last executing test programs:

1m20.112088158s ago: executing program 1 (id=85):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r1, 0x0, 0x4000, 0x4000, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

1m20.078030789s ago: executing program 1 (id=87):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000002c0)='kfree\x00', r0, 0x0, 0x9}, 0x64)
connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030007e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038004000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a30"], 0x84}, 0x1, 0x0, 0x0, 0x40000}, 0x20008000)

1m20.03977218s ago: executing program 1 (id=88):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa1", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', r1}, 0x18)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x0, 0xffffffff})
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000002c0)=0x1)

1m19.982188931s ago: executing program 1 (id=92):
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
umount2(&(0x7f0000000480)='./file0\x00', 0x2)
write$ppp(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x24, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, {}, {}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xd2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x5}, @jmp={0x5, 0x1, 0x4, 0xa, 0x3, 0x80, 0xfffffffffffffff8}, @map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xd0}, @alu={0x4, 0x0, 0xe, 0x4, 0xa, 0x6}, @map_fd={0x18, 0x3, 0x1, 0x0, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000001c0)='GPL\x00', 0xf, 0x23, &(0x7f0000000200)=""/35, 0x40f00, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000400)={0x2, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000004c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff], &(0x7f0000000500)=[{0x0, 0x3, 0x10, 0x4}, {0x3, 0x1, 0x6, 0xc}], 0x10, 0xc, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r3=>0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r4, 0x13, &(0x7f0000000180)=[0x6, 0x2], 0x2)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000040)=ANY=[@ANYRES8=r3, @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r6, <r8=>0xffffffffffffffff}, &(0x7f0000000540), &(0x7f0000000700)=r6}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000800)={{r8}, &(0x7f0000000780), &(0x7f00000007c0)=r2}, 0x20)
r9 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r9, &(0x7f00000000c0)={0x0, 0xd18c9b60, &(0x7f0000000080)=[{&(0x7f0000000100)="e03f03002a000b05d25a806c8c6f94f91124fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0)

1m19.868382743s ago: executing program 1 (id=93):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="850000002f000000840000000000000095000000000000008560fc2b2062f611fc2f864ef177d634e46e8dcfe61b4fb9f600344d592fee49e176fe6ad28fbcb1f9259bfc63e9030971917e30b6f42e8f9dd6ab0ce07312a135cd363aa7e5bcef8fd0e8c7d2082584156c52ebfd69e8e13b7a8b477abc86468e11b6242133ce882f05e16b91c37b3437347f6058b4489c759783b9d4dfb55d0085a26e41201a6d8c8ced33e10048e756a40538b32bf653fa3c831a4e60599ed7a0f999d18de9984522a7cdb6fc30015633a0132c9578b7da5bd7280a5f7e28fd858ba712020b23ef8a2785b6c146c48b48ca7e232d0489661396e9303b38aa5d26d06e2e676795fd2733f95da570bab301000000ffffffff2a2792a630d8fcdc"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xd, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r3, 0x11c, 0x4, &(0x7f00000020c0)=""/149, &(0x7f0000000040)=0x95)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x25, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r4, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x50)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000002c0)={<r5=>0xffffffffffffffff})
bind$tipc(r5, 0x0, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000800018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r8, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
unlink(0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10)
r10 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r11 = fcntl$dupfd(r10, 0x0, r10)
ioctl$USBDEVFS_SUBMITURB(r11, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000017c0)=ANY=[@ANYBLOB="b702000009000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2e6405000000000065060400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000002c3f2cc2b7956244cef7baf48e6d2885a09a87507ebfc75b5b0f4e4309ebcdac5f7a860c008cbdd3b4c3b7f28754860c9c781f6410457253e89ad528d985636a86ec0f68f59cd1159a2c2e85d726859a919cc9548a349980d1ccdce27f94bc074c27f81078545c146a0857153b7b8f00034debae58a4ab415b0d7ff0575cc272cd3d7e8d974927676468ff2d86e0ffac94792ed9cf6b40b3cf252a47c05ae8a70d57cc3e067d1867b54d24e20000000000000020009ebf84d3b042d6e432cd080e3b57239f0127473e6ba922aff649609d40b47ec331ccba3cf96f9483ff19a6471bf5abc742d9cbcfb964b11b31034694a6aad86cf08a6c7b2235dc99de9aa3e6b77c7a2877261ed32da90864987f30926c9013eec3b86836ae50447aa5a79f40c235000000453302712c3d8fc4e2b61adb0695e800000000d4f4e91f0000002c33df424d1bafe5725c8a404724f8a4f1cda7997b65954f74097579b91da309b887af2485c2d9ab09b506000000000000000bf7b2ff4602aec1eea200000064881c5630521a08e051374cf05c921a06fb7818000000009dc8d95e0e5b365d10e1004dae58b3b5b89709b0ff47b200000000004000cbef88811dc8c1b27ac7d9a6bb70f60eb9c01dd2fc79b85e4d961498f3a80131d21d856177a2189f45d011ef1da5c6d57bb8fd387ccea9c3899a914e47e82f040000009d81003f927355408f87264797d3fa970949793b94329d580500d1f91c0d22587e05a61e3d8576ca168e88d7a9af95b04a37c27bfffab9abbb31fa8c0080258cfa6d3f166e695f3c56490aeef464d9965d70a50f1282619344f223548e75fa39643adac1322c87ca253ff2fb1882760d6feab16bacdf83c11816dbe959ebc5ec479c8319f73e2249eab0486b110702a481d3b51976a52303056e800b4ae5acc2df636a65eb1d672bf2000000cda8462cc9b16624998be65683321e970000000009b8e20762c1bf4a3eb6769f2b23e842bacd9c685edea0ffa3e975424f8ede49e61a4de808a38ba3512d64dc71867df4eee3f1ff791cf7c9862f98b45852e4b2f78721b978a2df2f2a29a387c6f0576b36038f819286eca99a6a434811cf2a117d775fe986a49fb82cf5f15972d5ab18f1045384501adabb20f7b0e15ff47f1744e2341b59034959a1289ba6e243668e6735305707e3de7652bfc5b60c76deff43a1d6fd6a4180ab723735abbeffe7f2ec3a0bb86f9eddfc0f3d1d503d7a54b49e1ae6c5aa620d27e91aa0aa0ed6fcacfc91fbb4c256409e54daefbb107c381fa729ff5f3907d93430da178d685d7730f5e129438a5214f722096d29863301b0b811f69145d3fbd78a9059e454474f92e65828b018174a9f4738b8c71fbdeac26ab95e02f9a847182766964976b1fccdb9f35721e43e33883cf16ed1343fb7429eb395123b0a4262b7023c22039b9002589a378ed4c6267965af78b861bd025312538cec97966b8973d4e299d9802264d06e40ae118e1d242d1128dcedeb44030df12ef68f78215d65f96eb55db8cbcb060008000d988374f85451a694ffe38a1d03916ff1eec72b31c98d42e1a1bda1290de1a499a5a385b31112a48ba3e6d6849914c1788a7aca37177cc341fff44fec5c5e0abae01c439a1b0311e074e81ae9993b5b3459553e4ece78d4c1501c70f5d81e0725d5b273755c0000000000000000aa4234ff82182952a76233d18e7d49638aeb04e7a9e9e7eafb7c255372795d2d192a0a33cab0f5bf2e93e0544fcdf2df2bc6ce96e5a11993d54f97a23754ac828674dbb93c0ad345715be4a13678b01edf76d8a923655800a2c88cce004505ab45d8f5f88aa887bbce5c18970428516f6099bdbb2cd7a2356397f1a0a23e662e2a6c4834400cbaa41c3c574e6e6aefb7a68da5ec1ae49f968bbe0e0bf9878516f553639f5b4828e92019b61f5874be1c7cdd9482df50bc24a8a1fa10d291390eb84e26a2e8dbeaa45604b05a116c1210a7540bf81005044273f5a8ffc538db289350eb248e483bd8920efcf30a798c2b636243e0a37262ca47dfeefa753ba528f7ba77e825051ce69b4475d7d714ba0c636e6ae9f710411d30ef424aeaabe057c7df6ff8f767bcd9012e1047c686f5ccb76ab3a5df53cbc22ba7ea8f6a8e220bb4d83de1e4dc19d6c1be841503850803bc2c2d5e0e34270a7f1cca0c6c53a8e5f891f7a793a70da62d6d88fbb90d220acc687931b42d6be83ab870da3c0a567f5e65ec0457f4ad2a4ec0b671b36388afd5520a8483a4b11f7d02a41b315f0f9e59f47668d68a74838d6976e12fd45200014041dffacbf60892ec8bd7560686f137a806d3dfaba900b47cac62f828342fff009adb5b2251461a1b9d6ba625b8fe04e69a1a4be2696f0000000086e172932e03000000000000005942e1b9d6dc28ab8e19e1111dd893e801015642faf21eef40d6e7de3ef62c4bc5ff17e7aeb2841098f845d1cc9ec4eee79c298fb0ba939b13707044e2e9cc0d350438c1c8c6bb9a38c6ac5ca0d9cf1f3d6915f25cb26edfc28b3079b97df32601240e454db103fb0c4a14c16837394d2b3673a3f160d3a7b83ecd0509ce9eba0c7bf7843799b1b56a234f9eaab8a3f14f1472bb6aaeb8ac9ee4054605558ab31f339f6a4caf2ee2fd01f34dca3300000000000000000000000000000000f59f8e6e00000000c44130098d833a24000000000095e6f945ba9a941cef5e70b8c152321e24b5b29bcf374dcf5a29a35d76e6e2bf8df95462690a4fc9ec8129e92b6ebb4b40a992a75d3c5954d0bfc87db24d856359079b29b3c374d081c300b2cfaa596d24e800ef8e2201f2fb7a9946f89f9f31f7cbd603fd7f8898c70b5c65f2e28f22e1a79a6af3a54861b07f124642e98389557affbdede09b5566a4a1ee73b20846810030a754acddcdafe3ceeeebc0b5f2fedfe7d198e3067f3dbac9441a9ab8409cbbb7e15b9ae3944097de34de2001c8533a3766e6e4c4c4702ccb932a27a3962814cd6aa8fc684beeaa3932efae3a9052be8eec1e95f6ad8d41dd34829503ba4b66e27154cb6e34aa13450522df1723130b6fb9bec59ae347c93f00e40e293c98d849a33f773c743728992f40faccd5c23130a1c6bfd6fc661bca1598137ddd1090ded672f5a48a40cab3f640c8241a364cbde0f188eec7da7bccafbd5bf28a46f0eecc6b550471b0b0770c6a5a411c0e0b19e15a461e7c6833ba936e214b013f2819ec6572a43b5cd32b11d7e4f8dcf8f7820a17b7b2ee6178a03351dd25091e46bfd82a3979b9cad109fd6217cd52aa81bdabd50826a674bd16b8f7e6aed12a305366599f5f029a7b24558c02750500002f1c19d16a6f391906000000cc0bbbfb8c698ecc137d96711100e0108d3bd2afed0b279ebf0527552a9331e646c424b14ffbb815622bfd2f635855bed1b164d0a56bd104be069854111c5b26ec3c652b5f0a6b9676dae987ec23456ba05a4dfb15321ef6b76e7e547a688c67ab531cfc784c9f940d9fb0464a6cce635e14b80dc5c1c64e75e6bd5355d84f8df272f18f58c570e7afd83ee77f157c146aa747b728969aeb4aba1d8f9de14275bf4a53e95235ae13768ab3fb8ab6ea50e884c2ea98e6400bf0c5ae2887cd1da0e57ccfdf5eca2b455247efcc13102846c0a85f20c80007c0ce6efce627b95b8ad3003385de97101678fb2163ecea6e70a77a6fbc089e31a5ccece932229b8f79faa6863d6857c3d9a9710f9f8ad16eeb8342278f311cbc226498028234d21466892983378fe64acbb44f694cd78e43c74aa75505cb1c91b189f8f89f233a05f5cd4e173a373178557843dd705268f74a9e5429945503195aefd6706b584d8408c9652b3fe68500747f7ee8375fa559c3ad195d3795df1a8364cd13acc3256ee4634c73eeb6954d0fcf09ab84df0b8900e0c6fea2ccb600ae7a4b128cae19df160e7c207b89132d1d5bdc9ffc79f0549b82df521817651d5fead5128205b92ccdccc69407ab556217af277af911dbd456dfc43dd061b6c91485dcc208cf0b3d0bf851de413f5de5ec015e296914afab6411109355e027ce04990d9aae251b9deb11b7db45b9f15b7b55d8fdbedd9e6cf891205694f02be8b9ea8ecd41308a0e1b93ae3435bfa88b440b1f701b4d0fc49c82193f27f8023b630ea97edbf3bf421a0a1a2b4ac7bb30bcd1cdd172c0df37408fd6827bb03e8742fc1c7a2befd1299928c5f79e846a8dc7ca648d960a759e6711b69776896a9656d59af6d44bc5348229fa84ae78af8421a22c4b4c17a3d24a4a0104000000000000d77cc4eef51c2b417c8c7458ddd7dd9d1a863bf0a9e1a30a19020490038017a5c7e474c83302a2c2b5c976dacf3dda7191c757f208000000000000005f7ed983f65723fbb36b9b51abb0dbcd33570000000000000000251aa4f139d0485ffcf89f01639fd1579a3802f720a0215c720a97071f5065a23642a58275dbca444b00e2e5835185d5d5b2796eb0fe32cf3b0633f58ecc7648c3c6efe82f93a3008052416512eea30ea9472e0b456a652883c0907323cf03be193ad0438cdef7a98a1671a1918df310dc4bfd61c3db4819ab1c57b348a8ff1ed36364a20fe846f11d045de81f069bac8425b31c5d08b433562ffb318c1285011f9b78b2401989384311101e452f54661ecdb2514a6ae50dbdd422de0f0f8c670000000000390be79688f80c4c314cb1b14afcaa5d23f9032e0ec51f45f447d6a7c798fcf7e60e2180e289410801e4f03a0e140f388f25b92da1025d8409e171a2336ed71cca86eb4658fe06df286e0e20276b0618eeffd05774f15686cd9d3182ca2fec863875f305fed6baf48a594db12582a38cfdffffffffffffff0cf8d920517835fe7d09cfcb624f6931f1cc6f6b71f58de9ddc38e0c43992f6bc57a718d0cfd197b5324b4e05ef1caa96db3ae1f2f2e5791faba2ebbe1a6faf21f2748fb1fb6743c3ca8af4e6b02518c9b7fdc1b5721eb1c3ed98db25536f74ac7861afc94544e52dcb5c60460a05802e3b437ac977bfa26b887a2443e8d559c58187f004eb82b07937df6e96f77ed551926bec4e0188fae10a35d1c5f1768ac6be829be1827f9df303160df18597efba46f1babc3d74adc31ca71bdab9079e4288881b434484eadde9da6b81802842abd462d546c59d87acc014f81d3414759bda12d2a2c6bc1bfa807bd3101eb227184a61107b6d0618e2a3b842671e084ac3f0ff94dc48b51601247318ab4d1c5106458000000000008000000000000cfee0107e6c2fe8639d926829fdbbd86bf591a8c3c235d8939af9d923f648165881a6c29997234406200b3b1c321cc158dbe17123eace3000000000000000000000000000000000000796de6ae4ae40bdf9a6e8c5dc29562262af9cd54e8e3ecc7e3c8cba0ecc791683496c4e5c1a5729714d9f9031f49b400cd2667b4ea6df54809615a4f973f93e6ccec72f16ff998e29ed99df733680a9d5cea57f99cc139b6ea9014f3000000000000000000000000000000000000feeab45a4046a622b0dceb413e4e39b7317e92cbed46b41ab5115bfb542c933783d750852dfdc6656aaf15e10615a88821f2f1bc53969b52d6852755e7681ad5beda80b38ccd34116b99f50b4fdd967b3f20f260455412b675639a26c76840cce40e323bde9d673fceda0ad6981565c8a183d928903b4f4472dde41b6dcd75314c31e704dfcb222c8359fe88944f852242270c932abfaeece0843d708f5cd25b2a63ae1e79723c1c3c013836b47da0a35d0f34c0705caae54024cf8ade6396ff44482284f415e5769d9ae8688a8d5516690aae9ce1c785262734723519b042a161e6efabf263a46ba92254a51ff6502470f3038cf6d8d991931cfd82ea97e1b596133e7754908d912d1054d174f5a731c019f152a5ca2e48599b6d563bfcd8c0950f4292769217a6e309452b14e64ae64ad58ced33582a1b3d2e0c300059fb1ee78cdddb827293de267d64bf47c3c8c419683c948e46de8cea0b232da00ff39ebef3b73b3d6fbeecd3f9ff06b7e08ed8ce2b9b9cf2e08975f5959fa7028f68c525ab173c0c553d21bd1e9176abdf799e7a08d2f3c14e1ca99d525bc3af0ca0f48f145c65b10dfc67803aab67f6b631d3d7e237fec4bc6eacc364b7cdd925973705d40c5a614e354d9b92357845d15ea41ad3e3a98396131f835e17f0cbfbdc59453991e689f9ce19bd4a3b4121e5a8b5dbb519b5556cb70603ceac0b7ca02cb05a01afa3164ca428add947673cdba49a0e6e8aeeddf52c0f0ef224c69a3c96c2fddf56d74c4ae7"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r12, 0x20e, 0xe40, 0xfd000004, &(0x7f00000004c0)="b9180bb76003070c009e40f086dd1fff290000003b0020010010ac14142ee0080001c699da153f0ae0e6e380f60115f683317585d7472ce0ab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0x31, 0x6000000000000000, 0xfffffffffffffe7e, 0x1d4}, 0x28)

1m19.700343455s ago: executing program 1 (id=100):
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x4000, 0x4000, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

1m19.663661976s ago: executing program 32 (id=100):
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x4000, 0x4000, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

17.746516677s ago: executing program 2 (id=1414):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r2 = inotify_init1(0x0)
inotify_add_watch(r2, &(0x7f00000000c0)='./file0\x00', 0xa4000608)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r4 = socket$kcm(0x23, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f00000003c0)={&(0x7f0000000000)=@phonet, 0x80, &(0x7f0000000180)=[{0x0, 0xea}], 0x1}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = socket$netlink(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, 0x3, 0x2, 0x801, 0x0, 0x0, {0x3, 0x0, 0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x840}, 0x20000000)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
close(r0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000013c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
syz_io_uring_setup(0x110d, &(0x7f0000000380)={0x0, 0x5f51, 0x2, 0xfffffffc, 0x334}, &(0x7f0000000400)=<r8=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009e0000000b"], 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r10, 0x0, 0x4}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

17.61794186s ago: executing program 2 (id=1416):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f6003300", 0x10)
listen(r0, 0x0)
shutdown(r0, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r1}, &(0x7f0000000080), &(0x7f00000006c0)='%-010d \x00'}, 0x20)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
mknod$loop(0x0, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f0000000440)={[{@bsdgroups}, {@noblock_validity}, {@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@debug}, {@errors_remount}]}, 0x1, 0x5fc, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySG8rLm+kn+vD3PDEfEt0cjHq2srnfhytWz09Vaw3sR+xfPXdy/cOXqvvlz02dmz8yenzrwwsFDky9OHZzakDi358/Hjr/25Mfvv/383HfVfUkcjpOD787Eijg2yniMx508xNbygYg4lCXafC4Pmy0QQqlV8t/HwYh4PMaiUs81jMX8R4U2DuipWiWiBpRUov9DSTXHAc1j++6Og0/2eFTSP7eONA6AVsc/0Dg3EsP1Y6Ntt5OWI6PGuY0dG1B/Vsc/13Z/nj1i2XmIP+9unYENqKeTpesR8US7+JN623bUI83iT5e1I4mIyYj6OaCs/JUHaEPSku7FeZi1rDf+NCIO589Z+dF11j++It/v+AEop5tH8h35Upa7t//Lxh7N8U+0Gf+Mttl3rUfR+7/O47/m/n64fo48XTEOy8YsJ9q/5eDKgp8+PPZpp/pbx3/ZI6u/ORbsh1vXI3aviP+DLNh8/JPFn7TZ/tkqpw53V8er3/9yrNOyouOv3YjY0/b4596oNEutcX1y/9x8dXay8bNtHV9/89aXneovOv5s+2/rEH/L9k9Xvi77TC52WcdXJ26c67Rs9L7xpz8PJY3jzaG85J3pxcVLUxFDyfF8lZbyA2u3pblO8z2y+Pc+077/L/v9v778fUaafzK7cPGNs7c7LVvP9m+5mHyn1mUbOsnin7n/9l/V/7OyT7qs4483Lz/Vadla8Y88SGAAAAAAAABQQmn9GmySTtxNp+nERGO+7GOxLa1eWFh8du7C5fMzEXvr/w85mDavdI818kmWn8r/H7aZP7Ai/1xE7IyIzyoj9fzE6QvVmaKDBwAAAAAAAAAAAAAAAAAAgE1iez7/v3mf6t8rjfn/QEn08gZzwOam/0N51fv/qls8AWVg/w/lpf9Deen/UF76P5SX/g/lpf9Deen/UF76PwAAAABsSTufvvljEhFLL43UH5mhfJkZQbC1DRbdAKAwlaIbABTm7qV/g30ona7G/3/lXw7Y++YABUjaFdYHB7W1O//Ntq8EAAAAAAAAAAAAAHpgz67O8//NDYatzbQ/KK8HmP/vqwPgIeer/6G8HOMD95vFP9xpgfn/AAAAAAAAAAAAANA3o/VHkk7kc4FHI00nJiL+HxE7YjCZm6/OTkbEIxHxQ2Xwf1l+quhGAwAAAAAAAAAAAAAAAAAAwBazcOXq2elqdfZSa+LvVSVbO9G8C2of6no5/uOrIun/xzISEYVvlJ4lBlpKkoilbMtvioZdWojN0Yx6ouA/TAAAAAAAAAAAAAAAAAAAUEItc4/b2/1Fn1sEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP137/7/vUsUHSMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8HD6NwAA//+ipUAx")
msgget$private(0x0, 0x0)
futex(0x0, 0x2, 0x1, 0x0, 0x0, 0x2)
write$selinux_load(0xffffffffffffffff, 0x0, 0x44f0)

17.59130472s ago: executing program 2 (id=1417):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendmsg$rds(r1, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
sendmsg$rds(r1, &(0x7f0000000680)={&(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
setsockopt$RDS_CANCEL_SENT_TO(r1, 0x114, 0x1, &(0x7f0000000100)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)

17.538439881s ago: executing program 2 (id=1418):
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='kfree\x00', r0}, 0x18)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x82)
r2 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r2, 0x100000000000000, 0x80, 0x0, 0x108)
writev(r1, &(0x7f00000017c0), 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = dup(r3)
sendmsg$IPSET_CMD_CREATE(r4, 0x0, 0x0)
setsockopt$MRT6_TABLE(r4, 0x29, 0xcf, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = semget$private(0x0, 0x6, 0x0)
semtimedop(r7, 0x0, 0x0, 0x0)
semop(r7, &(0x7f00000000c0)=[{0x2}], 0x1)
semctl$SETALL(r7, 0x0, 0x11, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000fc0)=ANY=[@ANYBLOB="12000000030000000400000002"], 0x50)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x40, 0x0, 0x1, 0x70bd29, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0x2c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x6}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}, @IPVS_DEST_ATTR_FWD_METHOD={0x8}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x4008184}, 0x4044019)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100626f6e640000000018000280140008"], 0x48}}, 0x0)
sendmmsg$inet(r9, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r2, 0xc0096616, &(0x7f00000000c0)={0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r8}, &(0x7f0000000580)=0x2, &(0x7f00000005c0)=r5}, 0x20)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0xfe44, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x2, 0x11, &(0x7f0000000980)=@raw=[@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r10}}, @jmp={0x5, 0x0, 0xa, 0x6, 0x8, 0x50, 0x1}, @jmp={0x5, 0x1, 0x3, 0xb, 0xa, 0xfffffffffffffffe, 0x4}, @jmp={0x5, 0x1, 0xb, 0xa, 0x9, 0x2}, @tail_call={{0x18, 0x2, 0x1, 0x0, r10}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}], &(0x7f0000000340)='syzkaller\x00', 0x8000000, 0x3e, &(0x7f0000000400)=""/62, 0x41100, 0x8, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000000740)={0x2, 0xe, 0x3, 0x7}, 0x10, 0xffffffffffffffff, r6, 0x5, &(0x7f0000000780)=[r10, r10], &(0x7f0000000a40)=[{0x0, 0x5, 0xb, 0x7}, {0x1, 0x5, 0xd}, {0x3, 0x3, 0xf, 0x6}, {0x3, 0x5, 0x5, 0x4}, {0x3, 0x1, 0xb, 0xb}], 0x10, 0xfffff001, @void, @value}, 0x94)
fsetxattr$system_posix_acl(r10, &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000640)=ANY=[@ANYBLOB="0200000001ac08fb3aa63c67f3deaf86c8a1c7e168000000000000000200f1ff062908609465bda08b69b5428811ced78766d1aaa0ae11b2cb8cfe785216dc40d0528e075c3850fb46c4f638e81c6c26105147a4b0bf90d3c5aabd83449c3a5b00ca4f38aec68f5471831cb274d6e6cecebc2e47f5145dfb34df49e84b35b0cba1f13c023ba01d5c22a8dd15603379dfb1201a8002b3a398da765179855813690a0cf7fd9625abf43d3958e13c5522dd69b6fd4726cb66aeefeb1b8c184e30c5e161d61a585e38860be5d20840199099fadff3f286", @ANYRES32=0x0], 0x2c, 0x2)
close(r5)

17.538102801s ago: executing program 2 (id=1419):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r0, 0x0, 0x5}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x8, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x7, 0xa, 0xfffffff3}}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=@newtfilter={0x44, 0x2c, 0xd2b, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0x9}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x5, 0x8, 0x7, 0xe7}]}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x2404c044}, 0x24044094)

17.449909802s ago: executing program 2 (id=1421):
unshare(0x28020480)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4c21, 0x84, @mcast1, 0x5}, 0x1c)
r2 = open(&(0x7f00009e1000)='./file0\x00', 0x149040, 0x10)
fcntl$setlease(r2, 0x400, 0x0)
r3 = openat2(r2, &(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)={0x180, 0x18, 0x1a}, 0x18)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', <r6=>0x0})
bind$can_j1939(r5, &(0x7f0000000380)={0x1d, r6, 0x0, {0x2, 0xf0, 0x4}, 0xfe}, 0x18)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000400)={{0x1, 0x2, 0x9, 0x0, 0x2}})
setsockopt$sock_int(r5, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
setsockopt$SO_J1939_ERRQUEUE(r5, 0x6b, 0x4, &(0x7f0000000080)=0x1, 0x4)
sendmsg$can_j1939(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)="5f7327a543a8f33e22", 0x9}, 0x1, 0x0, 0x0, 0x2400c000}, 0x8051)
sendmsg$inet(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)}, 0x4048001)
sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd27, 0x0, {0x0, 0x0, 0x74, r6, {0xfffd, 0xffff}, {0x1}, {0xfff2}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)
fcntl$setlease(r3, 0x400, 0x1)
pselect6(0x40, &(0x7f0000000100)={0x10001, 0x3, 0x8, 0x9, 0x400, 0x6, 0x8, 0xd}, &(0x7f00000001c0)={0xaa, 0x7, 0x7958, 0x8, 0x9, 0x6, 0xfffffffffffffffe, 0x3}, &(0x7f0000000200)={0xfffffffffffffffc, 0x1, 0x401, 0x4, 0xfff, 0x7b2bc7be, 0x2, 0xead}, &(0x7f0000000280), &(0x7f00000003c0)={&(0x7f0000000340), 0x8})
signalfd(r0, &(0x7f0000000040)={[0x8]}, 0x8)
write$binfmt_aout(r2, 0x0, 0x1f)

2.313412075s ago: executing program 33 (id=1421):
unshare(0x28020480)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4c21, 0x84, @mcast1, 0x5}, 0x1c)
r2 = open(&(0x7f00009e1000)='./file0\x00', 0x149040, 0x10)
fcntl$setlease(r2, 0x400, 0x0)
r3 = openat2(r2, &(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)={0x180, 0x18, 0x1a}, 0x18)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', <r6=>0x0})
bind$can_j1939(r5, &(0x7f0000000380)={0x1d, r6, 0x0, {0x2, 0xf0, 0x4}, 0xfe}, 0x18)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000400)={{0x1, 0x2, 0x9, 0x0, 0x2}})
setsockopt$sock_int(r5, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
setsockopt$SO_J1939_ERRQUEUE(r5, 0x6b, 0x4, &(0x7f0000000080)=0x1, 0x4)
sendmsg$can_j1939(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)="5f7327a543a8f33e22", 0x9}, 0x1, 0x0, 0x0, 0x2400c000}, 0x8051)
sendmsg$inet(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)}, 0x4048001)
sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd27, 0x0, {0x0, 0x0, 0x74, r6, {0xfffd, 0xffff}, {0x1}, {0xfff2}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)
fcntl$setlease(r3, 0x400, 0x1)
pselect6(0x40, &(0x7f0000000100)={0x10001, 0x3, 0x8, 0x9, 0x400, 0x6, 0x8, 0xd}, &(0x7f00000001c0)={0xaa, 0x7, 0x7958, 0x8, 0x9, 0x6, 0xfffffffffffffffe, 0x3}, &(0x7f0000000200)={0xfffffffffffffffc, 0x1, 0x401, 0x4, 0xfff, 0x7b2bc7be, 0x2, 0xead}, &(0x7f0000000280), &(0x7f00000003c0)={&(0x7f0000000340), 0x8})
signalfd(r0, &(0x7f0000000040)={[0x8]}, 0x8)
write$binfmt_aout(r2, 0x0, 0x1f)

1.280168311s ago: executing program 4 (id=1797):
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x18)
r2 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0', 0x0)
write$binfmt_script(r2, &(0x7f0000000a40)={'#! ', '.'}, 0x5)
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

1.248834561s ago: executing program 4 (id=1800):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_io_uring_setup(0x10b, &(0x7f0000000580)={0x0, 0xd736, 0x80, 0x3, 0xbffffffa}, &(0x7f00000003c0)=<r1=>0x0, &(0x7f0000000340)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x80, 0x6000})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800c0001006d616376746170000400028008000500", @ANYRES32, @ANYBLOB="080003"], 0x44}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000b80)=ANY=[@ANYBLOB="9feb01a663350018000000000000003400000034000000050000400b000000000000110200000001000000030000000000000904000000ffffffff000000120100000009000000000000080200000000305f6100f3a862f5dbb04d4a19489b450d6f4acb2b5d6ec3d433e1a60f6054e466e4a643a838b73a7176c7b2202ac4e8e46b82183b282427b6fd094ba1763b89ba074749281c30b1024b853ba7bcca18dcc85501ffe7d49135c7c425d11f7f53e067ed3fad5b8f50a779a3522cb5c2cab2e4a671ab8a9304aff2fad31cc5c18c8316c76f"], &(0x7f0000000480)=""/162, 0x51, 0xa2, 0x0, 0xfffffffd, 0x10000, @value}, 0x28)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006d616373656300000400038008000500", @ANYRES32], 0x3c}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_dev$evdev(0x0, 0x0, 0x802)
r4 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = timerfd_create(0x0, 0x0)
readv(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)=""/33, 0x21}], 0x1)

1.108475193s ago: executing program 3 (id=1806):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
times(&(0x7f0000000380))

1.065072744s ago: executing program 3 (id=1807):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_opts(r3, 0x0, 0xd, 0x0, 0x0)
socket(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10)
write(r4, &(0x7f0000000000)="240000001a005f0214f9f407000904001f000000fe000000000200000800040001000000", 0x24)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX=r1, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r2}, &(0x7f0000000380), &(0x7f00000003c0)=r5}, 0x20)
ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000000080)={0x0, 0xfff, 0x80, 0x5, 0x7}) (async)
ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000000080)={0x0, 0xfff, 0x80, 0x5, 0x7})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x48, 0x48, 0x6, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x4}}, @typedef={0x3, 0x0, 0x0, 0x7}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x2}}, @typedef={0x4, 0x0, 0x0, 0x8, 0x2}]}, {0x0, [0x0, 0x0, 0x2e, 0x5f]}}, 0x0, 0x66, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000300)="d8000000180081054e81f782db4cb9040a1d080006007c02e8fe55a10a0015000900142603600e1208000f4f1b000401a8001600200005400400027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x0) (async)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000300)="d8000000180081054e81f782db4cb9040a1d080006007c02e8fe55a10a0015000900142603600e1208000f4f1b000401a8001600200005400400027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x0)
close_range(r0, r0, 0x2) (async)
close_range(r0, r0, 0x2)

994.609515ms ago: executing program 3 (id=1810):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth0_to_bridge\x00', <r2=>0x0})
syz_io_uring_setup(0x10b, &(0x7f0000000580)={0x0, 0xd736, 0x80, 0x3, 0xbffffffa}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000340)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x80, 0x6000})
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000720000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r2, @ANYBLOB="080003"], 0x44}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000b80)=ANY=[@ANYBLOB="9feb01a663350018000000000000003400000034000000050000400b000000000000110200000001000000030000000000000904000000ffffffff000000120100000009000000000000080200000000305f6100f3a862f5dbb04d4a19489b450d6f4acb2b5d6ec3d433e1a60f6054e466e4a643a838b73a7176c7b2202ac4e8e46b82183b282427b6fd094ba1763b89ba074749281c30b1024b853ba7bcca18dcc85501ffe7d49135c7c425d11f7f53e067ed3fad5b8f50a779a3522cb5c2cab2e4a671ab8a9304aff2fad31cc5c18c8316c76f"], &(0x7f0000000480)=""/162, 0x51, 0xa2, 0x0, 0xfffffffd, 0x10000, @value}, 0x28)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006d616373656300000400038008000500", @ANYRES32], 0x3c}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', r2, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_dev$evdev(0x0, 0x0, 0x802)
r6 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r7 = timerfd_create(0x0, 0x0)
readv(r7, &(0x7f00000003c0)=[{&(0x7f0000000000)=""/33, 0x21}], 0x1)

921.533116ms ago: executing program 5 (id=1813):
socket$netlink(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1, 0x1, 0x8, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000880)="9e", 0x1, 0x0, 0x0, 0x0)
sendmsg$inet6(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="246ad8f53d17cc26559f07f51bdf1d8013a630fce008d3b8dda391ec6e588fba4c3f1259a39f6bc35fedcda76f9d6588f4f04878469b86efc7716f17f9ae34", 0x3f}], 0x1}, 0x4200c000)
writev(r0, &(0x7f0000000100)=[{&(0x7f0000000240)=',', 0x34000}], 0x1)

791.262768ms ago: executing program 5 (id=1816):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
times(&(0x7f0000000380))

774.138549ms ago: executing program 6 (id=1778):
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}}, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
io_pgetevents(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f00000000c0)={0x2, &(0x7f0000000040)=[{0x40, 0x5d, 0x2, 0x8}, {0x6, 0x0, 0x6, 0x1}]}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r2, &(0x7f0000000140)="24000000010006", 0x7)
preadv2(r0, &(0x7f0000001540)=[{0x0}, {&(0x7f0000001380)=""/129, 0x7ffff000}], 0x2, 0x0, 0x0, 0x0)

773.526078ms ago: executing program 5 (id=1817):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_read_part_table(0x105e, &(0x7f0000000000)="$eJzsz71NA0EYBNC55eCO4FohoQMqICGhGbohoA96ISG3LFuftSf/dGA7eC9YjTSzWm24rZZtVT3Wb6WGJE/9+Gp5yZw8p62jt3FO5k1V1ZQh+e/33ntT0/64SS/aX6Y1f74Ou6rLM8vDKX2Py3n/8XO9jwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/ToEAAD//zfUF2I=")

642.71595ms ago: executing program 0 (id=1819):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r7, &(0x7f00000002c0)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r8, @ANYBLOB="0000000000000000280012000c00"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000980)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0x54, r9, 0x2, 0x70bd2d, 0x25dfdbfe, {}, [@ETHTOOL_A_COALESCE_RATE_SAMPLE_INTERVAL={0x8, 0x17, 0x100}, @ETHTOOL_A_COALESCE_TX_USECS_LOW={0x8, 0x10, 0x5}, @ETHTOOL_A_COALESCE_TX_USECS_LOW={0x8, 0x10, 0x80000001}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES_LOW={0x8, 0xf, 0x7fffffff}, @ETHTOOL_A_COALESCE_RATE_SAMPLE_INTERVAL={0x8, 0x17, 0x2}, @ETHTOOL_A_COALESCE_RX_USECS_IRQ={0x8, 0x4, 0x80000000}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_RX={0x5}, @ETHTOOL_A_COALESCE_RX_USECS={0x8, 0x2, 0x4}]}, 0x54}, 0x1, 0x0, 0x0, 0x20000080}, 0x2408a010)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c000100636f756e74657200400100000c0a01010000000000000000070000000900020073797a31000000000900010073797a300000000014010380100100800800034000000002"], 0x1d4}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
socketpair(0x18, 0xa, 0x9, &(0x7f0000000280))
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r10 = socket(0x400000000010, 0x3, 0x0)
r11 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r12, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001300)=@newtfilter={0x304, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r12, {0x8, 0x3}, {}, {0x3, 0x10}}, [@filter_kind_options=@f_matchall={{0xd}, {0x2d0, 0x2, [@TCA_MATCHALL_ACT={0x2b, 0x2, [@m_ife={0x50, 0x0, 0x0, 0x0, {{0x8}, {0x28, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x40, 0x6, 0xffffffffffffffff, 0xea, 0x100004}, 0x1}}, @TCA_IFE_TYPE={0x6, 0x5, 0x7}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x1}, @TCA_MATCHALL_ACT={0x270, 0x2, [@m_tunnel_key={0x74, 0x7, 0x0, 0x0, {{0xf}, {0x18, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @ipv4={'\x00', '\xff\xff', @private=0xa010102}}]}, {0x30, 0x6, "e236b57fe90605af81c9826864235bcdf5aba726b536a3fad331bf0a4a8fcd8b65cf749d3149923fcfee3226"}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}, @m_tunnel_key={0x190, 0x1d, 0x0, 0x0, {{0xf}, {0x60, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0xffffffff}, @TCA_TUNNEL_KEY_NO_CSUM={0x5, 0xa, 0x1}, @TCA_TUNNEL_KEY_NO_CSUM={0x5}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @empty}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x5, 0x9, 0x7, 0x3ff}, 0x2}}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @remote}]}, {0x103, 0x6, "acae533a1620d25d86a226c3f830ac7be1cf9a8b63ec98dcaa075225904f038c6c1335de512db4bbd26b27549c7aca80ac1672c23969a4d2dd63e31edfadaa2ce6512c39b5f802da324c8b49629c6230f92bc96d887111d92a65208320be280838f1b31ca2804ce973cba6345ddd6f7984210cf663407220c6a7c7502513011f29e8155236d6c334d8f2c4ed6f43f3cc9ce46c8648804dcc95514665459abb3328565441a2bebc4f5bf0c29f1a4de44171428313d81c4ebe2cd25c082473db54d49cb212b9fdbd7abdea5c2346f7339ef0261070a021deb1490c871a2bf31f066f2d11fec0de4ca6afb11d53fd44b5db356b14fac9c84a315dc568759adb28"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2}}}}, @m_pedit={0x68, 0x21a, 0x0, 0x0, {{0xa}, {0x8, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0x0, 0x2, {{{0x8, 0x1, 0xffffffffffffffff, 0x1, 0x2}, 0x6, 0x9, [{0xfff, 0x2, 0x7fba, 0x1, 0xabe3, 0x2}, {0x200, 0x3, 0x9, 0x1, 0xf12d, 0x1db6}, {0x7461, 0x6, 0x80, 0x7fffffff, 0xd}, {0x1, 0x1000, 0x4, 0x5, 0x2, 0xc1}, {0x8, 0x41a0, 0x66aa, 0x2, 0xffffffff, 0x1}]}, [{0x4, 0x3, 0x7fff, 0x7, 0xbf46, 0x400}, {0x0, 0xcd, 0x7f, 0x5, 0x3ff, 0xfe000000}, {0xa, 0x2, 0xfffff608, 0x7, 0x6800, 0x7}, {0x6, 0x2, 0x4, 0x400, 0x1, 0x10000}, {0xfffffffd, 0x9, 0xe7e, 0x10, 0xadf8, 0x4}, {0xc7, 0x8, 0x6, 0x4, 0x9, 0xfffffffb}, {0x6, 0x3, 0xe3b, 0x9189, 0x9, 0x2}, {0x2, 0x100, 0x10, 0x2, 0xf2e, 0x80}, {0x1, 0x0, 0xfffffff7, 0x1, 0x4, 0x800}, {0x400, 0x10000, 0x1, 0x3, 0x10, 0x1}, {0x6, 0x4, 0x4, 0x4, 0xffffffc0, 0x3}, {0x2, 0xc2, 0x7, 0x3, 0x8, 0x9}, {0x0, 0x2, 0xfffffff7, 0x10001, 0xc, 0x3}, {0x1, 0x2, 0x5, 0x9, 0xfffffff8, 0x10}, {0x7e08, 0xb9c7, 0x1, 0xffffffff, 0x8, 0x7f}, {0x8, 0x9, 0xfff, 0x2, 0x10001, 0x6}, {0x0, 0x6, 0x46d, 0x3, 0x80000000, 0x4}, {0x7, 0x0, 0x7ff, 0x6, 0x101}, {0x6, 0x4, 0x0, 0x6, 0x3, 0x6}, {0xa, 0x7, 0x40, 0x12da, 0x4, 0x4}, {0xd8, 0x9c, 0x3, 0x5c, 0x4}, {0xffff, 0xe, 0x7e6a, 0x1, 0x0, 0x2}, {0x3, 0x3, 0x9, 0x0, 0x2, 0xf40}, {0xa, 0x7, 0x400, 0x9, 0x1, 0x5}, {0xfb, 0x5, 0x8, 0x7, 0x585}, {0x0, 0x6, 0x15, 0x9, 0x101, 0x80}, {0x9, 0x3, 0xffff, 0x1, 0x1, 0x1}, {0x0, 0xfffffffc, 0x3, 0x6, 0x407, 0xfffffff8}, {0x8, 0xfffffffd, 0x10001, 0x9, 0x6, 0x92}, {0x6, 0x0, 0xffffffff, 0x4, 0x6, 0x1be9}, {0x8, 0x5, 0x1, 0x1, 0x80000001, 0x7f}, {0x500000, 0x400, 0x6, 0x69fffd19, 0xfffffffa, 0x8}, {0x4, 0x1, 0x6, 0xffff, 0xfff, 0xfff}, {0x200, 0x4, 0x8, 0x5, 0x1eb5, 0xfffffffe}, {0x7, 0x3, 0x7, 0x8, 0x7f, 0x2}, {0xd, 0x3, 0x9, 0x2d8, 0x2}, {0x7, 0x5, 0x566, 0xf6, 0xc, 0x48}, {0x10, 0x8001, 0x8c5d, 0x6, 0x1, 0x800}, {0x6, 0x9, 0x3, 0x8, 0xd, 0x7}, {0x3, 0x9, 0x80000001, 0x4b, 0x7b6, 0x10001}, {0x64, 0x5, 0x9, 0x1, 0x7ff, 0x6}, {0x3eb5a90b, 0x9, 0x8, 0x10000, 0xf631, 0x6fd}, {0xffff, 0x4, 0x5, 0x3, 0x2000000, 0x8ab6}, {0x46c, 0x5, 0x3, 0x3, 0x5, 0x4}, {0xa413, 0x6, 0x79e6, 0xf2, 0x2, 0x10000000}, {0xffffaa7f, 0x40, 0x8, 0xcab, 0x40, 0xe9}, {0x3, 0x8, 0x5, 0xb33, 0x6, 0x7}, {0xc, 0x8, 0x2, 0xb4, 0x200, 0x3}, {0x7f, 0x8, 0xff, 0xffffffff}, {0x0, 0x2, 0x7, 0xf, 0xd, 0x2}, {0xf2, 0xfffffff3, 0x6b8, 0x2638, 0x0, 0x2}, {0xff, 0x8d, 0x8, 0xe, 0x10, 0x3}, {0x2, 0x7, 0x7, 0x3, 0x7f, 0x3}, {0x2, 0x7, 0x72, 0x9, 0x9, 0xdf}, {0x9, 0x80000000, 0xb, 0xfffffffe, 0x2, 0xfff}, {0x1, 0x2, 0x100, 0x4, 0x6, 0x10001}, {0x0, 0xc, 0x400, 0x5, 0x10, 0x81}, {0x80000001, 0x8, 0x3, 0x401, 0xffffffca, 0x5}, {0x200000, 0x7b, 0x1ff, 0x4, 0x5, 0xfffffffa}, {0x0, 0x8, 0xc, 0x4, 0x1f, 0x666}, {0x2, 0x9, 0xffffffff, 0x200, 0x9, 0xa}, {0x9, 0x4, 0xa87, 0x4, 0x3, 0x10001}, {0xfffff800, 0x8000, 0x19, 0x1, 0x10000, 0x7}, {0x0, 0x96, 0x6, 0x0, 0x7f, 0x5}, {0x40b, 0xf9ef, 0xf6c, 0x2, 0x4, 0x5}, {0x4, 0x2bf, 0x4, 0xc, 0x8, 0x9}, {0x8001, 0x4, 0xb00, 0x8, 0x9, 0x5}, {0x8, 0xfff, 0x7b02, 0xda, 0x1, 0xfffffffd}, {0x10, 0x1, 0x0, 0x5, 0x4b6d, 0x81}, {0x2, 0x7fffffff, 0x4, 0x0, 0x800, 0x3}, {0x2, 0x6, 0x5, 0x9, 0x2, 0x9}, {0x6, 0x7ff, 0x1, 0x52, 0x6, 0x5}, {0x0, 0x400, 0x3, 0x2, 0xb, 0x6}, {0x0, 0x8, 0x6, 0x80, 0xd, 0x7}, {0x2, 0x8, 0x6, 0x6, 0x7, 0x10001}, {0x6, 0xc94, 0x1, 0x3, 0x1, 0xfff}, {0x8, 0x2, 0x6, 0x1, 0x9, 0xeb4}, {0x66d, 0xe8, 0x4, 0x2, 0xfff, 0xfd7}, {0x1, 0x1, 0x7fff, 0x1, 0x8000, 0x5}, {0x5, 0x3, 0x0, 0x2, 0x31634e75, 0x7fffffff}, {0x2, 0x4, 0xd60, 0x7, 0x80000001, 0x8001}, {0x5, 0x5, 0x9, 0x0, 0x8, 0xfffff800}, {0xf7ad, 0x8, 0xb, 0x5, 0x3f14, 0x1}, {0xba4, 0x7, 0x0, 0x7, 0x101, 0x56e}, {0x10, 0x2, 0xf365, 0x1ff, 0x3cd6}, {0x5, 0x0, 0x1, 0x1, 0x9, 0xffffff43}, {0x74a, 0x6, 0xad8a, 0x401, 0x4aa}, {0x1, 0x9, 0xe15, 0x4, 0x8000, 0x4}, {0x6, 0x5, 0x2, 0xcf, 0x3ff, 0x9}, {0x1000, 0xe559, 0xffffffff, 0x4, 0x7, 0x5}, {0x6e, 0x7fffffff, 0x2, 0x9, 0x9, 0x9}, {0x7f, 0x4, 0xff, 0x0, 0x4}, {0x100, 0x1, 0x1ff, 0x800, 0x2, 0xfffeffff}, {0x3, 0x8, 0x1ff, 0xc3, 0x4, 0x238}, {0x9, 0x2, 0xffffffff, 0xffffffff, 0xe, 0x8001}, {0x683c, 0x2, 0xffff, 0x78, 0x5, 0xffffffff}, {0x2, 0x8, 0x8000, 0x0, 0x8b, 0x1}, {0x47, 0x9, 0x3, 0x0, 0x10, 0xa36}, {0xfffffff9, 0x55d, 0x7, 0x1, 0x4, 0x10}, {0x2, 0x9, 0x7, 0xb8a, 0xe, 0x8f}, {0x4, 0xa, 0x7, 0x60000000, 0x8, 0x401}, {0x6, 0xcbee, 0x160, 0xc83, 0xfffffffe, 0x9}, {0x8, 0x5, 0x9, 0xfed1, 0xafbb}, {0x5, 0x7, 0x52, 0x1c000, 0x1000, 0x2}, {0x0, 0x10000, 0x3, 0x2, 0xfffffff8, 0xfffffffd}, {0x200, 0x6199, 0x9, 0x8, 0x7ff, 0x1}, {0x2f, 0x4, 0x0, 0x9, 0x353a84f8, 0x5}, {0x3, 0x6, 0x3, 0x4, 0x9, 0x7}, {0x7, 0x8, 0x2, 0x2, 0x2, 0x1}, {0x9, 0x1, 0x2, 0x895, 0x4, 0x10}, {0x2, 0x1, 0x1, 0xfffffc01, 0xffff, 0x7}, {0x8659, 0x0, 0x1, 0x200, 0x1, 0x7fff}, {0x10000, 0x2, 0x3, 0x7, 0x46, 0x4}, {0x100, 0x1, 0xd9b, 0x4, 0x3, 0x8}, {0x4, 0x2, 0x6, 0x2, 0x1, 0x1000}, {0xd, 0xa, 0xee, 0x5, 0x1, 0x5}, {0x7, 0xe0000000, 0x7f, 0x400, 0x0, 0x6}, {0x8, 0xd62, 0x8001, 0x8, 0x10, 0x1}, {0x2, 0x100, 0x3, 0xd02, 0x4, 0x100}, {0x2, 0x2, 0x5, 0x7, 0xe1, 0xc0}, {0x4, 0x0, 0x93400000, 0x5, 0x7, 0x9}, {0x8, 0x8, 0x10000, 0x5, 0x4, 0x2}, {0x3, 0x8, 0x1, 0x1, 0x1, 0xfffffff3}, {0xc, 0x2, 0xd5, 0x7, 0x800, 0x101}, {0x7b, 0x5, 0xffff, 0xfffffffa, 0x4, 0x1}, {0x6f, 0x1000, 0x6, 0x5, 0x1, 0x6}, {0xcbf8, 0xe3, 0x60, 0x3, 0x7, 0x6}, {0xffffffff, 0x8, 0x5, 0x2, 0x6de, 0x3ae3bc6c}], [{0x2, 0x1}, {0x4}, {0x2, 0x4c02604418f3f67c}, {0x5}, {0x4, 0x1}, {0x2}, {0x0, 0x1}, {0x0, 0x1}, {}, {0x4, 0x1}, {0x5}, {0x2, 0x1}, {0x1}, {}, {0x4}, {0x5}, {0x4, 0x1}, {0x1}, {0x0, 0x2}, {0x2}, {0x2, 0x1}, {0x5, 0x1}, {0x3}, {0x5, 0x1}, {0x4}, {0x2, 0x1}, {0x1}, {0x3}, {0x3, 0x1}, {}, {}, {0x1}, {}, {0x5, 0x1}, {0x1}, {0x2, 0x1}, {0x5}, {0x1, 0x1}, {0x1}, {0x4, 0x1}, {0x4}, {0x1, 0x1}, {0x4}, {0x2}, {0x4}, {0x4}, {0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x2}, {}, {0x3, 0x1}, {0x2, 0x1}, {0x1}, {0x4, 0x1}, {0x6, 0x1}, {0x1}, {0x5, 0x1}, {0x1, 0x1}, {0x5}, {0x5}, {0x0, 0x1}, {0x0, 0x1}, {0x5}, {}, {0x5}, {0x1}, {0x4}, {0x2}, {0x2, 0x7c0827b64b18f4f1}, {0x5, 0x1}, {}, {0x4, 0x1}, {0x0, 0x1}, {0x2, 0xfb70130004d08f17}, {0x3, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x1}, {0x0, 0x1}, {0x3}, {0x1, 0x1}, {0x5}, {0x4, 0x1}, {0x5, 0x1}, {0x4}, {0x3}, {0x5}, {0x2}, {0x3, 0x1}, {0x2}, {0x3}, {0x3, 0x1}, {0x5}, {0x5}, {0x5}, {0x3, 0x1}, {0x5, 0x1}, {0x1, 0x1}, {0x1}, {0x4}, {0x4}, {0x1}, {0x4, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x4}, {0x0, 0x1}, {0x5}, {}, {0x5}, {0x2, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x1, 0x2}, {0x4}, {0x6}, {0x1, 0x1}, {0x4}, {0x0, 0x1}, {0x1}, {0x5, 0x1}, {0x4}]}}]}, {0x36, 0x6, "b6e80192d1e8f95df48984510ea6007cabb2169f6c20addd9dad8c88c8f8f41c7d13eadb7f61a3f8423106a0afc8b391ae5b"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}}]}, 0x304}, 0x1, 0x0, 0x0, 0x10}, 0x0)

613.114971ms ago: executing program 5 (id=1820):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
mknod(&(0x7f00000000c0)='./file0\x00', 0x0, 0xffffffff)
lsetxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000200)=@known='user.incfs.id\x00', 0x0, 0x0, 0x0)
unlink(&(0x7f00000003c0)='./file0\x00')

583.944651ms ago: executing program 5 (id=1821):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1, 0x0, 0x200000000000006}, 0x18)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a61, 0x5, 0x7fffffff, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r2 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$selinux_access(r2, &(0x7f00000004c0)=ANY=[], 0x56)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
socket(0x1e, 0x4, 0x0)
clock_gettime(0x0, &(0x7f0000000b80))

503.766812ms ago: executing program 6 (id=1822):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000040), 0x81, r0, 0x4}, 0x38)
set_mempolicy(0x3, &(0x7f0000000140)=0x3, 0xb)
set_mempolicy(0x8000, &(0x7f0000000100)=0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
lsm_get_self_attr(0x69, 0x0, 0x0, 0x0)
setregid(0xffffffffffffffff, 0x0)
syz_init_net_socket$llc(0x1a, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd6000ed6a00142c00", @ANYBLOB], 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x87, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x1300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xff000000}, 0x48)

318.694865ms ago: executing program 4 (id=1823):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x8}, 0x18)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)

258.988926ms ago: executing program 5 (id=1824):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f0000000300), &(0x7f0000000340)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r3, &(0x7f0000004200)='t', 0x1)
sendfile(r3, r2, 0x0, 0x3ffff)
sendfile(r3, r2, 0x0, 0x7ffff000)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffd, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bind$rds(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000200)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f00000007c0)=[@fadd={0x58, 0x114, 0x6, {{0x3, 0x7}, &(0x7f0000000180)=0x9, 0x0, 0x800029, 0x5, 0x6, 0x968, 0x20, 0xfffffffffffffff9}}], 0x58, 0x4804}, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)

258.681186ms ago: executing program 4 (id=1825):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)

224.743347ms ago: executing program 0 (id=1826):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x18)
r2 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0', 0x0)
write$binfmt_script(r2, &(0x7f0000000a40)={'#! ', '.'}, 0x5)
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

224.256957ms ago: executing program 0 (id=1827):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
times(&(0x7f0000000380))

193.757177ms ago: executing program 4 (id=1828):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000003140)=ANY=[@ANYBLOB="c01800002000010a00000000000000000a0000002c01018028014880ed00a90013466820cd76bb221fbb4acd690c6a8b9c760a61eeec7793b579aefdb936d00f403d3f04637cdb9ac70e28c5dd66ddedde2d0930650e6821f9a26a4a193c1d06a3e75523f901e44fe087ae32c836c6d6ddba3af8e9a2beae8936168f9fa38c395f5cf7408df69c60bf584bee86a6312e9ce866e456c3eda6f2924082d78a2f385bdbd0c9afb54758c102bf13094645fb6aa34d424ec776691fee3d25307f61fed2752babf7c686e8a3d9b59a8343bcf4121bf5cf400a0c1070855fac565cad", @ANYRES32=0x0], 0x18c0}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r3, 0x0, 0xffffffffffffffff}, 0x18)
r4 = openat$selinux_create(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
pwrite64(r4, &(0x7f0000000d40)="3703c70f70e244b7878fedf0c0c6c2ff2f524255d61dbfb25921e3d3686454b93e5842722103c5c67b800da4173b9e63544ee1f32fd585dab49f06f4e7e92a867080b7b83c0a31253633", 0x4a, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")
r5 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r5, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e21, @empty}}, 0x80, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
sendmsg$kcm(r5, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0xffff, 0x2, 0x10, {0x2, 0x4e21, @loopback}}, 0x80, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x20000000)
close(r5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket(0x1000000000000010, 0x3, 0x0)
sendmsg(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1}, 0x0)
syz_emit_ethernet(0x7a, &(0x7f0000000000)={@broadcast, @empty, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "76db40", 0x44, 0x2f, 0x0, @dev={0xfe, 0x80, '\x00', 0x21}, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6558}, {}, {}, {}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4, 0x10}, 0x2, {0x8, 0x1}}}}}}}}}, 0x0)
open_by_handle_at(0xffffffffffffff9c, 0x0, 0x0)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0)

193.472597ms ago: executing program 0 (id=1829):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000300)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f00000005c0)={r2, 0xf0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000480)='kfree\x00', r4, 0x0, 0x7}, 0x18)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x2, 0xd, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, [@sadb_x_policy={0x8, 0x12, 0x2, 0x2, 0x0, 0x0, 0x0, {0x10, 0x32, 0x3, 0x0, 0x0, 0x0, 0x0, @in=@rand_addr=0x10003c00, @in6=@private2}}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @local}}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @private}}]}, 0x80}}, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84) (async)
socket$inet6_sctp(0xa, 0x1, 0x84) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, &(0x7f00000002c0)=0x10) (async)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8) (async)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f00000005c0)={r2, 0xf0}, 0x8) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000480)='kfree\x00', r4, 0x0, 0x7}, 0x18) (async)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) (async)
socket$key(0xf, 0x3, 0x2) (async)
sendmsg$key(r5, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x2, 0xd, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, [@sadb_x_policy={0x8, 0x12, 0x2, 0x2, 0x0, 0x0, 0x0, {0x10, 0x32, 0x3, 0x0, 0x0, 0x0, 0x0, @in=@rand_addr=0x10003c00, @in6=@private2}}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @local}}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @private}}]}, 0x80}}, 0x0) (async)

144.472288ms ago: executing program 3 (id=1830):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
fchownat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x400)

105.810329ms ago: executing program 3 (id=1831):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
mknod(&(0x7f00000000c0)='./file0\x00', 0x0, 0xffffffff)
lsetxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000200)=@known='user.incfs.id\x00', 0x0, 0x0, 0x0)
unlink(&(0x7f00000003c0)='./file0\x00')

63.574069ms ago: executing program 0 (id=1832):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r0, 0x10c, 0x6, &(0x7f0000000000)=0x20b, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079109700000000007b0ae8ff000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x3f, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newlink={0x48, 0x10, 0x401, 0x0, 0x8000, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0x10001}]}}}, @IFLA_MASTER={0x8, 0x3}]}, 0x48}, 0x1, 0xd}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000240)=ANY=[@ANYBLOB="240100001600010428bd700000000000fe8000000000000000000000000000bbfc01000000000000000000000000000100040000000000000000a00000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff02000000000000000000000000000100000000330000000a0101010000000000000000000000000000000000004e340100000000000000000000000000000004000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000a0000002bbd70000000000000000200000000000000000008000020ffffffdf2c0027cc"], 0x124}}, 0x0)
ioctl$PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, &(0x7f00001c9000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000040)=[{0x3, 0xfffffffffffffffd}], 0x1, 0x0, 0x0, 0x0, 0x0, 0x2})
r5 = socket$key(0xf, 0x3, 0x2)
times(&(0x7f0000000380))
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='kfree\x00', r6}, 0x18)
sendmsg$key(r5, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="020300030f000000000700000000000005000900e000000001d78771b90bd8a3b4914783c58777003d5b9538a9d03e6e9bfdac550000000003000600000000000200000000000000000000000000000002000100000000000000020d000000000300050000000000020000"], 0x78}, 0x1, 0x7}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="05000000040100009900000001d46bc4a7b4a6bb5afcd53fa2d693fb8aa458e812fea9b9c9542699412c5a14ec97f377e6b4d42ce97cf2af85c70c2f70658628fea701e9806dd92ff3e309c1de8ef79ba80f61dc0da4d93391a40972fe2a71a406ab50ddac535d1687af0f74dcfa0764626fdde36c6aa9df373cb939990ccbcdacf8c252d283eb1ff043b0b701df19267ae5152ce2a71631aceb5dba853d93191881085217c61d2e6d31000000"], 0x48)
ioctl$PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f00000001c0)={0x60, 0x3, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000226000/0x4000)=nil, 0x9, &(0x7f0000000180)=[{0x4, 0x7ff, 0x5}], 0x1, 0xfffffffffffffffe, 0x0, 0x70, 0x8, 0x7c})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r9}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r10}, 0x10)
faccessat2(0xffffffffffffffff, &(0x7f0000000040)='\x00', 0x1, 0x1300)
brk(0x80000001)

57.011539ms ago: executing program 3 (id=1833):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_read_part_table(0x105e, &(0x7f0000000000)="$eJzsz71NA0EYBNC55eCO4FohoQMqICGhGbohoA96ISG3LFuftSf/dGA7eC9YjTSzWm24rZZtVT3Wb6WGJE/9+Gp5yZw8p62jt3FO5k1V1ZQh+e/33ntT0/64SS/aX6Y1f74Ou6rLM8vDKX2Py3n/8XO9jwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/ToEAAD//zfUF2I=")

50.702799ms ago: executing program 4 (id=1834):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x14, &(0x7f0000000ac0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000068a20510e96bc401bf187082e077fdd7f4f3503f36e39c0cdb5ae95e154f5496cf5d49bc4852663928ce39e8e8d28a93fa6f9d06a75dda4a5958d8ffe4453769ff53141025fe8b63fd727f98d41ced3c0c757c44784ca06cdd2ae378b2d7d3e9c0c09a7821ac65de7f9d6e835fca88cf375fa8b79c7dad65f6943aada007"], &(0x7f0000000300)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1, 0x0, 0x200000000000006}, 0x18)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
io_setup(0x5, &(0x7f0000000140)=<r4=>0x0)
r5 = eventfd2(0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x4c, &(0x7f0000000000), 0x4)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=[@rights={{0x14, 0x1, 0x1, [<r6=>0xffffffffffffffff]}}], 0x18}, 0x0)
clock_gettime(0x0, &(0x7f0000000540)={<r7=>0x0, <r8=>0x0})
ppoll(&(0x7f0000000480)=[{}, {r5, 0x4}, {0xffffffffffffffff, 0x220b}], 0x3, &(0x7f0000000580)={r7, r8+10000000}, &(0x7f00000005c0)={[0x100]}, 0x8)
r9 = syz_io_uring_setup(0x237, &(0x7f0000000100)={0x0, 0x0, 0x10100, 0x0, 0x1eb}, &(0x7f0000000040)=<r10=>0x0, &(0x7f00000001c0))
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = bpf$MAP_CREATE(0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="070000000400000008020000d900000000000000b84890fbef869bc22dd6b4f2d8e874576f021d76656c03e4bd7f48bdcc948aeb31143f3adc2140c4163f7476ce90e79260d588d6017ce6d08a91961053355b0fd99066f90f864fb4ed", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r12, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000c9c46d3d60024bba87de1dffb652bbe20a9a646b7e73cab1ab65c27bf2bd5bfdc522c6f13d07c25d745991a4778ecb1b89acd56ecdc03f175e32f688b36f6da297f5240c969cb5efa30a6890fd5ff7294a8636c8311e325a2b5c1da30b68d7bf8a6509825757653dd46241ac8e5743458b6214df5850a1dacf5b3b88988c737f0f5fdaf9de43ec44d908fbbb85136638c2562f5146f065533e22903ecb1b65954ee1f79536126956e2a1d3b51cdf299da4eee8e7a7e13ff2847c67ab7e130cb393993d201c848a8737da387192d2bc83b4d475f66fbf6c0cd778e09452f2aa59a6be"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r14 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r13}, 0x18)
ioctl$sock_SIOCETHTOOL(r11, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0xea5, '.\x00'}})
r15 = io_uring_register$IORING_REGISTER_PERSONALITY(r9, 0x9, 0x0, 0x0)
r16 = mmap$IORING_OFF_SQES(&(0x7f00001d5000/0x2000)=nil, 0x2000, 0x8, 0x30, r9, 0x10000000)
syz_io_uring_submit(r10, r16, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x28, 0x0, 0xffffffffffffffff, &(0x7f0000000440), r2, 0x1, 0x0, 0x1, {0x0, r15}})
io_uring_enter(r9, 0x2def, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, @void, @value}, 0x94)
r17 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000600)='rxrpc_rx_rwind_change\x00', r17, 0x0, 0x8000000000000000}, 0x18)
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000180)=[{&(0x7f00000006c0)=""/235, 0xfffffffffffffdff}, {&(0x7f0000000340)=""/195}, {&(0x7f00000008c0)=""/214}], 0x1}, 0x1f00)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
io_submit(r4, 0x2, &(0x7f0000001ec0)=[&(0x7f0000000840)={0x0, 0x0, 0x0, 0x1, 0x8, r14, &(0x7f0000000640)="861c5dd43424c5e66fd2e9c56e79e0cb07e1d76462a4abbe08cf6ae221736ea6c815d9640c0af189d7c0ffcf7497eb5ab4", 0x31, 0x5, 0x0, 0x3, r6}, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x6, 0x1, r13, &(0x7f0000000ec0)="9e290393dac16ca1e3f7528746730d2e78c0984eb52e0c42d049cd248513b816affda369abf0f5ddd479368779d7539ddc573f313e941446c8fe78bfdfe538d4b7072470dfb988b0d5a40b41ec4706e91c920dbf17f9c1e4413226423aabbaaa8a6d0e7e5c71e9fe7529fe38aa5e524ec5305d0892764f4a8028221f4c24015bc011997acc2e0194a6ce99c29174553dc55a1edd540c13d4f4950068da11df263e11be49ac73ae53bad135323da7ecddc5c82271221e01d9cb9bf5dc6d5e5e94887ec787625b0b7dce57900bc3bb721bce0bb1760a97d53b1bd4fbf54d072dfca85c1b9d11badb964be93a539ec2078d1567eaac825544e9e5a69d6a2e279ad8880da54627dd9a8d943e5f9316c1f84ca9f15f23cfc723a5912ab2c837b191bb697ece7e5ee2eecdad6352aa63ba712e493ee2ea1c1df18ee92c1f52a8144ff0c4fc370a5497c5e2ff025119adcd03e695eb52d8d3a71b6654cbe041dcbf7e32d4d94a28c7af1eaea26142090f8a18bd40717644c3036ffba76823e861ddf570c1ae3f1b887defbffb37d496f2e2aabf7bd923de2f3429d6214d62be1643cc926ffad26538780af55bef9b309ac50eb389155ec45e151b5e0b1951cb0d2f0054309c2a1e913a2ae1b78f7bc4f1ac25b863e7312be8ad78538ba111d46580cf71320c2cd9c4f5b27c9d8f618f1a7dcbcd27e6574d242e18afca6fae20c271abcdfc8f47b6b3642ca84c89515b73fe927cfafc7b4c0f3db6ff9a9e30e86bd7c1c8c140dcbad8c34107f55531141ef82b3c59883fbfbe8a4893c6d43f663614420b18268c7f5ef8b6b28e96c6550cbdd43557ea68479968865c08a71f1826b12ba20f987e2d993f49ff5da65227b5e9edf6f26d27ff56d4f1eef86f86c71cc7a0c8bbe4db2235b9e14375ddef9cbfb47ad2c801e07db09dc3b7be74f7b47b2ab661c79f4a0297b7e5fe7b2d8e4e061c2ce9257cbaea5efa5c4c278131d6db547098209894ba36471491870951fc2a607ec5848ea4bd95e085aa0ad9afc7e8f208e5c9fd61fe5aea411f212563a348bbbd94cc50ea81e6d7c9a6129df83ba0f9a409dfe53003c1d281d28100a2ecc7af4e71961e006ad5b53df8434165bfb9d1931afac184dea71aba85562ba9f3a3ddf290d372b7e751aefe5cdbf04b7e1b4cf5d4997526507a9921937d0028dd283da2587203d20fd4a3e29b592c01f47ca6965c43fc318f2433f61b9b673b35da1efed5936fbc4df5bde4da290f6e8ad847a55775c0eb85e145a19f514a1ae9828df6ea069dcff73f2647ca6f942f98b10ea43ece000c34157580c3b9108da5817f104c4c1a771daab31d39c95b6e6b0d854f00c26fa581997ca9ffad698b4061f311b00a97dc58bda542bbfaaaf2b3d920d04073c4aa2d3b84a080e1de70a1a993b283bfecdb903283c0636c83e47ae6154e2c8f9eb623f9f1cc2595aecd9201aead2e1f3da98e19dc308decd3ccaf1cc7037f0dc03c91a5ff97f587be06576bdf89f6012ced6c8c206d462668ff0f74724f259d004c7bdc032a9beb3d7f65fce71a1dbaf0c24a7e9249eb032c21ea4ed40b9ee7b9ba8673014b2e25ab8774f30e229058bf4840ccdb3290b9cc50a70c9be7bf15702a951136c4da305a238d820484fee0b480aa102ad8677490b050fdc4980e11931d2df0f5d9d66136ea3c558544fc293747a69d9bd2886ad828b356ac2120e5cb48115cf3b27bdf1b822354fb7c426eea6ffc568b6ba16e3331a70802bbcd95e5b911119fe8b899e947b16753f2994254425acaff3c5ff4d992eccb60f4792209ee734818813b90fbd2ea9712ff73a94989141e563df4a7c784a9e67147cdc6b4f7dfd52e6eb8963ecff60f9b8d880eb27ed2722aa9a1cf3786ee4a74c453f4632a4756cd3f8f6b8a0b48ca31071b7687813253a6a93c38e378205fa0f1f902ebf4831d0064caeca518e89a9d45a1bce7248f3bb1f98f708a6a414686291c52dd9ef05b876089bc63bff384ff2cba32cd577b431092a0ca7bd93fda78d81d730604fa4431be55689c6ed98e9f1c0b12e3a3f1d1d3913302622a66e2ece288f85bc66cd994b76ef0a60e03d25581b590a2193dce41cedb8b4ea65a6bfa53f1035a705141f72bbdec891db435feedc26a64ddf9385969584dc981f9c00c92c1994f8957d04ac2f66f827e136bdcad41949a27992666514b96fe66e070e713c2e34fcb2291c755eb5d3208e69cf8225165a20cb58518e9686388f1a817e0db014db8dfb95613aa8b7f3fd82f81fcf7843fcff45dcb1730ac124f04f15d185e97ba2caa7b231fcb3fea067679cf0cce1037ac790e5f4e8d519db85534b09d1d5362f979c98fd2a6814d76e2d620d07c2a493f492a10c9cd87f1bb723366d425c9bb7e48337f6eac7edd4ae0d527f495930e3651838c8d1dc1818987bdae993e04c5cc6a17f31c01b6de8ad71e75047c3b48419b93470c24703b404d1b9fb9149726ba372a73931bfe35afdc285feff933a68304807b1a5f9f4e9cd91a78cd0dfe568792ceee1130ca8e3705d77e0508bcf8e1f527f3a3d32dcf9836d5c08dfd920cdcab848cd9e231671922bbdbec2981ac524c21aefd69c41e8fd910e958c5b7371fb41d546dd08352ab3a59fc097a1e558f13aab893729f65122ba49076761a8e2e433c754d52c1a7e53a9c045d8c08e04341c8d1611372066faf5deb16da95c42f8c4f3cce06238f6daf64d03d262b06e0cbecf3397475b8d3652c4be523708d7387a0f850583911fd033c656def9b503cb19bd929abe561566a3f7618ee987e02b96e83f1570a679a71215af43afbebe95ca6c8ecab714149cc1da49e21ce18e631f71aa896e0d3fb34d21bcb7446647d367b3a0534e6790fefb6a1370c6d3aab7e48b23a70c73cbc7667ba95d920e2f97963a17f44332db99ee7c3618d0117be4dcfbbaa12c3d3de9b082a42438d3425197ac55ab46d800d748db62fdd2ddc1ca38e19d9ba554d3b430e0fd61b301b1418ec76bec61d4cd3a4fa668fca136ddee7e4f47a8ae121e32597813db80bb4b5c76aa2c798e9bf0ec5aa83171f6f57ac65d390264c71a50e564c560d683f37d1e4116726366aac8016c645ab3e73e3e59922ff9ec5f3b59103e6294269634081d052b729fc6b8916ef6155c305a9c8fbb8d5bba56896ebd8d03a4c45282544f81119bd1042f5c2bccf22bf78479cf565b2ec796f6ef9e82320ecee21c96a0e611142c0e82f879c462e9aa640942fc5adb1b5eae78311315ae516ab36ca1ba38b2e0ad5cffcf250c4792401f9999eed4d106c7fa23523bd04d713ec409cd542b35295dbe01b4d0421fa3ac23fda69486c508c0ee158ea1c5c36d37caf6284b0e09c1fa8787809f22656bcdc1dd571b8ade307fea689555551ab22006f4bc3f56205da87c7a7597958b9e6257ed0c4e7603a544384f8ff03e2caa096ad99cbc2a4cd14d0faeb6a017f1f3fa51cc49f5eecee397f38a98815e6da12d0bfc99402f78f52b6713e2a05e135945da05df89184be469f09eaa450c3b2f3bee2cce5ed09c38936cf186f069b35bb5026daed54d0474de7c434d26372219f60e5a34d7cc051a625ede527cd4d506bd2119257de95010993182140859f82940896dce46c76498bde96cce5689c995b2e99ce491d5cfab2fc2dd9638cc2e5d4183bf485884af3d9592b14776c89227cb20d0fb5bc74aa6c3d71c0ef4838f4150637863ee67ee88b9142c8d2f90c12d70b891c9d2f2e284f59193fb5c5688e1151b53db76b3210848743dab60ef3396f848d7063824331c1859a8b7b371560e428680b05ea00db00aef8f2790d776f80cf74da75e86532e7ed8b4f38a6448e2f16c04cdfb477d865f84556f55cb9e040a29ad33773e9db84cc4053600e2b79b6d115ab11ae59ef610d38f3aab3156e350bdd52249152dc54b08341bd7e5de78bc8b96512be39e2af731d2ee0537938674b9e59873316e35045eae19ab8d13479ae3c75d2d8aee8b9338f84ab567400d8580d40a4e0254c0430472cb7bd38d6e5a157bf13412f75b7c23f239c205ce4a54d60d8e9ea3a366c48c724fc9a8c76109d7b781e16cdb66a556df95d3577d39b569a674bec9834d2721554f92cdf22be0ed5a4bf295e39fe1e550b8f793f8d8f0aea542b047c9e9026bd6697bbe60725b02063b317d4d80da1a0e78f9d3150232302d253713b8ce9e107e30fd5434bec3032f98a568585db5f6694425ffd006a4ceb32058c977ed70c819aab4708dce0afee5ec99979c4624c7499cdb8c7129e35a1da9272e8ad33e60637f68c7eb605e2a5a914c85f67ad4e9bee423c9e9c8da78c59c4fead7361e71ca644c62d8c082715335c7ec36899c28314e77cee65911a0b34065797f587c21d34d46e0968bfba24f32daea3ae82d449b73352f3f3270c7b4514e4887c5d7bf712860e42fb448bf1ad55aa3ce15b5a2deff249eaf848222fd256b318d7498377ae7ffdb80cdc31337fd3c2352312683efbbc96c63a5057dc1ec21c2410362cf8b998525f14a6cbff70dc75f855f8bb3b34d321de62b933bfd62027c140167e629030c79247565ba941b9d25ac71e2caadadc1be81b56754cd028b97ed4def49f1b5aabed0e52208aa39e379c1c051ae638a89f8177606e2051e00ccb3a49fcd7f0d1e219ab3b0740a6c5934ee85c2bd87f456efcfe867abc1a917afa4654389ed49486cbcdb24ef46c0d3cd7136ca63e1202fda76d2ea3fa4ca6465a4735da16e32312f5a536a7c51de26046f802c0b6c8e8e9dd3f739c0c4885808bf85f05150735903a7fbce0728e044ec637ef7baad7650047aa47e3e478e16b8e8d26453bc7a7c37d64a6849702ab059bd10ad9072204f3fd9164e971d75ff80e3a545a95f6b9f46cacdca817ef5ff192dcd3754f94d9f436046106a3e85a17ab659dc0e037ce5f97eeff35acddecedde2c968478bfc5a79b2d9ef0c2f52e51062d393480a406bc3da6292c1a0cf986f37df233002f959a387d193d75b5a81ad62d43c3807ef48fa6a62781d2d368b4e4d8dbeae4668e03323ccf3ed99418002038ca640ee85488b9e82eb973477016ffd6a6bbcde033918735199e81f9f8a5bbae20ee40e95a0ada881d1c01c3e51f0abc93aa73e39bea2593dad8815890cb0d79df09f7ac5466a0e22119452111e4e73846fbf45744d32dc827493a368cb2c1271f0c21ee9d928c4fd15c1640f7a4d4274faa5a224396280f7eb2b99e5943fa2394280edc900e5cbd4b89dd9e8603a7910e9d11c949ace894b858ed2bd3e86def57ca87d6a21cf07b9052b4f89396f906bfcaafd281b958e0112f07029105c428b00d32f7bc7eb3775ed17096b763741996782f3c3accf68efe064bdc291d9729a9eaec9881f4afdf4818ad512aa070cee87ef7539fd2f160dae757f2fb2af5fb563d7a142e204b8998797f926773c83f64743eeb033da4105e7b899b01efebdecb45d6278c21a0d956a4411f3195c2c1c80726e989db823bf63d6ee1cfb05954b96b9b45c6b596609a1a7f47ebdeb36aa5b8883d1b5064265cde33d79b0c2b3b71e4cf88de0fa1e0161cb5487363c52ece5d1f24ec4500bbf3cba8bd8651ec0a01668e7d35393b5fb643d09cffa03bfde34af0f6c56d4dd05958d2621e11fb079723a44759832ca4752ae6f1799a1f5d6a02a2edd6e9c6375e74cb95642123204cfb925796ff1dff65a931b3082dd7cf02b82f37ebba0f1861d0a9cf8ec69ec9732b6ee831a779d33715f5abcebbf96b9ff97fc68cb7f911e5ec010869", 0x1000, 0x8, 0x0, 0x3}])
r18 = bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff54, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000001c0)='mm_vmscan_write_folio\x00', r18, 0x0, 0x80}, 0x18)

0s ago: executing program 0 (id=1835):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1, 0x0, 0x200000000000006}, 0x18)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a61, 0x5, 0x7fffffff, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r2 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$selinux_access(r2, &(0x7f00000004c0)=ANY=[], 0x56)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
socket(0x1e, 0x4, 0x0)
clock_gettime(0x0, &(0x7f0000000b80))

kernel console output (not intermixed with test programs):

7.037537][ T6290] total_workingset_refault_anon 15
[   77.043547][ T6290] total_workingset_refault_file 0
[   77.043588][ T6290] total_swap 221184
[   77.043595][ T6290] total_swapcached 0
[   77.043602][ T6290] total_pgpgin 68091
[   77.043609][ T6290] total_pgpgout 68091
[   77.043616][ T6290] total_pgfault 47515
[   77.043624][ T6290] total_pgmajfault 7
[   77.043632][ T6290] total_inactive_anon 0
[   77.043640][ T6290] total_active_anon 0
[   77.043647][ T6290] total_inactive_file 0
[   77.043664][ T6290] total_active_file 0
[   77.043670][ T6290] total_unevictable 0
[   77.043677][ T6290] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.984,pid=6290,uid=0
[   77.043864][ T6290] Memory cgroup out of memory: Killed process 6290 (syz.5.984) total-vm:93884kB, anon-rss:1044kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[   77.077016][ T6352] loop3: detected capacity change from 0 to 1024
[   77.077384][ T6352] EXT4-fs: Invalid commit interval 67108867, must be smaller than 21474836
[   77.095339][ T6352] loop3: detected capacity change from 0 to 512
[   77.095759][ T6352] EXT4-fs: Ignoring removed nomblk_io_submit option
[   77.117271][ T6350] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   77.117296][ T6350] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   77.147288][ T6352] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.147423][ T6352] ext4 filesystem being mounted at /215/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   77.216464][ T6356] netem: change failed
[   77.216846][ T6356] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm +}[@: iget: bad i_size value: 2533274857506816
[   77.216950][   T29] kauditd_printk_skb: 172 callbacks suppressed
[   77.216961][   T29] audit: type=1400 audit(1750393642.505:3263): avc:  denied  { ioctl } for  pid=6351 comm="+}[@" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   77.243208][   T29] audit: type=1400 audit(1750393642.535:3264): avc:  denied  { setopt } for  pid=6359 comm="syz.2.1022" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[   77.243726][   T29] audit: type=1326 audit(1750393642.535:3265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6359 comm="syz.2.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200a63e929 code=0x7ffc0000
[   77.245929][   T29] audit: type=1326 audit(1750393642.535:3266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6359 comm="syz.2.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7f200a63e929 code=0x7ffc0000
[   77.258428][ T6362] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   77.318769][   T29] audit: type=1326 audit(1750393642.585:3267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6359 comm="syz.2.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200a63e929 code=0x7ffc0000
[   77.322477][ T6362] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   77.419081][   T29] audit: type=1326 audit(1750393642.715:3268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6359 comm="syz.2.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f200a63e929 code=0x7ffc0000
[   77.565929][   T29] audit: type=1326 audit(1750393642.715:3269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6359 comm="syz.2.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200a63e929 code=0x7ffc0000
[   77.592838][   T29] audit: type=1326 audit(1750393642.715:3270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6359 comm="syz.2.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200a63e929 code=0x7ffc0000
[   77.694099][ T6366] loop4: detected capacity change from 0 to 1024
[   77.698953][   T29] audit: type=1326 audit(1750393642.865:3271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6359 comm="syz.2.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f200a63e929 code=0x7ffc0000
[   77.727722][   T29] audit: type=1326 audit(1750393642.865:3272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6359 comm="syz.2.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200a63e929 code=0x7ffc0000
[   77.761413][ T6366] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.804215][ T6374] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6374 comm=syz.0.1017
[   77.818067][ T6374] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=8 sclass=netlink_audit_socket pid=6374 comm=syz.0.1017
[   77.834962][ T6366] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 433:freeing already freed block (bit 27); block bitmap corrupt.
[   77.914633][ T6366] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[   77.927566][ T6366] EXT4-fs (loop4): This should not happen!! Data will be lost
[   77.927566][ T6366] 
[   77.938469][ T6366] EXT4-fs (loop4): Total free blocks count 0
[   77.947770][ T6366] EXT4-fs (loop4): Free/Dirty block details
[   77.954122][ T6366] EXT4-fs (loop4): free_blocks=16
[   77.959241][ T6366] EXT4-fs (loop4): dirty_blocks=0
[   77.964982][ T6366] EXT4-fs (loop4): Block reservation details
[   77.972250][ T6366] EXT4-fs (loop4): i_reserved_data_blocks=0
[   77.989791][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.030139][ T6386] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   78.040124][ T6386] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   78.062050][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.102891][ T6388] __nla_validate_parse: 83 callbacks suppressed
[   78.102907][ T6388] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1024'.
[   78.120921][ T6388] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1024'.
[   78.128930][ T6394] loop4: detected capacity change from 0 to 1764
[   78.140165][ T6388] loop2: detected capacity change from 0 to 2048
[   78.179129][ T6388] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.238291][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.341329][ T6407] wg2: entered promiscuous mode
[   78.346796][ T6407] wg2: entered allmulticast mode
[   78.366398][ T6405] loop2: detected capacity change from 0 to 8192
[   78.418908][ T6405]  loop2: p1 p2 p4
[   78.433699][ T6405] loop2: p1 size 65536 extends beyond EOD, truncated
[   78.459600][ T6405] loop2: p2 start 861536256 is beyond EOD, truncated
[   78.467960][ T6405] loop2: p4 size 65536 extends beyond EOD, truncated
[   78.530854][ T6416] SELinux: syz.0.1035 (6416) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   78.557864][ T6424] loop3: detected capacity change from 0 to 1024
[   78.593417][ T6424] EXT4-fs: Ignoring removed orlov option
[   78.624676][ T6424] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.811647][ T6449] atomic_op ffff888119df8928 conn xmit_atomic 0000000000000000
[   79.047660][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.114857][ T6469] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   79.123601][ T6469] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   79.138696][   T30] oom_reaper: reaped process 6290 (syz.5.984), now anon-rss:16kB, file-rss:21324kB, shmem-rss:0kB
[   79.297830][ T6478] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   79.307848][ T6478] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   79.389187][ T6486] FAULT_INJECTION: forcing a failure.
[   79.389187][ T6486] name failslab, interval 1, probability 0, space 0, times 0
[   79.402849][ T6486] CPU: 0 UID: 0 PID: 6486 Comm: syz.3.1064 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[   79.402881][ T6486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   79.402895][ T6486] Call Trace:
[   79.402903][ T6486]  <TASK>
[   79.402913][ T6486]  __dump_stack+0x1d/0x30
[   79.402964][ T6486]  dump_stack_lvl+0xe8/0x140
[   79.402981][ T6486]  dump_stack+0x15/0x1b
[   79.402998][ T6486]  should_fail_ex+0x265/0x280
[   79.403057][ T6486]  ? sctp_add_bind_addr+0x71/0x1e0
[   79.403148][ T6486]  should_failslab+0x8c/0xb0
[   79.403173][ T6486]  __kmalloc_cache_noprof+0x4c/0x320
[   79.403258][ T6486]  sctp_add_bind_addr+0x71/0x1e0
[   79.403283][ T6486]  sctp_copy_local_addr_list+0x199/0x220
[   79.403311][ T6486]  sctp_copy_one_addr+0x7f/0x280
[   79.403333][ T6486]  sctp_bind_addr_copy+0x79/0x290
[   79.403390][ T6486]  sctp_assoc_set_bind_addr_from_ep+0xce/0xe0
[   79.403425][ T6486]  sctp_connect_new_asoc+0x1c3/0x3a0
[   79.403452][ T6486]  sctp_sendmsg+0xf10/0x18d0
[   79.403514][ T6486]  ? selinux_socket_sendmsg+0xd1/0x1b0
[   79.403550][ T6486]  ? __pfx_sctp_sendmsg+0x10/0x10
[   79.403637][ T6486]  inet_sendmsg+0xc2/0xd0
[   79.403654][ T6486]  __sock_sendmsg+0x102/0x180
[   79.403676][ T6486]  ____sys_sendmsg+0x345/0x4e0
[   79.403743][ T6486]  ___sys_sendmsg+0x17b/0x1d0
[   79.403827][ T6486]  __sys_sendmmsg+0x178/0x300
[   79.403855][ T6486]  __x64_sys_sendmmsg+0x57/0x70
[   79.403874][ T6486]  x64_sys_call+0x2f2f/0x2fb0
[   79.403918][ T6486]  do_syscall_64+0xd2/0x200
[   79.403934][ T6486]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   79.403967][ T6486]  ? clear_bhb_loop+0x40/0x90
[   79.403989][ T6486]  ? clear_bhb_loop+0x40/0x90
[   79.404013][ T6486]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.404036][ T6486] RIP: 0033:0x7f9636ffe929
[   79.404050][ T6486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.404065][ T6486] RSP: 002b:00007f9635667038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   79.404088][ T6486] RAX: ffffffffffffffda RBX: 00007f9637225fa0 RCX: 00007f9636ffe929
[   79.404099][ T6486] RDX: 0000000000000002 RSI: 0000200000000880 RDI: 0000000000000003
[   79.404109][ T6486] RBP: 00007f9635667090 R08: 0000000000000000 R09: 0000000000000000
[   79.404120][ T6486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   79.404132][ T6486] R13: 0000000000000000 R14: 00007f9637225fa0 R15: 00007ffc496bf258
[   79.404152][ T6486]  </TASK>
[   79.797895][ T6507] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   79.808107][ T6507] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   79.822065][ T6505] netlink: 388 bytes leftover after parsing attributes in process `syz.2.1070'.
[   79.858471][ T6512] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   79.866795][ T6512] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   80.000934][ T6514] loop2: detected capacity change from 0 to 256
[   80.018396][ T6514] FAT-fs (loop2): Directory bread(block 64) failed
[   80.025941][ T6514] FAT-fs (loop2): Directory bread(block 65) failed
[   80.034152][ T6514] FAT-fs (loop2): Directory bread(block 66) failed
[   80.041192][ T6514] FAT-fs (loop2): Directory bread(block 67) failed
[   80.048142][ T6514] FAT-fs (loop2): Directory bread(block 68) failed
[   80.056141][ T6514] FAT-fs (loop2): Directory bread(block 69) failed
[   80.062851][ T6514] FAT-fs (loop2): Directory bread(block 70) failed
[   80.070548][ T6514] FAT-fs (loop2): Directory bread(block 71) failed
[   80.077587][ T6514] FAT-fs (loop2): Directory bread(block 72) failed
[   80.084736][ T6514] FAT-fs (loop2): Directory bread(block 73) failed
[   80.105704][ T6514] bio_check_eod: 1702 callbacks suppressed
[   80.105724][ T6514] syz.2.1075: attempt to access beyond end of device
[   80.105724][ T6514] loop2: rw=524288, sector=1800, nr_sectors = 20 limit=256
[   80.128272][ T6514] syz.2.1075: attempt to access beyond end of device
[   80.128272][ T6514] loop2: rw=0, sector=1800, nr_sectors = 8 limit=256
[   80.228501][ T6526] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6526 comm=syz.4.1081
[   80.241924][ T6526] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6526 comm=syz.4.1081
[   80.505492][ T6536] loop2: detected capacity change from 0 to 2048
[   80.523989][ T6536] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   80.646746][ T6540] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   80.665203][ T6540] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1830 with error 28
[   80.678230][ T6540] EXT4-fs (loop2): This should not happen!! Data will be lost
[   80.678230][ T6540] 
[   80.688017][ T6540] EXT4-fs (loop2): Total free blocks count 0
[   80.694997][ T6540] EXT4-fs (loop2): Free/Dirty block details
[   80.701334][ T6540] EXT4-fs (loop2): free_blocks=2415919104
[   80.707157][ T6540] EXT4-fs (loop2): dirty_blocks=1840
[   80.712717][ T6540] EXT4-fs (loop2): Block reservation details
[   80.718804][ T6540] EXT4-fs (loop2): i_reserved_data_blocks=115
[   80.752262][ T6546] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   80.762524][ T6546] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   80.787668][ T6547] IPv6: sit1: Disabled Multicast RS
[   81.375126][ T6555] netlink: 'syz.4.1088': attribute type 3 has an invalid length.
[   81.411222][ T6555] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   81.426467][   T31] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[   81.465365][ T6562] loop3: detected capacity change from 0 to 1024
[   81.484889][ T6562] EXT4-fs: Ignoring removed orlov option
[   81.509369][ T6562] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.594353][ T6570] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6570 comm=syz.2.1092
[   81.607214][ T6570] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=8 sclass=netlink_audit_socket pid=6570 comm=syz.2.1092
[   81.755238][ T6574] loop2: detected capacity change from 0 to 8192
[   81.825850][ T6574]  loop2: p1 p2 p4
[   81.832490][ T6574] loop2: p1 size 65536 extends beyond EOD, truncated
[   81.850269][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.855204][ T6574] loop2: p2 start 861536256 is beyond EOD, truncated
[   81.867110][ T6574] loop2: p4 size 65536 extends beyond EOD, truncated
[   82.036120][ T6595] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6595 comm=syz.2.1105
[   82.048810][ T6595] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=8 sclass=netlink_audit_socket pid=6595 comm=syz.2.1105
[   82.064047][ T6594] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   82.072671][ T6594] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   82.232552][   T29] kauditd_printk_skb: 450 callbacks suppressed
[   82.232569][   T29] audit: type=1326 audit(1750393647.515:3723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6600 comm="syz.4.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5653ece929 code=0x7ffc0000
[   82.262674][   T29] audit: type=1326 audit(1750393647.525:3724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6600 comm="syz.4.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5653ece929 code=0x7ffc0000
[   82.329083][   T29] audit: type=1326 audit(1750393647.595:3725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6602 comm="syz.2.1107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200a63e929 code=0x7ffc0000
[   82.353012][   T29] audit: type=1326 audit(1750393647.595:3726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6602 comm="syz.2.1107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200a63e929 code=0x7ffc0000
[   82.377337][   T29] audit: type=1326 audit(1750393647.595:3727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6602 comm="syz.2.1107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f200a63e929 code=0x7ffc0000
[   82.401666][   T29] audit: type=1326 audit(1750393647.595:3728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6602 comm="syz.2.1107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200a63e929 code=0x7ffc0000
[   82.427380][   T29] audit: type=1326 audit(1750393647.595:3729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6602 comm="syz.2.1107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200a63e929 code=0x7ffc0000
[   82.451610][   T29] audit: type=1326 audit(1750393647.595:3730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6602 comm="syz.2.1107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f200a63e929 code=0x7ffc0000
[   82.475964][   T29] audit: type=1326 audit(1750393647.595:3731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6602 comm="syz.2.1107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200a63e929 code=0x7ffc0000
[   82.501569][   T29] audit: type=1326 audit(1750393647.595:3732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6602 comm="syz.2.1107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200a63e929 code=0x7ffc0000
[   82.605681][ T6609] loop2: detected capacity change from 0 to 256
[   82.715132][ T6624] loop4: detected capacity change from 0 to 1024
[   82.732335][ T6624] EXT4-fs: Ignoring removed i_version option
[   82.744711][ T6624] EXT4-fs: Ignoring removed mblk_io_submit option
[   82.754341][ T6624] EXT4-fs: Ignoring removed nobh option
[   82.760773][ T6624] EXT4-fs: Ignoring removed bh option
[   82.768613][ T6628] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   82.777589][ T6628] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   82.802427][ T6624] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.891777][ T6624] FAULT_INJECTION: forcing a failure.
[   82.891777][ T6624] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   82.906302][ T6624] CPU: 0 UID: 0 PID: 6624 Comm: syz.4.1115 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[   82.906330][ T6624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   82.906341][ T6624] Call Trace:
[   82.906348][ T6624]  <TASK>
[   82.906356][ T6624]  __dump_stack+0x1d/0x30
[   82.906379][ T6624]  dump_stack_lvl+0xe8/0x140
[   82.906395][ T6624]  dump_stack+0x15/0x1b
[   82.906423][ T6624]  should_fail_ex+0x265/0x280
[   82.906450][ T6624]  should_fail+0xb/0x20
[   82.906479][ T6624]  should_fail_usercopy+0x1a/0x20
[   82.906519][ T6624]  _copy_to_user+0x20/0xa0
[   82.906539][ T6624]  ethtool_get_one_feature+0x19a/0x1f0
[   82.906565][ T6624]  dev_ethtool+0x128a/0x1650
[   82.906587][ T6624]  ? full_name_hash+0x92/0xe0
[   82.906615][ T6624]  dev_ioctl+0x2e0/0x960
[   82.906713][ T6624]  sock_do_ioctl+0x197/0x220
[   82.906786][ T6624]  sock_ioctl+0x41b/0x610
[   82.906809][ T6624]  ? __pfx_sock_ioctl+0x10/0x10
[   82.906829][ T6624]  __se_sys_ioctl+0xce/0x140
[   82.906930][ T6624]  __x64_sys_ioctl+0x43/0x50
[   82.906955][ T6624]  x64_sys_call+0x19a8/0x2fb0
[   82.907051][ T6624]  do_syscall_64+0xd2/0x200
[   82.907068][ T6624]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   82.907154][ T6624]  ? clear_bhb_loop+0x40/0x90
[   82.907172][ T6624]  ? clear_bhb_loop+0x40/0x90
[   82.907190][ T6624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.907212][ T6624] RIP: 0033:0x7f5653ece929
[   82.907228][ T6624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.907401][ T6624] RSP: 002b:00007f5652537038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   82.907419][ T6624] RAX: ffffffffffffffda RBX: 00007f56540f5fa0 RCX: 00007f5653ece929
[   82.907431][ T6624] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 0000000000000015
[   82.907442][ T6624] RBP: 00007f5652537090 R08: 0000000000000000 R09: 0000000000000000
[   82.907610][ T6624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   82.907624][ T6624] R13: 0000000000000000 R14: 00007f56540f5fa0 R15: 00007ffe0926f878
[   82.907642][ T6624]  </TASK>
[   83.224163][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.969814][ T6673] loop3: detected capacity change from 0 to 1024
[   84.022731][ T6673] EXT4-fs: Ignoring removed nomblk_io_submit option
[   84.097601][ T6673] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.183093][ T6673] EXT4-fs error (device loop3): __ext4_remount:6736: comm syz.3.1135: Abort forced by user
[   84.212877][ T6673] EXT4-fs (loop3): Remounting filesystem read-only
[   84.219523][ T6673] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[   84.292877][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.327542][ T6683] loop2: detected capacity change from 0 to 8192
[   84.381050][ T6683]  loop2: p1 p2 p4
[   84.386827][ T6683] loop2: p1 size 65536 extends beyond EOD, truncated
[   84.413408][ T6683] loop2: p2 start 861536256 is beyond EOD, truncated
[   84.422770][ T6683] loop2: p4 size 65536 extends beyond EOD, truncated
[   84.577548][ T6693] loop2: detected capacity change from 0 to 1024
[   84.622366][ T6693] EXT4-fs: Ignoring removed orlov option
[   84.648002][ T6693] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.967786][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.985011][ T6709] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   84.997233][ T6709] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   85.035015][ T6715] loop3: detected capacity change from 0 to 128
[   85.080636][ T6715] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   85.116706][ T6715] ext4 filesystem being mounted at /254/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   85.255405][ T3310] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   85.837744][ T6742] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   85.847914][ T6742] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   85.891316][ T6746] FAULT_INJECTION: forcing a failure.
[   85.891316][ T6746] name failslab, interval 1, probability 0, space 0, times 0
[   85.904134][ T6746] CPU: 0 UID: 0 PID: 6746 Comm: syz.3.1158 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[   85.904279][ T6746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   85.904291][ T6746] Call Trace:
[   85.904296][ T6746]  <TASK>
[   85.904303][ T6746]  __dump_stack+0x1d/0x30
[   85.904322][ T6746]  dump_stack_lvl+0xe8/0x140
[   85.904342][ T6746]  dump_stack+0x15/0x1b
[   85.904373][ T6746]  should_fail_ex+0x265/0x280
[   85.904400][ T6746]  should_failslab+0x8c/0xb0
[   85.904421][ T6746]  kmem_cache_alloc_noprof+0x50/0x310
[   85.904526][ T6746]  ? audit_log_start+0x365/0x6c0
[   85.904560][ T6746]  audit_log_start+0x365/0x6c0
[   85.904653][ T6746]  audit_seccomp+0x48/0x100
[   85.904678][ T6746]  ? __seccomp_filter+0x68c/0x10d0
[   85.904700][ T6746]  __seccomp_filter+0x69d/0x10d0
[   85.904726][ T6746]  ? _raw_spin_unlock_irq+0x26/0x50
[   85.904796][ T6746]  ? signal_setup_done+0x266/0x290
[   85.904848][ T6746]  ? xfd_validate_state+0x45/0xf0
[   85.904876][ T6746]  ? fpu__clear_user_states+0x63/0x1e0
[   85.904900][ T6746]  ? fpregs_mark_activate+0x66/0x140
[   85.904924][ T6746]  ? fpu__clear_user_states+0x63/0x1e0
[   85.904952][ T6746]  __secure_computing+0x82/0x150
[   85.904972][ T6746]  syscall_trace_enter+0xcf/0x1e0
[   85.905101][ T6746]  do_syscall_64+0xac/0x200
[   85.905123][ T6746]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   85.905147][ T6746]  ? clear_bhb_loop+0x40/0x90
[   85.905165][ T6746]  ? clear_bhb_loop+0x40/0x90
[   85.905183][ T6746]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.905249][ T6746] RIP: 0033:0x7f9636f9ab19
[   85.905274][ T6746] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[   85.905295][ T6746] RSP: 002b:00007f9635666a80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[   85.905314][ T6746] RAX: ffffffffffffffda RBX: 00007f9637225fa0 RCX: 00007f9636f9ab19
[   85.905326][ T6746] RDX: 00007f9635666a80 RSI: 00007f9635666bb0 RDI: 0000000000000021
[   85.905339][ T6746] RBP: 00007f9635667090 R08: 0000000000000000 R09: 0000000000000000
[   85.905380][ T6746] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[   85.905393][ T6746] R13: 0000000000000000 R14: 00007f9637225fa0 R15: 00007ffc496bf258
[   85.905412][ T6746]  </TASK>
[   86.535700][ T6779] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1179'.
[   86.581906][ T6781] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   86.592095][ T6781] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   86.622175][ T6785] loop4: detected capacity change from 0 to 1024
[   86.645823][ T6785] EXT4-fs: Ignoring removed orlov option
[   86.667674][ T6785] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.722215][ T6791] loop3: detected capacity change from 0 to 256
[   86.795893][ T6800] atomic_op ffff8881289c5d28 conn xmit_atomic 0000000000000000
[   86.900018][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.931170][ T6802] loop5: detected capacity change from 0 to 256
[   86.967999][ T6802] FAT-fs (loop5): Directory bread(block 64) failed
[   86.987537][ T6802] FAT-fs (loop5): Directory bread(block 65) failed
[   86.996644][ T6802] FAT-fs (loop5): Directory bread(block 66) failed
[   87.027577][ T6802] FAT-fs (loop5): Directory bread(block 67) failed
[   87.044604][ T6802] FAT-fs (loop5): Directory bread(block 68) failed
[   87.053741][ T6802] FAT-fs (loop5): Directory bread(block 69) failed
[   87.062537][ T6802] FAT-fs (loop5): Directory bread(block 70) failed
[   87.084288][ T6802] FAT-fs (loop5): Directory bread(block 71) failed
[   87.134550][ T6802] FAT-fs (loop5): Directory bread(block 72) failed
[   87.144363][ T6802] FAT-fs (loop5): Directory bread(block 73) failed
[   87.158105][ T6802] syz.5.1188: attempt to access beyond end of device
[   87.158105][ T6802] loop5: rw=524288, sector=1800, nr_sectors = 20 limit=256
[   87.177077][ T6817] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   87.187668][ T6817] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   87.225943][ T6802] syz.5.1188: attempt to access beyond end of device
[   87.225943][ T6802] loop5: rw=0, sector=1800, nr_sectors = 8 limit=256
[   87.245473][   T29] kauditd_printk_skb: 380 callbacks suppressed
[   87.245486][   T29] audit: type=1326 audit(2000000000.709:4111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6814 comm="syz.4.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5653ece929 code=0x7ffc0000
[   87.300644][   T29] audit: type=1326 audit(2000000000.769:4112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6814 comm="syz.4.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5653ece929 code=0x7ffc0000
[   87.326111][   T29] audit: type=1326 audit(2000000000.769:4113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6814 comm="syz.4.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5653ece929 code=0x7ffc0000
[   87.376976][ T6824] loop4: detected capacity change from 0 to 128
[   87.422082][   T29] audit: type=1326 audit(2000000000.879:4114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6828 comm="syz.5.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[   87.447043][   T29] audit: type=1326 audit(2000000000.879:4115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6828 comm="syz.5.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[   87.471881][   T29] audit: type=1326 audit(2000000000.879:4116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6828 comm="syz.5.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[   87.496091][   T29] audit: type=1326 audit(2000000000.879:4117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6828 comm="syz.5.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[   87.521756][   T29] audit: type=1326 audit(2000000000.879:4118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6828 comm="syz.5.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[   87.547858][   T29] audit: type=1326 audit(2000000000.879:4119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6828 comm="syz.5.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[   87.572277][   T29] audit: type=1326 audit(2000000000.879:4120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6828 comm="syz.5.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[   87.597658][ T6829] loop5: detected capacity change from 0 to 1024
[   87.608129][ T6829] EXT4-fs: Ignoring removed orlov option
[   87.622101][ T6831] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1200'.
[   87.633078][ T6824] syz.4.1198: attempt to access beyond end of device
[   87.633078][ T6824] loop4: rw=0, sector=121, nr_sectors = 120 limit=128
[   87.658050][   T31] kworker/u8:1: attempt to access beyond end of device
[   87.658050][   T31] loop4: rw=1, sector=241, nr_sectors = 800 limit=128
[   87.695528][ T6829] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.744750][ T6831] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1200'.
[   87.844719][ T6841] atomic_op ffff888119dfbd28 conn xmit_atomic 0000000000000000
[   87.923750][ T6848] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   87.936866][ T6848] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   88.028994][ T6853] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1208'.
[   88.050832][ T3764] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.121499][ T6859] netlink: 168 bytes leftover after parsing attributes in process `syz.5.1210'.
[   88.145162][ T6859] C: renamed from team_slave_0 (while UP)
[   88.283237][ T6867] FAULT_INJECTION: forcing a failure.
[   88.283237][ T6867] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   88.296729][ T6867] CPU: 0 UID: 0 PID: 6867 Comm: syz.5.1214 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[   88.296801][ T6867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   88.296814][ T6867] Call Trace:
[   88.296821][ T6867]  <TASK>
[   88.296830][ T6867]  __dump_stack+0x1d/0x30
[   88.296850][ T6867]  dump_stack_lvl+0xe8/0x140
[   88.296866][ T6867]  dump_stack+0x15/0x1b
[   88.296880][ T6867]  should_fail_ex+0x265/0x280
[   88.296961][ T6867]  should_fail+0xb/0x20
[   88.296983][ T6867]  should_fail_usercopy+0x1a/0x20
[   88.297016][ T6867]  _copy_to_user+0x20/0xa0
[   88.297037][ T6867]  copy_siginfo_to_user+0x22/0xb0
[   88.297131][ T6867]  x64_setup_rt_frame+0x2b5/0x580
[   88.297150][ T6867]  arch_do_signal_or_restart+0x27c/0x480
[   88.297171][ T6867]  exit_to_user_mode_loop+0x7a/0x100
[   88.297192][ T6867]  do_syscall_64+0x1d6/0x200
[   88.297210][ T6867]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   88.297232][ T6867]  ? clear_bhb_loop+0x40/0x90
[   88.297250][ T6867]  ? clear_bhb_loop+0x40/0x90
[   88.297269][ T6867]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.297349][ T6867] RIP: 0033:0x7fcb686ce927
[   88.297363][ T6867] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[   88.297378][ T6867] RSP: 002b:00007fcb66d37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[   88.297398][ T6867] RAX: 0000000000000013 RBX: 00007fcb688f5fa0 RCX: 00007fcb686ce929
[   88.297410][ T6867] RDX: 0000000000000001 RSI: 00002000000003c0 RDI: 0000000000000003
[   88.297420][ T6867] RBP: 00007fcb66d37090 R08: 0000000000000000 R09: 0000000000000000
[   88.297444][ T6867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   88.297454][ T6867] R13: 0000000000000000 R14: 00007fcb688f5fa0 R15: 00007ffc36eb2848
[   88.297469][ T6867]  </TASK>
[   88.549966][ T6878] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1219'.
[   88.572218][ T6878] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1219'.
[   88.593377][ T6881] wg2: entered promiscuous mode
[   88.598364][ T6881] wg2: entered allmulticast mode
[   88.607505][ T6881] netlink: 'syz.0.1229': attribute type 32 has an invalid length.
[   88.616026][ T6881] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1229'.
[   88.650382][ T6884] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   88.660817][ T6884] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   88.679850][ T6887] loop4: detected capacity change from 0 to 1024
[   88.687326][ T6887] EXT4-fs: Ignoring removed orlov option
[   88.752135][ T6887] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.904746][ T6911] atomic_op ffff88811f185528 conn xmit_atomic 0000000000000000
[   88.977481][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.015995][ T6922] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1233'.
[   89.027140][ T6922] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1233'.
[   89.063720][ T6923] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   89.074605][ T6923] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   89.152423][ T6940] FAULT_INJECTION: forcing a failure.
[   89.152423][ T6940] name failslab, interval 1, probability 0, space 0, times 0
[   89.165397][ T6940] CPU: 1 UID: 0 PID: 6940 Comm: syz.0.1241 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[   89.165500][ T6940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   89.165592][ T6940] Call Trace:
[   89.165598][ T6940]  <TASK>
[   89.165605][ T6940]  __dump_stack+0x1d/0x30
[   89.165627][ T6940]  dump_stack_lvl+0xe8/0x140
[   89.165654][ T6940]  dump_stack+0x15/0x1b
[   89.165692][ T6940]  should_fail_ex+0x265/0x280
[   89.165721][ T6940]  should_failslab+0x8c/0xb0
[   89.165820][ T6940]  kmem_cache_alloc_noprof+0x50/0x310
[   89.165848][ T6940]  ? audit_log_start+0x365/0x6c0
[   89.165878][ T6940]  audit_log_start+0x365/0x6c0
[   89.165913][ T6940]  audit_seccomp+0x48/0x100
[   89.165958][ T6940]  ? __seccomp_filter+0x68c/0x10d0
[   89.165979][ T6940]  __seccomp_filter+0x69d/0x10d0
[   89.166007][ T6940]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   89.166099][ T6940]  ? vfs_write+0x75e/0x8e0
[   89.166129][ T6940]  ? __rcu_read_unlock+0x4f/0x70
[   89.166180][ T6940]  ? __fget_files+0x184/0x1c0
[   89.166203][ T6940]  __secure_computing+0x82/0x150
[   89.166226][ T6940]  syscall_trace_enter+0xcf/0x1e0
[   89.166302][ T6940]  do_syscall_64+0xac/0x200
[   89.166321][ T6940]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   89.166347][ T6940]  ? clear_bhb_loop+0x40/0x90
[   89.166424][ T6940]  ? clear_bhb_loop+0x40/0x90
[   89.166447][ T6940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.166468][ T6940] RIP: 0033:0x7fbba8aee929
[   89.166500][ T6940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.166556][ T6940] RSP: 002b:00007fbba7157038 EFLAGS: 00000246 ORIG_RAX: 000000000000013e
[   89.166572][ T6940] RAX: ffffffffffffffda RBX: 00007fbba8d15fa0 RCX: 00007fbba8aee929
[   89.166583][ T6940] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[   89.166594][ T6940] RBP: 00007fbba7157090 R08: 0000000000000000 R09: 0000000000000000
[   89.166604][ T6940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   89.166614][ T6940] R13: 0000000000000000 R14: 00007fbba8d15fa0 R15: 00007fff927af5f8
[   89.166633][ T6940]  </TASK>
[   89.497568][ T6946] loop4: detected capacity change from 0 to 256
[   89.513721][ T6946] FAT-fs (loop4): Directory bread(block 64) failed
[   89.521378][ T6946] FAT-fs (loop4): Directory bread(block 65) failed
[   89.528214][ T6946] FAT-fs (loop4): Directory bread(block 66) failed
[   89.557132][ T6946] FAT-fs (loop4): Directory bread(block 67) failed
[   89.576595][ T6946] FAT-fs (loop4): Directory bread(block 68) failed
[   89.584988][ T6946] FAT-fs (loop4): Directory bread(block 69) failed
[   89.592319][ T6946] FAT-fs (loop4): Directory bread(block 70) failed
[   89.604312][ T6946] FAT-fs (loop4): Directory bread(block 71) failed
[   89.620673][ T6946] FAT-fs (loop4): Directory bread(block 72) failed
[   89.630406][ T6946] FAT-fs (loop4): Directory bread(block 73) failed
[   89.657692][ T6946] syz.4.1242: attempt to access beyond end of device
[   89.657692][ T6946] loop4: rw=524288, sector=1800, nr_sectors = 20 limit=256
[   89.681966][ T6946] syz.4.1242: attempt to access beyond end of device
[   89.681966][ T6946] loop4: rw=0, sector=1800, nr_sectors = 8 limit=256
[   89.717767][ T6972] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=6972 comm=syz.0.1254
[   89.730466][ T6972] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2584 sclass=netlink_route_socket pid=6972 comm=syz.0.1254
[   89.743297][ T6972] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2569 sclass=netlink_route_socket pid=6972 comm=syz.0.1254
[   89.756298][ T6972] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2572 sclass=netlink_route_socket pid=6972 comm=syz.0.1254
[   89.769323][ T6972] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=6972 comm=syz.0.1254
[   89.782128][ T6972] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2572 sclass=netlink_route_socket pid=6972 comm=syz.0.1254
[   89.794903][ T6972] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2582 sclass=netlink_route_socket pid=6972 comm=syz.0.1254
[   89.807592][ T6972] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2571 sclass=netlink_route_socket pid=6972 comm=syz.0.1254
[   89.820358][ T6972] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2582 sclass=netlink_route_socket pid=6972 comm=syz.0.1254
[   89.823753][ T6977] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   89.841830][ T6977] batman_adv: batadv0: Removing interface: batadv_slave_0
[   89.866361][ T6976] dvmrp1: entered allmulticast mode
[   90.195224][ T6998] batman_adv: batadv0: Adding interface: dummy0
[   90.202070][ T6998] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.231662][ T6998] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[   90.266800][ T7010] loop3: detected capacity change from 0 to 256
[   90.287340][ T7010] FAT-fs (loop3): Directory bread(block 64) failed
[   90.295492][ T7010] FAT-fs (loop3): Directory bread(block 65) failed
[   90.316935][ T7017] loop2: detected capacity change from 0 to 512
[   90.325876][ T7010] FAT-fs (loop3): Directory bread(block 66) failed
[   90.339013][ T7010] FAT-fs (loop3): Directory bread(block 67) failed
[   90.346479][ T7010] FAT-fs (loop3): Directory bread(block 68) failed
[   90.353556][ T7010] FAT-fs (loop3): Directory bread(block 69) failed
[   90.360946][ T7010] FAT-fs (loop3): Directory bread(block 70) failed
[   90.368195][ T7010] FAT-fs (loop3): Directory bread(block 71) failed
[   90.375170][ T7010] FAT-fs (loop3): Directory bread(block 72) failed
[   90.384117][ T7010] FAT-fs (loop3): Directory bread(block 73) failed
[   90.402212][ T7017] EXT4-fs (loop2): 1 orphan inode deleted
[   90.408552][ T7017] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.421742][   T51] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1
[   90.451379][ T7017] ext4 filesystem being mounted at /281/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   90.462723][ T7010] syz.3.1269: attempt to access beyond end of device
[   90.462723][ T7010] loop3: rw=524288, sector=1800, nr_sectors = 20 limit=256
[   90.469673][ T7017] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.488737][ T7010] syz.3.1269: attempt to access beyond end of device
[   90.488737][ T7010] loop3: rw=0, sector=1800, nr_sectors = 8 limit=256
[   90.744642][ T7040] loop3: detected capacity change from 0 to 8192
[   90.779851][ T7040] netlink: 'syz.3.1279': attribute type 4 has an invalid length.
[   90.809402][ T7049] loop4: detected capacity change from 0 to 1024
[   90.816738][ T7049] EXT4-fs: Ignoring removed orlov option
[   90.851262][ T7049] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.875515][ T3310] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[   90.883557][ T3310] FAT-fs (loop3): Filesystem has been set read-only
[   90.915454][ T7055] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   90.925646][ T7055] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   91.039278][ T7059] atomic_op ffff88811a7e8528 conn xmit_atomic 0000000000000000
[   91.245028][ T7067] netlink: 'syz.0.1290': attribute type 1 has an invalid length.
[   91.279171][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.329557][ T7068] SELinux: security_context_str_to_sid (root) failed with errno=-22
[   91.392919][ T7075] FAULT_INJECTION: forcing a failure.
[   91.392919][ T7075] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   91.406744][ T7075] CPU: 0 UID: 0 PID: 7075 Comm: syz.4.1293 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[   91.406818][ T7075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   91.406829][ T7075] Call Trace:
[   91.406835][ T7075]  <TASK>
[   91.406848][ T7075]  __dump_stack+0x1d/0x30
[   91.406929][ T7075]  dump_stack_lvl+0xe8/0x140
[   91.406946][ T7075]  dump_stack+0x15/0x1b
[   91.406962][ T7075]  should_fail_ex+0x265/0x280
[   91.406995][ T7075]  should_fail+0xb/0x20
[   91.407031][ T7075]  should_fail_usercopy+0x1a/0x20
[   91.407120][ T7075]  _copy_from_user+0x1c/0xb0
[   91.407139][ T7075]  memdup_user+0x5e/0xd0
[   91.407184][ T7075]  proc_pid_attr_write+0x15e/0x220
[   91.407219][ T7075]  ? __pfx_proc_pid_attr_write+0x10/0x10
[   91.407252][ T7075]  vfs_write+0x269/0x8e0
[   91.407281][ T7075]  ? __rcu_read_unlock+0x4f/0x70
[   91.407386][ T7075]  ? __fget_files+0x184/0x1c0
[   91.407486][ T7075]  ksys_write+0xda/0x1a0
[   91.407501][ T7075]  __x64_sys_write+0x40/0x50
[   91.407533][ T7075]  x64_sys_call+0x2cdd/0x2fb0
[   91.407552][ T7075]  do_syscall_64+0xd2/0x200
[   91.407567][ T7075]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   91.407591][ T7075]  ? clear_bhb_loop+0x40/0x90
[   91.407625][ T7075]  ? clear_bhb_loop+0x40/0x90
[   91.407644][ T7075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.407667][ T7075] RIP: 0033:0x7f5653ece929
[   91.407681][ T7075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.407700][ T7075] RSP: 002b:00007f5652537038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   91.407745][ T7075] RAX: ffffffffffffffda RBX: 00007f56540f5fa0 RCX: 00007f5653ece929
[   91.407835][ T7075] RDX: 000000000000001d RSI: 0000200000000100 RDI: 0000000000000003
[   91.407851][ T7075] RBP: 00007f5652537090 R08: 0000000000000000 R09: 0000000000000000
[   91.407862][ T7075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.407872][ T7075] R13: 0000000000000000 R14: 00007f56540f5fa0 R15: 00007ffe0926f878
[   91.407889][ T7075]  </TASK>
[   91.688188][ T7084] FAULT_INJECTION: forcing a failure.
[   91.688188][ T7084] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   91.701812][ T7084] CPU: 1 UID: 0 PID: 7084 Comm: syz.4.1296 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[   91.701913][ T7084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   91.701924][ T7084] Call Trace:
[   91.701931][ T7084]  <TASK>
[   91.701938][ T7084]  __dump_stack+0x1d/0x30
[   91.702001][ T7084]  dump_stack_lvl+0xe8/0x140
[   91.702018][ T7084]  dump_stack+0x15/0x1b
[   91.702086][ T7084]  should_fail_ex+0x265/0x280
[   91.702114][ T7084]  should_fail_alloc_page+0xf2/0x100
[   91.702173][ T7084]  __alloc_frozen_pages_noprof+0xff/0x360
[   91.702204][ T7084]  alloc_pages_mpol+0xb3/0x250
[   91.702228][ T7084]  vma_alloc_folio_noprof+0x1aa/0x300
[   91.702343][ T7084]  handle_mm_fault+0xec2/0x2be0
[   91.702363][ T7084]  ? __rcu_read_unlock+0x4f/0x70
[   91.702391][ T7084]  do_user_addr_fault+0x3fe/0x1090
[   91.702458][ T7084]  exc_page_fault+0x62/0xa0
[   91.702530][ T7084]  asm_exc_page_fault+0x26/0x30
[   91.702547][ T7084] RIP: 0010:rep_movs_alternative+0x4a/0x90
[   91.702571][ T7084] Code: cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[   91.702614][ T7084] RSP: 0018:ffffc9000ee13d50 EFLAGS: 00050206
[   91.702627][ T7084] RAX: ffff888109579ad8 RBX: 0000000000001000 RCX: 0000000000000240
[   91.702638][ T7084] RDX: 0000000000000000 RSI: ffff88811a25adc0 RDI: 0000200000007000
[   91.702648][ T7084] RBP: ffff88811a25a000 R08: 00000000000006db R09: 0000000000000000
[   91.702684][ T7084] R10: 000188811a25a000 R11: 000188811a25afff R12: 0000200000007240
[   91.702704][ T7084] R13: 00007ffffffff000 R14: 0000200000006240 R15: ffff88811a25a000
[   91.702725][ T7084]  _copy_to_user+0x7c/0xa0
[   91.702747][ T7084]  pagemap_read+0x379/0x5e0
[   91.702850][ T7084]  ? __pfx_pagemap_read+0x10/0x10
[   91.702876][ T7084]  vfs_read+0x1a0/0x6f0
[   91.702901][ T7084]  ? __rcu_read_unlock+0x4f/0x70
[   91.702919][ T7084]  ? __fget_files+0x184/0x1c0
[   91.702961][ T7084]  __x64_sys_pread64+0xfd/0x150
[   91.702982][ T7084]  x64_sys_call+0x296d/0x2fb0
[   91.703001][ T7084]  do_syscall_64+0xd2/0x200
[   91.703016][ T7084]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   91.703071][ T7084]  ? clear_bhb_loop+0x40/0x90
[   91.703088][ T7084]  ? clear_bhb_loop+0x40/0x90
[   91.703106][ T7084]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.703139][ T7084] RIP: 0033:0x7f5653ece929
[   91.703154][ T7084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.703172][ T7084] RSP: 002b:00007f5652537038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[   91.703267][ T7084] RAX: ffffffffffffffda RBX: 00007f56540f5fa0 RCX: 00007f5653ece929
[   91.703280][ T7084] RDX: 0000000000200000 RSI: 0000200000001240 RDI: 0000000000000003
[   91.703292][ T7084] RBP: 00007f5652537090 R08: 0000000000000000 R09: 0000000000000000
[   91.703304][ T7084] R10: 0000000040000000 R11: 0000000000000246 R12: 0000000000000002
[   91.703317][ T7084] R13: 0000000000000000 R14: 00007f56540f5fa0 R15: 00007ffe0926f878
[   91.703335][ T7084]  </TASK>
[   92.080577][ T7091] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   92.092395][ T7091] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   92.131199][ T7093] loop2: detected capacity change from 0 to 256
[   92.171859][ T7093] FAT-fs (loop2): Directory bread(block 64) failed
[   92.187660][ T7093] FAT-fs (loop2): Directory bread(block 65) failed
[   92.199355][ T7093] FAT-fs (loop2): Directory bread(block 66) failed
[   92.236813][ T7093] FAT-fs (loop2): Directory bread(block 67) failed
[   92.247440][ T7093] FAT-fs (loop2): Directory bread(block 68) failed
[   92.268725][ T7093] FAT-fs (loop2): Directory bread(block 69) failed
[   92.275481][ T7093] FAT-fs (loop2): Directory bread(block 70) failed
[   92.298713][ T7093] FAT-fs (loop2): Directory bread(block 71) failed
[   92.305322][ T7093] FAT-fs (loop2): Directory bread(block 72) failed
[   92.318700][ T7093] FAT-fs (loop2): Directory bread(block 73) failed
[   92.325934][   T29] kauditd_printk_skb: 528 callbacks suppressed
[   92.325945][   T29] audit: type=1400 audit(2000000005.789:4646): avc:  denied  { setopt } for  pid=7107 comm="syz.4.1308" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   92.353995][ T7093] syz.2.1300: attempt to access beyond end of device
[   92.353995][ T7093] loop2: rw=524288, sector=1800, nr_sectors = 20 limit=256
[   92.378704][ T7093] syz.2.1300: attempt to access beyond end of device
[   92.378704][ T7093] loop2: rw=0, sector=1800, nr_sectors = 8 limit=256
[   92.449056][   T29] audit: type=1326 audit(2000000005.919:4647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7111 comm="syz.2.1309" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f200a63e929 code=0x0
[   92.547825][ T7113] ip6tnl1: entered allmulticast mode
[   92.622031][   T29] audit: type=1400 audit(2000000006.089:4648): avc:  denied  { load_policy } for  pid=7119 comm="syz.5.1304" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   92.660513][ T7120] SELinux: failed to load policy
[   92.681204][ T7120] pimreg: entered allmulticast mode
[   92.692779][ T7120] loop5: detected capacity change from 0 to 512
[   92.700021][ T7120] ext4: Unknown parameter 'subj_role'
[   92.709806][ T7120] pimreg: left allmulticast mode
[   92.763566][ T7120] loop5: detected capacity change from 0 to 512
[   92.781896][ T7120] EXT4-fs (loop5): 1 orphan inode deleted
[   92.788594][ T7120] ext4 filesystem being mounted at /179/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.792682][ T7131] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   92.811998][ T7131] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   92.843267][   T29] audit: type=1400 audit(2000000006.309:4649): avc:  denied  { create } for  pid=7132 comm="syz.3.1313" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[   93.019288][ T7149] vhci_hcd: invalid port number 129
[   93.025591][ T7149] vhci_hcd: default hub control req: 0200 v0005 i0081 l0
[   93.036056][   T29] audit: type=1326 audit(2000000006.499:4650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7152 comm="syz.3.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9636ffe929 code=0x7ffc0000
[   93.081829][   T29] audit: type=1326 audit(2000000006.499:4651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7152 comm="syz.3.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7f9636ffe929 code=0x7ffc0000
[   93.108198][   T29] audit: type=1326 audit(2000000006.529:4652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7152 comm="syz.3.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9636ffe929 code=0x7ffc0000
[   93.134564][   T29] audit: type=1326 audit(2000000006.529:4653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7152 comm="syz.3.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9636ffe929 code=0x7ffc0000
[   93.158251][   T29] audit: type=1326 audit(2000000006.529:4654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7152 comm="syz.3.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9636ffe929 code=0x7ffc0000
[   93.163658][ T7159] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   93.184184][   T29] audit: type=1326 audit(2000000006.529:4655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7152 comm="syz.3.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9636ffe929 code=0x7ffc0000
[   93.195349][ T7159] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   93.300817][ T7166] 9pnet_fd: Insufficient options for proto=fd
[   93.445787][ T7177] IPVS: Unknown mcast interface: nicvf0
[   93.555158][ T7188] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   93.566063][ T7188] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   93.791976][ T7203] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[   93.886527][ T7211] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   93.897492][ T7211] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   94.050580][ T7230] SELinux:  Context system_u:object_r:devtty_t:s0 is not valid (left unmapped).
[   94.137515][ T7242] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   94.149424][ T7242] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   94.221723][ T7248] lo: entered promiscuous mode
[   94.226929][ T7248] lo: entered allmulticast mode
[   94.235722][ T7248] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   94.267773][ T7248] FAULT_INJECTION: forcing a failure.
[   94.267773][ T7248] name failslab, interval 1, probability 0, space 0, times 0
[   94.284267][ T7248] CPU: 0 UID: 0 PID: 7248 Comm: syz.2.1360 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[   94.284358][ T7248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.284383][ T7248] Call Trace:
[   94.284390][ T7248]  <TASK>
[   94.284399][ T7248]  __dump_stack+0x1d/0x30
[   94.284421][ T7248]  dump_stack_lvl+0xe8/0x140
[   94.284441][ T7248]  dump_stack+0x15/0x1b
[   94.284457][ T7248]  should_fail_ex+0x265/0x280
[   94.284583][ T7248]  ? v9fs_mount+0x51/0x590
[   94.284666][ T7248]  should_failslab+0x8c/0xb0
[   94.284688][ T7248]  __kmalloc_cache_noprof+0x4c/0x320
[   94.284714][ T7248]  v9fs_mount+0x51/0x590
[   94.284779][ T7248]  ? __pfx_v9fs_mount+0x10/0x10
[   94.284804][ T7248]  legacy_get_tree+0x75/0xd0
[   94.284931][ T7248]  vfs_get_tree+0x57/0x1d0
[   94.284946][ T7248]  do_new_mount+0x207/0x680
[   94.285039][ T7248]  path_mount+0x4a4/0xb20
[   94.285097][ T7248]  ? user_path_at+0x109/0x130
[   94.285119][ T7248]  __se_sys_mount+0x28f/0x2e0
[   94.285136][ T7248]  __x64_sys_mount+0x67/0x80
[   94.285152][ T7248]  x64_sys_call+0xd36/0x2fb0
[   94.285182][ T7248]  do_syscall_64+0xd2/0x200
[   94.285199][ T7248]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   94.285221][ T7248]  ? clear_bhb_loop+0x40/0x90
[   94.285239][ T7248]  ? clear_bhb_loop+0x40/0x90
[   94.285313][ T7248]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.285332][ T7248] RIP: 0033:0x7f200a63e929
[   94.285346][ T7248] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.285364][ T7248] RSP: 002b:00007f2008ca7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   94.285384][ T7248] RAX: ffffffffffffffda RBX: 00007f200a865fa0 RCX: 00007f200a63e929
[   94.285397][ T7248] RDX: 00002000000002c0 RSI: 0000200000000280 RDI: 0000200000000100
[   94.285407][ T7248] RBP: 00007f2008ca7090 R08: 0000200000000300 R09: 0000000000000000
[   94.285473][ T7248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   94.285484][ T7248] R13: 0000000000000000 R14: 00007f200a865fa0 R15: 00007ffe0bd65668
[   94.285499][ T7248]  </TASK>
[   94.607762][ T7270] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   94.617935][ T7270] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   94.686276][ T7277] tun0: tun_chr_ioctl cmd 1074025678
[   94.691827][ T7277] tun0: group set to 0
[   94.722528][ T7277] loop4: detected capacity change from 0 to 128
[   94.730577][ T7283] loop2: detected capacity change from 0 to 256
[   94.848913][ T7297] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   94.860152][ T7297] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   94.957513][ T7305] loop4: detected capacity change from 0 to 512
[   94.965661][ T7305] EXT4-fs: Ignoring removed nomblk_io_submit option
[   94.974641][ T7305] EXT4-fs: dax option not supported
[   95.436388][ T7314] loop5: detected capacity change from 0 to 256
[   95.470733][ T7319] lo speed is unknown, defaulting to 1000
[   95.473015][ T7314] FAT-fs (loop5): Directory bread(block 64) failed
[   95.478551][ T7319] lo speed is unknown, defaulting to 1000
[   95.485632][ T7314] FAT-fs (loop5): Directory bread(block 65) failed
[   95.492552][ T7319] lo speed is unknown, defaulting to 1000
[   95.498913][ T7314] FAT-fs (loop5): Directory bread(block 66) failed
[   95.507104][ T7319] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   95.512679][ T7314] FAT-fs (loop5): Directory bread(block 67) failed
[   95.527267][ T7314] FAT-fs (loop5): Directory bread(block 68) failed
[   95.527406][ T7319] lo speed is unknown, defaulting to 1000
[   95.534766][ T7314] FAT-fs (loop5): Directory bread(block 69) failed
[   95.548877][ T7314] FAT-fs (loop5): Directory bread(block 70) failed
[   95.552011][ T7319] lo speed is unknown, defaulting to 1000
[   95.556339][ T7314] FAT-fs (loop5): Directory bread(block 71) failed
[   95.563134][ T7319] lo speed is unknown, defaulting to 1000
[   95.570056][ T7314] FAT-fs (loop5): Directory bread(block 72) failed
[   95.576424][ T7319] lo speed is unknown, defaulting to 1000
[   95.582565][ T7314] FAT-fs (loop5): Directory bread(block 73) failed
[   95.588886][ T7319] lo speed is unknown, defaulting to 1000
[   95.605507][ T7314] syz.5.1386: attempt to access beyond end of device
[   95.605507][ T7314] loop5: rw=524288, sector=1800, nr_sectors = 20 limit=256
[   95.624994][ T7314] syz.5.1386: attempt to access beyond end of device
[   95.624994][ T7314] loop5: rw=0, sector=1800, nr_sectors = 8 limit=256
[   95.643892][ T7322] loop2: detected capacity change from 0 to 128
[   95.651837][ T7322] msdos: Unknown parameter '���'
[   95.688455][ T7326] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   95.699231][ T7326] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   95.871194][ T7348] 9pnet: Could not find request transport: ^d
[   95.907582][ T7353] FAULT_INJECTION: forcing a failure.
[   95.907582][ T7353] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   95.922667][ T7353] CPU: 0 UID: 0 PID: 7353 Comm: syz.2.1403 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[   95.922700][ T7353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   95.922711][ T7353] Call Trace:
[   95.922717][ T7353]  <TASK>
[   95.922724][ T7353]  __dump_stack+0x1d/0x30
[   95.922744][ T7353]  dump_stack_lvl+0xe8/0x140
[   95.922760][ T7353]  dump_stack+0x15/0x1b
[   95.922811][ T7353]  should_fail_ex+0x265/0x280
[   95.922852][ T7353]  should_fail+0xb/0x20
[   95.922880][ T7353]  should_fail_usercopy+0x1a/0x20
[   95.922915][ T7353]  _copy_from_user+0x1c/0xb0
[   95.922967][ T7353]  do_ipt_set_ctl+0x3a0/0x820
[   95.922998][ T7353]  ? _raw_spin_unlock_bh+0x36/0x40
[   95.923019][ T7353]  ? tcp_release_cb+0xf1/0x370
[   95.923090][ T7353]  nf_setsockopt+0x199/0x1b0
[   95.923114][ T7353]  ip_setsockopt+0x102/0x110
[   95.923187][ T7353]  ipv6_setsockopt+0xfb/0x130
[   95.923212][ T7353]  tcp_setsockopt+0x95/0xb0
[   95.923421][ T7353]  sock_common_setsockopt+0x66/0x80
[   95.923451][ T7353]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   95.923498][ T7353]  __sys_setsockopt+0x181/0x200
[   95.923531][ T7353]  __x64_sys_setsockopt+0x64/0x80
[   95.923593][ T7353]  x64_sys_call+0x2bd5/0x2fb0
[   95.923667][ T7353]  do_syscall_64+0xd2/0x200
[   95.923685][ T7353]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   95.923708][ T7353]  ? clear_bhb_loop+0x40/0x90
[   95.923727][ T7353]  ? clear_bhb_loop+0x40/0x90
[   95.923758][ T7353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.923781][ T7353] RIP: 0033:0x7f200a63e929
[   95.923799][ T7353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.923816][ T7353] RSP: 002b:00007f2008ca7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   95.923836][ T7353] RAX: ffffffffffffffda RBX: 00007f200a865fa0 RCX: 00007f200a63e929
[   95.923849][ T7353] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000006
[   95.923878][ T7353] RBP: 00007f2008ca7090 R08: 0000000000000308 R09: 0000000000000000
[   95.923890][ T7353] R10: 0000200000000400 R11: 0000000000000246 R12: 0000000000000001
[   95.923903][ T7353] R13: 0000000000000000 R14: 00007f200a865fa0 R15: 00007ffe0bd65668
[   95.923922][ T7353]  </TASK>
[   96.180880][ T7358] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   96.191152][ T7358] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   96.233807][ T7365] binfmt_misc: register: failed to install interpreter file ./file0
[   96.330188][ T7378] __nla_validate_parse: 1 callbacks suppressed
[   96.330206][ T7378] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1415'.
[   96.522165][ T7386] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   96.532636][ T7386] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   96.646167][ T7392] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1421'.
[   96.864757][ T7398] lo speed is unknown, defaulting to 1000
[   97.290440][ T7417] loop3: detected capacity change from 0 to 128
[   97.297757][ T7412] loop4: detected capacity change from 0 to 256
[   97.398524][ T7427] lo speed is unknown, defaulting to 1000
[   97.504695][ T7432] loop5: detected capacity change from 0 to 256
[   97.521089][ T7432] FAT-fs (loop5): Directory bread(block 64) failed
[   97.529126][ T7432] FAT-fs (loop5): Directory bread(block 65) failed
[   97.536254][ T7432] FAT-fs (loop5): Directory bread(block 66) failed
[   97.544230][ T7432] FAT-fs (loop5): Directory bread(block 67) failed
[   97.551013][ T7432] FAT-fs (loop5): Directory bread(block 68) failed
[   97.558072][ T7432] FAT-fs (loop5): Directory bread(block 69) failed
[   97.565782][ T7432] FAT-fs (loop5): Directory bread(block 70) failed
[   97.573600][ T7432] FAT-fs (loop5): Directory bread(block 71) failed
[   97.581209][ T7432] FAT-fs (loop5): Directory bread(block 72) failed
[   97.588149][ T7432] FAT-fs (loop5): Directory bread(block 73) failed
[   97.602659][ T7432] syz.5.1436: attempt to access beyond end of device
[   97.602659][ T7432] loop5: rw=524288, sector=1800, nr_sectors = 20 limit=256
[   97.617489][ T7432] syz.5.1436: attempt to access beyond end of device
[   97.617489][ T7432] loop5: rw=0, sector=1800, nr_sectors = 8 limit=256
[   97.830833][   T29] kauditd_printk_skb: 832 callbacks suppressed
[   97.830849][   T29] audit: type=1326 audit(2000000011.299:5488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7444 comm="syz.5.1441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[   97.865448][   T29] audit: type=1326 audit(2000000011.299:5489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7444 comm="syz.5.1441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[   97.891039][   T29] audit: type=1326 audit(2000000011.329:5490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7444 comm="syz.5.1441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[   97.916716][   T29] audit: type=1326 audit(2000000011.329:5491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7444 comm="syz.5.1441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[   97.942387][   T29] audit: type=1326 audit(2000000011.329:5492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7444 comm="syz.5.1441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[   97.966657][   T29] audit: type=1326 audit(2000000011.329:5493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7444 comm="syz.5.1441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[   97.990763][   T29] audit: type=1326 audit(2000000011.329:5494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7444 comm="syz.5.1441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[   98.014343][   T29] audit: type=1326 audit(2000000011.329:5495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7444 comm="syz.5.1441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[   98.038551][   T29] audit: type=1326 audit(2000000011.329:5496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7444 comm="syz.5.1441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[   98.062596][   T29] audit: type=1326 audit(2000000011.339:5497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7446 comm="syz.5.1441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fcb687011e5 code=0x7ffc0000
[   98.069375][ T7455] loop5: detected capacity change from 0 to 256
[   98.331332][ T7479] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1453'.
[   98.341681][ T7476] program syz.3.1455 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   98.357228][ T7476] loop3: detected capacity change from 0 to 512
[   98.371676][ T7476] EXT4-fs mount: 2 callbacks suppressed
[   98.371693][ T7476] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.391180][ T7476] ext4 filesystem being mounted at /309/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   98.425881][ T7476] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #19: comm syz.3.1455: corrupted inode contents
[   98.439920][ T7476] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #19: comm syz.3.1455: mark_inode_dirty error
[   98.451835][ T7476] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #19: comm syz.3.1455: corrupted inode contents
[   98.466827][ T7476] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #19: comm syz.3.1455: mark_inode_dirty error
[   98.479240][ T7476] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #19: comm syz.3.1455: mark inode dirty (error -117)
[   98.492390][ T7476] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[   98.511198][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.235930][ T7508] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1464'.
[   99.305956][ T7510] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1464'.
[   99.521835][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.529564][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.537680][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.553029][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.561440][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.569860][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.569991][ T7534] loop3: detected capacity change from 0 to 1024
[   99.577409][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.577437][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.599063][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.600412][ T7534] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.606783][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.619988][ T7534] ext4 filesystem being mounted at /314/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   99.626424][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.626451][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.653967][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.661557][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.670179][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.677932][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.685831][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.693861][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.701465][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.709338][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.717190][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.725135][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.733346][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.740813][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.749606][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.758123][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.766211][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.773704][ T3415] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.782131][ T3415] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   99.795213][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.867984][ T7551] SELinux: syz.3.1482 (7551) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  100.312840][ T7567] loop5: detected capacity change from 0 to 256
[  100.327278][ T7567] FAT-fs (loop5): Directory bread(block 64) failed
[  100.335083][ T7567] FAT-fs (loop5): Directory bread(block 65) failed
[  100.343848][ T7567] FAT-fs (loop5): Directory bread(block 66) failed
[  100.353411][ T7567] FAT-fs (loop5): Directory bread(block 67) failed
[  100.360613][ T7567] FAT-fs (loop5): Directory bread(block 68) failed
[  100.368043][ T7567] FAT-fs (loop5): Directory bread(block 69) failed
[  100.376387][ T7567] FAT-fs (loop5): Directory bread(block 70) failed
[  100.381771][ T7571] loop4: detected capacity change from 0 to 256
[  100.383449][ T7567] FAT-fs (loop5): Directory bread(block 71) failed
[  100.398855][ T7567] FAT-fs (loop5): Directory bread(block 72) failed
[  100.405738][ T7567] FAT-fs (loop5): Directory bread(block 73) failed
[  100.409450][ T7571] FAT-fs (loop4): Directory bread(block 64) failed
[  100.419540][ T7571] FAT-fs (loop4): Directory bread(block 65) failed
[  100.426762][ T7571] FAT-fs (loop4): Directory bread(block 66) failed
[  100.433522][ T7571] FAT-fs (loop4): Directory bread(block 67) failed
[  100.453734][ T7567] syz.5.1489: attempt to access beyond end of device
[  100.453734][ T7567] loop5: rw=524288, sector=1800, nr_sectors = 20 limit=256
[  100.453700][ T7571] FAT-fs (loop4): Directory bread(block 68) failed
[  100.453767][ T7571] FAT-fs (loop4): Directory bread(block 69) failed
[  100.470670][ T7567] syz.5.1489: attempt to access beyond end of device
[  100.470670][ T7567] loop5: rw=0, sector=1800, nr_sectors = 8 limit=256
[  100.475925][ T7571] FAT-fs (loop4): Directory bread(block 70) failed
[  100.503742][ T7571] FAT-fs (loop4): Directory bread(block 71) failed
[  100.511493][ T7571] FAT-fs (loop4): Directory bread(block 72) failed
[  100.518375][ T7571] FAT-fs (loop4): Directory bread(block 73) failed
[  100.521483][ T7573] FAULT_INJECTION: forcing a failure.
[  100.521483][ T7573] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.535934][ T7571] syz.4.1491: attempt to access beyond end of device
[  100.535934][ T7571] loop4: rw=524288, sector=1800, nr_sectors = 20 limit=256
[  100.538382][ T7573] CPU: 0 UID: 0 PID: 7573 Comm: syz.0.1492 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  100.538412][ T7573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  100.538424][ T7573] Call Trace:
[  100.538432][ T7573]  <TASK>
[  100.538440][ T7573]  __dump_stack+0x1d/0x30
[  100.538529][ T7573]  dump_stack_lvl+0xe8/0x140
[  100.538548][ T7573]  dump_stack+0x15/0x1b
[  100.538563][ T7573]  should_fail_ex+0x265/0x280
[  100.538593][ T7573]  should_fail+0xb/0x20
[  100.538620][ T7573]  should_fail_usercopy+0x1a/0x20
[  100.538741][ T7573]  copy_folio_from_iter_atomic+0x278/0x1170
[  100.538767][ T7573]  ? shmem_write_begin+0xa8/0x190
[  100.538802][ T7573]  ? shmem_write_begin+0xe1/0x190
[  100.538832][ T7573]  generic_perform_write+0x2c2/0x490
[  100.538855][ T7573]  shmem_file_write_iter+0xc5/0xf0
[  100.538888][ T7573]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  100.538909][ T7573]  vfs_write+0x4a0/0x8e0
[  100.538972][ T7573]  ksys_write+0xda/0x1a0
[  100.538989][ T7573]  __x64_sys_write+0x40/0x50
[  100.539007][ T7573]  x64_sys_call+0x2cdd/0x2fb0
[  100.539104][ T7573]  do_syscall_64+0xd2/0x200
[  100.539122][ T7573]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  100.539191][ T7573]  ? clear_bhb_loop+0x40/0x90
[  100.539210][ T7573]  ? clear_bhb_loop+0x40/0x90
[  100.539231][ T7573]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.539299][ T7573] RIP: 0033:0x7fbba8aee929
[  100.539314][ T7573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.539332][ T7573] RSP: 002b:00007fbba7157038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  100.539350][ T7573] RAX: ffffffffffffffda RBX: 00007fbba8d15fa0 RCX: 00007fbba8aee929
[  100.539363][ T7573] RDX: 0000000000032600 RSI: 0000200000000080 RDI: 0000000000000003
[  100.539444][ T7573] RBP: 00007fbba7157090 R08: 0000000000000000 R09: 0000000000000000
[  100.539456][ T7573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  100.539468][ T7573] R13: 0000000000000000 R14: 00007fbba8d15fa0 R15: 00007fff927af5f8
[  100.539485][ T7573]  </TASK>
[  100.583319][ T7579] loop5: detected capacity change from 0 to 256
[  100.592113][ T7571] syz.4.1491: attempt to access beyond end of device
[  100.592113][ T7571] loop4: rw=0, sector=1800, nr_sectors = 8 limit=256
[  100.895402][ T7598] loop5: detected capacity change from 0 to 1024
[  100.911136][ T7598] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.937056][ T7598] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.1502: Allocating blocks 449-513 which overlap fs metadata
[  100.975034][ T7604] loop4: detected capacity change from 0 to 256
[  101.012554][ T7598] SELinux: syz.5.1502 (7598) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  101.028226][ T7597] EXT4-fs (loop5): pa ffff888106ac4850: logic 48, phys. 177, len 21
[  101.036637][ T7597] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 4
[  101.060219][ T3764] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.088310][ T7610] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1507'.
[  101.112247][ T7619] loop5: detected capacity change from 0 to 256
[  101.127221][ T7619] FAT-fs (loop5): Directory bread(block 64) failed
[  101.134416][ T7619] FAT-fs (loop5): Directory bread(block 65) failed
[  101.141131][ T7619] FAT-fs (loop5): Directory bread(block 66) failed
[  101.148149][ T7619] FAT-fs (loop5): Directory bread(block 67) failed
[  101.154703][ T7619] FAT-fs (loop5): Directory bread(block 68) failed
[  101.161550][ T7619] FAT-fs (loop5): Directory bread(block 69) failed
[  101.169453][ T7619] FAT-fs (loop5): Directory bread(block 70) failed
[  101.176731][ T7619] FAT-fs (loop5): Directory bread(block 71) failed
[  101.183801][ T7619] FAT-fs (loop5): Directory bread(block 72) failed
[  101.191947][ T7619] FAT-fs (loop5): Directory bread(block 73) failed
[  101.204255][ T7619] syz.5.1509: attempt to access beyond end of device
[  101.204255][ T7619] loop5: rw=524288, sector=1800, nr_sectors = 20 limit=256
[  101.218726][ T7619] syz.5.1509: attempt to access beyond end of device
[  101.218726][ T7619] loop5: rw=0, sector=1800, nr_sectors = 8 limit=256
[  101.560760][ T7635] loop5: detected capacity change from 0 to 256
[  101.834478][ T7653] loop3: detected capacity change from 0 to 256
[  101.880108][ T7653] FAT-fs (loop3): Directory bread(block 64) failed
[  101.886929][ T7653] FAT-fs (loop3): Directory bread(block 65) failed
[  101.894601][ T7653] FAT-fs (loop3): Directory bread(block 66) failed
[  101.988261][ T3388] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  102.026872][ T7659] loop4: detected capacity change from 0 to 1024
[  102.038999][ T7653] FAT-fs (loop3): Directory bread(block 67) failed
[  102.059174][ T3388] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  102.073452][ T7659] EXT4-fs: Ignoring removed orlov option
[  102.082956][ T7653] FAT-fs (loop3): Directory bread(block 68) failed
[  102.111938][ T7653] FAT-fs (loop3): Directory bread(block 69) failed
[  102.119633][ T7659] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.152914][ T7653] FAT-fs (loop3): Directory bread(block 70) failed
[  102.179132][ T7653] FAT-fs (loop3): Directory bread(block 71) failed
[  102.208726][ T7653] FAT-fs (loop3): Directory bread(block 72) failed
[  102.215541][ T7653] FAT-fs (loop3): Directory bread(block 73) failed
[  102.241391][ T7653] syz.3.1522: attempt to access beyond end of device
[  102.241391][ T7653] loop3: rw=524288, sector=1800, nr_sectors = 20 limit=256
[  102.259451][ T7653] syz.3.1522: attempt to access beyond end of device
[  102.259451][ T7653] loop3: rw=0, sector=1800, nr_sectors = 8 limit=256
[  102.435130][ T7670] loop3: detected capacity change from 0 to 256
[  102.546577][ T7672] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  102.561042][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.572132][ T7671] tipc: Resetting bearer <eth:syzkaller0>
[  102.597197][ T7671] tipc: Disabling bearer <eth:syzkaller0>
[  102.605815][ T7682] FAULT_INJECTION: forcing a failure.
[  102.605815][ T7682] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  102.619348][ T7682] CPU: 0 UID: 0 PID: 7682 Comm: syz.4.1533 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  102.619376][ T7682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  102.619387][ T7682] Call Trace:
[  102.619466][ T7682]  <TASK>
[  102.619473][ T7682]  __dump_stack+0x1d/0x30
[  102.619492][ T7682]  dump_stack_lvl+0xe8/0x140
[  102.619573][ T7682]  dump_stack+0x15/0x1b
[  102.619595][ T7682]  should_fail_ex+0x265/0x280
[  102.619622][ T7682]  should_fail+0xb/0x20
[  102.619644][ T7682]  should_fail_usercopy+0x1a/0x20
[  102.619734][ T7682]  _copy_from_user+0x1c/0xb0
[  102.619875][ T7682]  ___sys_sendmsg+0xc1/0x1d0
[  102.619921][ T7682]  __x64_sys_sendmsg+0xd4/0x160
[  102.619951][ T7682]  x64_sys_call+0x2999/0x2fb0
[  102.619972][ T7682]  do_syscall_64+0xd2/0x200
[  102.620019][ T7682]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  102.620043][ T7682]  ? clear_bhb_loop+0x40/0x90
[  102.620131][ T7682]  ? clear_bhb_loop+0x40/0x90
[  102.620152][ T7682]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.620245][ T7682] RIP: 0033:0x7f5653ece929
[  102.620255][ T7682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.620265][ T7682] RSP: 002b:00007f5652537038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  102.620280][ T7682] RAX: ffffffffffffffda RBX: 00007f56540f5fa0 RCX: 00007f5653ece929
[  102.620291][ T7682] RDX: 0000000000040000 RSI: 0000200000000280 RDI: 0000000000000003
[  102.620303][ T7682] RBP: 00007f5652537090 R08: 0000000000000000 R09: 0000000000000000
[  102.620314][ T7682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.620389][ T7682] R13: 0000000000000000 R14: 00007f56540f5fa0 R15: 00007ffe0926f878
[  102.620405][ T7682]  </TASK>
[  102.621712][ T7680] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.862600][ T7680] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.946118][ T7680] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.973520][ T7697] loop4: detected capacity change from 0 to 256
[  103.002961][ T7680] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.017337][ T7701] netlink: 'syz.4.1541': attribute type 1 has an invalid length.
[  103.025456][ T7701] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1541'.
[  103.051443][ T7705] netlink: 'syz.4.1542': attribute type 3 has an invalid length.
[  103.078226][ T7680] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  103.092074][ T7680] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  103.104098][ T7680] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  103.116640][ T7680] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  103.135675][   T29] kauditd_printk_skb: 547 callbacks suppressed
[  103.135685][   T29] audit: type=1400 audit(2000000016.599:6045): avc:  denied  { accept } for  pid=7711 comm="syz.4.1545" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  103.162134][ T7712] netlink: 'syz.4.1545': attribute type 13 has an invalid length.
[  103.175269][ T7714] FAULT_INJECTION: forcing a failure.
[  103.175269][ T7714] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  103.189122][ T7714] CPU: 0 UID: 0 PID: 7714 Comm: syz.0.1546 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  103.189140][ T7714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  103.189147][ T7714] Call Trace:
[  103.189151][ T7714]  <TASK>
[  103.189156][ T7714]  __dump_stack+0x1d/0x30
[  103.189236][ T7714]  dump_stack_lvl+0xe8/0x140
[  103.189247][ T7714]  dump_stack+0x15/0x1b
[  103.189256][ T7714]  should_fail_ex+0x265/0x280
[  103.189274][ T7714]  should_fail+0xb/0x20
[  103.189289][ T7714]  should_fail_usercopy+0x1a/0x20
[  103.189361][ T7714]  _copy_from_user+0x1c/0xb0
[  103.189373][ T7714]  ___sys_sendmsg+0xc1/0x1d0
[  103.189428][ T7714]  __x64_sys_sendmsg+0xd4/0x160
[  103.189451][ T7714]  x64_sys_call+0x2999/0x2fb0
[  103.189463][ T7714]  do_syscall_64+0xd2/0x200
[  103.189483][ T7714]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  103.189498][ T7714]  ? clear_bhb_loop+0x40/0x90
[  103.189511][ T7714]  ? clear_bhb_loop+0x40/0x90
[  103.189522][ T7714]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.189618][ T7714] RIP: 0033:0x7fbba8aee929
[  103.189628][ T7714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.189638][ T7714] RSP: 002b:00007fbba7157038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  103.189720][ T7714] RAX: ffffffffffffffda RBX: 00007fbba8d15fa0 RCX: 00007fbba8aee929
[  103.189730][ T7714] RDX: 0000000004000c00 RSI: 0000200000000180 RDI: 000000000000000c
[  103.189737][ T7714] RBP: 00007fbba7157090 R08: 0000000000000000 R09: 0000000000000000
[  103.189793][ T7714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.189800][ T7714] R13: 0000000000000000 R14: 00007fbba8d15fa0 R15: 00007fff927af5f8
[  103.189811][ T7714]  </TASK>
[  103.402469][ T7718] netlink: 'syz.4.1548': attribute type 13 has an invalid length.
[  103.417699][   T29] audit: type=1326 audit(2000000016.879:6046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.0.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbba8aee929 code=0x7ffc0000
[  103.442032][   T29] audit: type=1326 audit(2000000016.879:6047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.0.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbba8aee929 code=0x7ffc0000
[  103.459521][ T7722] loop4: detected capacity change from 0 to 256
[  103.466599][   T29] audit: type=1326 audit(2000000016.929:6048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.0.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbba8aee929 code=0x7ffc0000
[  103.495846][   T29] audit: type=1326 audit(2000000016.929:6049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.0.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbba8aee929 code=0x7ffc0000
[  103.519938][   T29] audit: type=1326 audit(2000000016.929:6050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.0.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbba8aee929 code=0x7ffc0000
[  103.544289][   T29] audit: type=1326 audit(2000000016.939:6051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.0.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fbba8aee929 code=0x7ffc0000
[  103.567968][   T29] audit: type=1326 audit(2000000016.939:6052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.0.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbba8aee929 code=0x7ffc0000
[  103.591864][   T29] audit: type=1326 audit(2000000016.939:6053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.0.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbba8aee929 code=0x7ffc0000
[  103.615698][   T29] audit: type=1326 audit(2000000016.939:6054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.0.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbba8aee929 code=0x7ffc0000
[  103.670488][ T7726] loop3: detected capacity change from 0 to 256
[  103.698019][ T7726] FAT-fs (loop3): Directory bread(block 64) failed
[  103.705973][ T7726] FAT-fs (loop3): Directory bread(block 65) failed
[  103.742896][ T7726] FAT-fs (loop3): Directory bread(block 66) failed
[  103.749836][ T7726] FAT-fs (loop3): Directory bread(block 67) failed
[  103.758764][ T7726] FAT-fs (loop3): Directory bread(block 68) failed
[  103.774564][ T7726] FAT-fs (loop3): Directory bread(block 69) failed
[  103.786980][ T7726] FAT-fs (loop3): Directory bread(block 70) failed
[  103.793852][ T7726] FAT-fs (loop3): Directory bread(block 71) failed
[  103.800686][ T7726] FAT-fs (loop3): Directory bread(block 72) failed
[  103.807777][ T7726] FAT-fs (loop3): Directory bread(block 73) failed
[  103.846093][ T7726] syz.3.1552: attempt to access beyond end of device
[  103.846093][ T7726] loop3: rw=524288, sector=1800, nr_sectors = 20 limit=256
[  103.866982][ T7726] syz.3.1552: attempt to access beyond end of device
[  103.866982][ T7726] loop3: rw=0, sector=1800, nr_sectors = 8 limit=256
[  103.958001][ T7750] SELinux: syz.3.1560 (7750) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  104.192502][ T7758] FAULT_INJECTION: forcing a failure.
[  104.192502][ T7758] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  104.205966][ T7758] CPU: 0 UID: 0 PID: 7758 Comm: syz.3.1564 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  104.205992][ T7758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  104.206038][ T7758] Call Trace:
[  104.206045][ T7758]  <TASK>
[  104.206053][ T7758]  __dump_stack+0x1d/0x30
[  104.206072][ T7758]  dump_stack_lvl+0xe8/0x140
[  104.206088][ T7758]  dump_stack+0x15/0x1b
[  104.206102][ T7758]  should_fail_ex+0x265/0x280
[  104.206200][ T7758]  should_fail_alloc_page+0xf2/0x100
[  104.206229][ T7758]  __alloc_frozen_pages_noprof+0xff/0x360
[  104.206259][ T7758]  alloc_pages_mpol+0xb3/0x250
[  104.206361][ T7758]  vma_alloc_folio_noprof+0x1aa/0x300
[  104.206391][ T7758]  handle_mm_fault+0xec2/0x2be0
[  104.206409][ T7758]  ? __rcu_read_unlock+0x4f/0x70
[  104.206438][ T7758]  do_user_addr_fault+0x3fe/0x1090
[  104.206475][ T7758]  exc_page_fault+0x62/0xa0
[  104.206502][ T7758]  asm_exc_page_fault+0x26/0x30
[  104.206521][ T7758] RIP: 0010:rep_stos_alternative+0x40/0x80
[  104.206583][ T7758] Code: c9 75 f6 c3 cc cc cc cc 48 89 07 48 83 c7 08 83 e9 08 74 ef 83 f9 08 73 ef eb de 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 <48> 89 07 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47
[  104.206601][ T7758] RSP: 0018:ffffc90010557bf0 EFLAGS: 00050202
[  104.206617][ T7758] RAX: 0000000000000000 RBX: 000020000000c380 RCX: 0000000000000380
[  104.206630][ T7758] RDX: 0000000000000000 RSI: 000020000000b380 RDI: 000020000000c000
[  104.206650][ T7758] RBP: 0000000000001001 R08: 0001c90010557dd7 R09: 0000000000000000
[  104.206663][ T7758] R10: 0000000000000005 R11: 0000000000000000 R12: 0000000000001000
[  104.206676][ T7758] R13: 000020000000b380 R14: 000000000000a000 R15: ffffc90010557d90
[  104.206696][ T7758]  iov_iter_zero+0x26f/0xd60
[  104.206775][ T7758]  ? _parse_integer_limit+0x170/0x190
[  104.206805][ T7758]  ? iovec_from_user+0x179/0x210
[  104.206828][ T7758]  read_iter_zero+0x5d/0x1e0
[  104.206933][ T7758]  do_iter_readv_writev+0x421/0x4c0
[  104.206966][ T7758]  vfs_readv+0x1ea/0x690
[  104.206997][ T7758]  __se_sys_preadv2+0xfc/0x1c0
[  104.207016][ T7758]  __x64_sys_preadv2+0x67/0x80
[  104.207033][ T7758]  x64_sys_call+0x2818/0x2fb0
[  104.207050][ T7758]  do_syscall_64+0xd2/0x200
[  104.207099][ T7758]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  104.207126][ T7758]  ? clear_bhb_loop+0x40/0x90
[  104.207165][ T7758]  ? clear_bhb_loop+0x40/0x90
[  104.207246][ T7758]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.207268][ T7758] RIP: 0033:0x7f9636ffe929
[  104.207280][ T7758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.207295][ T7758] RSP: 002b:00007f9635667038 EFLAGS: 00000246 ORIG_RAX: 0000000000000147
[  104.207310][ T7758] RAX: ffffffffffffffda RBX: 00007f9637225fa0 RCX: 00007f9636ffe929
[  104.207321][ T7758] RDX: 0000000000000002 RSI: 0000200000001540 RDI: 0000000000000003
[  104.207332][ T7758] RBP: 00007f9635667090 R08: 0000000000000000 R09: 0000000000000000
[  104.207362][ T7758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  104.207375][ T7758] R13: 0000000000000000 R14: 00007f9637225fa0 R15: 00007ffc496bf258
[  104.207394][ T7758]  </TASK>
[  104.628352][ T7770] SELinux:  Context system_u:object_r:mouse_device_t:s0 is not valid (left unmapped).
[  104.742532][ T7774] loop5: detected capacity change from 0 to 512
[  104.773600][ T7774] EXT4-fs (loop5): 1 orphan inode deleted
[  104.784356][ T7774] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.797074][ T2215] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 1
[  104.797353][ T7774] ext4 filesystem being mounted at /245/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  104.852501][ T7786] loop3: detected capacity change from 0 to 256
[  104.863218][ T7790] loop4: detected capacity change from 0 to 2048
[  104.874353][ T7790] ext2: Unknown parameter 'smackfstransmute'
[  104.897338][ T7790] loop4: detected capacity change from 0 to 128
[  104.912195][ T7790] syz.4.1576: attempt to access beyond end of device
[  104.912195][ T7790] loop4: rw=2049, sector=145, nr_sectors = 40 limit=128
[  104.927054][ T7790] syz.4.1576: attempt to access beyond end of device
[  104.927054][ T7790] loop4: rw=2049, sector=193, nr_sectors = 8 limit=128
[  104.941182][ T7790] syz.4.1576: attempt to access beyond end of device
[  104.941182][ T7790] loop4: rw=2049, sector=209, nr_sectors = 8 limit=128
[  104.955699][ T3764] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.958748][ T7790] syz.4.1576: attempt to access beyond end of device
[  104.958748][ T7790] loop4: rw=2049, sector=225, nr_sectors = 8 limit=128
[  104.979131][ T7790] syz.4.1576: attempt to access beyond end of device
[  104.979131][ T7790] loop4: rw=2049, sector=241, nr_sectors = 8 limit=128
[  104.994259][ T7790] syz.4.1576: attempt to access beyond end of device
[  104.994259][ T7790] loop4: rw=2049, sector=257, nr_sectors = 8 limit=128
[  105.008090][ T7790] syz.4.1576: attempt to access beyond end of device
[  105.008090][ T7790] loop4: rw=2049, sector=273, nr_sectors = 9 limit=128
[  105.045320][ T7795] FAULT_INJECTION: forcing a failure.
[  105.045320][ T7795] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  105.058971][ T7795] CPU: 0 UID: 0 PID: 7795 Comm: syz.5.1578 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  105.059037][ T7795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  105.059050][ T7795] Call Trace:
[  105.059057][ T7795]  <TASK>
[  105.059066][ T7795]  __dump_stack+0x1d/0x30
[  105.059141][ T7795]  dump_stack_lvl+0xe8/0x140
[  105.059161][ T7795]  dump_stack+0x15/0x1b
[  105.059245][ T7795]  should_fail_ex+0x265/0x280
[  105.059279][ T7795]  should_fail+0xb/0x20
[  105.059307][ T7795]  should_fail_usercopy+0x1a/0x20
[  105.059355][ T7795]  _copy_from_user+0x1c/0xb0
[  105.059374][ T7795]  ___sys_sendmsg+0xc1/0x1d0
[  105.059493][ T7795]  __x64_sys_sendmsg+0xd4/0x160
[  105.059604][ T7795]  x64_sys_call+0x2999/0x2fb0
[  105.059625][ T7795]  do_syscall_64+0xd2/0x200
[  105.059640][ T7795]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  105.059734][ T7795]  ? clear_bhb_loop+0x40/0x90
[  105.059752][ T7795]  ? clear_bhb_loop+0x40/0x90
[  105.059770][ T7795]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.059863][ T7795] RIP: 0033:0x7fcb686ce929
[  105.059879][ T7795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.059897][ T7795] RSP: 002b:00007fcb66d37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  105.059968][ T7795] RAX: ffffffffffffffda RBX: 00007fcb688f5fa0 RCX: 00007fcb686ce929
[  105.060047][ T7795] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000005
[  105.060057][ T7795] RBP: 00007fcb66d37090 R08: 0000000000000000 R09: 0000000000000000
[  105.060068][ T7795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  105.060158][ T7795] R13: 0000000000000000 R14: 00007fcb688f5fa0 R15: 00007ffc36eb2848
[  105.060175][ T7795]  </TASK>
[  105.061902][ T7795] loop5: detected capacity change from 0 to 128
[  105.253202][ T7795] EXT4-fs: Ignoring removed nobh option
[  105.260326][ T7795] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  105.273599][ T7795] ext4 filesystem being mounted at /246/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  105.305941][ T3764] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  105.322132][ T3388] kernel write not supported for file /592/attr/exec (pid: 3388 comm: kworker/0:3)
[  105.413112][ T7818] loop5: detected capacity change from 0 to 1024
[  105.419980][ T7818] EXT4-fs: Ignoring removed nomblk_io_submit option
[  105.430436][ T7818] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.446160][ T7818] EXT4-fs error (device loop5): __ext4_remount:6736: comm syz.5.1587: Abort forced by user
[  105.456652][ T7818] EXT4-fs (loop5): Remounting filesystem read-only
[  105.463830][ T7818] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000.
[  105.482744][ T3764] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.573868][ T7834] loop5: detected capacity change from 0 to 512
[  105.592577][ T7834] EXT4-fs (loop5): 1 orphan inode deleted
[  105.604793][ T7834] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.620567][   T31] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  105.620936][ T7834] ext4 filesystem being mounted at /255/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.857724][ T7858] SELinux: syz.0.1603 (7858) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  105.951811][ T7870] loop3: detected capacity change from 0 to 512
[  105.958820][ T7870] journal_path: Lookup failure for './file0/../file0'
[  105.966095][ T7870] EXT4-fs: error: could not find journal device path
[  106.009942][ T7878] loop3: detected capacity change from 0 to 256
[  106.053544][ T7887] netlink: 16 bytes leftover after parsing attributes in process `:)']@+#�^$K�^:\'.
[  106.159101][ T7897] loop4: detected capacity change from 0 to 1024
[  106.165858][ T7897] EXT4-fs: Ignoring removed nomblk_io_submit option
[  106.180138][ T7897] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.194449][ T7897] EXT4-fs error (device loop4): __ext4_remount:6736: comm syz.4.1622: Abort forced by user
[  106.204797][ T7897] EXT4-fs (loop4): Remounting filesystem read-only
[  106.211428][ T7897] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[  106.227061][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.333419][ T7907] loop4: detected capacity change from 0 to 2048
[  106.350652][ T7907] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  106.406695][ T3764] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.491802][ T7910] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  106.508591][ T7910] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  106.522344][ T7910] EXT4-fs (loop4): This should not happen!! Data will be lost
[  106.522344][ T7910] 
[  106.533549][ T7910] EXT4-fs (loop4): Total free blocks count 0
[  106.541126][ T7910] EXT4-fs (loop4): Free/Dirty block details
[  106.548915][ T7910] EXT4-fs (loop4): free_blocks=2415919104
[  106.555580][ T7910] EXT4-fs (loop4): dirty_blocks=2240
[  106.562147][ T7910] EXT4-fs (loop4): Block reservation details
[  106.568947][ T7910] EXT4-fs (loop4): i_reserved_data_blocks=140
[  106.622886][ T7918] loop5: detected capacity change from 0 to 128
[  106.696942][ T7920] FAULT_INJECTION: forcing a failure.
[  106.696942][ T7920] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  106.710850][ T7920] CPU: 1 UID: 0 PID: 7920 Comm: syz.5.1630 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  106.710877][ T7920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  106.710887][ T7920] Call Trace:
[  106.710894][ T7920]  <TASK>
[  106.710901][ T7920]  __dump_stack+0x1d/0x30
[  106.710922][ T7920]  dump_stack_lvl+0xe8/0x140
[  106.711010][ T7920]  dump_stack+0x15/0x1b
[  106.711024][ T7920]  should_fail_ex+0x265/0x280
[  106.711056][ T7920]  should_fail+0xb/0x20
[  106.711076][ T7920]  should_fail_usercopy+0x1a/0x20
[  106.711122][ T7920]  _copy_from_user+0x1c/0xb0
[  106.711133][ T7920]  ___sys_sendmsg+0xc1/0x1d0
[  106.711160][ T7920]  __sys_sendmmsg+0x178/0x300
[  106.711175][ T7920]  __x64_sys_sendmmsg+0x57/0x70
[  106.711186][ T7920]  x64_sys_call+0x2f2f/0x2fb0
[  106.711238][ T7920]  do_syscall_64+0xd2/0x200
[  106.711249][ T7920]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  106.711277][ T7920]  ? clear_bhb_loop+0x40/0x90
[  106.711292][ T7920]  ? clear_bhb_loop+0x40/0x90
[  106.711329][ T7920]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.711341][ T7920] RIP: 0033:0x7fcb686ce929
[  106.711351][ T7920] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.711429][ T7920] RSP: 002b:00007fcb66d37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  106.711448][ T7920] RAX: ffffffffffffffda RBX: 00007fcb688f5fa0 RCX: 00007fcb686ce929
[  106.711455][ T7920] RDX: 0000000000000002 RSI: 0000200000000940 RDI: 0000000000000005
[  106.711516][ T7920] RBP: 00007fcb66d37090 R08: 0000000000000000 R09: 0000000000000000
[  106.711595][ T7920] R10: 000000002600c054 R11: 0000000000000246 R12: 0000000000000001
[  106.711602][ T7920] R13: 0000000000000000 R14: 00007fcb688f5fa0 R15: 00007ffc36eb2848
[  106.711613][ T7920]  </TASK>
[  106.931154][ T7925] loop3: detected capacity change from 0 to 1024
[  106.938399][ T7925] EXT4-fs: Ignoring removed nomblk_io_submit option
[  106.957002][ T7926] loop5: detected capacity change from 0 to 8192
[  106.964964][ T7925] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.981325][ T7925] EXT4-fs error (device loop3): __ext4_remount:6736: comm syz.3.1633: Abort forced by user
[  106.993032][ T7925] EXT4-fs (loop3): Remounting filesystem read-only
[  106.999830][ T7925] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[  107.018418][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.030063][ T7926]  loop5: p1 p2 p4
[  107.034840][ T7926] loop5: p1 size 65536 extends beyond EOD, truncated
[  107.043279][ T7926] loop5: p2 start 861536256 is beyond EOD, truncated
[  107.050249][ T7926] loop5: p4 size 65536 extends beyond EOD, truncated
[  107.064011][ T7939] SELinux: syz.3.1637 (7939) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  107.109787][ T7946] ip6gre1: entered allmulticast mode
[  107.208346][   T31] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  107.210837][ T7957] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  107.230929][ T7957] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  107.321576][ T7967] SELinux: syz.4.1649 (7967) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  107.400663][ T7977] netlink: 'syz.5.1654': attribute type 1 has an invalid length.
[  107.410433][ T7977] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1654'.
[  107.468600][ T7987] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  107.479604][ T7987] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  107.492716][ T7973] IPv6: sit2: Disabled Multicast RS
[  107.534040][ T7984] lo speed is unknown, defaulting to 1000
[  107.637307][ T7996] loop5: detected capacity change from 0 to 1024
[  107.648452][ T7996] EXT4-fs: Ignoring removed orlov option
[  107.659584][ T7996] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.793646][ T8001] loop4: detected capacity change from 0 to 8192
[  107.849400][ T8001]  loop4: p1 p2 p4
[  107.857967][ T8001] loop4: p1 size 65536 extends beyond EOD, truncated
[  107.946863][ T8001] loop4: p2 start 861536256 is beyond EOD, truncated
[  107.953892][ T8001] loop4: p4 size 65536 extends beyond EOD, truncated
[  107.962840][ T3764] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.029576][ T8009] SELinux: syz.5.1664 (8009) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  108.132462][ T8013] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  108.142519][ T8013] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  108.191930][ T8008] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1665'.
[  108.201663][ T8008] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1665'.
[  108.212084][ T8008] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1665'.
[  108.236053][ T8008] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1665'.
[  108.247832][ T8008] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1665'.
[  108.257790][ T8008] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1665'.
[  108.278947][ T8017] netlink: 112 bytes leftover after parsing attributes in process `syz.4.1665'.
[  108.306682][ T8008] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1665'.
[  108.316818][ T8008] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1665'.
[  108.326788][ T8008] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1665'.
[  108.507280][   T29] kauditd_printk_skb: 495 callbacks suppressed
[  108.507295][   T29] audit: type=1326 audit(2000000000.109:6548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8037 comm="syz.5.1675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[  108.519567][ T8040] loop5: detected capacity change from 0 to 1024
[  108.556004][   T29] audit: type=1326 audit(2000000000.109:6549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8037 comm="syz.5.1675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[  108.565302][ T8040] EXT4-fs: Ignoring removed orlov option
[  108.580185][   T29] audit: type=1326 audit(2000000000.109:6550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8037 comm="syz.5.1675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[  108.599155][ T8040] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.610450][   T29] audit: type=1326 audit(2000000000.109:6551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8037 comm="syz.5.1675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[  108.647084][   T29] audit: type=1326 audit(2000000000.109:6552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8037 comm="syz.5.1675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[  108.672807][   T29] audit: type=1326 audit(2000000000.109:6553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8037 comm="syz.5.1675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[  108.696321][   T29] audit: type=1326 audit(2000000000.109:6554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8037 comm="syz.5.1675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[  108.720652][   T29] audit: type=1326 audit(2000000000.109:6555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8037 comm="syz.5.1675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[  108.744431][   T29] audit: type=1326 audit(2000000000.109:6556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8037 comm="syz.5.1675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[  108.768517][   T29] audit: type=1326 audit(2000000000.119:6557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8037 comm="syz.5.1675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[  108.854726][ T8051] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  108.865077][ T8051] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  108.875989][ T3764] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.016162][ T8074] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  109.029692][ T8074] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  109.090924][ T8077] loop5: detected capacity change from 0 to 8192
[  109.139637][ T8077]  loop5: p1 p2 p4
[  109.145763][ T8077] loop5: p1 size 65536 extends beyond EOD, truncated
[  109.156149][ T8077] loop5: p2 start 861536256 is beyond EOD, truncated
[  109.166064][ T8077] loop5: p4 size 65536 extends beyond EOD, truncated
[  109.406022][ T8096] loop5: detected capacity change from 0 to 512
[  109.437951][ T8101] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  109.447941][ T8101] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  109.561015][ T8107] loop4: detected capacity change from 0 to 8192
[  109.574495][ T8113] loop5: detected capacity change from 0 to 1024
[  109.582831][ T8113] EXT4-fs: Ignoring removed nomblk_io_submit option
[  109.610932][ T8113] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.618841][ T8107]  loop4: p1 p2 p4
[  109.627682][ T8107] loop4: p1 size 65536 extends beyond EOD, truncated
[  109.635143][ T8107] loop4: p2 start 861536256 is beyond EOD, truncated
[  109.642059][ T8107] loop4: p4 size 65536 extends beyond EOD, truncated
[  109.649576][ T8113] EXT4-fs error (device loop5): __ext4_remount:6736: comm syz.5.1708: Abort forced by user
[  109.668543][ T8113] EXT4-fs (loop5): Remounting filesystem read-only
[  109.675249][ T8113] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000.
[  109.739502][ T3764] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.910708][ T8133] loop5: detected capacity change from 0 to 256
[  110.102357][ T8156] loop4: detected capacity change from 0 to 2048
[  110.159455][ T8156] Alternate GPT is invalid, using primary GPT.
[  110.168403][ T8156]  loop4: p1 p2 p3
[  110.300261][ T8172] loop4: detected capacity change from 0 to 8192
[  110.329371][ T8172]  loop4: p1 p2 p4
[  110.333352][ T8172] loop4: p1 size 65536 extends beyond EOD, truncated
[  110.343968][ T8172] loop4: p2 start 861536256 is beyond EOD, truncated
[  110.351047][ T8172] loop4: p4 size 65536 extends beyond EOD, truncated
[  110.492874][ T8194] loop4: detected capacity change from 0 to 1024
[  110.500051][ T8194] EXT4-fs: Ignoring removed orlov option
[  110.507965][ T8194] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.551328][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.616040][ T8208] loop4: detected capacity change from 0 to 8192
[  110.659432][ T8208]  loop4: p1 p2 p4
[  110.663687][ T8208] loop4: p1 size 65536 extends beyond EOD, truncated
[  110.671716][ T8208] loop4: p2 start 861536256 is beyond EOD, truncated
[  110.678514][ T8208] loop4: p4 size 65536 extends beyond EOD, truncated
[  110.859242][ T8227] loop5: detected capacity change from 0 to 128
[  110.866296][ T8227] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  110.877444][ T8227] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  110.897283][ T8227] ext2 filesystem being mounted at /294/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  110.919098][ T3764] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  111.543954][ T8270] loop3: detected capacity change from 0 to 1024
[  111.554928][ T8270] EXT4-fs: Ignoring removed bh option
[  111.562259][ T8270] EXT4-fs: inline encryption not supported
[  111.570688][ T8270] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  111.587703][ T8270] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  111.599763][ T8270] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 2: comm syz.3.1777: lblock 2 mapped to illegal pblock 2 (length 1)
[  111.618409][ T8270] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 48: comm syz.3.1777: lblock 0 mapped to illegal pblock 48 (length 1)
[  111.635062][ T8270] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1777: Failed to acquire dquot type 0
[  111.649897][ T8270] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  111.662803][ T8270] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.1777: mark_inode_dirty error
[  111.677669][ T8270] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  111.690953][ T8270] EXT4-fs (loop3): 1 orphan inode deleted
[  111.697300][ T8270] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.712935][   T51] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  111.730620][   T51] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 0
[  111.743784][ T8270] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  111.769979][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.965181][ T8277] lo speed is unknown, defaulting to 1000
[  112.028476][ T8277] chnl_net:caif_netlink_parms(): no params data found
[  112.072439][ T8277] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.080641][ T8277] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.097948][ T8277] bridge_slave_0: entered allmulticast mode
[  112.105529][ T8277] bridge_slave_0: entered promiscuous mode
[  112.114193][ T8277] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.121723][ T8277] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.129655][ T8277] bridge_slave_1: entered allmulticast mode
[  112.149509][ T8277] bridge_slave_1: entered promiscuous mode
[  112.173457][ T8277] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  112.185138][ T8277] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  112.209596][ T8277] team0: Port device team_slave_0 added
[  112.217552][ T8277] team0: Port device team_slave_1 added
[  112.241909][ T8277] batman_adv: batadv0: Adding interface: batadv_slave_0
[  112.250964][ T8277] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  112.278167][ T8277] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  112.308148][ T8277] batman_adv: batadv0: Adding interface: batadv_slave_1
[  112.316456][ T8277] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  112.344127][ T8277] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  112.417916][ T8277] hsr_slave_0: entered promiscuous mode
[  112.435346][ T8277] hsr_slave_1: entered promiscuous mode
[  112.442342][ T8277] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  112.451654][ T8277] Cannot create hsr debugfs directory
[  112.533063][ T8311] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  112.542471][ T8311] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  112.557418][ T8277] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  112.580618][ T8277] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  112.591067][ T8277] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  112.607997][ T8277] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  112.631611][ T8277] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.638826][ T8277] bridge0: port 2(bridge_slave_1) entered forwarding state
[  112.646172][ T8277] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.653332][ T8277] bridge0: port 1(bridge_slave_0) entered forwarding state
[  112.678945][ T8325] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  112.687285][ T8325] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  112.707061][ T8277] 8021q: adding VLAN 0 to HW filter on device bond0
[  112.719855][  T769] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.728194][  T769] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.754104][ T8277] 8021q: adding VLAN 0 to HW filter on device team0
[  112.772870][  T769] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.780467][  T769] bridge0: port 1(bridge_slave_0) entered forwarding state
[  112.792168][ T2215] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.799470][ T2215] bridge0: port 2(bridge_slave_1) entered forwarding state
[  112.866932][ T8277] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  112.933502][ T8351] loop3: detected capacity change from 0 to 256
[  112.994153][ T8277] 8021q: adding VLAN 0 to HW filter on device batadv0
[  113.030060][ T8367] netlink: 'syz.3.1807': attribute type 21 has an invalid length.
[  113.038160][ T8368] netlink: 'syz.3.1807': attribute type 21 has an invalid length.
[  113.159705][ T8277] veth0_vlan: entered promiscuous mode
[  113.176141][ T8277] veth1_vlan: entered promiscuous mode
[  113.189743][ T8277] veth0_macvtap: entered promiscuous mode
[  113.201162][ T8277] veth1_macvtap: entered promiscuous mode
[  113.215399][ T8277] batman_adv: batadv0: Interface activated: batadv_slave_0
[  113.227139][ T8277] batman_adv: batadv0: Interface activated: batadv_slave_1
[  113.238392][ T8277] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  113.248503][ T8277] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  113.257909][ T8277] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  113.267346][ T8277] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  113.372965][ T8405] loop5: detected capacity change from 0 to 8192
[  113.428931][ T8405]  loop5: p1 p2 p4
[  113.435669][ T8405] loop5: p1 size 65536 extends beyond EOD, truncated
[  113.449068][ T8405] loop5: p2 start 861536256 is beyond EOD, truncated
[  113.456101][ T8405] loop5: p4 size 65536 extends beyond EOD, truncated
[  113.466593][ T8409] __nla_validate_parse: 13 callbacks suppressed
[  113.466609][ T8409] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1819'.
[  113.483750][ T8409] netlink: 260 bytes leftover after parsing attributes in process `syz.0.1819'.
[  113.493127][ T8409] netlink: 260 bytes leftover after parsing attributes in process `syz.0.1819'.
[  113.508693][ T8409] netlink: 672 bytes leftover after parsing attributes in process `syz.0.1819'.
[  113.512526][   T29] kauditd_printk_skb: 539 callbacks suppressed
[  113.512538][   T29] audit: type=1326 audit(2000000000.399:7094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8412 comm="syz.5.1821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[  113.518216][ T8409] netlink: 39 bytes leftover after parsing attributes in process `syz.0.1819'.
[  113.560481][   T29] audit: type=1326 audit(2000000000.449:7095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8412 comm="syz.5.1821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[  113.584394][   T29] audit: type=1326 audit(2000000000.449:7096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8412 comm="syz.5.1821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[  113.608901][   T29] audit: type=1326 audit(2000000000.449:7097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8412 comm="syz.5.1821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[  113.632622][   T29] audit: type=1326 audit(2000000000.449:7098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8412 comm="syz.5.1821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[  113.656099][   T29] audit: type=1326 audit(2000000000.449:7099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8412 comm="syz.5.1821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[  113.679585][   T29] audit: type=1326 audit(2000000000.449:7100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8412 comm="syz.5.1821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[  113.703173][   T29] audit: type=1326 audit(2000000000.449:7101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8412 comm="syz.5.1821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[  113.736200][   T29] audit: type=1326 audit(2000000000.499:7102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8414 comm="syz.6.1822" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd9da61e929 code=0x0
[  113.759214][   T29] audit: type=1326 audit(2000000000.499:7103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8412 comm="syz.5.1821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb686ce929 code=0x7ffc0000
[  113.856273][ T8424] loop5: detected capacity change from 0 to 1024
[  113.898054][ T8429] loop4: detected capacity change from 0 to 512
[  113.907199][ T8424] EXT4-fs: Ignoring removed orlov option
[  113.916941][ T8424] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.936571][ T8429] EXT4-fs (loop4): 1 orphan inode deleted
[  113.943161][ T8429] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.957817][   T51] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1
[  113.985200][ T8429] ext4 filesystem being mounted at /363/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  114.045412][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.078240][ T8448] loop3: detected capacity change from 0 to 8192
[  114.104688][ T8451] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  114.113151][ T8451] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  114.139885][ T8448]  loop3: p1 p2 p4
[  114.144213][ T8448] loop3: p1 size 65536 extends beyond EOD, truncated
[  114.152547][ T8448] loop3: p2 start 861536256 is beyond EOD, truncated
[  114.159416][ T8448] loop3: p4 size 65536 extends beyond EOD, truncated
[  114.181571][ T8441] ==================================================================
[  114.190435][ T8441] BUG: KCSAN: data-race in vfs_fsync_range / writeback_single_inode
[  114.198953][ T8441] 
[  114.201271][ T8441] write to 0xffff888106b8e008 of 4 bytes by task 8424 on cpu 0:
[  114.208894][ T8441]  writeback_single_inode+0x14a/0x3e0
[  114.214320][ T8441]  sync_inode_metadata+0x5b/0x90
[  114.219535][ T8441]  generic_buffers_fsync_noflush+0xd9/0x120
[  114.225526][ T8441]  ext4_sync_file+0x1ab/0x690
[  114.230209][ T8441]  vfs_fsync_range+0x10d/0x130
[  114.235061][ T8441]  ext4_buffered_write_iter+0x34f/0x3c0
[  114.240620][ T8441]  ext4_file_write_iter+0x383/0xf00
[  114.245819][ T8441]  iter_file_splice_write+0x5f2/0x970
[  114.251248][ T8441]  direct_splice_actor+0x156/0x2a0
[  114.256363][ T8441]  splice_direct_to_actor+0x312/0x680
[  114.262443][ T8441]  do_splice_direct+0xda/0x150
[  114.267243][ T8441]  do_sendfile+0x380/0x650
[  114.272106][ T8441]  __x64_sys_sendfile64+0x105/0x150
[  114.277484][ T8441]  x64_sys_call+0xb39/0x2fb0
[  114.282074][ T8441]  do_syscall_64+0xd2/0x200
[  114.286658][ T8441]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.292560][ T8441] 
[  114.294882][ T8441] read to 0xffff888106b8e008 of 4 bytes by task 8441 on cpu 1:
[  114.302510][ T8441]  vfs_fsync_range+0x9b/0x130
[  114.307195][ T8441]  ext4_buffered_write_iter+0x34f/0x3c0
[  114.312779][ T8441]  ext4_file_write_iter+0x383/0xf00
[  114.318683][ T8441]  iter_file_splice_write+0x5f2/0x970
[  114.324067][ T8441]  direct_splice_actor+0x156/0x2a0
[  114.329190][ T8441]  splice_direct_to_actor+0x312/0x680
[  114.334653][ T8441]  do_splice_direct+0xda/0x150
[  114.339503][ T8441]  do_sendfile+0x380/0x650
[  114.343942][ T8441]  __x64_sys_sendfile64+0x105/0x150
[  114.349585][ T8441]  x64_sys_call+0xb39/0x2fb0
[  114.354215][ T8441]  do_syscall_64+0xd2/0x200
[  114.358720][ T8441]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.364611][ T8441] 
[  114.366933][ T8441] value changed: 0x00000038 -> 0x00000002
[  114.372656][ T8441] 
[  114.374970][ T8441] Reported by Kernel Concurrency Sanitizer on:
[  114.381110][ T8441] CPU: 1 UID: 0 PID: 8441 Comm: syz.5.1824 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  114.393609][ T8441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  114.404268][ T8441] ==================================================================
[  114.475909][ T3764] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.