3): mount failed
[   99.618020][ T5990] kworker/u8:12: attempt to access beyond end of device
[   99.618020][ T5990] loop2: rw=1, sector=241, nr_sectors = 800 limit=128
[   99.691498][ T6688] __nla_validate_parse: 9 callbacks suppressed
[   99.691518][ T6688] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1054'.
[   99.980381][ T6702] loop3: detected capacity change from 0 to 512
[   99.981727][ T6691] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1056'.
[   99.997377][ T6702] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  100.011346][ T6702] EXT4-fs (loop3): failed to initialize system zone (-117)
[  100.020012][ T6702] EXT4-fs (loop3): mount failed
[  100.097099][ T6713] loop4: detected capacity change from 0 to 512
[  100.104198][ T6713] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  100.132912][ T6711] loop3: detected capacity change from 0 to 128
[  100.141551][ T6713] x_tables: duplicate underflow at hook 2
[  100.149583][ T6708] loop1: detected capacity change from 0 to 256
[  100.176622][ T6708] FAT-fs (loop1): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  100.211619][ T6711] syz.3.1066: attempt to access beyond end of device
[  100.211619][ T6711] loop3: rw=0, sector=121, nr_sectors = 120 limit=128
[  100.221069][ T6718] loop4: detected capacity change from 0 to 2048
[  100.277833][   T31] kworker/u8:1: attempt to access beyond end of device
[  100.277833][   T31] loop3: rw=1, sector=241, nr_sectors = 800 limit=128
[  100.298804][ T6708] FAT-fs (loop1): codepage cp855 not found
[  100.333233][ T6718] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.354275][ T6718] ext4 filesystem being mounted at /204/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.743230][ T6748] loop3: detected capacity change from 0 to 1024
[  100.781940][ T6752] loop1: detected capacity change from 0 to 512
[  100.786462][ T6748] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  100.798366][ T6748] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  100.800195][ T6752] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  100.829181][ T6748] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  100.852427][ T6752] EXT4-fs (loop1): failed to initialize system zone (-117)
[  100.865819][ T6752] EXT4-fs (loop1): mount failed
[  100.878975][ T6748] EXT4-fs error (device loop3): ext4_get_journal_inode:5796: inode #5: comm syz.3.1078: unexpected bad inode w/o EXT4_IGET_BAD
[  100.902776][ T6748] EXT4-fs (loop3): Remounting filesystem read-only
[  100.909515][ T6748] EXT4-fs (loop3): no journal found
[  100.914795][ T6748] EXT4-fs (loop3): can't get journal size
[  100.936511][ T6748] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  101.108952][ T6767] SELinux: failed to load policy
[  101.128152][ T6777] 9pnet_fd: Insufficient options for proto=fd
[  101.191210][ T6784] loop2: detected capacity change from 0 to 128
[  101.208072][   T12] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:0: bg 0: block 345: padding at end of block bitmap is not set
[  101.226652][   T12] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117
[  101.239496][   T12] EXT4-fs (loop4): This should not happen!! Data will be lost
[  101.239496][   T12] 
[  101.253717][ T6784] syz.2.1090: attempt to access beyond end of device
[  101.253717][ T6784] loop2: rw=0, sector=121, nr_sectors = 120 limit=128
[  101.276536][   T12] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 789 with error 28
[  101.289325][   T12] EXT4-fs (loop4): This should not happen!! Data will be lost
[  101.289325][   T12] 
[  101.299032][   T12] EXT4-fs (loop4): Total free blocks count 0
[  101.305214][   T12] EXT4-fs (loop4): Free/Dirty block details
[  101.311188][   T12] EXT4-fs (loop4): free_blocks=0
[  101.316183][   T12] EXT4-fs (loop4): dirty_blocks=800
[  101.321439][   T12] EXT4-fs (loop4): Block reservation details
[  101.370251][   T12] kworker/u8:0: attempt to access beyond end of device
[  101.370251][   T12] loop2: rw=1, sector=241, nr_sectors = 800 limit=128
[  101.474531][ T6797] FAULT_INJECTION: forcing a failure.
[  101.474531][ T6797] name failslab, interval 1, probability 0, space 0, times 0
[  101.486081][ T6801] loop1: detected capacity change from 0 to 128
[  101.487381][ T6797] CPU: 1 UID: 0 PID: 6797 Comm: syz.2.1094 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[  101.487426][ T6797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  101.487445][ T6797] Call Trace:
[  101.487455][ T6797]  <TASK>
[  101.487465][ T6797]  __dump_stack+0x1d/0x30
[  101.487495][ T6797]  dump_stack_lvl+0xe8/0x140
[  101.487596][ T6797]  dump_stack+0x15/0x1b
[  101.487619][ T6797]  should_fail_ex+0x265/0x280
[  101.487741][ T6797]  should_failslab+0x8c/0xb0
[  101.487781][ T6797]  __kmalloc_noprof+0xa5/0x3e0
[  101.487862][ T6797]  ? vmalloc_info_show+0x3f/0x850
[  101.487894][ T6797]  vmalloc_info_show+0x3f/0x850
[  101.487972][ T6797]  ? seq_read_iter+0x404/0x940
[  101.488018][ T6797]  seq_read_iter+0x316/0x940
[  101.488066][ T6797]  proc_reg_read_iter+0x110/0x180
[  101.488104][ T6797]  ? __pfx_proc_reg_read_iter+0x10/0x10
[  101.488163][ T6797]  vfs_read+0x5cd/0x6f0
[  101.488234][ T6797]  ? __pfx_proc_reg_read_iter+0x10/0x10
[  101.488279][ T6797]  ksys_read+0xda/0x1a0
[  101.488309][ T6797]  __x64_sys_read+0x40/0x50
[  101.488337][ T6797]  x64_sys_call+0x2d77/0x2fb0
[  101.488418][ T6797]  do_syscall_64+0xd2/0x200
[  101.488520][ T6797]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.488605][ T6797]  ? clear_bhb_loop+0x40/0x90
[  101.488636][ T6797]  ? clear_bhb_loop+0x40/0x90
[  101.488706][ T6797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.488745][ T6797] RIP: 0033:0x7f338452e929
[  101.488766][ T6797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.488793][ T6797] RSP: 002b:00007f3382b97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  101.488898][ T6797] RAX: ffffffffffffffda RBX: 00007f3384755fa0 RCX: 00007f338452e929
[  101.488981][ T6797] RDX: 0000000000000ffc RSI: 00002000000000c0 RDI: 0000000000000005
[  101.488999][ T6797] RBP: 00007f3382b97090 R08: 0000000000000000 R09: 0000000000000000
[  101.489016][ T6797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.489058][ T6797] R13: 0000000000000000 R14: 00007f3384755fa0 R15: 00007ffd5be2eaf8
[  101.489086][ T6797]  </TASK>
[  101.706773][ T6801] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  101.729266][ T6801] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  101.772364][ T3327] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  101.805536][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.831424][ T6805] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1098'.
[  101.868516][ T6814] SELinux: failed to load policy
[  101.909174][ T6823] x_tables: duplicate underflow at hook 2
[  101.980914][ T6829] ref_ctr_offset mismatch. inode: 0x461 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  101.998118][ T6832] loop4: detected capacity change from 0 to 512
[  102.015749][ T6832] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  102.028940][ T6840] x_tables: duplicate underflow at hook 2
[  102.042665][ T6832] EXT4-fs (loop4): failed to initialize system zone (-117)
[  102.083591][ T6832] EXT4-fs (loop4): mount failed
[  102.199703][ T6850] SELinux: failed to load policy
[  102.200293][ T6853] x_tables: duplicate underflow at hook 2
[  102.248215][ T6857] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1122'.
[  102.292871][ T6860] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1123'.
[  102.365078][ T6881] loop3: detected capacity change from 0 to 512
[  102.375884][ T6881] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  102.417809][ T6881] EXT4-fs (loop3): failed to initialize system zone (-117)
[  102.435315][ T6881] EXT4-fs (loop3): mount failed
[  102.457023][ T6885] SELinux: failed to load policy
[  102.543641][ T6892] loop1: detected capacity change from 0 to 512
[  102.567605][ T6892] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  102.582593][ T6897] netlink: 'syz.3.1139': attribute type 1 has an invalid length.
[  102.598288][ T6900] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1139'.
[  102.608768][ T6897] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1139'.
[  102.652703][ T6906] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1140'.
[  102.788292][ T6918] loop1: detected capacity change from 0 to 512
[  102.829153][ T6931] ref_ctr_offset mismatch. inode: 0x4d8 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  102.854660][ T6918] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  102.900980][ T6918] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.1141: invalid block
[  102.927569][ T6918] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1141: invalid indirect mapped block 4294967295 (level 1)
[  103.011428][ T6918] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1141: invalid indirect mapped block 4294967295 (level 1)
[  103.026681][ T6918] EXT4-fs (loop1): 2 truncates cleaned up
[  103.032863][ T6918] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.111368][   T29] kauditd_printk_skb: 493 callbacks suppressed
[  103.111387][   T29] audit: type=1400 audit(1749801196.703:5157): avc:  denied  { remount } for  pid=6907 comm="syz.1.1141" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  103.117973][ T6954] SELinux: failed to load policy
[  103.185268][   T29] audit: type=1326 audit(1749801196.773:5158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6955 comm="syz.0.1149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb281e929 code=0x7ffc0000
[  103.208920][   T29] audit: type=1326 audit(1749801196.773:5159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6955 comm="syz.0.1149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb281e929 code=0x7ffc0000
[  103.238652][ T6918] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  103.247300][   T29] audit: type=1326 audit(1749801196.783:5160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6955 comm="syz.0.1149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f1eb281e929 code=0x7ffc0000
[  103.271914][   T29] audit: type=1326 audit(1749801196.843:5161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6955 comm="syz.0.1149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb281e929 code=0x7ffc0000
[  103.295570][   T29] audit: type=1326 audit(1749801196.843:5162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6955 comm="syz.0.1149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb281e929 code=0x7ffc0000
[  103.334872][ T6966] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1154'.
[  103.351687][ T6969] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1155'.
[  103.409048][ T6976] bond3: entered promiscuous mode
[  103.414446][ T6976] 8021q: adding VLAN 0 to HW filter on device bond3
[  103.424702][ T6969] batman_adv: batadv0: Removing interface: batadv_slave_0
[  103.449327][ T6969] batman_adv: batadv0: Removing interface: batadv_slave_1
[  103.468601][ T6976] 8021q: adding VLAN 0 to HW filter on device bond3
[  103.478322][ T6982] ref_ctr_offset mismatch. inode: 0x49f offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  103.499109][ T6976] bond3: (slave ipip0): The slave device specified does not support setting the MAC address
[  103.514680][ T6976] bond3: (slave ipip0): Error -95 calling set_mac_address
[  103.547267][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.600970][   T29] audit: type=1326 audit(1749801197.193:5163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6991 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  103.624528][   T29] audit: type=1326 audit(1749801197.193:5164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6991 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  103.648049][   T29] audit: type=1326 audit(1749801197.193:5165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6991 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  103.671778][   T29] audit: type=1326 audit(1749801197.193:5166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6991 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  103.793475][ T7017] loop0: detected capacity change from 0 to 128
[  103.826164][ T7017] syz.0.1164: attempt to access beyond end of device
[  103.826164][ T7017] loop0: rw=0, sector=121, nr_sectors = 120 limit=128
[  103.849914][ T7019] SELinux: failed to load policy
[  103.904659][ T5990] kworker/u8:12: attempt to access beyond end of device
[  103.904659][ T5990] loop0: rw=1, sector=241, nr_sectors = 800 limit=128
[  103.981352][ T7030] loop0: detected capacity change from 0 to 512
[  103.999136][ T7030] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  104.041333][ T7030] EXT4-fs (loop0): failed to initialize system zone (-117)
[  104.050120][ T7030] EXT4-fs (loop0): mount failed
[  104.381424][ T7098] loop3: detected capacity change from 0 to 128
[  104.435112][ T7099] SELinux: failed to load policy
[  104.448576][ T7098] syz.3.1178: attempt to access beyond end of device
[  104.448576][ T7098] loop3: rw=0, sector=121, nr_sectors = 120 limit=128
[  104.536557][ T5247] kworker/u8:9: attempt to access beyond end of device
[  104.536557][ T5247] loop3: rw=1, sector=241, nr_sectors = 800 limit=128
[  104.662750][ T7129] bond1: entered promiscuous mode
[  104.672397][ T7129] 8021q: adding VLAN 0 to HW filter on device bond1
[  104.681166][ T7130] ref_ctr_offset mismatch. inode: 0x4ee offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  104.693790][ T7129] 8021q: adding VLAN 0 to HW filter on device bond1
[  104.714714][ T7129] bond1: (slave ipip0): The slave device specified does not support setting the MAC address
[  104.728787][ T7129] bond1: (slave ipip0): Error -95 calling set_mac_address
[  104.802771][ T7145] SELinux: failed to load policy
[  104.884233][ T7168] FAULT_INJECTION: forcing a failure.
[  104.884233][ T7168] name failslab, interval 1, probability 0, space 0, times 0
[  104.897034][ T7168] CPU: 1 UID: 0 PID: 7168 Comm: syz.4.1199 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[  104.897124][ T7168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  104.897141][ T7168] Call Trace:
[  104.897147][ T7168]  <TASK>
[  104.897154][ T7168]  __dump_stack+0x1d/0x30
[  104.897290][ T7168]  dump_stack_lvl+0xe8/0x140
[  104.897313][ T7168]  dump_stack+0x15/0x1b
[  104.897334][ T7168]  should_fail_ex+0x265/0x280
[  104.897373][ T7168]  should_failslab+0x8c/0xb0
[  104.897446][ T7168]  kmem_cache_alloc_noprof+0x50/0x310
[  104.897481][ T7168]  ? __nf_conntrack_alloc+0xc7/0x270
[  104.897512][ T7168]  __nf_conntrack_alloc+0xc7/0x270
[  104.897590][ T7168]  init_conntrack+0xd7/0x830
[  104.897627][ T7168]  nf_conntrack_in+0x8bb/0xf40
[  104.897664][ T7168]  ipv6_conntrack_in+0x1d/0x30
[  104.897764][ T7168]  ? __pfx_ipv6_conntrack_in+0x10/0x10
[  104.897863][ T7168]  nf_hook_slow+0x75/0x180
[  104.897890][ T7168]  ipv6_rcv+0x10e/0x150
[  104.897930][ T7168]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  104.897962][ T7168]  __netif_receive_skb+0x9e/0x270
[  104.897994][ T7168]  ? tun_rx_batched+0xc7/0x430
[  104.898033][ T7168]  netif_receive_skb+0x4b/0x2e0
[  104.898065][ T7168]  ? tun_rx_batched+0xc7/0x430
[  104.898136][ T7168]  tun_rx_batched+0xfc/0x430
[  104.898213][ T7168]  tun_get_user+0x1e5a/0x2500
[  104.898257][ T7168]  ? ref_tracker_alloc+0x1f2/0x2f0
[  104.898388][ T7168]  tun_chr_write_iter+0x15e/0x210
[  104.898429][ T7168]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  104.898473][ T7168]  vfs_write+0x49d/0x8e0
[  104.898498][ T7168]  ksys_write+0xda/0x1a0
[  104.898524][ T7168]  __x64_sys_write+0x40/0x50
[  104.898571][ T7168]  x64_sys_call+0x2cdd/0x2fb0
[  104.898600][ T7168]  do_syscall_64+0xd2/0x200
[  104.898625][ T7168]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  104.898654][ T7168]  ? clear_bhb_loop+0x40/0x90
[  104.898726][ T7168]  ? clear_bhb_loop+0x40/0x90
[  104.898757][ T7168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.898785][ T7168] RIP: 0033:0x7fafa205d3df
[  104.898805][ T7168] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  104.898885][ T7168] RSP: 002b:00007fafa06c7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  104.898910][ T7168] RAX: ffffffffffffffda RBX: 00007fafa2285fa0 RCX: 00007fafa205d3df
[  104.898927][ T7168] RDX: 00000000000000d2 RSI: 0000200000000d00 RDI: 00000000000000c8
[  104.898943][ T7168] RBP: 00007fafa06c7090 R08: 0000000000000000 R09: 0000000000000000
[  104.898959][ T7168] R10: 00000000000000d2 R11: 0000000000000293 R12: 0000000000000001
[  104.898975][ T7168] R13: 0000000000000000 R14: 00007fafa2285fa0 R15: 00007ffeece801b8
[  104.899056][ T7168]  </TASK>
[  105.209336][ T7171] loop3: detected capacity change from 0 to 512
[  105.216786][ T7171] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  105.231895][ T7171] x_tables: duplicate underflow at hook 2
[  105.309205][ T7137] __nla_validate_parse: 3 callbacks suppressed
[  105.309222][ T7137] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1192'.
[  105.552972][ T7203] SELinux: failed to load policy
[  105.627882][ T7232] ref_ctr_offset mismatch. inode: 0x51d offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  105.850347][ T7255] loop1: detected capacity change from 0 to 512
[  105.857729][ T7255] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  105.868438][ T7255] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e02c, mo2=0002]
[  105.877522][ T7255] EXT4-fs (loop1): orphan cleanup on readonly fs
[  105.884743][ T7255] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #11: comm syz.1.1214: attempt to clear invalid blocks 1024 len 1
[  105.899021][ T7255] EXT4-fs (loop1): Remounting filesystem read-only
[  105.905949][ T7255] EXT4-fs (loop1): 1 truncate cleaned up
[  105.912077][ T7255] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  105.956914][ T7262] loop3: detected capacity change from 0 to 2048
[  106.068421][ T7264] 8021q: adding VLAN 0 to HW filter on device bond2
[  106.178481][ T7271] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1222'.
[  106.222503][ T7274] FAULT_INJECTION: forcing a failure.
[  106.222503][ T7274] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  106.236340][ T7274] CPU: 1 UID: 0 PID: 7274 Comm: syz.4.1223 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[  106.236414][ T7274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  106.236428][ T7274] Call Trace:
[  106.236435][ T7274]  <TASK>
[  106.236493][ T7274]  __dump_stack+0x1d/0x30
[  106.236558][ T7274]  dump_stack_lvl+0xe8/0x140
[  106.236584][ T7274]  dump_stack+0x15/0x1b
[  106.236602][ T7274]  should_fail_ex+0x265/0x280
[  106.236714][ T7274]  should_fail+0xb/0x20
[  106.236749][ T7274]  should_fail_usercopy+0x1a/0x20
[  106.236777][ T7274]  _copy_from_user+0x1c/0xb0
[  106.236809][ T7274]  ___sys_sendmsg+0xc1/0x1d0
[  106.236864][ T7274]  __x64_sys_sendmsg+0xd4/0x160
[  106.236897][ T7274]  x64_sys_call+0x2999/0x2fb0
[  106.236925][ T7274]  do_syscall_64+0xd2/0x200
[  106.236954][ T7274]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  106.237036][ T7274]  ? clear_bhb_loop+0x40/0x90
[  106.237065][ T7274]  ? clear_bhb_loop+0x40/0x90
[  106.237095][ T7274]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.237177][ T7274] RIP: 0033:0x7fafa205e929
[  106.237194][ T7274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.237218][ T7274] RSP: 002b:00007fafa06c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  106.237239][ T7274] RAX: ffffffffffffffda RBX: 00007fafa2285fa0 RCX: 00007fafa205e929
[  106.237255][ T7274] RDX: 00000000000000fc RSI: 0000200000000600 RDI: 0000000000000006
[  106.237271][ T7274] RBP: 00007fafa06c7090 R08: 0000000000000000 R09: 0000000000000000
[  106.237287][ T7274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.237361][ T7274] R13: 0000000000000000 R14: 00007fafa2285fa0 R15: 00007ffeece801b8
[  106.237380][ T7274]  </TASK>
[  106.549757][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  106.554192][ T7281] loop3: detected capacity change from 0 to 2048
[  106.633209][ T7281] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.685482][ T7281] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.1226: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  106.724740][ T7281] EXT4-fs (loop3): Remounting filesystem read-only
[  106.759222][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.177109][ T7307] FAULT_INJECTION: forcing a failure.
[  107.177109][ T7307] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  107.190337][ T7307] CPU: 1 UID: 0 PID: 7307 Comm: syz.0.1235 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[  107.190382][ T7307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  107.190399][ T7307] Call Trace:
[  107.190407][ T7307]  <TASK>
[  107.190415][ T7307]  __dump_stack+0x1d/0x30
[  107.190458][ T7307]  dump_stack_lvl+0xe8/0x140
[  107.190484][ T7307]  dump_stack+0x15/0x1b
[  107.190507][ T7307]  should_fail_ex+0x265/0x280
[  107.190553][ T7307]  should_fail+0xb/0x20
[  107.190607][ T7307]  should_fail_usercopy+0x1a/0x20
[  107.190636][ T7307]  _copy_from_iter+0xcf/0xe40
[  107.190666][ T7307]  ? mntput+0x4b/0x80
[  107.190702][ T7307]  ? terminate_walk+0x27f/0x2a0
[  107.190811][ T7307]  tun_get_user+0x144/0x2500
[  107.190932][ T7307]  ? ref_tracker_alloc+0x1f2/0x2f0
[  107.190982][ T7307]  ? selinux_file_permission+0x1e4/0x320
[  107.191021][ T7307]  tun_chr_write_iter+0x15e/0x210
[  107.191101][ T7307]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  107.191136][ T7307]  vfs_write+0x49d/0x8e0
[  107.191191][ T7307]  ksys_write+0xda/0x1a0
[  107.191219][ T7307]  __x64_sys_write+0x40/0x50
[  107.191245][ T7307]  x64_sys_call+0x2cdd/0x2fb0
[  107.191272][ T7307]  do_syscall_64+0xd2/0x200
[  107.191335][ T7307]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  107.191377][ T7307]  ? clear_bhb_loop+0x40/0x90
[  107.191405][ T7307]  ? clear_bhb_loop+0x40/0x90
[  107.191483][ T7307]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.191512][ T7307] RIP: 0033:0x7f1eb281e929
[  107.191532][ T7307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.191555][ T7307] RSP: 002b:00007f1eb0e87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  107.191579][ T7307] RAX: ffffffffffffffda RBX: 00007f1eb2a45fa0 RCX: 00007f1eb281e929
[  107.191610][ T7307] RDX: 000000000000fdef RSI: 00002000000003c0 RDI: 0000000000000005
[  107.191624][ T7307] RBP: 00007f1eb0e87090 R08: 0000000000000000 R09: 0000000000000000
[  107.191648][ T7307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.191660][ T7307] R13: 0000000000000000 R14: 00007f1eb2a45fa0 R15: 00007ffe9c3ae978
[  107.191690][ T7307]  </TASK>
[  107.384399][ T7303] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1233'.
[  107.595950][ T7317] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1240'.
[  107.605190][ T7317] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1240'.
[  107.618724][ T7315] hub 8-0:1.0: USB hub found
[  107.628598][ T7315] hub 8-0:1.0: 8 ports detected
[  107.629884][ T7322] FAULT_INJECTION: forcing a failure.
[  107.629884][ T7322] name failslab, interval 1, probability 0, space 0, times 0
[  107.646488][ T7322] CPU: 1 UID: 0 PID: 7322 Comm: syz.2.1237 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[  107.646573][ T7322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  107.646586][ T7322] Call Trace:
[  107.646606][ T7322]  <TASK>
[  107.646614][ T7322]  __dump_stack+0x1d/0x30
[  107.646642][ T7322]  dump_stack_lvl+0xe8/0x140
[  107.646712][ T7322]  dump_stack+0x15/0x1b
[  107.646733][ T7322]  should_fail_ex+0x265/0x280
[  107.646837][ T7322]  should_failslab+0x8c/0xb0
[  107.646868][ T7322]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  107.646907][ T7322]  ? sidtab_sid2str_get+0xa0/0x130
[  107.646943][ T7322]  kmemdup_noprof+0x2b/0x70
[  107.647045][ T7322]  sidtab_sid2str_get+0xa0/0x130
[  107.647085][ T7322]  security_sid_to_context_core+0x1eb/0x2e0
[  107.647112][ T7322]  security_sid_to_context+0x27/0x40
[  107.647144][ T7322]  selinux_lsmprop_to_secctx+0x67/0xf0
[  107.647233][ T7322]  security_lsmprop_to_secctx+0x43/0x80
[  107.647269][ T7322]  audit_log_task_context+0x77/0x190
[  107.647368][ T7322]  audit_log_task+0xf4/0x250
[  107.647402][ T7322]  audit_seccomp+0x61/0x100
[  107.647430][ T7322]  ? __seccomp_filter+0x68c/0x10d0
[  107.647455][ T7322]  __seccomp_filter+0x69d/0x10d0
[  107.647503][ T7322]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  107.647526][ T7322]  ? vfs_write+0x75e/0x8e0
[  107.647604][ T7322]  __secure_computing+0x82/0x150
[  107.647634][ T7322]  syscall_trace_enter+0xcf/0x1e0
[  107.647741][ T7322]  do_syscall_64+0xac/0x200
[  107.647764][ T7322]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  107.647798][ T7322]  ? clear_bhb_loop+0x40/0x90
[  107.647838][ T7322]  ? clear_bhb_loop+0x40/0x90
[  107.647941][ T7322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.647964][ T7322] RIP: 0033:0x7f338452e929
[  107.647979][ T7322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.648064][ T7322] RSP: 002b:00007f3382b97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000041
[  107.648086][ T7322] RAX: ffffffffffffffda RBX: 00007f3384755fa0 RCX: 00007f338452e929
[  107.648139][ T7322] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  107.648156][ T7322] RBP: 00007f3382b97090 R08: 0000000000000000 R09: 0000000000000000
[  107.648168][ T7322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.648201][ T7322] R13: 0000000000000000 R14: 00007f3384755fa0 R15: 00007ffd5be2eaf8
[  107.648226][ T7322]  </TASK>
[  107.917241][ T7325] loop4: detected capacity change from 0 to 128
[  107.939770][ T7327] loop1: detected capacity change from 0 to 2048
[  107.971847][ T7331] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1245'.
[  107.987601][ T7327] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.005844][ T7325] syz.4.1242: attempt to access beyond end of device
[  108.005844][ T7325] loop4: rw=0, sector=121, nr_sectors = 120 limit=128
[  108.022730][ T7327] ext4 filesystem being mounted at /234/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  108.064888][ T7339] SELinux: failed to load policy
[  108.097957][ T7341] FAULT_INJECTION: forcing a failure.
[  108.097957][ T7341] name failslab, interval 1, probability 0, space 0, times 0
[  108.110717][ T7341] CPU: 0 UID: 0 PID: 7341 Comm: syz.2.1248 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[  108.110804][ T7341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  108.110820][ T7341] Call Trace:
[  108.110830][ T7341]  <TASK>
[  108.110840][ T7341]  __dump_stack+0x1d/0x30
[  108.110936][ T7341]  dump_stack_lvl+0xe8/0x140
[  108.110961][ T7341]  dump_stack+0x15/0x1b
[  108.110982][ T7341]  should_fail_ex+0x265/0x280
[  108.111020][ T7341]  ? audit_log_d_path+0x8d/0x150
[  108.111062][ T7341]  should_failslab+0x8c/0xb0
[  108.111145][ T7341]  __kmalloc_cache_noprof+0x4c/0x320
[  108.111265][ T7341]  audit_log_d_path+0x8d/0x150
[  108.111307][ T7341]  audit_log_d_path_exe+0x42/0x70
[  108.111342][ T7341]  audit_log_task+0x1e9/0x250
[  108.111469][ T7341]  audit_seccomp+0x61/0x100
[  108.111548][ T7341]  ? __seccomp_filter+0x68c/0x10d0
[  108.111578][ T7341]  __seccomp_filter+0x69d/0x10d0
[  108.111619][ T7341]  __secure_computing+0x82/0x150
[  108.111650][ T7341]  syscall_trace_enter+0xcf/0x1e0
[  108.111715][ T7341]  do_syscall_64+0xac/0x200
[  108.111744][ T7341]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  108.111894][ T7341]  ? clear_bhb_loop+0x40/0x90
[  108.111918][ T7341]  ? clear_bhb_loop+0x40/0x90
[  108.111984][ T7341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.112007][ T7341] RIP: 0033:0x7f338452e929
[  108.112027][ T7341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.112052][ T7341] RSP: 002b:00007f3382b97038 EFLAGS: 00000246 ORIG_RAX: 00000000000000db
[  108.112127][ T7341] RAX: ffffffffffffffda RBX: 00007f3384755fa0 RCX: 00007f338452e929
[  108.112144][ T7341] RDX: ffffffffffbffff8 RSI: 000000000000002c RDI: 0000200000b2c000
[  108.112158][ T7341] RBP: 00007f3382b97090 R08: 0000000000000000 R09: 0000000000000000
[  108.112170][ T7341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  108.112181][ T7341] R13: 0000000000000000 R14: 00007f3384755fa0 R15: 00007ffd5be2eaf8
[  108.112201][ T7341]  </TASK>
[  108.174432][   T29] kauditd_printk_skb: 353 callbacks suppressed
[  108.174504][   T29] audit: type=1326 audit(1749801201.693:5519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7340 comm="syz.2.1248" exe="<no_memory>" sig=0 arch=c000003e syscall=219 compat=0 ip=0x7f338452e929 code=0x7ffc0000
[  108.350541][ T3327] kworker/u8:6: attempt to access beyond end of device
[  108.350541][ T3327] loop4: rw=1, sector=241, nr_sectors = 800 limit=128
[  108.351414][   T29] audit: type=1326 audit(1749801201.773:5520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7340 comm="syz.2.1248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f338452d33c code=0x7ffc0000
[  108.388081][   T29] audit: type=1326 audit(1749801201.773:5521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7340 comm="syz.2.1248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f338452d3df code=0x7ffc0000
[  108.411513][   T29] audit: type=1326 audit(1749801201.773:5522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7340 comm="syz.2.1248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f338452d58a code=0x7ffc0000
[  108.434940][   T29] audit: type=1326 audit(1749801201.773:5523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7340 comm="syz.2.1248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f338452e929 code=0x7ffc0000
[  108.438825][ T7355] FAULT_INJECTION: forcing a failure.
[  108.438825][ T7355] name failslab, interval 1, probability 0, space 0, times 0
[  108.458393][   T29] audit: type=1326 audit(1749801201.773:5524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7340 comm="syz.2.1248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f338452e929 code=0x7ffc0000
[  108.471004][ T7355] CPU: 0 UID: 0 PID: 7355 Comm: syz.4.1251 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[  108.471041][ T7355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  108.471093][ T7355] Call Trace:
[  108.471104][ T7355]  <TASK>
[  108.471117][ T7355]  __dump_stack+0x1d/0x30
[  108.471148][ T7355]  dump_stack_lvl+0xe8/0x140
[  108.471176][ T7355]  dump_stack+0x15/0x1b
[  108.471201][ T7355]  should_fail_ex+0x265/0x280
[  108.471250][ T7355]  ? __pfx_cond_bools_destroy+0x10/0x10
[  108.471303][ T7355]  should_failslab+0x8c/0xb0
[  108.471363][ T7355]  kmem_cache_alloc_noprof+0x50/0x310
[  108.471403][ T7355]  ? hashtab_duplicate+0xfe/0x360
[  108.471437][ T7355]  ? __pfx_cond_bools_destroy+0x10/0x10
[  108.471548][ T7355]  hashtab_duplicate+0xfe/0x360
[  108.471583][ T7355]  ? __pfx_cond_bools_copy+0x10/0x10
[  108.471702][ T7355]  cond_policydb_dup+0xd2/0x4e0
[  108.471753][ T7355]  security_set_bools+0xa0/0x340
[  108.471843][ T7355]  sel_commit_bools_write+0x1ea/0x270
[  108.471891][ T7355]  ? __pfx_sel_commit_bools_write+0x10/0x10
[  108.472030][ T7355]  vfs_write+0x266/0x8e0
[  108.472062][ T7355]  ? __rcu_read_unlock+0x4f/0x70
[  108.472104][ T7355]  ? __fget_files+0x184/0x1c0
[  108.472140][ T7355]  __x64_sys_pwrite64+0xfd/0x150
[  108.472172][ T7355]  x64_sys_call+0xe45/0x2fb0
[  108.472233][ T7355]  do_syscall_64+0xd2/0x200
[  108.472265][ T7355]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  108.472323][ T7355]  ? clear_bhb_loop+0x40/0x90
[  108.472354][ T7355]  ? clear_bhb_loop+0x40/0x90
[  108.472387][ T7355]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.472494][ T7355] RIP: 0033:0x7fafa205e929
[  108.472518][ T7355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.472545][ T7355] RSP: 002b:00007fafa06c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[  108.472573][ T7355] RAX: ffffffffffffffda RBX: 00007fafa2285fa0 RCX: 00007fafa205e929
[  108.472697][ T7355] RDX: 0000000000000001 RSI: 0000200000000080 RDI: 0000000000000003
[  108.472715][ T7355] RBP: 00007fafa06c7090 R08: 0000000000000000 R09: 0000000000000000
[  108.472733][ T7355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  108.472751][ T7355] R13: 0000000000000000 R14: 00007fafa2285fa0 R15: 00007ffeece801b8
[  108.472779][ T7355]  </TASK>
[  108.730711][   T29] audit: type=1326 audit(1749801202.323:5525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7360 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafa205e929 code=0x7ffc0000
[  108.754324][   T29] audit: type=1326 audit(1749801202.323:5526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7360 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafa205e929 code=0x7ffc0000
[  108.777838][   T29] audit: type=1326 audit(1749801202.323:5527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7360 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7fafa205e929 code=0x7ffc0000
[  108.801379][   T29] audit: type=1326 audit(1749801202.323:5528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7360 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafa205e929 code=0x7ffc0000
[  108.825573][ T7364] ref_ctr_offset mismatch. inode: 0x54c offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  108.930641][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.997388][ T7371] loop4: detected capacity change from 0 to 2048
[  109.025794][ T7373] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1260'.
[  109.036185][ T7371]  loop4: p3 p4 < >
[  109.147952][ T7389] loop4: detected capacity change from 0 to 128
[  109.205972][ T7389] syz.4.1266: attempt to access beyond end of device
[  109.205972][ T7389] loop4: rw=0, sector=121, nr_sectors = 120 limit=128
[  109.220647][ T7397] ref_ctr_offset mismatch. inode: 0x55c offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  109.243185][ T7399] FAULT_INJECTION: forcing a failure.
[  109.243185][ T7399] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  109.256425][ T7399] CPU: 0 UID: 0 PID: 7399 Comm: syz.1.1268 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[  109.256464][ T7399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  109.256481][ T7399] Call Trace:
[  109.256489][ T7399]  <TASK>
[  109.256497][ T7399]  __dump_stack+0x1d/0x30
[  109.256524][ T7399]  dump_stack_lvl+0xe8/0x140
[  109.256549][ T7399]  dump_stack+0x15/0x1b
[  109.256584][ T7399]  should_fail_ex+0x265/0x280
[  109.256631][ T7399]  should_fail+0xb/0x20
[  109.256668][ T7399]  should_fail_usercopy+0x1a/0x20
[  109.256689][ T7399]  _copy_from_user+0x1c/0xb0
[  109.256786][ T7399]  ___sys_sendmsg+0xc1/0x1d0
[  109.256829][ T7399]  __x64_sys_sendmsg+0xd4/0x160
[  109.256873][ T7399]  x64_sys_call+0x2999/0x2fb0
[  109.256901][ T7399]  do_syscall_64+0xd2/0x200
[  109.257009][ T7399]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  109.257062][ T7399]  ? clear_bhb_loop+0x40/0x90
[  109.257091][ T7399]  ? clear_bhb_loop+0x40/0x90
[  109.257120][ T7399]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.257148][ T7399] RIP: 0033:0x7fa1b6eae929
[  109.257168][ T7399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.257194][ T7399] RSP: 002b:00007fa1b54f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  109.257218][ T7399] RAX: ffffffffffffffda RBX: 00007fa1b70d6080 RCX: 00007fa1b6eae929
[  109.257234][ T7399] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000008
[  109.257257][ T7399] RBP: 00007fa1b54f6090 R08: 0000000000000000 R09: 0000000000000000
[  109.257297][ T7399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.257313][ T7399] R13: 0000000000000000 R14: 00007fa1b70d6080 R15: 00007ffcfea63f78
[  109.257417][ T7399]  </TASK>
[  109.438490][ T7399] loop1: detected capacity change from 0 to 512
[  109.445155][ T7399] EXT4-fs: Ignoring removed nomblk_io_submit option
[  109.456165][ T3327] kworker/u8:6: attempt to access beyond end of device
[  109.456165][ T3327] loop4: rw=1, sector=241, nr_sectors = 800 limit=128
[  109.515541][ T7399] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  109.527581][ T7405] SELinux: failed to load policy
[  109.547613][ T7411] Invalid ELF header magic: != ELF
[  109.563914][ T7412] Invalid ELF header magic: != ELF
[  109.591262][ T7399] EXT4-fs (loop1): 1 truncate cleaned up
[  109.597537][ T7399] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.616380][ T7391] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1268'.
[  109.638629][ T7412] sd 0:0:1:0: device reset
[  109.684308][ T7428] FAULT_INJECTION: forcing a failure.
[  109.684308][ T7428] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  109.684344][ T7428] CPU: 1 UID: 0 PID: 7428 Comm: syz.4.1279 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[  109.684379][ T7428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  109.684444][ T7428] Call Trace:
[  109.684451][ T7428]  <TASK>
[  109.684458][ T7428]  __dump_stack+0x1d/0x30
[  109.684481][ T7428]  dump_stack_lvl+0xe8/0x140
[  109.684506][ T7428]  dump_stack+0x15/0x1b
[  109.684571][ T7428]  should_fail_ex+0x265/0x280
[  109.684613][ T7428]  should_fail+0xb/0x20
[  109.684655][ T7428]  should_fail_usercopy+0x1a/0x20
[  109.684772][ T7428]  _copy_from_user+0x1c/0xb0
[  109.684805][ T7428]  memdup_user+0x5e/0xd0
[  109.684881][ T7428]  strndup_user+0x68/0xb0
[  109.684912][ T7428]  perf_uprobe_init+0x48/0x150
[  109.685112][ T7428]  perf_uprobe_event_init+0xea/0x150
[  109.685140][ T7428]  perf_try_init_event+0xd6/0x540
[  109.685165][ T7428]  ? perf_event_alloc+0xb1c/0x1680
[  109.685318][ T7428]  perf_event_alloc+0xb27/0x1680
[  109.685367][ T7428]  __se_sys_perf_event_open+0x4a5/0x11c0
[  109.685410][ T7428]  ? __rcu_read_unlock+0x4f/0x70
[  109.685532][ T7428]  __x64_sys_perf_event_open+0x67/0x80
[  109.685573][ T7428]  x64_sys_call+0x27ec/0x2fb0
[  109.685606][ T7428]  do_syscall_64+0xd2/0x200
[  109.685789][ T7428]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  109.685827][ T7428]  ? clear_bhb_loop+0x40/0x90
[  109.685859][ T7428]  ? clear_bhb_loop+0x40/0x90
[  109.685931][ T7428]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.685962][ T7428] RIP: 0033:0x7fafa205e929
[  109.685999][ T7428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.686026][ T7428] RSP: 002b:00007fafa06c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  109.686052][ T7428] RAX: ffffffffffffffda RBX: 00007fafa2285fa0 RCX: 00007fafa205e929
[  109.686091][ T7428] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 00002000000004c0
[  109.686109][ T7428] RBP: 00007fafa06c7090 R08: 0000000000000000 R09: 0000000000000000
[  109.686127][ T7428] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  109.686146][ T7428] R13: 0000000000000000 R14: 00007fafa2285fa0 R15: 00007ffeece801b8
[  109.686174][ T7428]  </TASK>
[  109.762806][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.970168][ T7437] ref_ctr_offset mismatch. inode: 0x577 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  110.005661][ T7448] netlink: 'syz.4.1287': attribute type 9 has an invalid length.
[  110.013501][ T7448] netlink: 'syz.4.1287': attribute type 7 has an invalid length.
[  110.021381][ T7448] netlink: 'syz.4.1287': attribute type 8 has an invalid length.
[  110.270717][ T7474] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1296'.
[  110.319630][ T7474] bond3: entered promiscuous mode
[  110.325795][ T7474] 8021q: adding VLAN 0 to HW filter on device bond3
[  110.347741][ T7474] 8021q: adding VLAN 0 to HW filter on device bond3
[  110.363767][ T7482] netlink: 2088 bytes leftover after parsing attributes in process `syz.1.1297'.
[  110.399717][ T7474] bond3: (slave ipip0): The slave device specified does not support setting the MAC address
[  110.439188][ T7474] bond3: (slave ipip0): Error -95 calling set_mac_address
[  110.530416][ T7477] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1291'.
[  110.539963][ T7477] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1291'.
[  110.551620][ T7477] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1291'.
[  110.568474][ T7492] FAULT_INJECTION: forcing a failure.
[  110.568474][ T7492] name failslab, interval 1, probability 0, space 0, times 0
[  110.581234][ T7492] CPU: 1 UID: 0 PID: 7492 Comm: syz.1.1298 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[  110.581267][ T7492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  110.581284][ T7492] Call Trace:
[  110.581292][ T7492]  <TASK>
[  110.581300][ T7492]  __dump_stack+0x1d/0x30
[  110.581328][ T7492]  dump_stack_lvl+0xe8/0x140
[  110.581395][ T7492]  dump_stack+0x15/0x1b
[  110.581417][ T7492]  should_fail_ex+0x265/0x280
[  110.581459][ T7492]  should_failslab+0x8c/0xb0
[  110.581490][ T7492]  kmem_cache_alloc_noprof+0x50/0x310
[  110.581531][ T7492]  ? __nf_conntrack_alloc+0xc7/0x270
[  110.581565][ T7492]  __nf_conntrack_alloc+0xc7/0x270
[  110.581596][ T7492]  init_conntrack+0xd7/0x830
[  110.581639][ T7492]  nf_conntrack_in+0x8bb/0xf40
[  110.581683][ T7492]  ipv6_conntrack_in+0x1d/0x30
[  110.581771][ T7492]  ? __pfx_ipv6_conntrack_in+0x10/0x10
[  110.581797][ T7492]  nf_hook_slow+0x75/0x180
[  110.581824][ T7492]  ipv6_rcv+0x10e/0x150
[  110.581858][ T7492]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  110.581957][ T7492]  __netif_receive_skb+0x9e/0x270
[  110.582038][ T7492]  ? tun_rx_batched+0xc7/0x430
[  110.582078][ T7492]  netif_receive_skb+0x4b/0x2e0
[  110.582111][ T7492]  ? tun_rx_batched+0xc7/0x430
[  110.582149][ T7492]  tun_rx_batched+0xfc/0x430
[  110.582204][ T7492]  tun_get_user+0x1e5a/0x2500
[  110.582251][ T7492]  ? ref_tracker_alloc+0x1f2/0x2f0
[  110.582369][ T7492]  tun_chr_write_iter+0x15e/0x210
[  110.582402][ T7492]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  110.582438][ T7492]  vfs_write+0x49d/0x8e0
[  110.582546][ T7492]  ksys_write+0xda/0x1a0
[  110.582574][ T7492]  __x64_sys_write+0x40/0x50
[  110.582600][ T7492]  x64_sys_call+0x2cdd/0x2fb0
[  110.582629][ T7492]  do_syscall_64+0xd2/0x200
[  110.582691][ T7492]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  110.582728][ T7492]  ? clear_bhb_loop+0x40/0x90
[  110.582757][ T7492]  ? clear_bhb_loop+0x40/0x90
[  110.582804][ T7492]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.582833][ T7492] RIP: 0033:0x7fa1b6ead3df
[  110.582881][ T7492] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  110.582900][ T7492] RSP: 002b:00007fa1b5517000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  110.582923][ T7492] RAX: ffffffffffffffda RBX: 00007fa1b70d5fa0 RCX: 00007fa1b6ead3df
[  110.582986][ T7492] RDX: 00000000000000d2 RSI: 0000200000000d00 RDI: 00000000000000c8
[  110.583000][ T7492] RBP: 00007fa1b5517090 R08: 0000000000000000 R09: 0000000000000000
[  110.583015][ T7492] R10: 00000000000000d2 R11: 0000000000000293 R12: 0000000000000001
[  110.583031][ T7492] R13: 0000000000000000 R14: 00007fa1b70d5fa0 R15: 00007ffcfea63f78
[  110.583057][ T7492]  </TASK>
[  111.118526][ T7522] loop0: detected capacity change from 0 to 128
[  111.146231][ T7552] netlink: 'syz.2.1304': attribute type 9 has an invalid length.
[  111.154162][ T7552] netlink: 'syz.2.1304': attribute type 7 has an invalid length.
[  111.162035][ T7552] netlink: 'syz.2.1304': attribute type 8 has an invalid length.
[  111.186482][ T7557] netlink: 'syz.1.1302': attribute type 1 has an invalid length.
[  111.186686][ T7522] syz.0.1303: attempt to access beyond end of device
[  111.186686][ T7522] loop0: rw=0, sector=121, nr_sectors = 120 limit=128
[  111.194294][ T7557] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1302'.
[  111.264536][ T7550] loop1: detected capacity change from 0 to 512
[  111.273852][ T7550] EXT4-fs: Ignoring removed nomblk_io_submit option
[  111.312775][ T7550] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  111.363703][ T7581] FAULT_INJECTION: forcing a failure.
[  111.363703][ T7581] name failslab, interval 1, probability 0, space 0, times 0
[  111.376759][ T7581] CPU: 0 UID: 0 PID: 7581 Comm: GPL Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[  111.376795][ T7581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  111.376812][ T7581] Call Trace:
[  111.376820][ T7581]  <TASK>
[  111.376828][ T7581]  __dump_stack+0x1d/0x30
[  111.376860][ T7581]  dump_stack_lvl+0xe8/0x140
[  111.376880][ T7581]  dump_stack+0x15/0x1b
[  111.376901][ T7581]  should_fail_ex+0x265/0x280
[  111.376954][ T7581]  should_failslab+0x8c/0xb0
[  111.376981][ T7581]  kmem_cache_alloc_noprof+0x50/0x310
[  111.377045][ T7581]  ? alloc_empty_file+0x76/0x200
[  111.377090][ T7581]  alloc_empty_file+0x76/0x200
[  111.377125][ T7581]  dentry_open+0x2d/0x90
[  111.377159][ T7581]  pidfs_alloc_file+0x132/0x200
[  111.377247][ T7581]  pidfd_prepare+0xc9/0x130
[  111.377282][ T7581]  __se_sys_pidfd_open+0x133/0x280
[  111.377308][ T7581]  __x64_sys_pidfd_open+0x31/0x40
[  111.377337][ T7581]  x64_sys_call+0x2a5f/0x2fb0
[  111.377513][ T7581]  do_syscall_64+0xd2/0x200
[  111.377535][ T7581]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  111.377566][ T7581]  ? clear_bhb_loop+0x40/0x90
[  111.377595][ T7581]  ? clear_bhb_loop+0x40/0x90
[  111.377622][ T7581]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.377744][ T7581] RIP: 0033:0x7f338452e929
[  111.377762][ T7581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.377781][ T7581] RSP: 002b:00007f3382b97028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2
[  111.377801][ T7581] RAX: ffffffffffffffda RBX: 00007f3384755fa0 RCX: 00007f338452e929
[  111.377814][ T7581] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000295
[  111.377827][ T7581] RBP: 00007f3382b97090 R08: 0000000000000000 R09: 0000000000000000
[  111.377844][ T7581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.377859][ T7581] R13: 0000000000000000 R14: 00007f3384755fa0 R15: 00007ffd5be2eaf8
[  111.377935][ T7581]  </TASK>
[  111.585510][ T7550] EXT4-fs (loop1): 1 truncate cleaned up
[  111.591783][ T7550] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.634375][ T6546] kworker/u8:15: attempt to access beyond end of device
[  111.634375][ T6546] loop0: rw=1, sector=241, nr_sectors = 800 limit=128
[  111.662170][ T7550] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1302'.
[  111.691309][ T7587] loop4: detected capacity change from 0 to 4096
[  111.730656][ T7587] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.781234][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.846117][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.894286][ T7615] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1317'.
[  111.925506][ T7615] bond4: entered promiscuous mode
[  111.931038][ T7615] 8021q: adding VLAN 0 to HW filter on device bond4
[  111.944683][ T7615] 8021q: adding VLAN 0 to HW filter on device bond4
[  111.954168][ T7615] bond4: (slave ipip0): The slave device specified does not support setting the MAC address
[  111.965826][ T7615] bond4: (slave ipip0): Error -95 calling set_mac_address
[  112.059999][ T7635] loop1: detected capacity change from 0 to 128
[  112.136924][ T7635] syz.1.1324: attempt to access beyond end of device
[  112.136924][ T7635] loop1: rw=0, sector=121, nr_sectors = 120 limit=128
[  112.186579][ T7648] loop0: detected capacity change from 0 to 256
[  112.196213][ T7648] msdos: Bad value for 'tz'
[  112.220519][ T7648] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1326'.
[  112.229475][ T7648] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1326'.
[  112.253689][ T5997] kworker/u8:13: attempt to access beyond end of device
[  112.253689][ T5997] loop1: rw=1, sector=241, nr_sectors = 800 limit=128
[  112.379567][ T7675] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1329'.
[  112.799471][ T7745] syzkaller1: entered promiscuous mode
[  112.805075][ T7745] syzkaller1: entered allmulticast mode
[  112.821755][ T7743] loop3: detected capacity change from 0 to 2048
[  112.889612][ T7743] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  112.948356][ T7753] FAULT_INJECTION: forcing a failure.
[  112.948356][ T7753] name failslab, interval 1, probability 0, space 0, times 0
[  112.961247][ T7753] CPU: 0 UID: 0 PID: 7753 Comm: syz.1.1344 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[  112.961283][ T7753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  112.961299][ T7753] Call Trace:
[  112.961306][ T7753]  <TASK>
[  112.961314][ T7753]  __dump_stack+0x1d/0x30
[  112.961344][ T7753]  dump_stack_lvl+0xe8/0x140
[  112.961364][ T7753]  dump_stack+0x15/0x1b
[  112.961382][ T7753]  should_fail_ex+0x265/0x280
[  112.961419][ T7753]  ? alloc_fs_context+0x44/0x4e0
[  112.961493][ T7753]  should_failslab+0x8c/0xb0
[  112.961518][ T7753]  __kmalloc_cache_noprof+0x4c/0x320
[  112.961550][ T7753]  alloc_fs_context+0x44/0x4e0
[  112.961590][ T7753]  fs_context_for_mount+0x22/0x30
[  112.961625][ T7753]  do_new_mount+0xe9/0x680
[  112.961695][ T7753]  path_mount+0x4a4/0xb20
[  112.961715][ T7753]  ? user_path_at+0x109/0x130
[  112.961823][ T7753]  __se_sys_mount+0x28f/0x2e0
[  112.961846][ T7753]  ? fput+0x8f/0xc0
[  112.961887][ T7753]  __x64_sys_mount+0x67/0x80
[  112.961909][ T7753]  x64_sys_call+0xd36/0x2fb0
[  112.961932][ T7753]  do_syscall_64+0xd2/0x200
[  112.961955][ T7753]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  112.962007][ T7753]  ? clear_bhb_loop+0x40/0x90
[  112.962030][ T7753]  ? clear_bhb_loop+0x40/0x90
[  112.962065][ T7753]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.962094][ T7753] RIP: 0033:0x7fa1b6eae929
[  112.962111][ T7753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.962199][ T7753] RSP: 002b:00007fa1b5517038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  112.962219][ T7753] RAX: ffffffffffffffda RBX: 00007fa1b70d5fa0 RCX: 00007fa1b6eae929
[  112.962233][ T7753] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 0000000000000000
[  112.962246][ T7753] RBP: 00007fa1b5517090 R08: 0000200000000340 R09: 0000000000000000
[  112.962259][ T7753] R10: 0000000000800000 R11: 0000000000000246 R12: 0000000000000001
[  112.962272][ T7753] R13: 0000000000000000 R14: 00007fa1b70d5fa0 R15: 00007ffcfea63f78
[  112.962294][ T7753]  </TASK>
[  113.175398][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.270928][   T29] kauditd_printk_skb: 221 callbacks suppressed
[  113.270943][   T29] audit: type=1326 audit(1749801206.863:5750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7764 comm="syz.1.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  113.301072][   T29] audit: type=1326 audit(1749801206.863:5751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7764 comm="syz.1.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  113.324640][   T29] audit: type=1326 audit(1749801206.863:5752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7764 comm="syz.1.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  113.348144][   T29] audit: type=1326 audit(1749801206.923:5753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7764 comm="syz.1.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  113.371666][   T29] audit: type=1326 audit(1749801206.923:5754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7764 comm="syz.1.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  113.372711][ T7763] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.428808][   T29] audit: type=1326 audit(1749801207.023:5755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7770 comm="syz.1.1350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  113.452442][   T29] audit: type=1326 audit(1749801207.023:5756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7770 comm="syz.1.1350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  113.476068][   T29] audit: type=1326 audit(1749801207.023:5757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7770 comm="syz.1.1350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  113.499562][   T29] audit: type=1326 audit(1749801207.023:5758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7770 comm="syz.1.1350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  113.508535][ T7771] x_tables: duplicate underflow at hook 2
[  113.522990][   T29] audit: type=1326 audit(1749801207.023:5759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7770 comm="syz.1.1350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  113.614354][ T7763] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.631036][ T7773] loop3: detected capacity change from 0 to 128
[  113.649519][ T7763] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.685287][ T7773] syz.3.1352: attempt to access beyond end of device
[  113.685287][ T7773] loop3: rw=0, sector=121, nr_sectors = 120 limit=128
[  113.733964][ T7763] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.751396][ T5245] kworker/u8:8: attempt to access beyond end of device
[  113.751396][ T5245] loop3: rw=1, sector=241, nr_sectors = 800 limit=128
[  113.867351][ T7763] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  113.909577][ T7800] ref_ctr_offset mismatch. inode: 0x5bf offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  113.926152][ T7763] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  113.961644][ T7763] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  113.973941][ T7763] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  114.081166][ T7806] x_tables: duplicate underflow at hook 2
[  114.087942][ T7808] FAULT_INJECTION: forcing a failure.
[  114.087942][ T7808] name failslab, interval 1, probability 0, space 0, times 0
[  114.100854][ T7808] CPU: 0 UID: 0 PID: 7808 Comm: syz.3.1367 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[  114.100892][ T7808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  114.100907][ T7808] Call Trace:
[  114.100913][ T7808]  <TASK>
[  114.100920][ T7808]  __dump_stack+0x1d/0x30
[  114.100948][ T7808]  dump_stack_lvl+0xe8/0x140
[  114.101056][ T7808]  dump_stack+0x15/0x1b
[  114.101073][ T7808]  should_fail_ex+0x265/0x280
[  114.101160][ T7808]  should_failslab+0x8c/0xb0
[  114.101184][ T7808]  kmem_cache_alloc_noprof+0x50/0x310
[  114.101220][ T7808]  ? __kernfs_new_node+0x6d/0x350
[  114.101249][ T7808]  __kernfs_new_node+0x6d/0x350
[  114.101310][ T7808]  kernfs_new_node+0xd0/0x140
[  114.101337][ T7808]  kernfs_create_link+0x70/0x130
[  114.101369][ T7808]  sysfs_do_create_link_sd+0x6a/0x100
[  114.101412][ T7808]  sysfs_create_link+0x51/0x70
[  114.101522][ T7808]  driver_sysfs_add+0x54/0x160
[  114.101627][ T7808]  device_bind_driver+0x17/0x60
[  114.101677][ T7808]  usb_driver_claim_interface+0x1af/0x280
[  114.101710][ T7808]  proc_claiminterface+0x14d/0x1c0
[  114.101736][ T7808]  ? usbdev_ioctl+0xa41/0x1710
[  114.101831][ T7808]  usbdev_ioctl+0xa52/0x1710
[  114.101889][ T7808]  ? __pfx_usbdev_ioctl+0x10/0x10
[  114.101927][ T7808]  __se_sys_ioctl+0xce/0x140
[  114.102014][ T7808]  __x64_sys_ioctl+0x43/0x50
[  114.102113][ T7808]  x64_sys_call+0x19a8/0x2fb0
[  114.102142][ T7808]  do_syscall_64+0xd2/0x200
[  114.102168][ T7808]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  114.102226][ T7808]  ? clear_bhb_loop+0x40/0x90
[  114.102328][ T7808]  ? clear_bhb_loop+0x40/0x90
[  114.102356][ T7808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.102390][ T7808] RIP: 0033:0x7f30159fe929
[  114.102463][ T7808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.102488][ T7808] RSP: 002b:00007f3014067038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  114.102511][ T7808] RAX: ffffffffffffffda RBX: 00007f3015c25fa0 RCX: 00007f30159fe929
[  114.102527][ T7808] RDX: 0000200000002a40 RSI: 000000008004550f RDI: 0000000000000003
[  114.102543][ T7808] RBP: 00007f3014067090 R08: 0000000000000000 R09: 0000000000000000
[  114.102558][ T7808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  114.102609][ T7808] R13: 0000000000000000 R14: 00007f3015c25fa0 R15: 00007fff0f481498
[  114.102633][ T7808]  </TASK>
[  114.398687][ T7818] FAULT_INJECTION: forcing a failure.
[  114.398687][ T7818] name failslab, interval 1, probability 0, space 0, times 0
[  114.411457][ T7818] CPU: 1 UID: 0 PID: 7818 Comm: syz.2.1371 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[  114.411494][ T7818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  114.411511][ T7818] Call Trace:
[  114.411520][ T7818]  <TASK>
[  114.411530][ T7818]  __dump_stack+0x1d/0x30
[  114.411558][ T7818]  dump_stack_lvl+0xe8/0x140
[  114.411583][ T7818]  dump_stack+0x15/0x1b
[  114.411674][ T7818]  should_fail_ex+0x265/0x280
[  114.411823][ T7818]  ? percpu_ref_init+0x9c/0x250
[  114.411864][ T7818]  should_failslab+0x8c/0xb0
[  114.411889][ T7818]  ? __pfx_free_ioctx_reqs+0x10/0x10
[  114.411981][ T7818]  __kmalloc_cache_noprof+0x4c/0x320
[  114.412094][ T7818]  ? __pfx_free_ioctx_reqs+0x10/0x10
[  114.412121][ T7818]  percpu_ref_init+0x9c/0x250
[  114.412206][ T7818]  ioctx_alloc+0x208/0x4e0
[  114.412230][ T7818]  ? fput+0x8f/0xc0
[  114.412260][ T7818]  __se_sys_io_setup+0x6b/0x1b0
[  114.412280][ T7818]  __x64_sys_io_setup+0x31/0x40
[  114.412346][ T7818]  x64_sys_call+0x2f0e/0x2fb0
[  114.412441][ T7818]  do_syscall_64+0xd2/0x200
[  114.412468][ T7818]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  114.412503][ T7818]  ? clear_bhb_loop+0x40/0x90
[  114.412525][ T7818]  ? clear_bhb_loop+0x40/0x90
[  114.412547][ T7818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.412591][ T7818] RIP: 0033:0x7f338452e929
[  114.412612][ T7818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.412635][ T7818] RSP: 002b:00007f3382b97038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  114.412661][ T7818] RAX: ffffffffffffffda RBX: 00007f3384755fa0 RCX: 00007f338452e929
[  114.412679][ T7818] RDX: 0000000000000000 RSI: 0000200000000680 RDI: 0000000000002004
[  114.412696][ T7818] RBP: 00007f3382b97090 R08: 0000000000000000 R09: 0000000000000000
[  114.412713][ T7818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  114.412755][ T7818] R13: 0000000000000000 R14: 00007f3384755fa0 R15: 00007ffd5be2eaf8
[  114.412778][ T7818]  </TASK>
[  114.722634][ T7843] x_tables: duplicate underflow at hook 2
[  114.740816][ T7845] bond1: entered promiscuous mode
[  114.760742][ T7845] 8021q: adding VLAN 0 to HW filter on device bond1
[  114.815537][ T7856] 8021q: adding VLAN 0 to HW filter on device bond1
[  114.836443][ T7856] bond1: (slave ipip1): The slave device specified does not support setting the MAC address
[  114.848190][ T7856] bond1: (slave ipip1): Error -95 calling set_mac_address
[  115.082267][ T7878] loop0: detected capacity change from 0 to 128
[  115.157657][ T7878] syz.0.1386: attempt to access beyond end of device
[  115.157657][ T7878] loop0: rw=0, sector=121, nr_sectors = 120 limit=128
[  115.250726][ T7891] x_tables: duplicate underflow at hook 1
[  115.275501][ T3327] kworker/u8:6: attempt to access beyond end of device
[  115.275501][ T3327] loop0: rw=1, sector=241, nr_sectors = 800 limit=128
[  115.448266][ T7918] x_tables: duplicate underflow at hook 2
[  115.688800][ T7968] FAULT_INJECTION: forcing a failure.
[  115.688800][ T7968] name failslab, interval 1, probability 0, space 0, times 0
[  115.701620][ T7968] CPU: 0 UID: 0 PID: 7968 Comm: syz.0.1400 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[  115.701656][ T7968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  115.701696][ T7968] Call Trace:
[  115.701705][ T7968]  <TASK>
[  115.701713][ T7968]  __dump_stack+0x1d/0x30
[  115.701739][ T7968]  dump_stack_lvl+0xe8/0x140
[  115.701764][ T7968]  dump_stack+0x15/0x1b
[  115.701780][ T7968]  should_fail_ex+0x265/0x280
[  115.701918][ T7968]  should_failslab+0x8c/0xb0
[  115.701949][ T7968]  __kmalloc_noprof+0xa5/0x3e0
[  115.701976][ T7968]  ? copy_splice_read+0xc2/0x5f0
[  115.702015][ T7968]  copy_splice_read+0xc2/0x5f0
[  115.702081][ T7968]  ? __pfx_copy_splice_read+0x10/0x10
[  115.702197][ T7968]  splice_direct_to_actor+0x26c/0x680
[  115.702242][ T7968]  ? __pfx_direct_splice_actor+0x10/0x10
[  115.702316][ T7968]  do_splice_direct+0xda/0x150
[  115.702350][ T7968]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  115.702373][ T7968]  do_sendfile+0x380/0x650
[  115.702435][ T7968]  __x64_sys_sendfile64+0x105/0x150
[  115.702469][ T7968]  x64_sys_call+0xb39/0x2fb0
[  115.702498][ T7968]  do_syscall_64+0xd2/0x200
[  115.702525][ T7968]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  115.702635][ T7968]  ? clear_bhb_loop+0x40/0x90
[  115.702665][ T7968]  ? clear_bhb_loop+0x40/0x90
[  115.702695][ T7968]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.702724][ T7968] RIP: 0033:0x7f1eb281e929
[  115.702778][ T7968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.702797][ T7968] RSP: 002b:00007f1eb0e87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  115.702875][ T7968] RAX: ffffffffffffffda RBX: 00007f1eb2a45fa0 RCX: 00007f1eb281e929
[  115.702892][ T7968] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[  115.702915][ T7968] RBP: 00007f1eb0e87090 R08: 0000000000000000 R09: 0000000000000000
[  115.702930][ T7968] R10: 000000000000000b R11: 0000000000000246 R12: 0000000000000001
[  115.702945][ T7968] R13: 0000000000000000 R14: 00007f1eb2a45fa0 R15: 00007ffe9c3ae978
[  115.703018][ T7968]  </TASK>
[  116.015528][ T7980] x_tables: duplicate underflow at hook 2
[  116.082025][ T7988] loop3: detected capacity change from 0 to 512
[  116.097882][ T7988] EXT4-fs: Ignoring removed orlov option
[  116.110031][ T7991] ref_ctr_offset mismatch. inode: 0x5f8 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  116.114256][ T7988] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  116.134561][ T7983] __nla_validate_parse: 8 callbacks suppressed
[  116.134575][ T7983] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1410'.
[  116.153730][ T7988] EXT4-fs (loop3): 1 truncate cleaned up
[  116.161292][ T7988] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.189009][ T7976] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1406'.
[  116.228962][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.297782][ T8007] ref_ctr_offset mismatch. inode: 0x5ba offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  116.374220][ T8023] netlink: 2088 bytes leftover after parsing attributes in process `syz.3.1420'.
[  116.499836][ T8036] FAULT_INJECTION: forcing a failure.
[  116.499836][ T8036] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  116.513294][ T8036] CPU: 0 UID: 0 PID: 8036 Comm: syz.3.1428 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[  116.513395][ T8036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  116.513407][ T8036] Call Trace:
[  116.513413][ T8036]  <TASK>
[  116.513420][ T8036]  __dump_stack+0x1d/0x30
[  116.513439][ T8036]  dump_stack_lvl+0xe8/0x140
[  116.513456][ T8036]  dump_stack+0x15/0x1b
[  116.513519][ T8036]  should_fail_ex+0x265/0x280
[  116.513551][ T8036]  should_fail_alloc_page+0xf2/0x100
[  116.513574][ T8036]  __alloc_frozen_pages_noprof+0xff/0x360
[  116.513663][ T8036]  alloc_pages_mpol+0xb3/0x250
[  116.513691][ T8036]  alloc_pages_noprof+0x90/0x130
[  116.513718][ T8036]  __pud_alloc+0x47/0x4c0
[  116.513738][ T8036]  handle_mm_fault+0x1882/0x2be0
[  116.513833][ T8036]  ? expand_downwards+0x3fa/0x720
[  116.513869][ T8036]  do_user_addr_fault+0x3fe/0x1090
[  116.513920][ T8036]  ? __rcu_read_unlock+0x4f/0x70
[  116.513997][ T8036]  exc_page_fault+0x62/0xa0
[  116.514027][ T8036]  asm_exc_page_fault+0x26/0x30
[  116.514045][ T8036] RIP: 0010:__put_user_4+0xd/0x20
[  116.514111][ T8036] Code: 66 89 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90
[  116.514128][ T8036] RSP: 0018:ffffc90010ecbe78 EFLAGS: 00050206
[  116.514211][ T8036] RAX: 0000000000000004 RBX: 0000000000000000 RCX: 00002000000029c0
[  116.514222][ T8036] RDX: ffff888119b4e180 RSI: 0000000000000005 RDI: 0000000000000000
[  116.514233][ T8036] RBP: 0000000000000004 R08: 0001ffff86848a7f R09: 0000000000000000
[  116.514244][ T8036] R10: 00018881409342c0 R11: 00018881409342c7 R12: 00002000000029c0
[  116.514255][ T8036] R13: 0000000000000005 R14: 0000000000000001 R15: 0000000000000000
[  116.514272][ T8036]  __sys_socketpair+0xa6/0x430
[  116.514299][ T8036]  ? ksys_write+0x192/0x1a0
[  116.514361][ T8036]  __x64_sys_socketpair+0x52/0x60
[  116.514389][ T8036]  x64_sys_call+0x23f2/0x2fb0
[  116.514408][ T8036]  do_syscall_64+0xd2/0x200
[  116.514426][ T8036]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  116.514506][ T8036]  ? clear_bhb_loop+0x40/0x90
[  116.514526][ T8036]  ? clear_bhb_loop+0x40/0x90
[  116.514545][ T8036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.514565][ T8036] RIP: 0033:0x7f30159fe929
[  116.514642][ T8036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.514659][ T8036] RSP: 002b:00007f3014067038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  116.514675][ T8036] RAX: ffffffffffffffda RBX: 00007f3015c25fa0 RCX: 00007f30159fe929
[  116.514686][ T8036] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000001
[  116.514696][ T8036] RBP: 00007f3014067090 R08: 0000000000000000 R09: 0000000000000000
[  116.514707][ T8036] R10: 00002000000029c0 R11: 0000000000000246 R12: 0000000000000001
[  116.514718][ T8036] R13: 0000000000000000 R14: 00007f3015c25fa0 R15: 00007fff0f481498
[  116.514792][ T8036]  </TASK>
[  116.841512][ T8041] x_tables: duplicate underflow at hook 2
[  116.882069][ T8043] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1432'.
[  116.939494][ T8051] FAULT_INJECTION: forcing a failure.
[  116.939494][ T8051] name failslab, interval 1, probability 0, space 0, times 0
[  116.952309][ T8051] CPU: 0 UID: 0 PID: 8051 Comm: syz.3.1436 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[  116.952369][ T8051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  116.952385][ T8051] Call Trace:
[  116.952394][ T8051]  <TASK>
[  116.952404][ T8051]  __dump_stack+0x1d/0x30
[  116.952428][ T8051]  dump_stack_lvl+0xe8/0x140
[  116.952458][ T8051]  dump_stack+0x15/0x1b
[  116.952474][ T8051]  should_fail_ex+0x265/0x280
[  116.952518][ T8051]  should_failslab+0x8c/0xb0
[  116.952547][ T8051]  kmem_cache_alloc_node_noprof+0x57/0x320
[  116.952584][ T8051]  ? __alloc_skb+0x101/0x320
[  116.952667][ T8051]  __alloc_skb+0x101/0x320
[  116.952709][ T8051]  netlink_alloc_large_skb+0xba/0xf0
[  116.952743][ T8051]  netlink_sendmsg+0x3cf/0x6b0
[  116.952850][ T8051]  ? __pfx_netlink_sendmsg+0x10/0x10
[  116.952884][ T8051]  __sock_sendmsg+0x145/0x180
[  116.952958][ T8051]  ____sys_sendmsg+0x31e/0x4e0
[  116.952983][ T8051]  ___sys_sendmsg+0x17b/0x1d0
[  116.953021][ T8051]  __x64_sys_sendmsg+0xd4/0x160
[  116.953055][ T8051]  x64_sys_call+0x2999/0x2fb0
[  116.953084][ T8051]  do_syscall_64+0xd2/0x200
[  116.953187][ T8051]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  116.953221][ T8051]  ? clear_bhb_loop+0x40/0x90
[  116.953250][ T8051]  ? clear_bhb_loop+0x40/0x90
[  116.953316][ T8051]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.953345][ T8051] RIP: 0033:0x7f30159fe929
[  116.953365][ T8051] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.953400][ T8051] RSP: 002b:00007f3014067038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  116.953419][ T8051] RAX: ffffffffffffffda RBX: 00007f3015c25fa0 RCX: 00007f30159fe929
[  116.953432][ T8051] RDX: 0000000000000800 RSI: 0000200000000200 RDI: 0000000000000006
[  116.953444][ T8051] RBP: 00007f3014067090 R08: 0000000000000000 R09: 0000000000000000
[  116.953457][ T8051] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  116.953471][ T8051] R13: 0000000000000000 R14: 00007f3015c25fa0 R15: 00007fff0f481498
[  116.953509][ T8051]  </TASK>
[  117.695595][ T8071] x_tables: duplicate underflow at hook 2
[  117.709623][ T8073] loop4: detected capacity change from 0 to 512
[  117.717538][ T8073] ext4: Bad value for 'debug_want_extra_isize'
[  117.808584][ T8082] loop2: detected capacity change from 0 to 2048
[  117.885509][ T8091] loop1: detected capacity change from 0 to 128
[  117.913369][ T8082] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.927038][ T8091] syz.1.1450: attempt to access beyond end of device
[  117.927038][ T8091] loop1: rw=0, sector=121, nr_sectors = 120 limit=128
[  117.957440][ T8088] SELinux: failed to load policy
[  117.987953][ T8082] ext4 filesystem being mounted at /287/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.014339][ T8096] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1451'.
[  118.077119][ T7547] kworker/u8:18: attempt to access beyond end of device
[  118.077119][ T7547] loop1: rw=1, sector=241, nr_sectors = 800 limit=128
[  118.197982][ T8107] netlink: 2088 bytes leftover after parsing attributes in process `syz.1.1452'.
[  118.279472][   T29] kauditd_printk_skb: 502 callbacks suppressed
[  118.279509][   T29] audit: type=1326 audit(1749801211.873:6262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8101 comm="syz.1.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  118.309516][   T29] audit: type=1326 audit(1749801211.873:6263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8101 comm="syz.1.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  118.431607][ T8116] x_tables: duplicate underflow at hook 2
[  118.513545][ T8124] netlink: 180 bytes leftover after parsing attributes in process `syz.1.1462'.
[  118.535022][ T8120] loop4: detected capacity change from 0 to 2048
[  118.544285][ T8126] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1463'.
[  118.565359][ T8120] EXT4-fs (loop4): failed to initialize system zone (-117)
[  118.574591][ T8120] EXT4-fs (loop4): mount failed
[  118.580318][ T8130] loop1: detected capacity change from 0 to 128
[  118.631204][ T8130] syz.1.1464: attempt to access beyond end of device
[  118.631204][ T8130] loop1: rw=0, sector=121, nr_sectors = 120 limit=128
[  118.722815][ T8135] tipc: New replicast peer: 0.0.255.255
[  118.728558][ T8135] tipc: Enabled bearer <udp:s >, priority 10
[  118.767254][ T7547] kworker/u8:18: attempt to access beyond end of device
[  118.767254][ T7547] loop1: rw=1, sector=241, nr_sectors = 800 limit=128
[  118.832329][   T29] audit: type=1326 audit(1749801212.413:6264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8140 comm="syz.1.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  118.855963][   T29] audit: type=1326 audit(1749801212.413:6265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8140 comm="syz.1.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  118.879443][   T29] audit: type=1326 audit(1749801212.413:6266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8140 comm="syz.1.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  118.902890][   T29] audit: type=1326 audit(1749801212.413:6267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8140 comm="syz.1.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  118.926439][   T29] audit: type=1326 audit(1749801212.413:6268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8140 comm="syz.1.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  118.950344][   T29] audit: type=1326 audit(1749801212.413:6269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8140 comm="syz.1.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  118.973896][   T29] audit: type=1326 audit(1749801212.413:6270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8140 comm="syz.1.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  118.997623][   T29] audit: type=1326 audit(1749801212.413:6271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8140 comm="syz.1.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa1b6eae929 code=0x7ffc0000
[  119.036426][ T7547] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:18: bg 0: block 345: padding at end of block bitmap is not set
[  119.046338][ T8148] netlink: 2088 bytes leftover after parsing attributes in process `syz.1.1468'.
[  119.052185][ T7547] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117
[  119.073043][ T7547] EXT4-fs (loop2): This should not happen!! Data will be lost
[  119.073043][ T7547] 
[  119.103039][ T3327] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 724 with error 28
[  119.116033][ T3327] EXT4-fs (loop2): This should not happen!! Data will be lost
[  119.116033][ T3327] 
[  119.125729][ T3327] EXT4-fs (loop2): Total free blocks count 0
[  119.131965][ T3327] EXT4-fs (loop2): Free/Dirty block details
[  119.138112][ T3327] EXT4-fs (loop2): free_blocks=0
[  119.143225][ T3327] EXT4-fs (loop2): dirty_blocks=736
[  119.148485][ T3327] EXT4-fs (loop2): Block reservation details
[  119.194989][ T8158] netlink: 180 bytes leftover after parsing attributes in process `syz.0.1477'.
[  119.205482][ T8159] x_tables: duplicate underflow at hook 2
[  119.274539][ T8170] loop1: detected capacity change from 0 to 2048
[  119.301290][ T8170] EXT4-fs (loop1): failed to initialize system zone (-117)
[  119.316807][ T8170] EXT4-fs (loop1): mount failed
[  119.381811][ T8183] bond3: entered promiscuous mode
[  119.411536][ T8183] 8021q: adding VLAN 0 to HW filter on device bond3
[  119.454935][ T8191] 8021q: adding VLAN 0 to HW filter on device bond3
[  119.490198][ T8191] bond3: (slave ipip0): The slave device specified does not support setting the MAC address
[  119.523614][ T8191] bond3: (slave ipip0): Error -95 calling set_mac_address
[  119.691684][ T8216] x_tables: duplicate underflow at hook 2
[  120.253634][ T8310] x_tables: duplicate underflow at hook 2
[  120.271488][ T8309] loop0: detected capacity change from 0 to 2048
[  120.307536][ T8309] EXT4-fs (loop0): failed to initialize system zone (-117)
[  120.333096][ T8309] EXT4-fs (loop0): mount failed
[  120.411659][ T8326] tipc: Started in network mode
[  120.416768][ T8326] tipc: Node identity ac14140f, cluster identity 4711
[  120.456098][ T8326] tipc: New replicast peer: 0.0.255.255
[  120.461851][ T8326] tipc: Enabled bearer <udp:s >, priority 10
[  120.532392][ T8335] loop4: detected capacity change from 0 to 128
[  120.633130][ T8335] syz.4.1519: attempt to access beyond end of device
[  120.633130][ T8335] loop4: rw=0, sector=121, nr_sectors = 120 limit=128
[  120.793520][ T5997] kworker/u8:13: attempt to access beyond end of device
[  120.793520][ T5997] loop4: rw=1, sector=241, nr_sectors = 800 limit=128
[  120.876251][ T8359] ref_ctr_offset mismatch. inode: 0x645 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  120.930638][ T8364] loop2: detected capacity change from 0 to 128
[  120.957661][ T8364] syz.2.1532: attempt to access beyond end of device
[  120.957661][ T8364] loop2: rw=0, sector=121, nr_sectors = 120 limit=128
[  121.053971][ T5997] kworker/u8:13: attempt to access beyond end of device
[  121.053971][ T5997] loop2: rw=1, sector=241, nr_sectors = 800 limit=128
[  121.092213][ T8378] x_tables: duplicate underflow at hook 2
[  121.286412][ T8368] __nla_validate_parse: 8 callbacks suppressed
[  121.286432][ T8368] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1534'.
[  121.433329][ T8385] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1542'.
[  121.562245][ T8413] netlink: 2088 bytes leftover after parsing attributes in process `syz.2.1551'.
[  121.575801][   T36] tipc: Node number set to 2886997007
[  121.646532][ T8417] netlink: 'syz.0.1555': attribute type 1 has an invalid length.
[  121.694566][ T8417] pim6reg1: entered promiscuous mode
[  121.699975][ T8417] pim6reg1: entered allmulticast mode
[  121.756969][ T8420] sch_tbf: burst 3298 is lower than device lo mtu (11337746) !
[  121.780748][ T8422] ref_ctr_offset mismatch. inode: 0x664 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  121.867087][ T8431] loop4: detected capacity change from 0 to 128
[  121.928926][ T8440] loop3: detected capacity change from 0 to 2048
[  121.939247][ T8442] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1567'.
[  121.956221][ T8431] syz.4.1561: attempt to access beyond end of device
[  121.956221][ T8431] loop4: rw=0, sector=121, nr_sectors = 120 limit=128
[  121.976283][ T8440] EXT4-fs (loop3): failed to initialize system zone (-117)
[  121.987620][ T8440] EXT4-fs (loop3): mount failed
[  122.005834][ T8440] tipc: New replicast peer: 0.0.255.255
[  122.011503][ T8440] tipc: Enabled bearer <udp:s >, priority 10
[  122.027215][ T8448] netlink: 'syz.2.1569': attribute type 1 has an invalid length.
[  122.056654][ T8448] pim6reg1: entered promiscuous mode
[  122.062025][ T8448] pim6reg1: entered allmulticast mode
[  122.070567][ T6546] kworker/u8:15: attempt to access beyond end of device
[  122.070567][ T6546] loop4: rw=1, sector=241, nr_sectors = 800 limit=128
[  122.140486][ T8458] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1572'.
[  122.179252][ T8464] ref_ctr_offset mismatch. inode: 0x687 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  122.299681][ T8476] loop4: detected capacity change from 0 to 128
[  122.422333][ T8484] x_tables: duplicate underflow at hook 2
[  122.471633][ T8486] loop4: detected capacity change from 0 to 2048
[  122.491907][ T8492] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1588'.
[  122.509988][ T8486] EXT4-fs (loop4): failed to initialize system zone (-117)
[  122.541659][ T8486] EXT4-fs (loop4): mount failed
[  122.596649][ T8486] tipc: Enabling of bearer <udp:s > rejected, already enabled
[  122.621061][ T8474] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1581'.
[  122.663988][ T8501] ref_ctr_offset mismatch. inode: 0x69c offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  122.730988][ T8508] loop0: detected capacity change from 0 to 128
[  122.803472][ T8514] ref_ctr_offset mismatch. inode: 0x6a2 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  122.883395][ T8522] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1601'.
[  123.003476][ T8536] netlink: 'syz.0.1608': attribute type 1 has an invalid length.
[  123.013439][ T8533] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1607'.
[  123.024196][ T8536] pim6reg1: entered promiscuous mode
[  123.029610][ T8536] pim6reg1: entered allmulticast mode
[  123.125946][   T36] tipc: Node number set to 3024177013
[  123.125979][ T8552] sch_tbf: burst 3298 is lower than device lo mtu (11337746) !
[  123.237660][ T8563] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1622'.
[  123.411738][   T29] kauditd_printk_skb: 201 callbacks suppressed
[  123.411757][   T29] audit: type=1326 audit(1749801217.003:6473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8583 comm="syz.3.1631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30159fe929 code=0x7ffc0000
[  123.441707][   T29] audit: type=1326 audit(1749801217.003:6474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8583 comm="syz.3.1631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f30159fe929 code=0x7ffc0000
[  123.465191][   T29] audit: type=1326 audit(1749801217.003:6475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8583 comm="syz.3.1631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30159fe929 code=0x7ffc0000
[  123.488716][   T29] audit: type=1326 audit(1749801217.003:6476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8583 comm="syz.3.1631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7f30159fe929 code=0x7ffc0000
[  123.586101][   T29] audit: type=1326 audit(1749801217.183:6477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8583 comm="syz.3.1631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30159fe929 code=0x7ffc0000
[  123.609625][   T29] audit: type=1326 audit(1749801217.183:6478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8583 comm="syz.3.1631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30159fe929 code=0x7ffc0000
[  123.653282][   T29] audit: type=1326 audit(1749801217.243:6479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8597 comm="syz.3.1637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30159fe929 code=0x7ffc0000
[  123.682193][   T29] audit: type=1326 audit(1749801217.273:6480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8597 comm="syz.3.1637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7f30159fe929 code=0x7ffc0000
[  123.705834][   T29] audit: type=1326 audit(1749801217.273:6481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8597 comm="syz.3.1637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30159fe929 code=0x7ffc0000
[  123.729805][   T29] audit: type=1326 audit(1749801217.273:6482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8597 comm="syz.3.1637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f30159fe929 code=0x7ffc0000
[  123.848034][ T8617] loop3: detected capacity change from 0 to 128
[  123.881957][ T8617] bio_check_eod: 4 callbacks suppressed
[  123.881977][ T8617] syz.3.1646: attempt to access beyond end of device
[  123.881977][ T8617] loop3: rw=0, sector=121, nr_sectors = 120 limit=128
[  123.903776][ T8628] bond2: entered promiscuous mode
[  123.912747][ T8628] 8021q: adding VLAN 0 to HW filter on device bond2
[  123.967303][ T6546] kworker/u8:15: attempt to access beyond end of device
[  123.967303][ T6546] loop3: rw=1, sector=241, nr_sectors = 800 limit=128
[  123.971541][ T8636] 8021q: adding VLAN 0 to HW filter on device bond2
[  123.988578][ T8636] bond2: (slave ipip0): The slave device specified does not support setting the MAC address
[  124.001287][ T8636] bond2: (slave ipip0): Error -95 calling set_mac_address
[  124.289509][ T8674] loop0: detected capacity change from 0 to 128
[  124.329266][ T8674] syz.0.1658: attempt to access beyond end of device
[  124.329266][ T8674] loop0: rw=0, sector=121, nr_sectors = 120 limit=128
[  124.374541][ T7547] kworker/u8:18: attempt to access beyond end of device
[  124.374541][ T7547] loop0: rw=1, sector=241, nr_sectors = 800 limit=128
[  124.475144][ T8701] x_tables: duplicate underflow at hook 2
[  124.621525][ T8729] loop3: detected capacity change from 0 to 128
[  124.748529][ T8729] syz.3.1670: attempt to access beyond end of device
[  124.748529][ T8729] loop3: rw=0, sector=121, nr_sectors = 120 limit=128
[  124.809795][ T8770] x_tables: duplicate underflow at hook 2
[  124.858481][   T52] kworker/u8:4: attempt to access beyond end of device
[  124.858481][   T52] loop3: rw=1, sector=241, nr_sectors = 800 limit=128
[  124.901434][ T8779] SELinux:  Context  is not valid (left unmapped).
[  125.028845][ T8797] loop0: detected capacity change from 0 to 128
[  125.042946][ T8801] netlink: 'syz.2.1688': attribute type 1 has an invalid length.
[  125.065019][ T8801] sch_tbf: burst 3298 is lower than device lo mtu (11337746) !
[  125.085234][ T8797] syz.0.1689: attempt to access beyond end of device
[  125.085234][ T8797] loop0: rw=0, sector=121, nr_sectors = 120 limit=128
[  125.155025][   T52] kworker/u8:4: attempt to access beyond end of device
[  125.155025][   T52] loop0: rw=1, sector=241, nr_sectors = 800 limit=128
[  125.209776][ T8823] netlink: 'syz.3.1693': attribute type 1 has an invalid length.
[  125.221967][ T8823] loop3: detected capacity change from 0 to 512
[  125.236998][ T8823] EXT4-fs: Ignoring removed nomblk_io_submit option
[  125.246883][ T8823] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  125.257477][ T8830] sch_tbf: burst 3298 is lower than device lo mtu (11337746) !
[  125.348278][ T8823] EXT4-fs (loop3): 1 truncate cleaned up
[  125.355176][ T8823] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  125.715252][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.864078][ T8878] ref_ctr_offset mismatch. inode: 0x777 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  125.880315][ T8881] x_tables: duplicate underflow at hook 2
[  125.903039][ T8879] FAULT_INJECTION: forcing a failure.
[  125.903039][ T8879] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  125.916564][ T8879] CPU: 1 UID: 0 PID: 8879 Comm: syz.0.1712 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[  125.916668][ T8879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  125.916685][ T8879] Call Trace:
[  125.916693][ T8879]  <TASK>
[  125.916702][ T8879]  __dump_stack+0x1d/0x30
[  125.916800][ T8879]  dump_stack_lvl+0xe8/0x140
[  125.916826][ T8879]  dump_stack+0x15/0x1b
[  125.916848][ T8879]  should_fail_ex+0x265/0x280
[  125.916956][ T8879]  should_fail_alloc_page+0xf2/0x100
[  125.917088][ T8879]  __alloc_frozen_pages_noprof+0xff/0x360
[  125.917129][ T8879]  alloc_pages_mpol+0xb3/0x250
[  125.917201][ T8879]  folio_alloc_mpol_noprof+0x39/0x80
[  125.917263][ T8879]  shmem_get_folio_gfp+0x3cf/0xd60
[  125.917371][ T8879]  shmem_write_begin+0xa8/0x190
[  125.917463][ T8879]  generic_perform_write+0x184/0x490
[  125.917536][ T8879]  shmem_file_write_iter+0xc5/0xf0
[  125.917563][ T8879]  iter_file_splice_write+0x5f2/0x970
[  125.917611][ T8879]  ? __pfx_iter_file_splice_write+0x10/0x10
[  125.917720][ T8879]  do_splice+0x977/0x10b0
[  125.917757][ T8879]  ? __rcu_read_unlock+0x4f/0x70
[  125.917811][ T8879]  ? __fget_files+0x184/0x1c0
[  125.917837][ T8879]  __se_sys_splice+0x26c/0x3a0
[  125.917876][ T8879]  __x64_sys_splice+0x78/0x90
[  125.917917][ T8879]  x64_sys_call+0xb0a/0x2fb0
[  125.917940][ T8879]  do_syscall_64+0xd2/0x200
[  125.917962][ T8879]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  125.918049][ T8879]  ? clear_bhb_loop+0x40/0x90
[  125.918072][ T8879]  ? clear_bhb_loop+0x40/0x90
[  125.918095][ T8879]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.918119][ T8879] RIP: 0033:0x7f1eb281e929
[  125.918135][ T8879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.918161][ T8879] RSP: 002b:00007f1eb0e66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  125.918182][ T8879] RAX: ffffffffffffffda RBX: 00007f1eb2a46080 RCX: 00007f1eb281e929
[  125.918273][ T8879] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 0000000000000007
[  125.918291][ T8879] RBP: 00007f1eb0e66090 R08: 00000000088000cc R09: 0000000000000000
[  125.918305][ T8879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  125.918317][ T8879] R13: 0000000000000000 R14: 00007f1eb2a46080 R15: 00007ffe9c3ae978
[  125.918339][ T8879]  </TASK>
[  125.925598][ T8886] netlink: 'syz.2.1724': attribute type 1 has an invalid length.
[  125.938832][ T8884] loop3: detected capacity change from 0 to 2048
[  125.960737][ T8886] pim6reg1: entered promiscuous mode
[  126.026172][ T8889] loop1: detected capacity change from 0 to 128
[  126.026254][ T8886] pim6reg1: entered allmulticast mode
[  126.039440][ T8887] sch_tbf: burst 3298 is lower than device lo mtu (11337746) !
[  126.041402][ T8889] vfat: Unknown parameter 'sched_switch'
[  126.050795][ T8884] EXT4-fs (loop3): failed to initialize system zone (-117)
[  126.208659][ T8884] EXT4-fs (loop3): mount failed
[  126.234722][ T8895] loop4: detected capacity change from 0 to 128
[  126.262489][ T8895] syz.4.1727: attempt to access beyond end of device
[  126.262489][ T8895] loop4: rw=0, sector=121, nr_sectors = 120 limit=128
[  126.268309][ T8884] tipc: Enabling of bearer <udp:s > rejected, already enabled
[  126.310503][ T8904] FAULT_INJECTION: forcing a failure.
[  126.310503][ T8904] name failslab, interval 1, probability 0, space 0, times 0
[  126.323242][ T8904] CPU: 0 UID: 0 PID: 8904 Comm: +}[@ Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[  126.323277][ T8904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  126.323293][ T8904] Call Trace:
[  126.323300][ T8904]  <TASK>
[  126.323310][ T8904]  __dump_stack+0x1d/0x30
[  126.323336][ T8904]  dump_stack_lvl+0xe8/0x140
[  126.323382][ T8904]  dump_stack+0x15/0x1b
[  126.323439][ T8904]  should_fail_ex+0x265/0x280
[  126.323484][ T8904]  ? gf128mul_init_4k_lle+0x3f/0xb30
[  126.323513][ T8904]  should_failslab+0x8c/0xb0
[  126.323543][ T8904]  __kmalloc_cache_noprof+0x4c/0x320
[  126.323608][ T8904]  gf128mul_init_4k_lle+0x3f/0xb30
[  126.323635][ T8904]  ? bpf_trace_run2+0x124/0x1c0
[  126.323668][ T8904]  ? ghash_setkey+0x5a/0xe0
[  126.323719][ T8904]  ? ghash_setkey+0x5a/0xe0
[  126.323835][ T8904]  ? __traceiter_kfree+0x2e/0x50
[  126.323857][ T8904]  ? ghash_setkey+0x5a/0xe0
[  126.323885][ T8904]  ? kfree+0xd9/0x320
[  126.323971][ T8904]  ghash_setkey+0x88/0xe0
[  126.323998][ T8904]  crypto_shash_setkey+0x43/0xe0
[  126.324023][ T8904]  crypto_ahash_setkey+0x43/0x200
[  126.324142][ T8904]  crypto_gcm_setkey+0x29a/0x2c0
[  126.324171][ T8904]  crypto_aead_setkey+0xe1/0x150
[  126.324199][ T8904]  tls_set_sw_offload+0x6fd/0xba0
[  126.324236][ T8904]  tls_setsockopt+0xa02/0xce0
[  126.324266][ T8904]  sock_common_setsockopt+0x66/0x80
[  126.324311][ T8904]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  126.324350][ T8904]  __sys_setsockopt+0x181/0x200
[  126.324436][ T8904]  __x64_sys_setsockopt+0x64/0x80
[  126.324455][ T8904]  x64_sys_call+0x2bd5/0x2fb0
[  126.324545][ T8904]  do_syscall_64+0xd2/0x200
[  126.324567][ T8904]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  126.324636][ T8904]  ? clear_bhb_loop+0x40/0x90
[  126.324722][ T8904]  ? clear_bhb_loop+0x40/0x90
[  126.324744][ T8904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.324765][ T8904] RIP: 0033:0x7f338452e929
[  126.324782][ T8904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.324829][ T8904] RSP: 002b:00007f3382b97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  126.324852][ T8904] RAX: ffffffffffffffda RBX: 00007f3384755fa0 RCX: 00007f338452e929
[  126.324865][ T8904] RDX: 0000000000000002 RSI: 000000000000011a RDI: 0000000000000005
[  126.324877][ T8904] RBP: 00007f3382b97090 R08: 0000000000000038 R09: 0000000000000000
[  126.324916][ T8904] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000001
[  126.324928][ T8904] R13: 0000000000000000 R14: 00007f3384755fa0 R15: 00007ffd5be2eaf8
[  126.324955][ T8904]  </TASK>
[  126.629021][   T52] kworker/u8:4: attempt to access beyond end of device
[  126.629021][   T52] loop4: rw=1, sector=241, nr_sectors = 800 limit=128
[  126.668401][ T8912] __nla_validate_parse: 17 callbacks suppressed
[  126.668422][ T8912] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1732'.
[  126.717958][ T8920] ref_ctr_offset mismatch. inode: 0x746 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  126.786587][ T8931] loop4: detected capacity change from 0 to 256
[  126.793256][ T8931] msdos: Bad value for 'tz'
[  126.808507][ T8931] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1741'.
[  126.817646][ T8931] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1741'.
[  126.828912][ T8935] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1750'.
[  126.854146][ T8934] loop2: detected capacity change from 0 to 2048
[  126.867644][ T8934] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.890796][ T8938] loop1: detected capacity change from 0 to 2048
[  126.908019][ T8938] EXT4-fs (loop1): failed to initialize system zone (-117)
[  126.915383][ T8938] EXT4-fs (loop1): mount failed
[  126.937329][ T8938] tipc: Enabling of bearer <udp:s > rejected, already enabled
[  127.058758][ T8932] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1742'.
[  127.073664][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.361486][ T8974] netlink: 'syz.1.1756': attribute type 1 has an invalid length.
[  127.382188][ T8974] pim6reg1: entered promiscuous mode
[  127.387623][ T8974] pim6reg1: entered allmulticast mode
[  127.510447][ T8976] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1757'.
[  127.520912][ T8976] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1757'.
[  127.559589][ T8982] netlink: 'syz.1.1760': attribute type 1 has an invalid length.
[  127.574068][ T8982] 8021q: adding VLAN 0 to HW filter on device bond3
[  127.589305][ T8982] ip6erspan0: entered promiscuous mode
[  127.595473][ T8986] ==================================================================
[  127.603608][ T8986] BUG: KCSAN: data-race in mas_state_walk / mas_wmb_replace
[  127.610936][ T8986] 
[  127.613301][ T8986] write to 0xffff88811875c500 of 8 bytes by task 8981 on cpu 0:
[  127.621049][ T8986]  mas_wmb_replace+0x20d/0x14a0
[  127.625931][ T8986]  mas_wr_store_entry+0x1773/0x2b50
[  127.631165][ T8986]  mas_store_prealloc+0x74d/0x9e0
[  127.636219][ T8986]  vma_iter_store_new+0x1c5/0x200
[  127.641298][ T8986]  vma_complete+0x125/0x580
[  127.645838][ T8986]  __split_vma+0x5d9/0x650
[  127.650291][ T8986]  vma_modify+0x3f2/0xca0
[  127.654664][ T8986]  vma_modify_flags+0x101/0x130
[  127.659639][ T8986]  mprotect_fixup+0x2cc/0x570
[  127.664351][ T8986]  do_mprotect_pkey+0x6d6/0x980
[  127.669240][ T8986]  __x64_sys_mprotect+0x48/0x60
[  127.674133][ T8986]  x64_sys_call+0x2794/0x2fb0
[  127.678887][ T8986]  do_syscall_64+0xd2/0x200
[  127.683419][ T8986]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.689333][ T8986] 
[  127.691676][ T8986] read to 0xffff88811875c500 of 8 bytes by task 8986 on cpu 1:
[  127.699384][ T8986]  mas_state_walk+0x485/0x650
[  127.704089][ T8986]  mas_walk+0x30/0x120
[  127.708179][ T8986]  lock_vma_under_rcu+0xa2/0x2f0
[  127.713147][ T8986]  do_user_addr_fault+0x233/0x1090
[  127.718321][ T8986]  exc_page_fault+0x62/0xa0
[  127.722876][ T8986]  asm_exc_page_fault+0x26/0x30
[  127.727762][ T8986] 
[  127.730107][ T8986] value changed: 0xffff8881042ab401 -> 0xffff88811875c500
[  127.737229][ T8986] 
[  127.739564][ T8986] Reported by Kernel Concurrency Sanitizer on:
[  127.745855][ T8986] CPU: 1 UID: 0 PID: 8986 Comm: syz.1.1760 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(voluntary) 
[  127.758393][ T8986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  127.768472][ T8986] ==================================================================